{"report_id":"f77d0336-c5d6-42bf-bbc1-ee1b21fae112","version":6,"status":"done","tags":["salesforce","phishing"],"date":"2024-01-10T05:26:26Z","url":{"schema":"http","addr":"1704864340.eurotesting72.cc/index","fqdn":"1704864340.eurotesting72.cc","domain":"eurotesting72.cc","tld":"cc"},"ip":{"addr":"104.21.16.218","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"1704864340.eurotesting72.cc/index/user/login/1704864362.html","fqdn":"1704864340.eurotesting72.cc","domain":"eurotesting72.cc","tld":"cc"},"title":"Sign in"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-26T04:24:55Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"default"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"1704864340.eurotesting72.cc","ip":{"addr":"172.67.216.62","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":27,"request_count":27,"received_data":1048934,"sent_data":14853,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.74.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":8877,"first_seen":"2013-06-10 22:14:26","last_seen":"2024-01-09 11:35:21","alert_count":0,"request_count":2,"received_data":18309,"sent_data":940,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.gstatic.com","ip":{"addr":"216.58.211.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-09-09 02:40:21","last_seen":"2024-01-09 05:30:35","alert_count":0,"request_count":3,"received_data":50029,"sent_data":1640,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"","description":"","date":"2024-01-10T05:25:59Z","timestamp":1704864359,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":46097,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2024-01-10T05:25:59.930157+0000\",\"flow_id\":929781674094957,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.54\",\"src_port\":46097,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":52520,\"rrname\":\"1704864340.eurotesting72.cc\",\"rrtype\":\"A\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":98,\"bytes_toclient\":0,\"start\":\"2024-01-10T05:25:59.930157+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2024-01-10T05:25:59Z","timestamp":1704864359,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":51672,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2024-01-10T05:25:59.930303+0000\",\"flow_id\":1392828540727807,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.54\",\"src_port\":51672,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":62793,\"rrname\":\"1704864340.eurotesting72.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":98,\"bytes_toclient\":0,\"start\":\"2024-01-10T05:25:59.930303+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2024-01-10T05:25:59Z","timestamp":1704864359,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":41437,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2024-01-10T05:25:59.942990+0000\",\"flow_id\":1524804295811982,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.54\",\"src_port\":41437,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":6662,\"rrname\":\"1704864340.eurotesting72.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":98,\"bytes_toclient\":0,\"start\":\"2024-01-10T05:25:59.942990+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2024-01-10T05:26:02Z","timestamp":1704864362,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":33707,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2024-01-10T05:26:02.931642+0000\",\"flow_id\":1589533748115258,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.54\",\"src_port\":33707,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":59543,\"rrname\":\"1704864340.eurotesting72.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":98,\"bytes_toclient\":0,\"start\":\"2024-01-10T05:26:02.931642+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2024-01-10T05:26:02Z","timestamp":1704864362,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":52945,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2024-01-10T05:26:02.949247+0000\",\"flow_id\":1015096904678399,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.54\",\"src_port\":52945,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":60879,\"rrname\":\"1704864340.eurotesting72.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":98,\"bytes_toclient\":0,\"start\":\"2024-01-10T05:26:02.949247+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2024-01-10T05:26:03Z","timestamp":1704864363,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":59083,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2024-01-10T05:26:03.343665+0000\",\"flow_id\":219162155368049,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.54\",\"src_port\":59083,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":64128,\"rrname\":\"1704864340.eurotesting72.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":98,\"bytes_toclient\":0,\"start\":\"2024-01-10T05:26:03.343665+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2024-01-10T05:26:06Z","timestamp":1704864366,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":49797,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2024-01-10T05:26:06.219633+0000\",\"flow_id\":533929571277297,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.54\",\"src_port\":49797,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":15837,\"rrname\":\"1704864365.eurotesting72.cc\",\"rrtype\":\"A\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":98,\"bytes_toclient\":0,\"start\":\"2024-01-10T05:26:06.219633+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2024-01-10T05:26:06Z","timestamp":1704864366,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":50029,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2024-01-10T05:26:06.219768+0000\",\"flow_id\":1631931518048888,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.54\",\"src_port\":50029,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":63933,\"rrname\":\"1704864365.eurotesting72.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":98,\"bytes_toclient\":0,\"start\":\"2024-01-10T05:26:06.219768+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2024-01-10T05:26:06Z","timestamp":1704864366,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":40971,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2024-01-10T05:26:06.586441+0000\",\"flow_id\":1694000237966025,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.54\",\"src_port\":40971,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":29666,\"rrname\":\"1704864340.eurotesting72.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":98,\"bytes_toclient\":0,\"start\":\"2024-01-10T05:26:06.586441+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2024-01-10T05:26:06Z","timestamp":1704864366,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":45948,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2024-01-10T05:26:06.588885+0000\",\"flow_id\":618830337342549,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.54\",\"src_port\":45948,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":59430,\"rrname\":\"1704864340.eurotesting72.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":98,\"bytes_toclient\":0,\"start\":\"2024-01-10T05:26:06.588885+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2024-01-10T05:26:06Z","timestamp":1704864366,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":54441,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2024-01-10T05:26:06.590152+0000\",\"flow_id\":192514030960968,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.54\",\"src_port\":54441,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":34488,\"rrname\":\"1704864340.eurotesting72.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":98,\"bytes_toclient\":0,\"start\":\"2024-01-10T05:26:06.590152+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2024-01-10T05:26:06Z","timestamp":1704864366,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":53909,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2024-01-10T05:26:06.590921+0000\",\"flow_id\":1353643407049801,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.54\",\"src_port\":53909,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":47534,\"rrname\":\"1704864340.eurotesting72.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":98,\"bytes_toclient\":0,\"start\":\"2024-01-10T05:26:06.590921+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2024-01-10T05:26:06Z","timestamp":1704864366,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":43268,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2024-01-10T05:26:06.593952+0000\",\"flow_id\":64719426555936,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.54\",\"src_port\":43268,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":7991,\"rrname\":\"1704864340.eurotesting72.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":98,\"bytes_toclient\":0,\"start\":\"2024-01-10T05:26:06.593952+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2024-01-10T05:26:06Z","timestamp":1704864366,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":49255,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2024-01-10T05:26:06.597038+0000\",\"flow_id\":512074630175790,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.54\",\"src_port\":49255,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":46032,\"rrname\":\"1704864340.eurotesting72.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":98,\"bytes_toclient\":0,\"start\":\"2024-01-10T05:26:06.597038+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2024-01-10T05:26:06Z","timestamp":1704864366,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":55623,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2024-01-10T05:26:06.600463+0000\",\"flow_id\":1657664814590351,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.54\",\"src_port\":55623,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":1125,\"rrname\":\"1704864340.eurotesting72.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":98,\"bytes_toclient\":0,\"start\":\"2024-01-10T05:26:06.600463+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2024-01-10T05:26:06Z","timestamp":1704864366,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":34538,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2024-01-10T05:26:06.602273+0000\",\"flow_id\":1101900341457057,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.54\",\"src_port\":34538,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":438,\"rrname\":\"1704864340.eurotesting72.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":98,\"bytes_toclient\":0,\"start\":\"2024-01-10T05:26:06.602273+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2024-01-10T05:26:06Z","timestamp":1704864366,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":60427,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2024-01-10T05:26:06.604186+0000\",\"flow_id\":273779107182618,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.54\",\"src_port\":60427,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":37841,\"rrname\":\"1704864340.eurotesting72.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":98,\"bytes_toclient\":0,\"start\":\"2024-01-10T05:26:06.604186+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2024-01-10T05:26:06Z","timestamp":1704864366,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":43326,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2024-01-10T05:26:06.605296+0000\",\"flow_id\":317106737265776,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.54\",\"src_port\":43326,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":37469,\"rrname\":\"1704864340.eurotesting72.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":98,\"bytes_toclient\":0,\"start\":\"2024-01-10T05:26:06.605296+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2024-01-10T05:26:06Z","timestamp":1704864366,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":33046,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2024-01-10T05:26:06.606025+0000\",\"flow_id\":1072007369080649,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.54\",\"src_port\":33046,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":53675,\"rrname\":\"1704864340.eurotesting72.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":98,\"bytes_toclient\":0,\"start\":\"2024-01-10T05:26:06.606025+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2024-01-10T05:26:06Z","timestamp":1704864366,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":52236,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2024-01-10T05:26:06.607752+0000\",\"flow_id\":1787445841380872,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.54\",\"src_port\":52236,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":24943,\"rrname\":\"1704864340.eurotesting72.