{"report_id":"f9787b47-9d8f-44a0-82fe-74ed8b9ef625","version":6,"status":"done","tags":["phishing","microsoft","outlook"],"date":"2024-01-10T14:39:56Z","url":{"schema":"http","addr":"hei-om.com/content/images/cgi/content/images/463/zvo/Y2FyZXlAdHVybmJ1bGx3aW5lcy5jb20=","fqdn":"hei-om.com","domain":"hei-om.com","tld":"com"},"ip":{"addr":"132.148.17.97","port":0,"asn":26496,"as":"AS-26496-GO-DADDY-COM-LLC","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"07r.qtwrekg.ru/##carey@turnbullwines.com","fqdn":"07r.qtwrekg.ru","domain":"qtwrekg.ru","tld":"ru"},"title":"oTQqAIxWAAKqki"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-26T04:22:44Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"default"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"hei-om.com","ip":{"addr":"132.148.17.97","port":0,"asn":26496,"as":"AS-26496-GO-DADDY-COM-LLC","country":"United States","country_code":"US"},"domain_registered":"2017-11-22","domain_rank":0,"first_seen":"2020-07-29 21:19:56","last_seen":"2024-01-10 12:46:03","alert_count":1,"request_count":1,"received_data":372,"sent_data":551,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2012-05-16","domain_rank":439,"first_seen":"2012-09-30 02:15:09","last_seen":"2024-01-09 18:12:29","alert_count":0,"request_count":1,"received_data":26137,"sent_data":462,"comment":"","tags":null,"fingerprints":null},{"fqdn":"challenges.cloudflare.com","ip":{"addr":"104.17.2.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":0,"first_seen":"2021-10-20 07:02:03","last_seen":"2024-01-10 09:54:38","alert_count":0,"request_count":9,"received_data":442657,"sent_data":5643,"comment":"","tags":null,"fingerprints":null},{"fqdn":"07r.qtwrekg.ru","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"domain_registered":"2023-12-25","domain_rank":0,"first_seen":"2023-12-28 01:12:00","last_seen":"2023-12-28 01:12:00","alert_count":2,"request_count":2,"received_data":7806,"sent_data":994,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft Outlook","verdict":"phishing","severity":"medium","comment":"","tags":["phishing","microsoft","outlook"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"542fb81309c7de502e0ade3ab932da93","sha1":"f863b30272941a38573829161150ed96165f95a0","sha256":"2a6fb362a5a2a577a195d69023db9154523ddfcccae78ea15613a2d345ef1a07","sha512":"7c1fcfe5cf7768a70dfbb954d9896f8ab6e8c5977b347e6cb9921b8cd7db958c48e2cc31b4cb8f91bfb8d2718f989d4a4222a38cafa5aa5df33100e9bee6a685","ssdeep":"","tlshash":"ad014c6f7018b8319032181a3707f78abb3b612156e73483a56d8958f0319fb82fad88","size":703,"data":"","first_seen":"2024-08-20T12:43:03.374069Z","last_seen":"2024-08-20T12:43:03.374069Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"dac4e08933c21fb97f3fdd0b4beabe09","sha1":"e0f08fe157988d234a9c79a189f325a46168e53e","sha256":"8ecb07dd237dbffb05df8af559d1a9c2682183a16f56687cb2314cf17c2aaab7","sha512":"ddcf399a46d8d93b3b69cf20d9d479e449d7e949b38fe42c36bc7d2060d5690bb269c843272a6f77120b6abbaa068413bf99aeb5fb675428f82c3e7114355d54","ssdeep":"","tlshash":"f2e07d29360062f0270ebd5870cbc8e48830d73d488ff061444654841c7abeb72ae7fd","size":314,"data":"","first_seen":"2024-08-20T12:43:03.375002Z","last_seen":"2024-08-20T12:43:03.375002Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"1c862db5f2555377c2dc1e62ed7b3981","sha1":"c29e6dc25c08a70995127ec13ded6f80d9a36174","sha256":"27d373a6961f797edf69a80f7f24877ef85c2fc4f9f770b2540b1bf5e66823ac","sha512":"31143265b96385ef4b575b72591775139057dff85891be61591e3d55259b6d1dc95d86a0feec40c801d38e64278cfbe50c3c2a16757f986ad40f716935bf2bb2","ssdeep":"","tlshash":"0c8000ac38802000803328e8002fa8aaa020083030800e022a02e8888cb222c822a8ae","size":26,"data":"","first_seen":"2023-04-11T21:13:06Z","last_seen":"2026-04-04T09:46:04.425544Z","times_seen":264654,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"data","addr":"data:text/javascript;base64,ZG9jdW1lbnQud3JpdGUoZGVjb2RlVVJJQ29tcG9uZW50KGVzY2FwZShhdG9iKGRvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoImZNRkdNdmNNcUJKU21CV29kYmNxSXMiKS5nZXRBdHRyaWJ1dGUoInV2cU54VEF3SEJkRXVoTGRwUkRSTkFtS0FyRCIpKSkpKTtMeElraUlKR2ZlU0k9IkFubERRZXNndHVIYlRLQ2l5UEZjdkoiOw==","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"b3dd9050602278f36a3a6073fa727d86","sha1":"de20a7a0385e7f6ed42ef06c92200d203de60a82","sha256":"f92462542f57f06eb0f71e6ed80ddcc141676e08911aa1b6593ec8da4d9017f3","sha512":"7742fe0646379f3a82091a27167ccbe0124103ebc41959