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":98,\"bytes_toclient\":0,\"start\":\"2024-01-10T05:26:06.607752+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2024-01-10T05:26:06Z","timestamp":1704864366,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":53786,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2024-01-10T05:26:06.611138+0000\",\"flow_id\":221569484739394,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.54\",\"src_port\":53786,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":47930,\"rrname\":\"1704864340.eurotesting72.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":98,\"bytes_toclient\":0,\"start\":\"2024-01-10T05:26:06.611138+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2024-01-10T05:26:06Z","timestamp":1704864366,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":48700,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2024-01-10T05:26:06.614053+0000\",\"flow_id\":2241320805359269,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.54\",\"src_port\":48700,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":5324,\"rrname\":\"1704864340.eurotesting72.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":98,\"bytes_toclient\":0,\"start\":\"2024-01-10T05:26:06.614053+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2024-01-10T05:26:06Z","timestamp":1704864366,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":48163,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2024-01-10T05:26:06.615390+0000\",\"flow_id\":1069999471879134,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.54\",\"src_port\":48163,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":36251,\"rrname\":\"1704864340.eurotesting72.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":98,\"bytes_toclient\":0,\"start\":\"2024-01-10T05:26:06.615390+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2024-01-10T05:26:06Z","timestamp":1704864366,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":58277,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2024-01-10T05:26:06.875920+0000\",\"flow_id\":86245802663312,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.54\",\"src_port\":58277,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":23636,\"rrname\":\"1704864340.eurotesting72.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":98,\"bytes_toclient\":0,\"start\":\"2024-01-10T05:26:06.875920+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2024-01-10T05:26:06Z","timestamp":1704864366,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":38807,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2024-01-10T05:26:06.909665+0000\",\"flow_id\":1938347369881953,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.54\",\"src_port\":38807,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":46643,\"rrname\":\"1704864340.eurotesting72.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":98,\"bytes_toclient\":0,\"start\":\"2024-01-10T05:26:06.909665+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2024-01-10T05:26:07Z","timestamp":1704864367,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":39389,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2024-01-10T05:26:07.037170+0000\",\"flow_id\":721361941755681,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.54\",\"src_port\":39389,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":2,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":47734,\"rrname\":\"1704864340.eurotesting72.cc\",\"rrtype\":\"AAAA\",\"tx_id\":2}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":1,\"bytes_toserver\":195,\"bytes_toclient\":97,\"start\":\"2024-01-10T05:25:30.128801+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2024-01-10T05:26:07Z","timestamp":1704864367,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":35590,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2024-01-10T05:26:07.067268+0000\",\"flow_id\":1095606066939588,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.54\",\"src_port\":35590,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":60115,\"rrname\":\"1704864340.eurotesting72.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":98,\"bytes_toclient\":0,\"start\":\"2024-01-10T05:26:07.067268+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2024-01-10T05:26:08Z","timestamp":1704864368,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":60050,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .cc TLD","source":"{\"timestamp\":\"2024-01-10T05:26:08.867107+0000\",\"flow_id\":384161914305315,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.54\",\"src_port\":60050,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2027758,\"rev\":5,\"signature\":\"ET DNS Query for .cc TLD\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2019_07_26\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"DNS\"],\"signature_severity\":[\"Minor\"],\"updated_at\":[\"2020_09_17\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":47729,\"rrname\":\"1704864365.eurotesting72.cc\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":98,\"bytes_toclient\":0,\"start\":\"2024-01-10T05:26:08.867107+0000\"}}"}]}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Salesforce","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Salesforce phishing","tags":["salesforce","phishing"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"1704864340.eurotesting72.cc/index/user/login/1704864362.html","fqdn":"1704864340.eurotesting72.cc","domain":"eurotesting72.cc","tld":"cc"},"ip":{"addr":"104.21.16.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"278807b37126bbe79c019bb2b9474219","sha1":"2878091eb21533a2c62d4dfbb3a9c186ea7b1d58","sha256":"35cb897d6a911aa382bbc814f7c5cfa9550041d20cd0f845d3e64ed8be8cd77b","sha512":"6ace6c283c515250f9c8389ba489417bfbab54305d10b8d19556f18b00423c8c5bffd3dc192d6cc9b48a6c023002f019b73ba20d8b4170321e6430953c0f782c","ssdeep":"","tlshash":"40c012db424243dc66f11085ca0b3b0cf13f06ee8c11e061f841c700310938f8a6fac6","size":188,"data":"","first_seen":"2023-08-28T11:00:12Z","last_seen":"2024-08-21T07:54:54.833959Z","times_seen":1849,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"1704864340.eurotesting72.cc/red/jquery-3.3.1.min.js","fqdn":"1704864340.eurotesting72.cc","domain":"eurotesting72.cc","tld":"cc"},"ip":{"addr":"104.21.16.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"a09e13ee94d51c524b7e2a728c7d4039","sha1":"0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae","sha256":"160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef","sha512":"f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69","tlshash":"748319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","size":86927,"data":"","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-04-04T18:34:08.505008Z","times_seen":118228,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"1704864340.eurotesting72.cc/red/jquery.cookie.js","fqdn":"1704864340.eurotesting72.cc","domain":"eurotesting72.cc","tld":"cc"},"ip":{"addr":"104.21.16.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"d5528dde0006c78be04817327c2f9b6f","sha1":"31e1bcc4cf805a2c2fee21f48ded1e598f64a2a8","sha256":"b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8","sha512":"69484bdb1382ae92c4b860f97fab601db2d8117469619f06e720fe5a516b5eb3f2d88ad6065bba6e28790bd1faa86b20aa753a9a0c7a2ad53c4eb787a404a9af","ssdeep":"","tlshash":"72610f6134fd623e0d9b6bd5676f0468b83ffe70b02406448426bd95286c862dba7c5f","size":3121,"data":"","first_seen":"2023-03-07T01:06:39Z","last_seen":"2026-04-04T18:22:38.273556Z","times_seen":15262,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"1704864340.eurotesting72.cc/red/main.js?v=V1.24","fqdn":"1704864340.eurotesting72.cc","domain":"eurotesting72.cc","tld":"cc"},"ip":{"addr":"104.21.16.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"b90b1e7f3effbe0945d51be2591e957a","sha1":"eb699dc823c7297a91317b3d97fde455caa52782","sha256":"f5733054b0df915644a10c7c7bf9f4029dec903183464d982d2af0aab3336412","sha512":"8a9ec4b385beef0c20620fd71b7c2447363e5ae82e649937871ef03c8cc77b5aec4cba0e6669463fd447518815b418839d2656bd4558d452815d31296043ffb4","ssdeep":"96:dE653W3esRZ+Q4I1Jo1AhCubdCmWWaN4rM9258nSjJyT4eTvhP4Voed0r/PLUlA:D53W3TZ+dQCuIvdNjA5jP70/Tr","tlshash":"4c2244587011506645bf373baebf928cfb3a022b92069a127d7c55d45f306b86272eec","size":10176,"data":"","first_seen":"2023-03-07T12:20:59Z","last_seen":"2026-03-28T09:31:23.227563Z","times_seen":2080,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"1704864340.eurotesting72.cc/static_new/js/dialog.min.js","fqdn":"1704864340.eurotesting72.cc","domain":"eurotesting72.cc","tld":"cc"},"ip":{"addr":"104.21.16.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"5b00205ad1fe51bf8f61bcb3de292faa","sha1":"4b12f988964d29bd82b14e71b86104a1a91b667b","sha256":"d1eef2b2ff683e089b9d124aa8090e174252e0894af20ae6d78fed7dc69744d5","sha512":"4b4d16845173e2fdf03eda7f3d3c1750f5a5c7016850a658ac290ae44d079e8f91f6767d4bf6771846890739371aa443f349384144e9f59922c9c2f0974e224f","ssdeep":"192:8792uFckSv56nit+FETsYnZpeVbMcMtUqVbMcvwpNDygwNAZPPrxmjp4axgVVHpD:kHC8u6fRVFObkcobwhUi2VHEaLgiz","tlshash":"cbc2322465eb21964a73f83687ab3112f2270013941dfe15397f465c0fe4b3876aafe6","size":27744,"data":"","first_seen":"2023-04-07T00:16:00Z","last_seen":"2026-04-03T23:43:12.714367Z","times_seen":3669,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"1704864340.eurotesting72.cc/public/js/layer_mobile/layer.js","fqdn":"1704864340.eurotesting72.cc","domain":"eurotesting72.cc","tld":"cc"},"ip":{"addr":"104.21.16.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"79b7829af0bbfea5760aa606bf1a02c7","sha1":"54c27862e41ef815009fca7b54d9d463cfb015bc","sha256":"2fc4428e63cd5bd982210576674877bd1ba3eb59b9f4686d3668fd94530fa4b7","sha512":"dc634dfed7b74ba81193c8362188ab44430b00ed4dcc93dd4a68c22de03157b2b9ac611139cb5a5f3a63a6d7472445e8e08e87318514560f5f2231898a4032d1","ssdeep":"","tlshash":"aa61c7abf005b23756132085a17f283fb63b6471a5058860d0e2e0be99fddac6837f5d","size":3304,"data":"","first_seen":"2023-03-07T01:34:12Z","last_seen":"2026-04-03T23:58:06.904216Z","times_seen":4524,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"1704864340.eurotesting72.cc/vue.js","fqdn":"1704864340.eurotesting72.cc","domain":"eurotesting72.cc","tld":"cc"},"ip":{"addr":"104.21.16.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f5c020d18d70f21851364d0570d38127","sha1":"5dba3f5cb7463e356310fc14e26d3358c1b00ed2","sha256":"58692c4b6420c192dcf7620267b09183cf3c4bd6050b31843698e69a59c26e6c","sha512":"1b5b549a89f71d969d8a221659d02f9fafe9f9476d2e98e7baa790ec344593ca74f13671cae19dab346eae4bb8ec6a39759efcf5bfa2ca81c7513ceab92e9025","ssdeep":"3072:TiOkNK65nfn78CZzFYSVMvCCaBQdg7pUPO5knTlB+cwNwDJgYB3lY5TxbMeBUw3F:TU9gCZ6SVVQdg7i7nT+T67BPyVQ4h","tlshash":"4b74b55db9f322a25a5370b94bafa449b278c0130508ce907d8dd3a46f9053857fbfe9","size":343988,"data":"","first_seen":"2023-03-12T17:52:29Z","last_seen":"2025-09-30T14:21:27.823334Z","times_seen":1928,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"1704864340.eurotesting72.cc/index/user/login/1704864362.html","fqdn":"1704864340.eurotesting72.cc","domain":"eurotesting72.cc","tld":"cc"},"ip":{"addr":"104.21.16.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"2fa7998f2ef1c1f8fbc81c7cb8d7bd8f","sha1":"8eea9c77ffa0ab1657cc5a7794cd34bce3497076","sha256":"a308de4b11e78c4e3c5179581f19cd9fc1fd3373555d95c456ff249f98a80f59","sha512":"705e36b7f808b42b0a2e323ccf0dc23b5af8f4cc2a21291ad25cedfa587c755284b3e1b5305b172c0d6d1138b146894658426abf06a0256dc16ded49c179a71c","ssdeep":"","tlshash":"f5e08c8ef9861102a5a3612b89ab6948253f18c71800e402bb0c68852faa58a9a1be1c","size":317,"data":"","first_seen":"2023-03-12T13:45:56Z","last_seen":"2024-08-21T09:43:41.34225Z","times_seen":1900,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"1704864340.eurotesting72.cc/red/popper.min.js","fqdn":"1704864340.eurotesting72.cc","domain":"eurotesting72.cc","tld":"cc"},"ip":{"addr":"104.21.16.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"56456db9d72a4b380ed3cb63095e6022","sha1":"6dbce88aee15b42f29083df7a07513cf3b486ba0","sha256":"66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2","sha512":"e56bd96b837b26add354d0a9e2b8dc04c95cea94f7959ee05718ed23a224296fae22d49afab160b45963bd99c2c501a3f12517e431eb68a13a327ff8b262b50a","ssdeep":"384:kmQkLrwVOyzirVyKnxRsIB9Db5HjiWn8xHOxvRVgD75zBY5vImg3FzGpL9ARdOgS:vLsgyziJp3Db5OxHOxvYD73Y5vQzyL9p","tlshash":"1992b4cc3294b06643a791a7a0af960fb2339875610e9410f19df2d97c30ef9a13bc79","size":21004,"data":"","first_seen":"2023-03-07T01:06:27Z","last_seen":"2026-04-04T17:30:40.252321Z","times_seen":16264,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"1704864340.eurotesting72.cc/index/user/login/1704864362.html","fqdn":"1704864340.eurotesting72.cc","domain":"eurotesting72.cc","tld":"cc"},"ip":{"addr":"104.21.16.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"fe981e5f023b8a2997081643f731293f","sha1":"16635d10a2bccf13ea7a5b5c49a4bf448abab880","sha256":"6569c992f7d5e3341db75d91c61390bbc7c61b1d190554c2f2b1b7791a5b4714","sha512":"4bb9ac586f19cf03d730377986d196a67ad7ae29af7ae997d10f9b697382d656625226c86e2f66996ba00d8b90a9fd9c30db2e2445cda880069e6fbc2ba5dc90","ssdeep":"","tlshash":"db900280561d3211250c000c081e00c81018213a5a434ce5a9a1a50810455441158018","size":47,"data":"","first_seen":"2023-03-12T13:45:56Z","last_seen":"2025-04-18T11:34:02.227279Z","times_seen":1885,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"1704864340.eurotesting72.cc/red/swiper/swiper-bundle.min.js","fqdn":"1704864340.eurotesting72.cc","domain":"eurotesting72.cc","tld":"cc"},"ip":{"addr":"104.21.16.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c4358cb63a4b96c5d71a2fb630871f30","sha1":"be3b7d9d5bbd680d035f768345778d84eb08fe23","sha256":"c26293076ae548cd0614c5946e9c16f34bd7810fd2f63deeaa28df61ce935229","sha512":"35a85c90dfa0ac1e9f4b1bb7bd074a8b20baf6cc235bafb16148da3d55931ad46e89af33508970da09208e166601df250040841d5dc7742b9d6ab9c065a5a467","ssdeep":"3072:U79yoiRfIBB4G+yMwoSpADH79cVOJjBqcxN:k9ytlByMwoSpADH79cVOJjBqcL","tlshash":"9dd3188db354b2e151e72256539ed10263b65845b80ac1a470b68cd7acbde8c03bfefd","size":139961,"data":"","first_seen":"2023-03-07T12:20:59Z","last_seen":"2026-04-04T17:41:27.211604Z","times_seen":3817,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"1704864340.eurotesting72.cc/index/user/login/1704864362.html","fqdn":"1704864340.eurotesting72.cc","domain":"eurotesting72.cc","tld":"cc"},"ip":{"addr":"104.21.16.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T18:47:00.89111Z","times_seen":13342615,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"1704864340.eurotesting72.cc/red/bootstrap/js/bootstrap.min.js","fqdn":"1704864340.eurotesting72.cc","domain":"eurotesting72.cc","tld":"cc"},"ip":{"addr":"104.21.16.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f0c2bcf5ef0c4476508d79ec9cdcce07","sha1":"3beed68ed7d753c6bf4f61c26386ddd7929ba030","sha256":"edd03b96ae4ff7886406c59d7dfeeaa1b624a7da297bf2f92d0cb6b7f9633cba","sha512":"5ca6bd1de99dcb5522dca486809760332625520d6033e4212fa7279724dedaaccc0989b89c06753ec55ead0cd34d7ce89d447e766b301ea8093eec02ab531a02","ssdeep":"768:0KD1OYYUhTVvO1Nn6u7MTLOarIkSsBAiAH0FcQ2K8FXsb6mH/3bz5vhCG:0G1T145KVdsXc/hhCG","tlshash":"a453750672a4f472059fa176803b0a0bb7362c9de506b16cbad998dd1f7cd443267f3a","size":63467,"data":"","first_seen":"2023-03-07T01:03:47Z","last_seen":"2026-04-04T12:37:47.239216Z","times_seen":9322,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"1704864340.eurotesting72.cc/static_new/js/common.js","fqdn":"1704864340.eurotesting72.cc","domain":"eurotesting72.cc","tld":"cc"},"ip":{"addr":"104.21.16.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"4e3725bd66c9f142d4468799bd513bbd","sha1":"85a79d2444f2efa6db1140edfdacb028ea0265b5","sha256":"137ab52ea1f182be9d4c84d01110a7d54b4523c7f2a8b504737c138874f9a5b2","sha512":"11567a5615ebd4198ba6bda334b3ab3bacec56fe0dc85dfd1730a0a8d1e8e552e115970561dbd674fecf887371eafb1f50d847b254662e231ff794c76338ae52","ssdeep":"","tlshash":"1d51951eed6872330a2af23b096fd104f02b644fdb0e86117f4d9984c7a151ed97ea4b","size":2610,"data":"","first_seen":"2023-07-22T22:30:25Z","last_seen":"2024-08-21T09:43:41.342844Z","times_seen":1881,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"1704864340.eurotesting72.cc/","fqdn":"1704864340.eurotesting72.cc","domain":"eurotesting72.cc","tld":"cc"},"ip":{"addr":"172.67.216.62","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-01-10T05:26:02.946663622Z","timestamp":1704864362946,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: 1704864340.eurotesting72.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Wed, 10 Jan 2024 05:26:02 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nCache-Control: max-age=3600\r\nExpires: Wed, 10 Jan 2024 06:26:02 GMT\r\nLocation: https://1704864340.eurotesting72.cc/\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=DO%2BkJ%2Fn%2BHI9NvOeGmLsFFQLaV5KafvlO2i8P8naHRsjiYyNwOdOQUwH8juvyXcqjP1lKm51mYMp9YACt6BzutkLpm%2FXYkqfCC%2BJ1LJzc3T79dakXq6OSQ5Y%2BAQGhQl0WxhD9xXNnUvqsNiQPgj4%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nVary: Accept-Encoding\r\nX-Content-Type-Options: nosniff\r\nServer: cloudflare\r\nCF-RAY: 843280bc8e84b4f9-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T18:47:00.89111Z","times_seen":13342615,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Salesforce","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Salesforce phishing","tags":["salesforce","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"1704864340.eurotesting72.cc/img/Icons/icon-15.png","fqdn":"1704864340.eurotesting72.cc","domain":"eurotesting72.cc","tld":"cc"},"ip":{"addr":"104.21.16.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://1704864340.eurotesting72.cc/index/user/login/1704864362.html","date":"2024-01-10T05:26:06.635Z","timestamp":1704864366635,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"eurotesting72.cc","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 17 Dec 2023 08:41:42 GMT","end":"Sat, 16 Mar 2024 08:41:41 GMT"},"fingerprint":{"sha1":"7A:E6:E1:FB:A6:21:9F:12:7D:A9:3F:5E:03:14:73:51:13:91:33:1B","sha256":"02:6A:4D:AE:CB:20:91:AB:1C:8E:7C:E6:4E:34:C0:D1:5C:7F:84:C1:05:09:75:C3:97:C9:E5:6C:B8:2D:70:49"}}},"request":{"raw":"GET /img/Icons/icon-15.png HTTP/1.1\r\nHost: 1704864340.eurotesting72.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://1704864340.eurotesting72.cc/index/user/login/1704864362.html\r\nCookie: think_var=en_us; s9851347b=cml0frhbh8a1kuotcgcf3k2m65\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 10 Jan 2024 05:26:06 GMT\r\ncontent-type: image/png\r\ncontent-length: 21002\r\nlast-modified: Tue, 18 Oct 2022 12:59:58 GMT\r\netag: \"634ea34e-520a\"\r\nexpires: Fri, 09 Feb 2024 05:26:00 GMT\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nage: 6\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=JqJ%2FMgYMmDB9b7spLrfKt1xEMetNdemrMffwgXGjCHYebBy9GLC6etLQV4phleuMnG7eHW2%2BqCSbUCwURiP1kgLlyop0XFrA9mzvABidv%2Fc0G%2BIPRHD6sxBP3U%2BwT7FgQDb1ScMYU%2F3HOsQKlbA%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=86400; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\ncf-ray: 843280d378295691-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":21002,"size_decoded":21002,"mime_type":"image/png","magic":"PNG image data, 400 x 400, 8-bit colormap, non-interlaced","md5":"039a2cd46fb5029c8ce65eb2872d52c0","sha1":"17999cde44a2cab266902e4ec0a232d910bc825c","sha256":"1dcc87e99c0dc4b6aa560e5654ac343e5b4e5f2eb4d581531ca92791b9c8d891","sha512":"a80943da465cd44ea084a9d650d27a7ebbe907e4db0921e5d20c6dcba0ef4a4baad66b8c873643ebf755bdd9acd993b590030bd4416b48a14fa83c16a60f100a","ssdeep":"384:TPa1YO6suTyN5mGVQ8VvKfAj1wJOeHqweN2ifngiUttY84oqNlFe+UVfaOR:TS1YO6sfNgGVhVvNeKwerPUttN4JNLef","tlshash":"5092e1c75b05e4f13c4377b5214889c19a822f681bf25167e336e8b69abc014f2a776f","first_seen":"2023-05-22T20:55:19Z","last_seen":"2024-08-21T09:43:41.31738Z","times_seen":1882,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Salesforce","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Salesforce phishing","tags":["salesforce","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"1704864340.eurotesting72.cc/img/BG-02.png","fqdn":"1704864340.eurotesting72.cc","domain":"eurotesting72.cc","tld":"cc"},"ip":{"addr":"104.21.16.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://1704864340.eurotesting72.cc/index/user/login/1704864362.html","date":"2024-01-10T05:26:06.640Z","timestamp":1704864366640,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"eurotesting72.cc","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 17 Dec 2023 08:41:42 GMT","end":"Sat, 16 Mar 2024 08:41:41 GMT"},"fingerprint":{"sha1":"7A:E6:E1:FB:A6:21:9F:12:7D:A9:3F:5E:03:14:73:51:13:91:33:1B","sha256":"02:6A:4D:AE:CB:20:91:AB:1C:8E:7C:E6:4E:34:C0:D1:5C:7F:84:C1:05:09:75:C3:97:C9:E5:6C:B8:2D:70:49"}}},"request":{"raw":"GET /img/BG-02.png HTTP/1.1\r\nHost: 1704864340.eurotesting72.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://1704864340.eurotesting72.cc/index/user/login/1704864362.html\r\nCookie: think_var=en_us; s9851347b=cml0frhbh8a1kuotcgcf3k2m65\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 10 Jan 2024 05:26:06 GMT\r\ncontent-type: image/png\r\ncontent-length: 1731\r\nlast-modified: Sun, 01 May 2022 13:31:30 GMT\r\netag: \"626e8bb2-6c3\"\r\nexpires: Fri, 09 Feb 2024 05:26:00 GMT\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nage: 6\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=YzUGVxcN7lmz9WbpYedI5hp6h2xdcKHELSC1DEppFyPId7nsOC6qU9CyheU%2FU%2FTTcnJbJWWQma5XTcfQfLcBXiTob3vsdMAOMTOkXl8WHq3URUe%2BGENJZYw0WXVZzdxZZ1Mh7Uinqhdjutg7FDA%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=86400; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\ncf-ray: 843280d3782c5691-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1731,"size_decoded":1731,"mime_type":"image/png","magic":"PNG image data, 400 x 400, 8-bit colormap, non-interlaced","md5":"3fddc88d1a5aaececb8e1722ebae13fe","sha1":"ad2c2af726002d922c1b4dd5ec35d9588b2c0937","sha256":"efe284cd11a10ce3d54c9e6c1defe460c5cc534d84a0796f67e007f64f339ecd","sha512":"206ee995f96849a7926b9ae656ce28b71f45f49e8f7bf7bd855faaa04a10f74bcc2df81a17adf19e6d017500b4765212ce7729a54169784fa3a603615850c95f","ssdeep":"","tlshash":"ff3147d6d64428e23564cefd7f10884784854fb1be06deb2494f735b519971a8cbf504","first_seen":"2023-10-14T18:24:17Z","last_seen":"2024-08-21T04:43:37.524111Z","times_seen":1863,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Salesforce","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Salesforce phishing","tags":["salesforce","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"1704864340.eurotesting72.cc/imgy/Tapptitude-logo-031_1.png","fqdn":"1704864340.eurotesting72.cc","domain":"eurotesting72.cc","tld":"cc"},"ip":{"addr":"104.21.16.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://1704864340.eurotesting72.cc/index/user/login/1704864362.html","date":"2024-01-10T05:26:06.642Z","timestamp":1704864366642,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"eurotesting72.cc","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 17 Dec 2023 08:41:42 GMT","end":"Sat, 16 Mar 2024 08:41:41 GMT"},"fingerprint":{"sha1":"7A:E6:E1:FB:A6:21:9F:12:7D:A9:3F:5E:03:14:73:51:13:91:33:1B","sha256":"02:6A:4D:AE:CB:20:91:AB:1C:8E:7C:E6:4E:34:C0:D1:5C:7F:84:C1:05:09:75:C3:97:C9:E5:6C:B8:2D:70:49"}}},"request":{"raw":"GET /imgy/Tapptitude-logo-031_1.png HTTP/1.1\r\nHost: 1704864340.eurotesting72.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://1704864340.eurotesting72.cc/index/user/login/1704864362.html\r\nCookie: think_var=en_us; s9851347b=cml0frhbh8a1kuotcgcf3k2m65\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 10 Jan 2024 05:26:06 GMT\r\ncontent-type: image/png\r\ncontent-length: 22928\r\nlast-modified: Fri, 20 Oct 2023 03:34:40 GMT\r\netag: \"6531f550-5990\"\r\nexpires: Fri, 09 Feb 2024 05:26:00 GMT\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nage: 6\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=RO6VInypGGk9RxH3eCC1tawDED9WlXLLlY13AujvXKzzGE%2FSSLTCK%2Bv%2FImOz6AiXdcaIrw8sRJ4pa%2BaL9%2FUptEnus%2FGYyvKdzrRnf27t73xEtbwS0ThkljJAttM1REAz7qatG9VslQz2iUfAqiY%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=86400; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\ncf-ray: 843280d3782d5691-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":22928,"size_decoded":22928,"mime_type":"image/png","magic":"PNG image data, 592 x 74, 8-bit/color RGBA, non-interlaced","md5":"615b82fc36a2d246faae75b9f9153d0b","sha1":"0a1cc40a07ce6ea315e66238c528fb4d20ee5216","sha256":"21c1edefa64b1975773aa2e06c8def761b8eb0474bf36bed5c79783e41096376","sha512":"049ef8aad9ed35916d71ffcc5589ae8dd5725ca256f3c2651edbb40c5e6f039afa3e0466e0fa4df648098e203d4ea047cc8343427e86f99fa2954629941e430a","ssdeep":"384:p7nxXZHn4S3N4lt8ei5kLm6poRei9USMvLcZbbDreCpJQGzmCH0C73U3OtnDe3x+:9xyS3lei5kLmJ9USI4xpStCH0C73Pgsn","tlshash":"eaa2f1c63ff04c0636537b8256589477a42f9ce08fc59caccdbcca2662516a8ce8d597","first_seen":"2023-11-16T15:33:23Z","last_seen":"2024-08-20T19:17:05.325737Z","times_seen":1862,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Salesforce","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Salesforce phishing","tags":["salesforce","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"1704864340.eurotesting72.cc/imgy/jt.png","fqdn":"1704864340.eurotesting72.cc","domain":"eurotesting72.cc","tld":"cc"},"ip":{"addr":"104.21.16.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://1704864340.eurotesting72.cc/index/user/login/1704864362.html","date":"2024-01-10T05:26:06.644Z","timestamp":1704864366644,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"eurotesting72.cc","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 17 Dec 2023 08:41:42 GMT","end":"Sat, 16 Mar 2024 08:41:41 GMT"},"fingerprint":{"sha1":"7A:E6:E1:FB:A6:21:9F:12:7D:A9:3F:5E:03:14:73:51:13:91:33:1B","sha256":"02:6A:4D:AE:CB:20:91:AB:1C:8E:7C:E6:4E:34:C0:D1:5C:7F:84:C1:05:09:75:C3:97:C9:E5:6C:B8:2D:70:49"}}},"request":{"raw":"GET /imgy/jt.png HTTP/1.1\r\nHost: 1704864340.eurotesting72.