c2d19d63a07854dbbd1cd44d5db612d77742c8f43e41e8e054e429bb18460edbfb51887702add0b0ca","ssdeep":"","tlshash":"bfc022766225f2b618690afa9a3ce6e64a98b422ec2f280438df18888498d3344b0471","size":181,"data":"","first_seen":"2024-08-20T12:43:03.376652Z","last_seen":"2024-08-20T12:43:03.376652Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"javascriptURL","is_inline":false,"md5":"69165ebff8690c39998558705627e927","sha1":"b86888593992fa44c3d1fe1c665367cb214e5416","sha256":"0de7a49f6d21fbef846aba4bd271502d7ec9489bfbb3fd96f5ff7cf19140875e","sha512":"5ba1e5e8c8d56c3f9e73156c711a2a9e69dc86f53f47ce07bd59f79e9f8190e0a63a46c05270582b3afdc144f98d15622a902864c5635409e682c317640a2371","ssdeep":"","tlshash":"0750000030c00000003000000c33c030000000000000000000003c003000f00000c030","size":8,"data":"","first_seen":"2023-04-10T23:38:56Z","last_seen":"2026-04-04T08:03:49.146109Z","times_seen":13736,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/turnstile/v0/api.js","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.2.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"99dd2e64e7ba345a3b2f7d34c465258a","sha1":"ee3bc947d6f6828ae4df6bf14a77e4c7cc62a310","sha256":"850e587a96f9cad84206169720be046f289fa015e4b76b6ae79610c9d73c7eef","sha512":"71fcfbee1cb8d0887fb72b0b3d70c75eb94f80f005a35db046a7eb74ce6b20807648e2d3465f129bcf81a0b57bcab866425fddd3a011e075a141ade765d3f7fd","ssdeep":"768:oYfClijjk2CqEit11AWGgks1+cD6lf3KQJrsaoBYvRdXxMyymCwMftGwMkZ:o0ft11AWGgks1+c2l7rsauZ","tlshash":"25f2189d3287397187ee01e0207ba74373397a3ae98ccc50d856cc7525acd99d236fa9","size":35312,"data":"","first_seen":"2024-01-05T16:53:14Z","last_seen":"2024-08-20T13:50:34.734334Z","times_seen":13793,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/a9w8k/0x4AAAAAAAPU6VEL9f4GOvgX/auto/normal","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.2.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"4b34abd2d7828c6cfac83afaed98f3bb","sha1":"9ddee2b015101f6f8aafd48effc5b29838cff6be","sha256":"2025fb3c210537f526ae3fb26809ee8f4f8c9d45bbfccfec843d68370f618d26","sha512":"119741ef9432a20ddf31240cadb67dbdd59f3b15d485b29ab0c9c773374537863cb5c7f74adf1f5a9cb83d4d36271dafaab3bf27f434062715599b61044e88df","ssdeep":"","tlshash":"b661eaf9ccfe065a531a6215130fa6422961024b5c8cb8f87eddc54a9f2c4af11f43d9","size":3268,"data":"","first_seen":"2024-08-20T12:43:03.378004Z","last_seen":"2024-08-20T12:43:03.378004Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8435ab84ece60b61","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.2.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"95625e57903d728187195e794a8681ac","sha1":"3fc1793721d7e61b70e44c2512db38ecf3fd02fa","sha256":"5e0947a33acfacaf3bda3b9ca2b2268cc3fdb4271eeccaaf2c48a77eb807bb92","sha512":"293e3ea99415a88063702f07a8c8f8688687c416e469927639a625868998146de2aa897069ecbd0dfd35e5839d6315cdedde686deb50f9c76510bfbb200c3aea","ssdeep":"3072:RllCJosmyT2+nzYKmqjeLFHrWD45xws+5u8cdA7B70bCN7ZZ:Rl1yT2+nzYKmqjeLFLrAu8NB7ICtZZ","tlshash":"e10484cc778abd9935233d7870272212709b5d486c3c0dddfa01b1d529fa31a92d7aae","size":175284,"data":"","first_seen":"2024-08-20T12:42:57.142151Z","last_seen":"2024-08-20T12:43:03.367163Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":[{"md5":"9e925e9341b490bfd3b4c4ca3b0c1ef2","sha1":"c2543fff3bfa6f144c2f06a7de6cd10c0b650cae","sha256":"1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408","sha512":"1f4be9bd3c61e621ef43bb2e0a2d7836786f730e4e0e6aa546899bceab0571904dfc6efc94c1324b1a22ae446f0a995b533054b1dbd09d0cda03e0985786d59a","ssdeep":"","tlshash":"2a30000000000003000c00000000000000000000000000000000000000000000000000","size":4,"data":"","first_seen":"2023-03-07T01:03:43Z","last_seen":"2026-04-04T09:40:40.357893Z","times_seen":665965,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"write":[{"md5":"bb99d2cd3b9c18d89e36fe13a531c054","sha1":"e59912f41c652d3775deccc0a3b00c56505337c5","sha256":"6f825d63e9c9b6816a8c3d9b9f955f137ac4b47e3fe6916076df3b77c6ec7752","sha512":"f3528731bc663b0a705107ba45541cd7c18bc6c8ba62ae5c782b0c91de1dff074c47a8a0ec7cabd75fe197f692bf63e2fc21c25a9d3824c2e73c7c8ce4460a96","ssdeep":"","tlshash":"0e71f099fb5a28212033dec76253d316baf64125c5d5dc1122ef8a7c26d8cd3b3a6cc4","size":3553,"data":"","first_seen":"2024-08-20T12:43:03.379907Z","last_seen":"2024-08-20T12:43:03.379907Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"086707e4369f60afedcafb16050a7618","sha1":"8216b0cc6876cbd44f01c158e7dff3833ceccd41","sha256":"a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e","sha512":"aade21843813e2cab329b99185c6f61db7907a556ea974e0315dcf3ad967cab20fee66d4f10db0d0ec43a71e086ce6d700d5524103deaefa3ce5f6be74ba5737","ssdeep":"","tlshash":"6a9000fee0a2000efc303bc00cc2238a0c28c3a830028e002ac038b8c80822bcc032c8","size":39,"data":"","first_seen":"2023-03-07T01:03:24Z","last_seen":"2026-04-04T09:40:54.669028Z","times_seen":746380,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"8db03ad371bd760566781617d871813b","sha1":"d51ef39470608dec1404e384587f866bc7bef128","sha256":"124a05b6b681164ce665901fa3c468efa6227d2389bcb523f5b0aff19464fd2d","sha512":"d10966ef09c378866059f01ec2585fae2d4c4cdeda0ac696161da1bc1f81c3aa7ba392961cd5410fd94a6f174d338cae93e36a422f561751ed13fc8be3777d7e","ssdeep":"","tlshash":"3a71d060acf3508185cbd30cbbe0ed861be0b1a3919a5656bb4c874ec7857ec8957f02","size":3574,"data":"","first_seen":"2024-01-05T16:53:14Z","last_seen":"2024-08-20T13:50:34.752133Z","times_seen":9912,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]},"http":[{"url":{"schema":"http","addr":"hei-om.com/content/images/cgi/content/images/463/zvo/Y2FyZXlAdHVybmJ1bGx3aW5lcy5jb20=","fqdn":"hei-om.com","domain":"hei-om.com","tld":"com"},"ip":{"addr":"132.148.17.97","port":0,"asn":26496,"as":"AS-26496-GO-DADDY-COM-LLC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-01-10T14:39:30.74100442Z","timestamp":1704897570741,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /content/images/cgi/content/images/463/zvo/Y2FyZXlAdHVybmJ1bGx3aW5lcy5jb20= HTTP/1.1\r\nHost: hei-om.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 10 Jan 2024 14:39:30 GMT\r\nServer: Apache\r\nContent-Encoding: gzip\r\nVary: Accept-Encoding,User-Agent\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nTransfer-Encoding: chunked\r\nContent-Type: text/html; charset=UTF-8\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":120,"size_decoded":114,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"229e7a8f9295806a98b1e9c604258b8a","sha1":"c6e890bcfc7b2db546d975e7365e67a4766e6e42","sha256":"558a1b0d6752b22e6513b7a73c423ce9c5b54ad739904ef734d6d93c65091800","sha512":"10c4f124d900ca55fbe5c81b2e7f65b8088d022e577f03cf740a5a7f9e3050ebe5c3e18fd636a1285092ff347dbc7dbd2c5c3b7d760028fd75765da5acd7450b","ssdeep":"","tlshash":"a1b09b460c8a844449514068d061b669965682994508d5d691a0c13556447db8d4e546","first_seen":"2024-08-20T12:43:00.547757Z","last_seen":"2024-08-20T12:43:03.360455Z","times_seen":2,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft Outlook","verdict":"phishing","severity":"medium","comment":"","tags":["phishing","microsoft","outlook"],"meta":null}]}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://07r.qtwrekg.ru/##carey@turnbullwines.com","date":"2024-01-10T14:39:32.436Z","timestamp":1704897572436,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2023 Q3","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 27 Sep 2023 18:13:13 GMT","end":"Mon, 28 Oct 2024 18:13:12 GMT"},"fingerprint":{"sha1":"05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09","sha256":"0F:90:CD:B5:CD:3B:AE:F1:BB:01:3A:4D:6D:2E:A6:BA:98:C6:1B:1B:75:BE:DD:CB:39:33:E8:D1:21:F1:9F:EF"}}},"request":{"raw":"GET /npm/bootstrap@5.0.2/dist/css/bootstrap.min.css HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://07r.qtwrekg.ru/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: text/css; charset=utf-8\r\nx-jsd-version: 5.0.2\r\nx-jsd-version-type: version\r\netag: W/\"260c5-fByeBXPlzqi603M74vxjqoxo6o0\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Wed, 10 Jan 2024 14:39:32 GMT\r\nage: 18420813\r\nx-served-by: cache-fra-eddf8230097-FRA, cache-hel1410020-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 25360\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":25360,"size_decoded":155845,"mime_type":"text/css; charset=utf-8","magic":"Unicode text, UTF-8 text, with very long lines (65306)","md5":"abe91756d18b7cd60871a2f47c1e8192","sha1":"7c1c9e0573e5cea8bad3733be2fc63aa8c68ea8d","sha256":"7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b","sha512":"bac54101debafcda5535f0607b5f60c2cda3e896629e771ad76ac07b697e77e4242d4f5f886d363b55fc43a85ea48a6bfc460a66f2b1fc8f56b27ba326e3a604","ssdeep":"1536:d0bwW83RipVVsEBpy0cuJcf22RWb5CyVUpz600I4fM:d0bwlyVUpz600I4fM","tlshash":"09e3a3d7f581241dd4a7c259a0d1bffd052f4586e3025babb0277bb88b8a6c70963e4c","first_seen":"2023-04-05T03:16:49Z","last_seen":"2026-04-04T09:00:05.814729Z","times_seen":94482,"resource_available":true,"data":null}},"time_used":101,"timings":{"blocked":37,"dns":9,"connect":13,"send":0,"wait":13,"receive":4,"ssl":21},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/turnstile/v0/b/c8377512/api.js","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.2.