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://1704864340.eurotesting72.cc/index/user/login/1704864362.html\r\nCookie: think_var=en_us; s9851347b=cml0frhbh8a1kuotcgcf3k2m65\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 10 Jan 2024 05:26:06 GMT\r\ncontent-type: image/png\r\ncontent-length: 2375\r\nlast-modified: Tue, 06 Sep 2022 00:12:36 GMT\r\netag: \"63169074-947\"\r\nexpires: Fri, 09 Feb 2024 05:26:00 GMT\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nage: 6\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=7pfe9XyRBeEpMJj4PCX%2BvRhZOZ0zpEVya7Sdi5bc70siGweDUI13b4Gol4WnAKyLH0ONrcNyJ2cIGsxn4bJJirG0MMqIAH64ZQTF%2BJFBeRSmzdMtbi3Ar6T%2FuyG3jmlRq5PK0zv31Apue8YMHZM%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=86400; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\ncf-ray: 843280d3782e5691-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2375,"size_decoded":2375,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced","md5":"e964107220dbdd61e6b472795240444a","sha1":"0408a43b2085287cc2443074c14844f0f2520fcf","sha256":"d151a40c6e9c58773a8bf737a89a170daf644d3d2341ed48fc609d70cebdd448","sha512":"cbd71067f50368421fb1787433c5ae25bc88b4008c883e3b13eeb0530359acd8885092c55f9b3e495d3cdaf2e650f498d8ee8fcfe7f777045e4f80e3f52bced1","ssdeep":"","tlshash":"eb410ad444c18e9f2485c05fd162ce0f1e3259cb67e1949c1bd0062e8dc1bf522b379a","first_seen":"2023-05-22T20:55:19Z","last_seen":"2024-10-04T11:10:52.654878Z","times_seen":1916,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Salesforce","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Salesforce phishing","tags":["salesforce","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"1704864340.eurotesting72.cc/static_new/js/dialog.min.js","fqdn":"1704864340.eurotesting72.cc","domain":"eurotesting72.cc","tld":"cc"},"ip":{"addr":"104.21.16.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://1704864340.eurotesting72.cc/index/user/login/1704864362.html","date":"2024-01-10T05:26:06.655Z","timestamp":1704864366655,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"eurotesting72.cc","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 17 Dec 2023 08:41:42 GMT","end":"Sat, 16 Mar 2024 08:41:41 GMT"},"fingerprint":{"sha1":"7A:E6:E1:FB:A6:21:9F:12:7D:A9:3F:5E:03:14:73:51:13:91:33:1B","sha256":"02:6A:4D:AE:CB:20:91:AB:1C:8E:7C:E6:4E:34:C0:D1:5C:7F:84:C1:05:09:75:C3:97:C9:E5:6C:B8:2D:70:49"}}},"request":{"raw":"GET /static_new/js/dialog.min.js HTTP/1.1\r\nHost: 1704864340.eurotesting72.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://1704864340.eurotesting72.cc/index/user/login/1704864362.html\r\nCookie: think_var=en_us; s9851347b=cml0frhbh8a1kuotcgcf3k2m65\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 10 Jan 2024 05:26:06 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 15 Feb 2020 10:13:12 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5e47c438-6cfa\"\r\nexpires: Wed, 10 Jan 2024 17:26:00 GMT\r\ncache-control: max-age=43200\r\ncf-cache-status: HIT\r\nage: 6\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=zG1y7EAqbktkaRqCsxN1kIrPANaISoZarqa00VYnHxclCL%2B1rUmPuTF4WRDCwlCigq8efxAx2f19ktOkCLeAkCwiMpxvsgZ6%2BeOumMdjz3OCnzd3kaa5D2d4Nr0kedK8HwTrjRGypecQEshzTYY%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=86400; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\ncf-ray: 843280d378345691-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":32563,"size_decoded":27898,"mime_type":"application/javascript","magic":"HTML document, Unicode text, UTF-8 text","md5":"e6a6c7b982fc5bb8487a990f1f848367","sha1":"247ad7d3c2dc6973b615c39d33b1718cdc45322f","sha256":"5acd06d1a462d957c80fe7b069f289c9b302ce3fd79e64f6666767c3fb36b40f","sha512":"c164a6511a9f09a1a38aac21c6fe39adcdee4f5484ec1a6849227750005d29db7132987b6194b6e1e23d3232235635b69051d87a50f784d6c93743126d410552","ssdeep":"192:8792uFcmGSv56nit+FETsYnZpeVbMcMtUqVbMcvwpNDygwNAZPPrxmjp4axgVVHt:kXuC8u6fRVFObkcobwhUi2VHEaLgiz","tlshash":"c0c2322465eb21964a73f43687ab3112f2270013941dfe16397f465c0fe4b3872aafe6","first_seen":"2023-03-07T12:20:59Z","last_seen":"2025-02-08T00:01:21.796499Z","times_seen":711,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Salesforce","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Salesforce phishing","tags":["salesforce","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"1704864340.eurotesting72.cc/vue.js","fqdn":"1704864340.eurotesting72.cc","domain":"eurotesting72.cc","tld":"cc"},"ip":{"addr":"104.21.16.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://1704864340.eurotesting72.cc/index/user/login/1704864362.html","date":"2024-01-10T05:26:06.609Z","timestamp":1704864366609,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"eurotesting72.cc","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 17 Dec 2023 08:41:42 GMT","end":"Sat, 16 Mar 2024 08:41:41 GMT"},"fingerprint":{"sha1":"7A:E6:E1:FB:A6:21:9F:12:7D:A9:3F:5E:03:14:73:51:13:91:33:1B","sha256":"02:6A:4D:AE:CB:20:91:AB:1C:8E:7C:E6:4E:34:C0:D1:5C:7F:84:C1:05:09:75:C3:97:C9:E5:6C:B8:2D:70:49"}}},"request":{"raw":"GET /vue.js HTTP/1.1\r\nHost: 1704864340.eurotesting72.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://1704864340.eurotesting72.cc/index/user/login/1704864362.html\r\nCookie: think_var=en_us; s9851347b=cml0frhbh8a1kuotcgcf3k2m65\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 10 Jan 2024 05:26:06 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 28 Aug 2022 23:13:22 GMT\r\nvary: Accept-Encoding\r\netag: W/\"630bf692-53fb4\"\r\nexpires: Wed, 10 Jan 2024 17:26:00 GMT\r\ncache-control: max-age=43200\r\ncf-cache-status: HIT\r\nage: 6\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=txEmPLLpa0wu7UglRV%2FrGNwaFbiCUnt9FlVUtM6oxNjJB3h%2F67smkoGG5r8oxFUCIBNbzIuGm4ZZ4FmHstbg88Dn9d7tQpmikYzLVFrd5qox7zDWsx%2FiX7oi2bQtvRgzpbEuaM6wkXdY6yl2qgs%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=86400; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\ncf-ray: 843280d3581b5691-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":93233,"size_decoded":343988,"mime_type":"application/javascript","magic":"ASCII text","md5":"f5c020d18d70f21851364d0570d38127","sha1":"5dba3f5cb7463e356310fc14e26d3358c1b00ed2","sha256":"58692c4b6420c192dcf7620267b09183cf3c4bd6050b31843698e69a59c26e6c","sha512":"1b5b549a89f71d969d8a221659d02f9fafe9f9476d2e98e7baa790ec344593ca74f13671cae19dab346eae4bb8ec6a39759efcf5bfa2ca81c7513ceab92e9025","ssdeep":"3072:TiOkNK65nfn78CZzFYSVMvCCaBQdg7pUPO5knTlB+cwNwDJgYB3lY5TxbMeBUw3F:TU9gCZ6SVVQdg7i7nT+T67BPyVQ4h","tlshash":"4b74b55db9f322a25a5370b94bafa449b278c0130508ce907d8dd3a46f9053857fbfe9","first_seen":"2023-03-12T17:52:29Z","last_seen":"2025-09-30T14:21:27.823334Z","times_seen":1928,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Salesforce","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Salesforce phishing","tags":["salesforce","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Roboto:300,400,500,700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://1704864340.eurotesting72.cc/index/user/login/1704864362.html","date":"2024-01-10T05:26:06.617Z","timestamp":1704864366617,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 20 Nov 2023 08:08:50 GMT","end":"Mon, 12 Feb 2024 08:08:49 GMT"},"fingerprint":{"sha1":"10:D0:ED:9A:F4:53:C8:99:DE:B6:5E:5C:04:E6:20:0B:68:7D:46:EC","sha256":"BC:5E:71:C1:5A:A5:DD:67:BF:ED:14:DB:1C:4E:F2:8E:5E:BE:D7:9A:F9:1F:7A:64:C7:3C:9B:ED:83:B2:8C:95"}}},"request":{"raw":"GET /css?family=Roboto:300,400,500,700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://1704864340.eurotesting72.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Wed, 10 Jan 2024 05:26:06 GMT\r\ndate: Wed, 10 Jan 2024 05:26:06 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":16482,"size_decoded":16482,"mime_type":"text/css; charset=utf-8","magic":"gzip compressed data, max compression","md5":"82266023e5c842df17c318dda52500ba","sha1":"db786158e844bd79b34b077acaa82261599345fe","sha256":"f657181380bd6330eeb05340a0a00bc926c338be5e33337a4a4c583996026f4c","sha512":"eb12e7be72febc31b26765af47c7d8b7e3752ffa309987b7a10c78e23ef327bdc7fcabc0d83934386de4775ac34cece38a6229efabcd1b36a1ddc8b9317edaf4","ssdeep":"384:ZOeT1TLklSElcS5V6qQTMUP07JwirW6RlLwK79/:ZDJ7EJ5E2bJwi5jLwK79/","tlshash":"6472e10158a023eee9f2327ed14b1b95c402b0a56d3504d8c6e0bc95fe2d7fd1486bb7","first_seen":"2023-05-07T07:24:56Z","last_seen":"2024-08-21T09:32:15.958816Z","times_seen":161,"resource_available":false,"data":null}},"time_used":99,"timings":{"blocked":25,"dns":1,"connect":10,"send":0,"wait":20,"receive":0,"ssl":38},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"1704864340.eurotesting72.cc/index/user/login/1704864362.html","fqdn":"1704864340.eurotesting72.cc","domain":"eurotesting72.cc","tld":"cc"},"ip":{"addr":"104.21.16.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-01-10T05:26:03.344Z","timestamp":1704864363344,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"eurotesting72.cc","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 17 Dec 2023 08:41:42 GMT","end":"Sat, 16 Mar 2024 08:41:41 GMT"},"fingerprint":{"sha1":"7A:E6:E1:FB:A6:21:9F:12:7D:A9:3F:5E:03:14:73:51:13:91:33:1B","sha256":"02:6A:4D:AE:CB:20:91:AB:1C:8E:7C:E6:4E:34:C0:D1:5C:7F:84:C1:05:09:75:C3:97:C9:E5:6C:B8:2D:70:49"}}},"request":{"raw":"GET /index/user/login/1704864362.html HTTP/1.1\r\nHost: 1704864340.eurotesting72.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: think_var=en_us; s9851347b=cml0frhbh8a1kuotcgcf3k2m65\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Jan 2024 05:26:06 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=JKp6VxtsRce%2Bcc0erV8rNs7%2F7UGfnIgf1u7YJh4QK0mew2083XcyaQvjJ6aomeQIvLv19mtlA1R2ZJR%2BZTi0EhD1XmGkjmP9hsw%2F9mmVL9QDLesWJP9304RbUic%2FSSGP6NB5XxrNTSvttm2wBco%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=86400; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\ncf-ray: 843280bf1d37b4ff-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":20259,"size_decoded":12389,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1244)","md5":"550cd9bbea2752910061916f4fe298da","sha1":"0d7b1ca7db7dee64b56682f05fc0cee7c7639e2f","sha256":"1597d40fa3e6d23fdbc984eee979e118aa197fa51f09ebece73e6a2067e87342","sha512":"f19bbc6db271357da7e06031187b8f8ee626000f5a5bad1f945f3c577e8c96d7c61ee9a52bd496a5a39e73eb6f36d6795811c68b0937cb4cf5c3185e956bb462","ssdeep":"192:Ku9H90N0Oydd2J9+6TBgH0Xd6RDbqYl/v3xBPBcdWbmiWP+LLC:JHad2jwBG4UbfFNcdWbmiWPMLC","tlshash":"1b4296e1eb0e144f622358d0a435779d612e953bda03cc5afefc7174afd4e984522a88","first_seen":"2024-08-20T12:44:30.037032Z","last_seen":"2024-08-20T12:44:30.037032Z","times_seen":1,"resource_available":false,"data":null}},"time_used":3015,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":3015,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Salesforce","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Salesforce phishing","tags":["salesforce","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"1704864340.eurotesting72.cc/static_new/css/public.css?v=V1.24","fqdn":"1704864340.eurotesting72.cc","domain":"eurotesting72.cc","tld":"cc"},"ip":{"addr":"104.21.16.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://1704864340.eurotesting72.cc/index/user/login/1704864362.html","date":"2024-01-10T05:26:06.624Z","timestamp":1704864366624,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"eurotesting72.cc","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 17 Dec 2023 08:41:42 GMT","end":"Sat, 16 Mar 2024 08:41:41 GMT"},"fingerprint":{"sha1":"7A:E6:E1:FB:A6:21:9F:12:7D:A9:3F:5E:03:14:73:51:13:91:33:1B","sha256":"02:6A:4D:AE:CB:20:91:AB:1C:8E:7C:E6:4E:34:C0:D1:5C:7F:84:C1:05:09:75:C3:97:C9:E5:6C:B8:2D:70:49"}}},"request":{"raw":"GET /static_new/css/public.css?v=V1.24 HTTP/1.1\r\nHost: 1704864340.eurotesting72.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://1704864340.eurotesting72.cc/index/user/login/1704864362.html\r\nCookie: think_var=en_us; s9851347b=cml0frhbh8a1kuotcgcf3k2m65\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 10 Jan 2024 05:26:06 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 01 Sep 2022 14:01:26 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6310bb36-43fb\"\r\nexpires: Wed, 10 Jan 2024 17:26:00 GMT\r\ncache-control: max-age=43200\r\ncf-cache-status: HIT\r\nage: 6\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=vJaG061zuL7DrTn%2Ffi0ZQMJ1iO00ctY6gMiK2yDwjVkP63R0V7tn4mktWNgiEupOfIesE1w5XXGXYGXX4ifeWcszdMGCDpCvFq2bShLSOmun2isE%2BtAf%2FUCbnYu5O%2BXh5PILXHSVmsFT2TBi7CM%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=86400; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\ncf-ray: 843280d358215691-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":18624,"size_decoded":17403,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"169e4de5136bed51956394ccd4328122","sha1":"3fca078ed53575c53e868fffa9be8cffe910684c","sha256":"ce9c68517b2551c460aa4225e927dd8a58775df119518be2bdcc6532ea859fe7","sha512":"986e267a9ae76681af37efc78f090413eea362e47126d4500bb7cf8a72f0d8661a4d245678cf860ec766f98db56bbf807ff9e870f797df2776d8db423aa54c86","ssdeep":"192:ilUMZ494EUoQiNCZ5fz9ksnOzaTNUbOnJkFXz9CNvcgIkwUzY5VDb84Xvbzjqoji:aHSmQbX/Soe","tlshash":"0072217a5d081140e27fd3719fea1a99ea35417352022bae76c991874fb271432cffc5","first_seen":"2023-05-17T12:30:16Z","last_seen":"2024-10-04T10:22:11.294605Z","times_seen":1908,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Salesforce","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Salesforce phishing","tags":["salesforce","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"1704864340.eurotesting72.cc/public/js/layer_mobile/need/layer.css?2.0","fqdn":"1704864340.eurotesting72.cc","domain":"eurotesting72.cc","tld":"cc"},"ip":{"addr":"104.21.16.