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://07r.qtwrekg.ru/##carey@turnbullwines.com","date":"2024-01-10T14:39:32.463Z","timestamp":1704897572463,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Fri, 18 Aug 2023 00:00:00 GMT","end":"Sat, 17 Aug 2024 23:59:59 GMT"},"fingerprint":{"sha1":"5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E","sha256":"A2:A8:37:E9:57:D0:F0:FE:3B:6F:A8:23:58:80:DA:61:DD:F9:50:CF:F0:2D:27:D5:00:AA:21:A7:B4:75:80:AD"}}},"request":{"raw":"GET /turnstile/v0/b/c8377512/api.js HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://07r.qtwrekg.ru/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Jan 2024 14:39:32 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 8435ab841dbb5685-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":35312,"size_decoded":35312,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (35311)","md5":"99dd2e64e7ba345a3b2f7d34c465258a","sha1":"ee3bc947d6f6828ae4df6bf14a77e4c7cc62a310","sha256":"850e587a96f9cad84206169720be046f289fa015e4b76b6ae79610c9d73c7eef","sha512":"71fcfbee1cb8d0887fb72b0b3d70c75eb94f80f005a35db046a7eb74ce6b20807648e2d3465f129bcf81a0b57bcab866425fddd3a011e075a141ade765d3f7fd","ssdeep":"768:oYfClijjk2CqEit11AWGgks1+cD6lf3KQJrsaoBYvRdXxMyymCwMftGwMkZ:o0ft11AWGgks1+c2l7rsauZ","tlshash":"25f2189d3287397187ee01e0207ba74373397a3ae98ccc50d856cc7525acd99d236fa9","first_seen":"2024-01-05T16:53:14Z","last_seen":"2024-08-20T13:50:34.734334Z","times_seen":13793,"resource_available":true,"data":null}},"time_used":22,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"07r.qtwrekg.ru/favicon.ico","fqdn":"07r.qtwrekg.ru","domain":"qtwrekg.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://07r.qtwrekg.ru/##carey@turnbullwines.com","date":"2024-01-10T14:39:32.587Z","timestamp":1704897572587,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"qtwrekg.ru","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 25 Dec 2023 08:43:33 GMT","end":"Sun, 24 Mar 2024 08:43:32 GMT"},"fingerprint":{"sha1":"93:A6:76:25:50:DB:2B:59:63:57:85:7A:61:D6:EA:75:BB:69:D3:72","sha256":"41:5B:98:AE:B1:F7:F9:2B:79:AB:4D:CF:7E:8E:23:39:F3:2E:25:52:5B:B3:F8:79:AC:D0:FD:D2:D4:A1:9E:28"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: 07r.qtwrekg.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://07r.qtwrekg.ru/\r\nCookie: PHPSESSID=ah6ir8dq8rtv4tkv07osm94qbp\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Wed, 10 Jan 2024 14:39:32 GMT\r\ncontent-type: text/html\r\ncache-control: private, no-cache, max-age=0\r\npragma: no-cache\r\nvary: Accept-Encoding\r\ncf-cache-status: BYPASS\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=WH0dGkYmCp6RnaxDLD6fQURINcMgcfFrBW%2BieLsEU%2FjrTYg%2B3%2FJ1kbb%2FhiL9qXAi%2FrniwfXZhotEQbhnRmy66yAUrdpTtIuUkP6UbVuRVO2R2Ux6F9PFa84LhlpJhn9bmQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8435ab84d80cb505-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1236,"size_decoded":1236,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (1274), with no line terminators","md5":"8c16945397b2ea2fa974494c910f6d08","sha1":"87289c714f1955cc0a4b8d0f5319bf0dcf771141","sha256":"16782bd72a33f1963efb1d59aa17f964a604235a255e51dd4aafe0e0587040c6","sha512":"c57c43f89f7120d957597532db1634c5085a982de4cf3a1e4251a6593af28262362cbb1163a81e47c2a46c0cada341839ac2824e25b94dfbc8c2c116b84f9f90","ssdeep":"","tlshash":"c621423ec1c1920a94171198f7d1b278265ac341db930fb4364d7068f6cd0ee56a3fc4","first_seen":"2023-04-05T04:31:49Z","last_seen":"2025-03-27T15:32:37.859784Z","times_seen":16264,"resource_available":false,"data":null}},"time_used":113,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":113,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft Outlook","verdict":"phishing","severity":"medium","comment":"","tags":["phishing","microsoft","outlook"],"meta":null}]}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/ew4g0I%2FZYomJh1e75pupA0WLfHDXy%2FQKEyLTEDfnNN8%3D","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.2.