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://1704864340.eurotesting72.cc/index/user/login/1704864362.html","date":"2024-01-10T05:26:07.037Z","timestamp":1704864367037,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"eurotesting72.cc","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 17 Dec 2023 08:41:42 GMT","end":"Sat, 16 Mar 2024 08:41:41 GMT"},"fingerprint":{"sha1":"7A:E6:E1:FB:A6:21:9F:12:7D:A9:3F:5E:03:14:73:51:13:91:33:1B","sha256":"02:6A:4D:AE:CB:20:91:AB:1C:8E:7C:E6:4E:34:C0:D1:5C:7F:84:C1:05:09:75:C3:97:C9:E5:6C:B8:2D:70:49"}}},"request":{"raw":"GET /public/js/layer_mobile/need/layer.css?2.0 HTTP/1.1\r\nHost: 1704864340.eurotesting72.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://1704864340.eurotesting72.cc/index/user/login/1704864362.html\r\nCookie: think_var=en_us; s9851347b=cml0frhbh8a1kuotcgcf3k2m65\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 10 Jan 2024 05:26:07 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 10 Dec 2019 03:14:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5def0da6-148c\"\r\nexpires: Wed, 10 Jan 2024 17:26:01 GMT\r\ncache-control: max-age=43200\r\ncf-cache-status: HIT\r\nage: 6\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=9D2jSvhec7O2QuKhLtfi9ohO8NtCnU5aiV3vVWA55pbec%2B%2BCYZfR%2Bupid8tlkaVwp9kJryP5OaCcCINzNeowLcNIwK2CNwostO9T3VcmxlREBnnH8cPQg7Mtw233T31QBi80RvwpM0pJatrwwGM%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=86400; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\ncf-ray: 843280d639ba5691-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1748,"size_decoded":5260,"mime_type":"text/css","magic":"ASCII text, with very long lines (5260), with no line terminators","md5":"633915e62d14a714594b95b974ee0836","sha1":"e11ebb64a70272c4f35b92fea064f27c4b87efad","sha256":"eecc7effcae5f246e6212c30c525cee9e11cadedc7d32aa6def213f1a90d98f6","sha512":"3a0f469c32521c0fe51838b099650f055410cbdabf64659856e009c8d5e1f3a32fed568832282a92892f1398c8557fe1f64a6a34881f711ecd55b41b054d243a","ssdeep":"96:tJA7fs72Cyf26B6ZtbXBh+Bcw0iZRfcSNHIFSf:J72b5YZtbXucwlrESNoa","tlshash":"9cb1c796989303e8b027c51796dc5efe70388d43915209aef157382fc74bdd9b1b260b","first_seen":"2023-04-07T00:16:00Z","last_seen":"2026-04-03T23:58:06.911773Z","times_seen":4955,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":16,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Salesforce","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Salesforce phishing","tags":["salesforce","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"1704864340.eurotesting72.cc/red/jquery.cookie.js","fqdn":"1704864340.eurotesting72.cc","domain":"eurotesting72.cc","tld":"cc"},"ip":{"addr":"104.21.16.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://1704864340.eurotesting72.cc/index/user/login/1704864362.html","date":"2024-01-10T05:26:06.650Z","timestamp":1704864366650,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"eurotesting72.cc","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 17 Dec 2023 08:41:42 GMT","end":"Sat, 16 Mar 2024 08:41:41 GMT"},"fingerprint":{"sha1":"7A:E6:E1:FB:A6:21:9F:12:7D:A9:3F:5E:03:14:73:51:13:91:33:1B","sha256":"02:6A:4D:AE:CB:20:91:AB:1C:8E:7C:E6:4E:34:C0:D1:5C:7F:84:C1:05:09:75:C3:97:C9:E5:6C:B8:2D:70:49"}}},"request":{"raw":"GET /red/jquery.cookie.js HTTP/1.1\r\nHost: 1704864340.eurotesting72.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://1704864340.eurotesting72.cc/index/user/login/1704864362.html\r\nCookie: think_var=en_us; s9851347b=cml0frhbh8a1kuotcgcf3k2m65\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 10 Jan 2024 05:26:06 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 05 Mar 2021 16:36:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60425df6-c31\"\r\nexpires: Wed, 10 Jan 2024 17:26:00 GMT\r\ncache-control: max-age=43200\r\ncf-cache-status: HIT\r\nage: 6\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=pqFbYfc6sAWyfPS9nmr7gKa1%2FMFDHaRgQDd3hVLo2un0w25Nce6%2F7qYywPFGDLEMXcRFx3dL%2Bs9rYzP%2BEDFw3ur%2Fc%2BeAyLBiTnvBi7jYlljQnZYEJsVRj98RxPptK70SJEyFGc4hGnPVeOcGLAI%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=86400; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\ncf-ray: 843280d378335691-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3121,"size_decoded":3121,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (3441), with no line terminators","md5":"c70a657c6ff1764a238929b6e46fb8e4","sha1":"e2a8eb96b388abf14690ea14fe4af3f600296235","sha256":"466840a5176a0d6bd70e2d5ade5928ad656ca6b9cd3040a241e33478c63f5813","sha512":"5bf73bfebf28b33fa15afeccfb4d215d20bee6f9c318665e0bcd39b370980a7ff8a24a9b32f1dfd13d73d2ed5a6192e798764cd80748eb5fa173b89c1c13f6d1","ssdeep":"","tlshash":"81610f6134fd623e0d9b6bd5676f0468b83ffe70b02406448426b995286c862dba7c5f","first_seen":"2023-04-05T13:41:14Z","last_seen":"2025-04-06T16:07:02.012143Z","times_seen":3258,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Salesforce","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Salesforce phishing","tags":["salesforce","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"1704864340.eurotesting72.cc/red/popper.min.js","fqdn":"1704864340.eurotesting72.cc","domain":"eurotesting72.cc","tld":"cc"},"ip":{"addr":"104.21.16.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://1704864340.eurotesting72.cc/index/user/login/1704864362.html","date":"2024-01-10T05:26:06.646Z","timestamp":1704864366646,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"eurotesting72.cc","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 17 Dec 2023 08:41:42 GMT","end":"Sat, 16 Mar 2024 08:41:41 GMT"},"fingerprint":{"sha1":"7A:E6:E1:FB:A6:21:9F:12:7D:A9:3F:5E:03:14:73:51:13:91:33:1B","sha256":"02:6A:4D:AE:CB:20:91:AB:1C:8E:7C:E6:4E:34:C0:D1:5C:7F:84:C1:05:09:75:C3:97:C9:E5:6C:B8:2D:70:49"}}},"request":{"raw":"GET /red/popper.min.js HTTP/1.1\r\nHost: 1704864340.eurotesting72.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://1704864340.eurotesting72.cc/index/user/login/1704864362.html\r\nCookie: think_var=en_us; s9851347b=cml0frhbh8a1kuotcgcf3k2m65\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 10 Jan 2024 05:26:06 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 05 Mar 2021 16:34:56 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60425db0-520c\"\r\nexpires: Wed, 10 Jan 2024 17:26:00 GMT\r\ncache-control: max-age=43200\r\ncf-cache-status: HIT\r\nage: 6\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=INQ9NwVLDuc%2FcS0WUUos1Cq2sDj8%2FsiqanF0EkMZVIr9LJQPHh8THZkk%2F4oiKifwJq%2FgE0TQgpduMts4yfLyKe5MSQ16LvX2RJnHvfaz1Z%2FdeF5VwxI5OS%2B2%2BYMBB2jwmKkZstdCgLu9F2Uswsw%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=86400; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\ncf-ray: 843280d378305691-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":21004,"size_decoded":21004,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (20831)","md5":"56456db9d72a4b380ed3cb63095e6022","sha1":"6dbce88aee15b42f29083df7a07513cf3b486ba0","sha256":"66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2","sha512":"e56bd96b837b26add354d0a9e2b8dc04c95cea94f7959ee05718ed23a224296fae22d49afab160b45963bd99c2c501a3f12517e431eb68a13a327ff8b262b50a","ssdeep":"384:kmQkLrwVOyzirVyKnxRsIB9Db5HjiWn8xHOxvRVgD75zBY5vImg3FzGpL9ARdOgS:vLsgyziJp3Db5OxHOxvYD73Y5vQzyL9p","tlshash":"1992b4cc3294b06643a791a7a0af960fb2339875610e9410f19df2d97c30ef9a13bc79","first_seen":"2023-03-07T01:06:27Z","last_seen":"2026-04-04T17:30:40.252321Z","times_seen":16264,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Salesforce","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Salesforce phishing","tags":["salesforce","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"1704864340.eurotesting72.cc/static_new/js/common.js","fqdn":"1704864340.eurotesting72.cc","domain":"eurotesting72.cc","tld":"cc"},"ip":{"addr":"104.21.16.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://1704864340.eurotesting72.cc/index/user/login/1704864362.html","date":"2024-01-10T05:26:06.664Z","timestamp":1704864366664,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"eurotesting72.cc","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 17 Dec 2023 08:41:42 GMT","end":"Sat, 16 Mar 2024 08:41:41 GMT"},"fingerprint":{"sha1":"7A:E6:E1:FB:A6:21:9F:12:7D:A9:3F:5E:03:14:73:51:13:91:33:1B","sha256":"02:6A:4D:AE:CB:20:91:AB:1C:8E:7C:E6:4E:34:C0:D1:5C:7F:84:C1:05:09:75:C3:97:C9:E5:6C:B8:2D:70:49"}}},"request":{"raw":"GET /static_new/js/common.js HTTP/1.1\r\nHost: 1704864340.eurotesting72.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://1704864340.eurotesting72.cc/index/user/login/1704864362.html\r\nCookie: think_var=en_us; s9851347b=cml0frhbh8a1kuotcgcf3k2m65\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 10 Jan 2024 05:26:06 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 06 Nov 2022 20:24:30 GMT\r\nvary: Accept-Encoding\r\netag: W/\"636817fe-a32\"\r\nexpires: Wed, 10 Jan 2024 17:26:00 GMT\r\ncache-control: max-age=43200\r\ncf-cache-status: HIT\r\nage: 6\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=eYkR9PnjizOYPAfCcOJ5E9a8nFV4VJCA%2BOJjIukz5ES0KpwT2qvnQ1HMLxVYJNzddP9nkWEVIy9VshKIpSwMwtBBMJLS4Bncf0FUoHlyIm2dZ9helV%2FAHiG%2BkPnLVzWE4ydxXJS5CtqEF6jLNwI%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=86400; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\ncf-ray: 843280d388445691-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2610,"size_decoded":2610,"mime_type":"application/javascript","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (2737), with no line terminators","md5":"47da7e76ce9452fee91c87417c13fb38","sha1":"286af070ababfdfc497b609fb2ec05560f90d785","sha256":"0d96d9dc5de250b868903260e201d6d8cfd63c8da748828b2f46fbb59cbc205d","sha512":"e83582d33fd7b92047908141393e4fe2428282865e85ca52a548e38fbed10f1d9fb33f14496a68553c1df4edcf4ae2f325535f679c8452ae1244211c91dfe8fd","ssdeep":"","tlshash":"1351751eed6872330a2af23b096fd144f02b644fdb0e86117f4d9984c7a151ed97ea4b","first_seen":"2023-08-09T06:39:27Z","last_seen":"2024-08-21T09:43:41.332666Z","times_seen":1429,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Salesforce","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Salesforce phishing","tags":["salesforce","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"216.58.211.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://1704864340.eurotesting72.cc/index/user/login/1704864362.html","date":"2024-01-10T05:26:06.921Z","timestamp":1704864366921,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 20 Nov 2023 08:08:49 GMT","end":"Mon, 12 Feb 2024 08:08:48 GMT"},"fingerprint":{"sha1":"5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1","sha256":"80:CC:7B:86:3B:74:87:87:51:57:4E:D5:46:B4:9E:75:8C:D9:BA:D5:3D:29:B0:19:02:4F:62:61:AA:42:DF:C9"}}},"request":{"raw":"GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://1704864340.eurotesting72.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 15860\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 08 Jan 2024 19:43:02 GMT\r\nexpires: Tue, 07 Jan 2025 19:43:02 GMT\r\ncache-control: public, max-age=31536000\r\nage: 121384\r\nlast-modified: Wed, 11 May 2022 19:24:42 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15860,"size_decoded":15860,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 15860, version 1.0","md5":"e9f5aaf547f165386cd313b995dddd8e","sha1":"acdef5603c2387b0e5bffd744b679a24a8bc1968","sha256":"f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860","sha512":"2a71edb5490f286642a874d52a1969f54282bc43cb24e8d5a297e13b320321fb7b7af5524eac609cf5f95ee08d5e4ec5803e2a3c8d13c09f6cc38713c665d0ce","ssdeep":"384:S7qmPTF4N21t//YW2FS6+1XxrsbGmjlAbvqMmtCN:S621tHY4xwbGmjloSM7N","tlshash":"1a62d0058ba5850bf5b907fb0e1ab7ee30664b523c8c42278348073970db47a6b2b1fd","first_seen":"2023-04-05T14:47:55Z","last_seen":"2026-04-04T18:18:04.210722Z","times_seen":89825,"resource_available":false,"data":null}},"time_used":185,"timings":{"blocked":44,"dns":8,"connect":7,"send":0,"wait":18,"receive":70,"ssl":34},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"1704864340.eurotesting72.cc/public/js/layer_mobile/need/layer.css","fqdn":"1704864340.eurotesting72.cc","domain":"eurotesting72.cc","tld":"cc"},"ip":{"addr":"104.21.16.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://1704864340.eurotesting72.cc/index/user/login/1704864362.html","date":"2024-01-10T05:26:06.657Z","timestamp":1704864366657,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"eurotesting72.cc","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 17 Dec 2023 08:41:42 GMT","end":"Sat, 16 Mar 2024 08:41:41 GMT"},"fingerprint":{"sha1":"7A:E6:E1:FB:A6:21:9F:12:7D:A9:3F:5E:03:14:73:51:13:91:33:1B","sha256":"02:6A:4D:AE:CB:20:91:AB:1C:8E:7C:E6:4E:34:C0:D1:5C:7F:84:C1:05:09:75:C3:97:C9:E5:6C:B8:2D:70:49"}}},"request":{"raw":"GET /public/js/layer_mobile/need/layer.css HTTP/1.1\r\nHost: 1704864340.eurotesting72.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://1704864340.eurotesting72.cc/index/user/login/1704864362.html\r\nCookie: think_var=en_us; s9851347b=cml0frhbh8a1kuotcgcf3k2m65\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 10 Jan 2024 05:26:06 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 10 Dec 2019 03:14:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5def0da6-148c\"\r\nexpires: Wed, 10 Jan 2024 17:26:00 GMT\r\ncache-control: max-age=43200\r\ncf-cache-status: HIT\r\nage: 6\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=LuzqVbpObJUAI6q1tAJ6rFZrQ5eMSzLEY0%2Fp2zjOSRD54%2BAJYHTvUyN3FABPJiJjJgmwnFQG6neyLrnyu5%2BAnxIL8RTyl4QxVIuTd811YNXTe3MY5mI%2BRfjbMRlxBSD6p%2BMOeFXNflFGmNynpVM%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=86400; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\ncf-ray: 843280d378355691-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5260,"size_decoded":5260,"mime_type":"text/css","magic":"ASCII text, with very long lines (5260), with no line terminators","md5":"633915e62d14a714594b95b974ee0836","sha1":"e11ebb64a70272c4f35b92fea064f27c4b87efad","sha256":"eecc7effcae5f246e6212c30c525cee9e11cadedc7d32aa6def213f1a90d98f6","sha512":"3a0f469c32521c0fe51838b099650f055410cbdabf64659856e009c8d5e1f3a32fed568832282a92892f1398c8557fe1f64a6a34881f711ecd55b41b054d243a","ssdeep":"96:tJA7fs72Cyf26B6ZtbXBh+Bcw0iZRfcSNHIFSf:J72b5YZtbXucwlrESNoa","tlshash":"9cb1c796989303e8b027c51796dc5efe70388d43915209aef157382fc74bdd9b1b260b","first_seen":"2023-04-07T00:16:00Z","last_seen":"2026-04-03T23:58:06.911773Z","times_seen":4955,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Salesforce","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Salesforce phishing","tags":["salesforce","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"216.58.211.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://1704864340.eurotesting72.cc/index/user/login/1704864362.html","date":"2024-01-10T05:26:06.880Z","timestamp":1704864366880,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 20 Nov 2023 08:08:49 GMT","end":"Mon, 12 Feb 2024 08:08:48 GMT"},"fingerprint":{"sha1":"5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1","sha256":"80:CC:7B:86:3B:74:87:87:51:57:4E:D5:46:B4:9E:75:8C:D9:BA:D5:3D:29:B0:19:02:4F:62:61:AA:42:DF:C9"}}},"request":{"raw":"GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://1704864340.eurotesting72.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 15744\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 06 Jan 2024 00:53:44 GMT\r\nexpires: Sun, 05 Jan 2025 00:53:44 GMT\r\ncache-control: public, max-age=31536000\r\nage: 361942\r\nlast-modified: Wed, 11 May 2022 19:24:48 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15744,"size_decoded":15744,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 15744, version 1.0","md5":"15d9f621c3bd1599f0169dcf0bd5e63e","sha1":"7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52","sha256":"f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615","sha512":"d35a47162fc160cd5f806c3bb7feb50ec96fdfc81753660ead22ef33f89be6b1bfd63d1135f6b479d35c2e9d30f2360ffc8819efca672270e230635bcb206c82","ssdeep":"384:z1TLklSElcS5V6qQTMUP07JwirW6RlLwK79/:p7EJ5E2bJwi5jLwK79/","tlshash":"8162e00158a163ade9b2327ed10b1b91c40660a27d2504e8c6e4fc95fe3d7ed5487b76","first_seen":"2023-04-05T08:15:27Z","last_seen":"2026-04-04T18:40:26.651835Z","times_seen":158443,"resource_available":true,"data":null}},"time_used":177,"timings":{"blocked":83,"dns":0,"connect":7,"send":0,"wait":8,"receive":3,"ssl":74},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"1704864340.eurotesting72.cc/index","fqdn":"1704864340.eurotesting72.cc","domain":"eurotesting72.cc","tld":"cc"},"ip":{"addr":"104.21.16.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-01-10T05:25:59.943Z","timestamp":1704864359943,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"eurotesting72.cc","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 17 Dec 2023 08:41:42 GMT","end":"Sat, 16 Mar 2024 08:41:41 GMT"},"fingerprint":{"sha1":"7A:E6:E1:FB:A6:21:9F:12:7D:A9:3F:5E:03:14:73:51:13:91:33:1B","sha256":"02:6A:4D:AE:CB:20:91:AB:1C:8E:7C:E6:4E:34:C0:D1:5C:7F:84:C1:05:09:75:C3:97:C9:E5:6C:B8:2D:70:49"}}},"request":{"raw":"GET /index HTTP/1.1\r\nHost: 1704864340.eurotesting72.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\ndate: Wed, 10 Jan 2024 05:26:03 GMT\r\ncontent-type: text/html; charset=utf-8\r\nset-cookie: think_var=en_us; expires=Wed, 10-Jan-2024 05:56:02 GMT; Max-Age=1800; path=/; HttpOnly\ns9851347b=cml0frhbh8a1kuotcgcf3k2m65; path=/; HttpOnly\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\npragma: no-cache\r\ncache-control: no-cache,must-revalidate\r\nlocation: /index/user/login/1704864362.html\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=RI8N4gkhwMQO24gfNHlpaqssi35x4jZmYkUbB5MQpk3Es7DvoORFZik9PbhDQhjI3fsEZT7o%2FHNE6Plx%2FbM%2FojJqdC8sseg%2BRh5NBw1bLrPJWuPlF18LXvn1k%2Ft1BqI%2BGG6wGMzdKul6NvyzRaU%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=86400; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\ncf-ray: 843280a9e9e2b4ff-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":null,"data":{"size":12389,"size_decoded":12389,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T18:47:00.89111Z","times_seen":13342615,"resource_available":true,"data":null}},"time_used":3409,"timings":{"blocked":15,"dns":0,"connect":1,"send":0,"wait":3380,"receive":0,"ssl":8},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Salesforce","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Salesforce phishing","tags":["salesforce","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"1704864340.eurotesting72.cc/red/swiper/swiper-bundle.min.js","fqdn":"1704864340.eurotesting72.cc","domain":"eurotesting72.cc","tld":"cc"},"ip":{"addr":"104.21.16.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://1704864340.eurotesting72.cc/index/user/login/1704864362.html","date":"2024-01-10T05:26:06.649Z","timestamp":1704864366649,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"eurotesting72.cc","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 17 Dec 2023 08:41:42 GMT","end":"Sat, 16 Mar 2024 08:41:41 GMT"},"fingerprint":{"sha1":"7A:E6:E1:FB:A6:21:9F:12:7D:A9:3F:5E:03:14:73:51:13:91:33:1B","sha256":"02:6A:4D:AE:CB:20:91:AB:1C:8E:7C:E6:4E:34:C0:D1:5C:7F:84:C1:05:09:75:C3:97:C9:E5:6C:B8:2D:70:49"}}},"request":{"raw":"GET /red/swiper/swiper-bundle.min.js HTTP/1.1\r\nHost: 1704864340.eurotesting72.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://1704864340.eurotesting72.cc/index/user/login/1704864362.html\r\nCookie: think_var=en_us; s9851347b=cml0frhbh8a1kuotcgcf3k2m65\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 10 Jan 2024 05:26:06 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 05 Mar 2021 16:40:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60425ee4-222b9\"\r\nexpires: Wed, 10 Jan 2024 17:26:00 GMT\r\ncache-control: max-age=43200\r\ncf-cache-status: HIT\r\nage: 6\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=cxz23%2BX54S8a07XO96JHNJ9cC5%2B1jM9RbqJT1Pb%2FSeUK8R2JjBxIsymeR67upaGWdeCYvri63nBWvwyIFLgCuhODG8sxEjOzvy2qzaKPYgWKsnyga2irYH4ZEH7l%2BtwskUFBhG%2BuVym5HnrLKsE%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=86400; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\ncf-ray: 843280d378325691-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":139961,"size_decoded":139961,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (65278)","md5":"c4358cb63a4b96c5d71a2fb630871f30","sha1":"be3b7d9d5bbd680d035f768345778d84eb08fe23","sha256":"c26293076ae548cd0614c5946e9c16f34bd7810fd2f63deeaa28df61ce935229","sha512":"35a85c90dfa0ac1e9f4b1bb7bd074a8b20baf6cc235bafb16148da3d55931ad46e89af33508970da09208e166601df250040841d5dc7742b9d6ab9c065a5a467","ssdeep":"3072:U79yoiRfIBB4G+yMwoSpADH79cVOJjBqcxN:k9ytlByMwoSpADH79cVOJjBqcL","tlshash":"9dd3188db354b2e151e72256539ed10263b65845b80ac1a470b68cd7acbde8c03bfefd","first_seen":"2023-03-07T12:20:59Z","last_seen":"2026-04-04T17:41:27.211604Z","times_seen":3817,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Salesforce","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Salesforce phishing","tags":["salesforce","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"1704864340.eurotesting72.cc/red/bootstrap/css/bootstrap.min.css","fqdn":"1704864340.eurotesting72.cc","domain":"eurotesting72.cc","tld":"cc"},"ip":{"addr":"104.21.16.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://1704864340.eurotesting72.cc/index/user/login/1704864362.html","date":"2024-01-10T05:26:06.619Z","timestamp":1704864366619,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"eurotesting72.cc","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 17 Dec 2023 08:41:42 GMT","end":"Sat, 16 Mar 2024 08:41:41 GMT"},"fingerprint":{"sha1":"7A:E6:E1:FB:A6:21:9F:12:7D:A9:3F:5E:03:14:73:51:13:91:33:1B","sha256":"02:6A:4D:AE:CB:20:91:AB:1C:8E:7C:E6:4E:34:C0:D1:5C:7F:84:C1:05:09:75:C3:97:C9:E5:6C:B8:2D:70:49"}}},"request":{"raw":"GET /red/bootstrap/css/bootstrap.min.css HTTP/1.1\r\nHost: 1704864340.eurotesting72.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://1704864340.eurotesting72.cc/index/user/login/1704864362.html\r\nCookie: think_var=en_us; s9851347b=cml0frhbh8a1kuotcgcf3k2m65\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 10 Jan 2024 05:26:06 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 06 Mar 2021 03:08:24 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6042f228-27681\"\r\nexpires: Wed, 10 Jan 2024 17:26:00 GMT\r\ncache-control: max-age=43200\r\ncf-cache-status: HIT\r\nage: 6\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=SXnOKJVpL1B1driuHYfJ4p46THoV%2Bx17C3RmHYIbmngrNsdp7YcTRYMLbWf%2B2tCU4%2FSdWQBCPzEf1wcZhaHKmWe2VKI0txKzNTvdIys2JgMboeNN0%2BQmwe5DEkpOq4Zo%2FX6W09Fgi%2FIKmhG1%2FWo%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=86400; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\ncf-ray: 843280d3581e5691-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":161409,"size_decoded":161409,"mime_type":"text/css","magic":"ASCII text, with very long lines (65326)","md5":"d432e4222814b62dd30c9513dcc29440","sha1":"2cac4afc120983921411296bd4e8fd8a94ba237e","sha256":"4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601","sha512":"3f9320327d6304dd356ac060534cfad10938431897a3cebec2515a84aaec41fdfb73d72ba39d7b5b35523cf575b432b3864bb6889d855602faef01b4dd21a734","ssdeep":"1536:iC7AIJkTR+rMqFVD2DEBi8yNcuSElAz/uJpq3SYiLENM6HN26R:d7XXGLq3SYiLENM6HN26R","tlshash":"8cf353a6f5a0312de4a7c61964d0bafd152f8245d7224bfbf8273b6447892c70a73e4c","first_seen":"2023-04-05T05:11:52Z","last_seen":"2026-04-04T16:30:31.8045Z","times_seen":11797,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Salesforce","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Salesforce phishing","tags":["salesforce","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"1704864340.eurotesting72.cc/red/style.css?v=V1.24","fqdn":"1704864340.eurotesting72.cc","domain":"eurotesting72.cc","tld":"cc"},"ip":{"addr":"104.21.16.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://1704864340.eurotesting72.cc/index/user/login/1704864362.html","date":"2024-01-10T05:26:06.622Z","timestamp":1704864366622,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"eurotesting72.cc","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 17 Dec 2023 08:41:42 GMT","end":"Sat, 16 Mar 2024 08:41:41 GMT"},"fingerprint":{"sha1":"7A:E6:E1:FB:A6:21:9F:12:7D:A9:3F:5E:03:14:73:51:13:91:33:1B","sha256":"02:6A:4D:AE:CB:20:91:AB:1C:8E:7C:E6:4E:34:C0:D1:5C:7F:84:C1:05:09:75:C3:97:C9:E5:6C:B8:2D:70:49"}}},"request":{"raw":"GET /red/style.css?v=V1.24 HTTP/1.1\r\nHost: 1704864340.eurotesting72.