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/a9w8k/0x4AAAAAAAPU6VEL9f4GOvgX/auto/normal","date":"2024-01-10T14:39:32.687Z","timestamp":1704897572687,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Fri, 18 Aug 2023 00:00:00 GMT","end":"Sat, 17 Aug 2024 23:59:59 GMT"},"fingerprint":{"sha1":"5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E","sha256":"A2:A8:37:E9:57:D0:F0:FE:3B:6F:A8:23:58:80:DA:61:DD:F9:50:CF:F0:2D:27:D5:00:AA:21:A7:B4:75:80:AD"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/b/cmg/1/ew4g0I%2FZYomJh1e75pupA0WLfHDXy%2FQKEyLTEDfnNN8%3D HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/a9w8k/0x4AAAAAAAPU6VEL9f4GOvgX/auto/normal\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 10 Jan 2024 14:39:32 GMT\r\ncontent-type: image/png\r\ncache-control: max-age=2629800, public\r\nserver: cloudflare\r\ncf-ray: 8435ab857d5d0b61-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":61,"size_decoded":61,"mime_type":"image/png","magic":"PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced","md5":"9246cca8fc3c00f50035f28e9f6b7f7d","sha1":"3aa538440f70873b574f40cd793060f53ec17a5d","sha256":"c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84","sha512":"a2098304d541df4c71cde98e4c4a8fb1746d7eb9677ceba4b19ff522efdd981e484224479fd882809196b854dbc5b129962dba76198d34aaecf7318bd3736c6b","ssdeep":"","tlshash":"a5a002e763957d7bd94b133756651151f8324514171305458805d475161736c81c4a82","first_seen":"2023-08-25T15:09:14Z","last_seen":"2025-05-14T12:12:43.698394Z","times_seen":189286,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1353077170:1704895720:JGDIxLr0iqbIAzp22hpifXde79WN6i5WaGweISpDy6Y/8435ab84ece60b61/7e6907d7fda733c","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.2.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/a9w8k/0x4AAAAAAAPU6VEL9f4GOvgX/auto/normal","date":"2024-01-10T14:39:32.907Z","timestamp":1704897572907,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Fri, 18 Aug 2023 00:00:00 GMT","end":"Sat, 17 Aug 2024 23:59:59 GMT"},"fingerprint":{"sha1":"5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E","sha256":"A2:A8:37:E9:57:D0:F0:FE:3B:6F:A8:23:58:80:DA:61:DD:F9:50:CF:F0:2D:27:D5:00:AA:21:A7:B4:75:80:AD"}}},"request":{"raw":"POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1353077170:1704895720:JGDIxLr0iqbIAzp22hpifXde79WN6i5WaGweISpDy6Y/8435ab84ece60b61/7e6907d7fda733c HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/a9w8k/0x4AAAAAAAPU6VEL9f4GOvgX/auto/normal\r\nContent-type: application/x-www-form-urlencoded\r\nCF-Challenge: 7e6907d7fda733c\r\nContent-Length: 2604\r\nOrigin: https://challenges.cloudflare.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 10 Jan 2024 14:39:32 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\ncf-chl-gen: +DDabrCLInpozOLI0UNKBRAe9NBWhJ6AmURdsvXw+DESs0dfaIHd9pO936Z0PKAX8NY7PHbM9p0c0ysr6phah26GuGnnQaDrQC53IVYKdckAZnilv+jmb8XtKxYdZP2PSZjIZP9sPiqfHcrDxrVoSWG0lpJgyPERX6E5OAtFZEH+gYdrdOw1BuDFKqbOE8kmjCbPrCfiavIBTYsyWNHMoDg3jdvterzgwJZoaIptsuRQXOYJiTF6+PtFA8kmi+tOQhpR/yUYcQ/IcAPbNCc3pHpTo/+HavWeJT1GgpOC/V78Jn63Z0h9eqWrDRWFbHRFPtC+z27vFNFWm3nOFtbrvWa27JyGMOWL3FSJuUpRTBKYKMNyA5zq3uVWzZTQn2vBJ7H275zTHr62jkXDxBSA/2GN07r1fcU7JjZmNglShx4=$XMlCJCitYR3UkmUSRfXGoA==\r\nserver: cloudflare\r\ncf-ray: 8435ab86df5e0b61-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":98856,"size_decoded":98856,"mime_type":"text/plain; charset=UTF-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"4459ab0480dd1e698144b55954b71c8f","sha1":"3979aa74e3abb901e29ea031991e7565799da568","sha256":"a8f6fb8c72c109bcc661154f1f67a4490f91399cd617149c10c065088d6d6502","sha512":"57416f92493fda2bb3d5a408f2474a71573d3bc418a14de71f26b1d97831cffced4b4a9fba12c49e189b15ed93ae7a3076f02f261685e8db8f9bf45fe555d2be","ssdeep":"1536:8pI977nH2ApMEmDA88Dwdpbe4qTh79VeGFQWy7bLQstySBUYgnvqkFDxPLC9P:8paWApCL8DmxfSBSGFAQstylJnvpxDo","tlshash":"bfa312b5ce40575a3ecf637b022b9d395596ba204059b6100ec84ae12445fed1ba87be","first_seen":"2024-08-20T12:43:03.364079Z","last_seen":"2024-08-20T12:43:03.364079Z","times_seen":1,"resource_available":false,"data":null}},"time_used":61,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":57,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/turnstile/v0/api.js","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.2.