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://1704864340.eurotesting72.cc/index/user/login/1704864362.html\r\nCookie: think_var=en_us; s9851347b=cml0frhbh8a1kuotcgcf3k2m65\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 10 Jan 2024 05:26:06 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 07 Sep 2022 15:17:36 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6318b610-1eb6e\"\r\nexpires: Wed, 10 Jan 2024 17:26:00 GMT\r\ncache-control: max-age=43200\r\ncf-cache-status: HIT\r\nage: 6\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=tFuP5t%2F0%2FM69YA%2F07%2FaqxQeRH7hJmHrwfxgNLUSd48F8gMSUfVx3BngGWpaIg6SuFH49IJ7Fl%2B%2Fy9P08S%2FR4vHc3Eyrd3ZQA7sUmSYgerdDnUoMHemU3ChfgZmIZvSn%2B7NDyDYlBHn0CXMmE884%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=86400; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\ncf-ray: 843280d358205691-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":125806,"size_decoded":125806,"mime_type":"text/css","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T18:47:00.89111Z","times_seen":13342615,"resource_available":true,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Salesforce","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Salesforce phishing","tags":["salesforce","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"1704864340.eurotesting72.cc/public/js/layer_mobile/layer.js","fqdn":"1704864340.eurotesting72.cc","domain":"eurotesting72.cc","tld":"cc"},"ip":{"addr":"104.21.16.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://1704864340.eurotesting72.cc/index/user/login/1704864362.html","date":"2024-01-10T05:26:06.659Z","timestamp":1704864366659,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"eurotesting72.cc","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 17 Dec 2023 08:41:42 GMT","end":"Sat, 16 Mar 2024 08:41:41 GMT"},"fingerprint":{"sha1":"7A:E6:E1:FB:A6:21:9F:12:7D:A9:3F:5E:03:14:73:51:13:91:33:1B","sha256":"02:6A:4D:AE:CB:20:91:AB:1C:8E:7C:E6:4E:34:C0:D1:5C:7F:84:C1:05:09:75:C3:97:C9:E5:6C:B8:2D:70:49"}}},"request":{"raw":"GET /public/js/layer_mobile/layer.js HTTP/1.1\r\nHost: 1704864340.eurotesting72.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://1704864340.eurotesting72.cc/index/user/login/1704864362.html\r\nCookie: think_var=en_us; s9851347b=cml0frhbh8a1kuotcgcf3k2m65\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 10 Jan 2024 05:26:06 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 10 Dec 2019 03:14:46 GMT\r\nvary: Accept-Encoding\r\netag: W/\"5def0da6-ce8\"\r\nexpires: Wed, 10 Jan 2024 17:26:00 GMT\r\ncache-control: max-age=43200\r\ncf-cache-status: HIT\r\nage: 6\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=75YGlaKzkm8ZRwLYPLhlMK3yBZQFQwCBQNT1wMvGtjNqDhOkU15B5jdfk07eVg%2BgYsXDN2lVAgEkKUnge6Ay5GLKrG3NRi4zqTjpBz1O3qPR%2FYSM4VJlRYpbeiMS%2FfIhCpVEzBJm9%2BVPAa4LWYU%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=86400; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\ncf-ray: 843280d378375691-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3304,"size_decoded":3304,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (3435), with no line terminators","md5":"13fd3d5b0fb763160395abbad25d8e57","sha1":"6bc56d44091c873f6b5496ef8be2ed9f36e5220b","sha256":"f1757725deb30f2928f10e427b253f153b0466a60a1c399e9f6bb6cbf5908941","sha512":"1cf9caadb34021fc390c9e13b83336d334de4e635057f0bdb1d9ef15955fe96849e82ba5a7581cfcee911db9a92498d92a830551f550eb3758e2c6346ecad73f","ssdeep":"","tlshash":"0e61c7abf005b23756132085a17f282fb63b6471a5058860d0e2e0be99fddac6837f5d","first_seen":"2023-04-07T00:16:00Z","last_seen":"2025-04-05T12:50:42.269296Z","times_seen":2307,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Salesforce","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Salesforce phishing","tags":["salesforce","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"1704864340.eurotesting72.cc/imgy/BG-01.png","fqdn":"1704864340.eurotesting72.cc","domain":"eurotesting72.cc","tld":"cc"},"ip":{"addr":"104.21.16.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://1704864340.eurotesting72.cc/index/user/login/1704864362.html","date":"2024-01-10T05:26:06.876Z","timestamp":1704864366876,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"eurotesting72.cc","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 17 Dec 2023 08:41:42 GMT","end":"Sat, 16 Mar 2024 08:41:41 GMT"},"fingerprint":{"sha1":"7A:E6:E1:FB:A6:21:9F:12:7D:A9:3F:5E:03:14:73:51:13:91:33:1B","sha256":"02:6A:4D:AE:CB:20:91:AB:1C:8E:7C:E6:4E:34:C0:D1:5C:7F:84:C1:05:09:75:C3:97:C9:E5:6C:B8:2D:70:49"}}},"request":{"raw":"GET /imgy/BG-01.png HTTP/1.1\r\nHost: 1704864340.eurotesting72.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://1704864340.eurotesting72.cc/index/user/login/1704864362.html\r\nCookie: think_var=en_us; s9851347b=cml0frhbh8a1kuotcgcf3k2m65\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 10 Jan 2024 05:26:06 GMT\r\ncontent-type: image/png\r\ncontent-length: 26585\r\nlast-modified: Sun, 13 Nov 2022 09:55:20 GMT\r\netag: \"6370bf08-67d9\"\r\nexpires: Fri, 09 Feb 2024 05:26:01 GMT\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nage: 5\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=FFxC3f4q8V8JFa7NXdNch6R2EEovS%2Bs4dSDnnbyOQ7KxpCB8cr%2FBQCnBugPZa%2Fd7H99UO9aY6Is8OAZshjmLHCjqvsro22GouORKUAA7qU8rTOAFvGMTjb12rkEuOR%2B5sf2IE9neTH65uIQzx7A%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=86400; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\ncf-ray: 843280d529355691-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":26585,"size_decoded":26585,"mime_type":"image/png","magic":"PNG image data, 800 x 900, 8-bit/color RGBA, non-interlaced","md5":"32e5a811d97ee090735b1b91c0504da8","sha1":"eaeafca8c27de39c0445155e2098a45c9710d6e4","sha256":"b4a732b2cfdf0b07576b5fafca34c485db75c90f3c466f54987f62c361c21082","sha512":"c70f06ff26e172e2b2523616af42c46d82838a9fa1519115a3e7aaa11eb070e101c4e24f84c567464147d3e8b38f98251378b61b7cc1f9b9a51d17d7ac565a6d","ssdeep":"384:m7CqOZwlceEU6AA7z/BWjYiGE//QC1toY+fsggn6FQcpgIOaWX7E:jVZwlSAA7TEjYiGbfjgnszpg9ZI","tlshash":"74c21999c91f4832ca10c5f07f56472f79bb2b68c63653161b77b1a826acec5fb03a05","first_seen":"2023-05-22T20:55:19Z","last_seen":"2024-10-04T11:10:52.656192Z","times_seen":1861,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":7,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Salesforce","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Salesforce phishing","tags":["salesforce","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"1704864340.eurotesting72.cc/favicon.ico","fqdn":"1704864340.eurotesting72.cc","domain":"eurotesting72.cc","tld":"cc"},"ip":{"addr":"104.21.16.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://1704864340.eurotesting72.cc/index/user/login/1704864362.html","date":"2024-01-10T05:26:07.069Z","timestamp":1704864367069,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"eurotesting72.cc","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 17 Dec 2023 08:41:42 GMT","end":"Sat, 16 Mar 2024 08:41:41 GMT"},"fingerprint":{"sha1":"7A:E6:E1:FB:A6:21:9F:12:7D:A9:3F:5E:03:14:73:51:13:91:33:1B","sha256":"02:6A:4D:AE:CB:20:91:AB:1C:8E:7C:E6:4E:34:C0:D1:5C:7F:84:C1:05:09:75:C3:97:C9:E5:6C:B8:2D:70:49"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: 1704864340.eurotesting72.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://1704864340.eurotesting72.cc/index/user/login/1704864362.html\r\nCookie: think_var=en_us; s9851347b=cml0frhbh8a1kuotcgcf3k2m65\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Wed, 10 Jan 2024 05:26:07 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nage: 2\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=26fYHFBizTYfgs%2FJXv1fhPGLegOsWZ6DV4%2BPyeIV4DALs8gwi7jP6tm41TaTMpvBuE3dabL1BoFRuqDUTeG4ukEWevChwOjDf0H0QfyWV645N3xG%2BtqOVUFPBdSAMb8Gfv09thDXFbnvc%2FProz8%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=86400; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\ncf-ray: 843280d659c25691-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":24969,"size_decoded":24969,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T18:47:00.89111Z","times_seen":13342615,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Salesforce","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Salesforce phishing","tags":["salesforce","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"fonts.googleapis.com/icon?family=Material+Icons","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://1704864340.eurotesting72.cc/index/user/login/1704864362.html","date":"2024-01-10T05:26:06.615Z","timestamp":1704864366615,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 20 Nov 2023 08:08:50 GMT","end":"Mon, 12 Feb 2024 08:08:49 GMT"},"fingerprint":{"sha1":"10:D0:ED:9A:F4:53:C8:99:DE:B6:5E:5C:04:E6:20:0B:68:7D:46:EC","sha256":"BC:5E:71:C1:5A:A5:DD:67:BF:ED:14:DB:1C:4E:F2:8E:5E:BE:D7:9A:F9:1F:7A:64:C7:3C:9B:ED:83:B2:8C:95"}}},"request":{"raw":"GET /icon?family=Material+Icons HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://1704864340.eurotesting72.cc/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Wed, 10 Jan 2024 05:26:06 GMT\r\ndate: Wed, 10 Jan 2024 05:26:06 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":565,"size_decoded":565,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (588), with no line terminators","md5":"bdcf60bde5544e1017e1f2e60888a9c7","sha1":"6fb24309b7ff90c1c99d19c0c7a127a16508840e","sha256":"d701601406acfca6bfc0c58b411446e3e0e96c659f35c143355d3dd72c390952","sha512":"6f5e7bfa0f258ba27a9333e2f94fc571a8a081cc9bdeba6cbc113cafac97736490572c5d9a55619dd8017d07c4e997cfe09e1d936399e37464f5fed27765ed39","ssdeep":"","tlshash":"32f0eb29fe06984451220f923bcf37210d0f2a1fa43684ba4b510e5f4cfb0b6038a30e","first_seen":"2023-04-05T02:48:12Z","last_seen":"2024-08-21T09:44:09.510513Z","times_seen":6263,"resource_available":false,"data":null}},"time_used":112,"timings":{"blocked":26,"dns":0,"connect":7,"send":0,"wait":32,"receive":1,"ssl":43},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"1704864340.eurotesting72.cc/red/swiper/swiper-bundle.min.css","fqdn":"1704864340.eurotesting72.cc","domain":"eurotesting72.cc","tld":"cc"},"ip":{"addr":"104.21.16.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://1704864340.eurotesting72.cc/index/user/login/1704864362.html","date":"2024-01-10T05:26:06.621Z","timestamp":1704864366621,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"eurotesting72.cc","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 17 Dec 2023 08:41:42 GMT","end":"Sat, 16 Mar 2024 08:41:41 GMT"},"fingerprint":{"sha1":"7A:E6:E1:FB:A6:21:9F:12:7D:A9:3F:5E:03:14:73:51:13:91:33:1B","sha256":"02:6A:4D:AE:CB:20:91:AB:1C:8E:7C:E6:4E:34:C0:D1:5C:7F:84:C1:05:09:75:C3:97:C9:E5:6C:B8:2D:70:49"}}},"request":{"raw":"GET /red/swiper/swiper-bundle.min.css HTTP/1.1\r\nHost: 1704864340.eurotesting72.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://1704864340.eurotesting72.cc/index/user/login/1704864362.html\r\nCookie: think_var=en_us; s9851347b=cml0frhbh8a1kuotcgcf3k2m65\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 10 Jan 2024 05:26:06 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 05 Mar 2021 16:40:04 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60425ee4-3661\"\r\nexpires: Wed, 10 Jan 2024 17:26:00 GMT\r\ncache-control: max-age=43200\r\ncf-cache-status: HIT\r\nage: 6\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=XM%2FX2LMosI8y4MVBGTRWV9erI86OKOyyj4iOQ9A2PEvWiUJlatYZKcRw0CTf2chKBAatDb8lfN6CUs2zPEJ8iWFIMdSoU%2FKZB%2B8PVuo08q8dpExZAiOa%2BaSkGqS0%2F0QWMpod%2BeSxVH4UlWZoM%2Bk%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=86400; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\ncf-ray: 843280d3581f5691-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":13921,"size_decoded":13921,"mime_type":"text/css","magic":"ASCII text, with very long lines (13663)","md5":"4d0619d7577a990881a0079718c5c92e","sha1":"02553ae8ed1026ae5e1fe6cc5883fd42379e5e68","sha256":"f9a55bcc80d6d8b2815299c5501cddaa8e5f3f697cdb8f5ce1e3e924097117ba","sha512":"b80d7e90703fd0eebc15348ce23793cc936746f356c5d0824a713782ff0b6b2497631413de7739b8f5fd6ee30fb48d60c5405cc66d3ee4b730e7d8e39749cc0d","ssdeep":"384:FlUbeo7zOqgx9BU0m/XCQif65W/1mXA82FH8x:F6br7zOlbhm/X5if65W/1mXA82FQ","tlshash":"8b52236417003837f3774f6e4aa1e6b59f60cc838a934d9db2c0dd44d6fa8b9122eb95","first_seen":"2023-04-07T00:16:00Z","last_seen":"2026-04-04T17:50:38.63012Z","times_seen":3458,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Salesforce","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Salesforce phishing","tags":["salesforce","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"1704864340.eurotesting72.cc/css/app.css","fqdn":"1704864340.eurotesting72.cc","domain":"eurotesting72.cc","tld":"cc"},"ip":{"addr":"104.21.16.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://1704864340.eurotesting72.cc/index/user/login/1704864362.html","date":"2024-01-10T05:26:06.625Z","timestamp":1704864366625,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"eurotesting72.cc","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 17 Dec 2023 08:41:42 GMT","end":"Sat, 16 Mar 2024 08:41:41 GMT"},"fingerprint":{"sha1":"7A:E6:E1:FB:A6:21:9F:12:7D:A9:3F:5E:03:14:73:51:13:91:33:1B","sha256":"02:6A:4D:AE:CB:20:91:AB:1C:8E:7C:E6:4E:34:C0:D1:5C:7F:84:C1:05:09:75:C3:97:C9:E5:6C:B8:2D:70:49"}}},"request":{"raw":"GET /css/app.css HTTP/1.1\r\nHost: 1704864340.eurotesting72.