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://07r.qtwrekg.ru/##carey@turnbullwines.com","date":"2024-01-10T14:39:32.424Z","timestamp":1704897572424,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Fri, 18 Aug 2023 00:00:00 GMT","end":"Sat, 17 Aug 2024 23:59:59 GMT"},"fingerprint":{"sha1":"5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E","sha256":"A2:A8:37:E9:57:D0:F0:FE:3B:6F:A8:23:58:80:DA:61:DD:F9:50:CF:F0:2D:27:D5:00:AA:21:A7:B4:75:80:AD"}}},"request":{"raw":"GET /turnstile/v0/api.js HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://07r.qtwrekg.ru/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Wed, 10 Jan 2024 14:39:32 GMT\r\ncache-control: max-age=300, public\r\nlocation: /turnstile/v0/b/c8377512/api.js\r\nvary: accept-encoding\r\naccess-control-allow-origin: *\r\nserver: cloudflare\r\ncf-ray: 8435ab83fd9a5685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":35312,"size_decoded":35312,"mime_type":"application/javascript; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T09:46:13.591387Z","times_seen":13326202,"resource_available":true,"data":null}},"time_used":47,"timings":{"blocked":17,"dns":0,"connect":1,"send":0,"wait":11,"receive":0,"ssl":15},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8435ab84ece60b61","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.2.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/a9w8k/0x4AAAAAAAPU6VEL9f4GOvgX/auto/normal","date":"2024-01-10T14:39:32.690Z","timestamp":1704897572690,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Fri, 18 Aug 2023 00:00:00 GMT","end":"Sat, 17 Aug 2024 23:59:59 GMT"},"fingerprint":{"sha1":"5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E","sha256":"A2:A8:37:E9:57:D0:F0:FE:3B:6F:A8:23:58:80:DA:61:DD:F9:50:CF:F0:2D:27:D5:00:AA:21:A7:B4:75:80:AD"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8435ab84ece60b61 HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/a9w8k/0x4AAAAAAAPU6VEL9f4GOvgX/auto/normal\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 10 Jan 2024 14:39:32 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nserver: cloudflare\r\ncf-ray: 8435ab857d5f0b61-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":175284,"size_decoded":175284,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"95625e57903d728187195e794a8681ac","sha1":"3fc1793721d7e61b70e44c2512db38ecf3fd02fa","sha256":"5e0947a33acfacaf3bda3b9ca2b2268cc3fdb4271eeccaaf2c48a77eb807bb92","sha512":"293e3ea99415a88063702f07a8c8f8688687c416e469927639a625868998146de2aa897069ecbd0dfd35e5839d6315cdedde686deb50f9c76510bfbb200c3aea","ssdeep":"3072:RllCJosmyT2+nzYKmqjeLFHrWD45xws+5u8cdA7B70bCN7ZZ:Rl1yT2+nzYKmqjeLFLrAu8NB7ICtZZ","tlshash":"e10484cc778abd9935233d7870272212709b5d486c3c0dddfa01b1d529fa31a92d7aae","first_seen":"2024-08-20T12:42:57.142151Z","last_seen":"2024-08-20T12:43:03.367163Z","times_seen":2,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/8435ab84ece60b61/1704897572946/r8ox36HwJVMZMPV","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.2.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/a9w8k/0x4AAAAAAAPU6VEL9f4GOvgX/auto/normal","date":"2024-01-10T14:39:33.664Z","timestamp":1704897573664,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Fri, 18 Aug 2023 00:00:00 GMT","end":"Sat, 17 Aug 2024 23:59:59 GMT"},"fingerprint":{"sha1":"5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E","sha256":"A2:A8:37:E9:57:D0:F0:FE:3B:6F:A8:23:58:80:DA:61:DD:F9:50:CF:F0:2D:27:D5:00:AA:21:A7:B4:75:80:AD"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/b/i/8435ab84ece60b61/1704897572946/r8ox36HwJVMZMPV HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/a9w8k/0x4AAAAAAAPU6VEL9f4GOvgX/auto/normal\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 10 Jan 2024 14:39:33 GMT\r\ncontent-type: image/png\r\nserver: cloudflare\r\ncf-ray: 8435ab8b9cfd0b61-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":61,"size_decoded":61,"mime_type":"image/png","magic":"PNG image data, 72 x 87, 8-bit/color RGB, non-interlaced","md5":"fa55e6a25807428025bf5167f53caaac","sha1":"9c30b027abab43469c57817ef956568c27634b3f","sha256":"009a8cd0ec1dd0796aaa1bf966a7ac92b43e7dc0d0db6480fe4612fc9729a22f","sha512":"60dd83be70155566693eaeeebf36373c692b3ec29eb666b490765f00a42a061f828be33b37793a5af93a9ddbd720d4af080ddc86ef1f31141e8bba2bb6ce599f","ssdeep":"","tlshash":"aca002d7b7916c7cca57463756250165ec321528122142058c05c9252a1627c99c8e82","first_seen":"2023-05-22T21:08:23Z","last_seen":"2025-05-13T19:45:53.076763Z","times_seen":67,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1353077170:1704895720:JGDIxLr0iqbIAzp22hpifXde79WN6i5WaGweISpDy6Y/8435ab84ece60b61/7e6907d7fda733c","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.2.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/a9w8k/0x4AAAAAAAPU6VEL9f4GOvgX/auto/normal","date":"2024-01-10T14:39:34.653Z","timestamp":1704897574653,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Fri, 18 Aug 2023 00:00:00 GMT","end":"Sat, 17 Aug 2024 23:59:59 GMT"},"fingerprint":{"sha1":"5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E","sha256":"A2:A8:37:E9:57:D0:F0:FE:3B:6F:A8:23:58:80:DA:61:DD:F9:50:CF:F0:2D:27:D5:00:AA:21:A7:B4:75:80:AD"}}},"request":{"raw":"POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1353077170:1704895720:JGDIxLr0iqbIAzp22hpifXde79WN6i5WaGweISpDy6Y/8435ab84ece60b61/7e6907d7fda733c HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/a9w8k/0x4AAAAAAAPU6VEL9f4GOvgX/auto/normal\r\nContent-type: application/x-www-form-urlencoded\r\nCF-Challenge: 7e6907d7fda733c\r\nContent-Length: 25395\r\nOrigin: https://challenges.cloudflare.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 10 Jan 2024 14:39:34 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\ncf-chl-gen: jSryeUS18TMD19YAslmR0U+O07S5nx05SlPtik1tdxZkBdzjr0VaXJaupm2GQsAc$6KxjyjmMSC3GYaUX8DAkmw==\r\nserver: cloudflare\r\ncf-ray: 8435ab91cd480b61-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":18296,"size_decoded":18296,"mime_type":"text/plain; charset=UTF-8","magic":"ASCII text, with very long lines (18296), with no line terminators","md5":"4bba27e5bb7640834d31de5b2e11d855","sha1":"e704f0e84f28c86554cab1c33f6f88fd0a7d3a69","sha256":"eba26a4b176a2830a34e14124477f80c8917fb0444028102fb6130598a585f96","sha512":"c55f42ca5825852b65b81668e34cdfce077ece727627cac617d119f199356c1bf85a0aadbe1e14c38e50aa5ab8205c1e62e19752ffdba880114f19d4a01bf2c3","ssdeep":"384:ixcKfIeXziwrUt0oQifC1qmn4QzpxLnJJrnRJIdiCauN1o1:Pe4KoQp1qmnLz7/4wCauvo1","tlshash":"ce82e12d22300e85829638e559e473839b7542d324b2ac28e538283cc5dd4da5f7bfd2","first_seen":"2024-08-20T12:43:03.368884Z","last_seen":"2024-08-20T12:43:03.368884Z","times_seen":1,"resource_available":false,"data":null}},"time_used":35,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"07r.qtwrekg.ru/","fqdn":"07r.qtwrekg.ru","domain":"qtwrekg.ru","tld":"ru"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-01-10T14:39:30.880Z","timestamp":1704897570880,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"qtwrekg.ru","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 25 Dec 2023 08:43:33 GMT","end":"Sun, 24 Mar 2024 08:43:32 GMT"},"fingerprint":{"sha1":"93:A6:76:25:50:DB:2B:59:63:57:85:7A:61:D6:EA:75:BB:69:D3:72","sha256":"41:5B:98:AE:B1:F7:F9:2B:79:AB:4D:CF:7E:8E:23:39:F3:2E:25:52:5B:B3:F8:79:AC:D0:FD:D2:D4:A1:9E:28"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: 07r.qtwrekg.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hei-om.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 10 Jan 2024 14:39:32 GMT\r\ncontent-type: text/html; charset=UTF-8\r\naccess-control-allow-origin: *\r\nset-cookie: PHPSESSID=ah6ir8dq8rtv4tkv07osm94qbp; expires=Thu, 11-Jan-2024 14:39:32 GMT; Max-Age=86400; path=/\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=v403VSzuOy%2FME9nsSCqmDRB5A8WaKYwaQZWluh16k6JD67xlujxavkkkQJusy9%2Fttf6ukAEyDosprtBK4FCmCOqoaagycwNmfai3I727nWNihx%2FqlwVdfAHitF3KERBhOg%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 8435ab7a48777128-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5092,"size_decoded":5092,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with very long lines (5096), with no line terminators","md5":"a6e9b78a2282fb558a9ac3a4de9c5d9b","sha1":"a26bf07ccc3adc73cf07727cbf0db1a78785e484","sha256":"82f2926692c3b4699c03dc5bcc955a11979076e391950278e6fcb8e3a3ba7a86","sha512":"5842a851ea9a9420fab62c72423703efcd7693d4d005ba5bf094f646619a8937e66403c6f1b0c326e3a33aaf5d6b739dd5909d5506c9200cc72b0f118235013c","ssdeep":"96:y4cG7Dtt68o6gAAuzXar+9XVVFdIy6HxoT:V3W8XaaXIyoxoT","tlshash":"fab1e9abe91e2b8cfe25fb4df7911afe0409b84e5941480c1375be972829721a7cc74c","first_seen":"2024-08-20T12:43:03.371403Z","last_seen":"2024-08-20T12:43:03.371403Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1443,"timings":{"blocked":14,"dns":1,"connect":1,"send":0,"wait":1414,"receive":0,"ssl":11},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft Outlook","verdict":"phishing","severity":"medium","comment":"","tags":["phishing","microsoft","outlook"],"meta":null}]}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/a9w8k/0x4AAAAAAAPU6VEL9f4GOvgX/auto/normal","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.2.