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://1704864340.eurotesting72.cc/index/user/login/1704864362.html\r\nCookie: think_var=en_us; s9851347b=cml0frhbh8a1kuotcgcf3k2m65\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 10 Jan 2024 05:26:06 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 18 Oct 2022 13:16:50 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634ea742-5ea3\"\r\nexpires: Wed, 10 Jan 2024 17:26:00 GMT\r\ncache-control: max-age=43200\r\ncf-cache-status: HIT\r\nage: 6\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=XTRC8MY0bDejcrytEzzYiN%2Br%2F8qRRuTGfjHwz6w5Or8scABtd5ddXbSQ9KmngaLK88TV4mxhQkgcSIk7mDtNoan6ZodM3cHA423%2FJOasF8YN9f5cTmChEV6TBu76uD7Ahpn1ShmabQJpQMSv388%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=86400; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\ncf-ray: 843280d358235691-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":24227,"size_decoded":24227,"mime_type":"text/css","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T18:47:00.89111Z","times_seen":13342615,"resource_available":true,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Salesforce","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Salesforce phishing","tags":["salesforce","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"1704864340.eurotesting72.cc/red/main.js?v=V1.24","fqdn":"1704864340.eurotesting72.cc","domain":"eurotesting72.cc","tld":"cc"},"ip":{"addr":"104.21.16.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://1704864340.eurotesting72.cc/index/user/login/1704864362.html","date":"2024-01-10T05:26:06.666Z","timestamp":1704864366666,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"eurotesting72.cc","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 17 Dec 2023 08:41:42 GMT","end":"Sat, 16 Mar 2024 08:41:41 GMT"},"fingerprint":{"sha1":"7A:E6:E1:FB:A6:21:9F:12:7D:A9:3F:5E:03:14:73:51:13:91:33:1B","sha256":"02:6A:4D:AE:CB:20:91:AB:1C:8E:7C:E6:4E:34:C0:D1:5C:7F:84:C1:05:09:75:C3:97:C9:E5:6C:B8:2D:70:49"}}},"request":{"raw":"GET /red/main.js?v=V1.24 HTTP/1.1\r\nHost: 1704864340.eurotesting72.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://1704864340.eurotesting72.cc/index/user/login/1704864362.html\r\nCookie: think_var=en_us; s9851347b=cml0frhbh8a1kuotcgcf3k2m65\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 10 Jan 2024 05:26:06 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 05 Mar 2021 16:35:18 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60425dc6-27c0\"\r\nexpires: Wed, 10 Jan 2024 17:26:00 GMT\r\ncache-control: max-age=43200\r\ncf-cache-status: HIT\r\nage: 6\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=RLNE0rkMU%2FRXwrZzKuHWdL75Pu2YuSuvBJksDxxryAipksW7NcGdZ8ZYn6dZ12NtMFSKkh9Ih5tRTnseGQuiPSKlha9fa4HD%2By93L5IqVK0v85setze926xZkPTzxSQUheBE%2FdvRASYxkUN2%2Ffc%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=86400; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\ncf-ray: 843280d388455691-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10176,"size_decoded":10176,"mime_type":"application/javascript","magic":"ASCII text, with CRLF line terminators","md5":"b90b1e7f3effbe0945d51be2591e957a","sha1":"eb699dc823c7297a91317b3d97fde455caa52782","sha256":"f5733054b0df915644a10c7c7bf9f4029dec903183464d982d2af0aab3336412","sha512":"8a9ec4b385beef0c20620fd71b7c2447363e5ae82e649937871ef03c8cc77b5aec4cba0e6669463fd447518815b418839d2656bd4558d452815d31296043ffb4","ssdeep":"96:dE653W3esRZ+Q4I1Jo1AhCubdCmWWaN4rM9258nSjJyT4eTvhP4Voed0r/PLUlA:D53W3TZ+dQCuIvdNjA5jP70/Tr","tlshash":"4c2244587011506645bf373baebf928cfb3a022b92069a127d7c55d45f306b86272eec","first_seen":"2023-03-07T12:20:59Z","last_seen":"2026-03-28T09:31:23.227563Z","times_seen":2080,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Salesforce","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Salesforce phishing","tags":["salesforce","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"1704864340.eurotesting72.cc/red/jquery-3.3.1.min.js","fqdn":"1704864340.eurotesting72.cc","domain":"eurotesting72.cc","tld":"cc"},"ip":{"addr":"104.21.16.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://1704864340.eurotesting72.cc/index/user/login/1704864362.html","date":"2024-01-10T05:26:06.911Z","timestamp":1704864366911,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"eurotesting72.cc","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 17 Dec 2023 08:41:42 GMT","end":"Sat, 16 Mar 2024 08:41:41 GMT"},"fingerprint":{"sha1":"7A:E6:E1:FB:A6:21:9F:12:7D:A9:3F:5E:03:14:73:51:13:91:33:1B","sha256":"02:6A:4D:AE:CB:20:91:AB:1C:8E:7C:E6:4E:34:C0:D1:5C:7F:84:C1:05:09:75:C3:97:C9:E5:6C:B8:2D:70:49"}}},"request":{"raw":"GET /red/jquery-3.3.1.min.js HTTP/1.1\r\nHost: 1704864340.eurotesting72.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://1704864340.eurotesting72.cc/index/user/login/1704864362.html\r\nCookie: think_var=en_us; s9851347b=cml0frhbh8a1kuotcgcf3k2m65\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 10 Jan 2024 05:26:06 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 05 Mar 2021 16:34:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60425d9e-1538f\"\r\nexpires: Wed, 10 Jan 2024 17:26:00 GMT\r\ncache-control: max-age=43200\r\ncf-cache-status: HIT\r\nage: 6\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=LLj3obbbEHdwhmIdJlZf%2FxxOaQVCzuKtuWHYXl5SzpnHKneJy1w8cuSoXC%2FeW9SoHcD%2FBegWIpFlSWBRibMPS%2FMl8vpGOdcx%2FdgaZZ50GU6oi2AnYIUYaSI9dHKT93kwVTHhhb3PtYb48jOsg9k%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=86400; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\ncf-ray: 843280d5595a5691-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":86927,"size_decoded":86927,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (65451)","md5":"a09e13ee94d51c524b7e2a728c7d4039","sha1":"0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae","sha256":"160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef","sha512":"f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69","tlshash":"748319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-04-04T18:34:08.505008Z","times_seen":118228,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Salesforce","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Salesforce phishing","tags":["salesforce","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"1704864340.eurotesting72.cc/red/jquery-3.3.1.min.js","fqdn":"1704864340.eurotesting72.cc","domain":"eurotesting72.cc","tld":"cc"},"ip":{"addr":"104.21.16.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://1704864340.eurotesting72.cc/index/user/login/1704864362.html","date":"2024-01-10T05:26:06.639Z","timestamp":1704864366639,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"eurotesting72.cc","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 17 Dec 2023 08:41:42 GMT","end":"Sat, 16 Mar 2024 08:41:41 GMT"},"fingerprint":{"sha1":"7A:E6:E1:FB:A6:21:9F:12:7D:A9:3F:5E:03:14:73:51:13:91:33:1B","sha256":"02:6A:4D:AE:CB:20:91:AB:1C:8E:7C:E6:4E:34:C0:D1:5C:7F:84:C1:05:09:75:C3:97:C9:E5:6C:B8:2D:70:49"}}},"request":{"raw":"GET /red/jquery-3.3.1.min.js HTTP/1.1\r\nHost: 1704864340.eurotesting72.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://1704864340.eurotesting72.cc/index/user/login/1704864362.html\r\nCookie: think_var=en_us; s9851347b=cml0frhbh8a1kuotcgcf3k2m65\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 10 Jan 2024 05:26:06 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 05 Mar 2021 16:34:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60425d9e-1538f\"\r\nexpires: Wed, 10 Jan 2024 17:26:00 GMT\r\ncache-control: max-age=43200\r\ncf-cache-status: HIT\r\nage: 6\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=%2FbzSlPSbv6LOlFcRdK5PYP%2FX9JE2BJdqYG7RqnbyQRtWWj%2FJFOppYJXwa1q90DLMdLECzMDazqyg3VMUfq4TZGECjnpew3O9uGx5JlkPpdOWbkBQVC2PtVtR87KkJJuaN35HalrhZUXp%2B%2FgUvAo%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=86400; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\ncf-ray: 843280d3782b5691-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":86927,"size_decoded":86927,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (65451)","md5":"a09e13ee94d51c524b7e2a728c7d4039","sha1":"0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae","sha256":"160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef","sha512":"f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69","tlshash":"748319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-04-04T18:34:08.505008Z","times_seen":118228,"resource_available":true,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Salesforce","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Salesforce phishing","tags":["salesforce","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"1704864340.eurotesting72.cc/red/bootstrap/js/bootstrap.min.js","fqdn":"1704864340.eurotesting72.cc","domain":"eurotesting72.cc","tld":"cc"},"ip":{"addr":"104.21.16.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://1704864340.eurotesting72.cc/index/user/login/1704864362.html","date":"2024-01-10T05:26:06.647Z","timestamp":1704864366647,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"eurotesting72.cc","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 17 Dec 2023 08:41:42 GMT","end":"Sat, 16 Mar 2024 08:41:41 GMT"},"fingerprint":{"sha1":"7A:E6:E1:FB:A6:21:9F:12:7D:A9:3F:5E:03:14:73:51:13:91:33:1B","sha256":"02:6A:4D:AE:CB:20:91:AB:1C:8E:7C:E6:4E:34:C0:D1:5C:7F:84:C1:05:09:75:C3:97:C9:E5:6C:B8:2D:70:49"}}},"request":{"raw":"GET /red/bootstrap/js/bootstrap.min.js HTTP/1.1\r\nHost: 1704864340.eurotesting72.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://1704864340.eurotesting72.cc/index/user/login/1704864362.html\r\nCookie: think_var=en_us; s9851347b=cml0frhbh8a1kuotcgcf3k2m65\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 10 Jan 2024 05:26:06 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sat, 06 Mar 2021 03:08:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6042f232-f7eb\"\r\nexpires: Wed, 10 Jan 2024 17:26:00 GMT\r\ncache-control: max-age=43200\r\ncf-cache-status: HIT\r\nage: 6\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=LD%2B7P2lZueKreUiLqcTibkZpryDPMUDDd8ACIZvy6%2BtXR87CAeUVOuRgM8Xw5Y1%2BUKixPQlxhpsEfaEuf3%2FQc5AKu4Ac%2BeRAfYv9jBViuAamuHdaX%2F5jVM7Ft5c4C7ArdVQhl%2BEtvWBYVE2oVM8%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=86400; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\ncf-ray: 843280d378315691-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":63467,"size_decoded":63467,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (63188)","md5":"f0c2bcf5ef0c4476508d79ec9cdcce07","sha1":"3beed68ed7d753c6bf4f61c26386ddd7929ba030","sha256":"edd03b96ae4ff7886406c59d7dfeeaa1b624a7da297bf2f92d0cb6b7f9633cba","sha512":"5ca6bd1de99dcb5522dca486809760332625520d6033e4212fa7279724dedaaccc0989b89c06753ec55ead0cd34d7ce89d447e766b301ea8093eec02ab531a02","ssdeep":"768:0KD1OYYUhTVvO1Nn6u7MTLOarIkSsBAiAH0FcQ2K8FXsb6mH/3bz5vhCG:0G1T145KVdsXc/hhCG","tlshash":"a453750672a4f472059fa176803b0a0bb7362c9de506b16cbad998dd1f7cd443267f3a","first_seen":"2023-03-07T01:03:47Z","last_seen":"2026-04-04T12:37:47.239216Z","times_seen":9322,"resource_available":true,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Salesforce","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Salesforce phishing","tags":["salesforce","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"216.58.211.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://1704864340.eurotesting72.cc/index/user/login/1704864362.html","date":"2024-01-10T05:26:06.925Z","timestamp":1704864366925,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 20 Nov 2023 08:08:49 GMT","end":"Mon, 12 Feb 2024 08:08:48 GMT"},"fingerprint":{"sha1":"5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1","sha256":"80:CC:7B:86:3B:74:87:87:51:57:4E:D5:46:B4:9E:75:8C:D9:BA:D5:3D:29:B0:19:02:4F:62:61:AA:42:DF:C9"}}},"request":{"raw":"GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://1704864340.eurotesting72.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 15920\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 08 Jan 2024 18:43:48 GMT\r\nexpires: Tue, 07 Jan 2025 18:43:48 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 11 May 2022 19:24:45 GMT\r\ncontent-type: font/woff2\r\nage: 124938\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15920,"size_decoded":15920,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 15920, version 1.0","md5":"3a44e06eb954b96aa043227f3534189d","sha1":"23cef6993ddb2b2979e8e7647fc3763694e2ba7d","sha256":"b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e","sha512":"fab970b250dd88064730bd2603c530f3503abb0af4e4095786877f9660a159bf4ad98c5abea2e95eb39ae8c13417736b5772fcb9f87941ff5e0f383cb172997f","ssdeep":"384:sShqOXQlaSchOwK0uFvRqq3xR/xb5OY3aU/lHS9WE2YeK1os:sShJKaScJK0uFvRvxb5OY3aU/lHkmK","tlshash":"cc62cf5c6a901684c67c29b63b6d616be9a1cd50c2ab73904fdba317d30d3a1e0298fd","first_seen":"2023-04-05T08:15:27Z","last_seen":"2026-04-04T18:18:04.181108Z","times_seen":63899,"resource_available":false,"data":null}},"time_used":99,"timings":{"blocked":40,"dns":1,"connect":7,"send":0,"wait":10,"receive":7,"ssl":29},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}