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://07r.qtwrekg.ru/##carey@turnbullwines.com","date":"2024-01-10T14:39:32.595Z","timestamp":1704897572595,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Fri, 18 Aug 2023 00:00:00 GMT","end":"Sat, 17 Aug 2024 23:59:59 GMT"},"fingerprint":{"sha1":"5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E","sha256":"A2:A8:37:E9:57:D0:F0:FE:3B:6F:A8:23:58:80:DA:61:DD:F9:50:CF:F0:2D:27:D5:00:AA:21:A7:B4:75:80:AD"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/a9w8k/0x4AAAAAAAPU6VEL9f4GOvgX/auto/normal HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://07r.qtwrekg.ru/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 10 Jan 2024 14:39:32 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\ncontent-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'\r\ncross-origin-embedder-policy: require-corp\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: cross-origin\r\ndocument-policy: js-profiling\r\norigin-agent-cluster: ?1\r\npermissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()\r\nreferrer-policy: same-origin\r\nserver: cloudflare\r\ncf-ray: 8435ab84ece60b61-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":74865,"size_decoded":74865,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (40811)","md5":"901e40cc99d270f03f98ee9d78c987eb","sha1":"e4c0dcb76dca73c801e01d7b20c41d6cd338712e","sha256":"1e31a4dddbaa2ba517a003f6fc59aa7d4f640ea584030a729d3f43d2c204b077","sha512":"9d93da794f8decd660b65a33ba3672104452b5e8c237b8d9d0a12f6f59b6f57bef2c59764c0cc831817ff376df7a495455bd5a5cb65dd8912256f4e459f6086f","ssdeep":"1536:UaJfcyI6+2ecnfIedWeOnCgw1EkWCziqRW4a4YYPqi1Pt2MYE1lDaHy7YYXYVttf:xfTmG9pkrw6EfD97YYXYjtgMkCOsU1yV","tlshash":"7b73f7d9cebc2d59ab029729b0ce51e3632d63471506e599b4cca2c0cfed14e26f0b79","first_seen":"2024-08-20T12:43:03.372328Z","last_seen":"2024-08-20T12:43:03.372328Z","times_seen":1,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":14,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/8435ab84ece60b61/1704897572945/d24c12582b8eddad14aa39f6ce1ec059d8c45addc474489dc80a4936a5e74772/gxMzPsT_RA2eZsf","fqdn":"challenges.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.2.184","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/a9w8k/0x4AAAAAAAPU6VEL9f4GOvgX/auto/normal","date":"2024-01-10T14:39:33.545Z","timestamp":1704897573545,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"challenges.cloudflare.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Fri, 18 Aug 2023 00:00:00 GMT","end":"Sat, 17 Aug 2024 23:59:59 GMT"},"fingerprint":{"sha1":"5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E","sha256":"A2:A8:37:E9:57:D0:F0:FE:3B:6F:A8:23:58:80:DA:61:DD:F9:50:CF:F0:2D:27:D5:00:AA:21:A7:B4:75:80:AD"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/b/pat/8435ab84ece60b61/1704897572945/d24c12582b8eddad14aa39f6ce1ec059d8c45addc474489dc80a4936a5e74772/gxMzPsT_RA2eZsf HTTP/1.1\r\nHost: challenges.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/a9w8k/0x4AAAAAAAPU6VEL9f4GOvgX/auto/normal\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 401 Unauthorized\r\ndate: Wed, 10 Jan 2024 14:39:33 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\nwww-authenticate: PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20g0kwSWCuO3a0Uqjn2zh7AWdjEWt3EdEidyApJNqXnR3IAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEApwk22dwqHyYFCoiCDfexgw4nOb343LANfDTXdD2Cc0JjPjJf1qZhGsXMZrW8Og8cXP1amfkgnHS6cWFMm9Px9acLHVI_On3-2XV9Iw7dGzEJnOMokFQBVVymhLE7WToU7pMYuYND5SstspRgZ46sG0xOUm1N1mD2wmTZjP0TobPtt-XgKvATA_YhncFgJRZKYygqf6SHeCptQeC1-XLMnQJaspb8HSn01ViIUVJTZDe1VlDFEaNvJPUUWCBeSGBE7TDrbejOkkbIqCRgpN_x7b_ASxabG3X79pJ8CKchClCwZf0bsT-Z6NaRSB4p_Z4sd2DG1EFi20Ndm5VhfhpBkwIDAQAB, max-age=20, PrivateToken challenge=AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tINJMElgrjt2tFKo59s4ewFnYxFrdxHRIncgKSTal50dyABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAyAcIyqXWj0XAym0z5V844rFA0WOzLVwj0uCwmVj6zC4qOH40oBiGHrMNMBnDyk95jvnBAuHeEs855e7nA4l4DPJ4jUWKZbua8BxGAzjn74A1BV81a52F1zvBPUm-VEJXPAPXQehXphSv51uR7HKtfcM5oaS33TGDSy-6xv0r84xjMuTBvwPgXGehxpi1MCGGE5yWkzKN5Zzllk7m6Nkiv6learV-Uz7tzaoPbdZkBk1bFXxm2q07jWavoBZ-JEuEJyjQ00PSTz2Zjpbct6AlR3eCS9sbmXtb5XxSs7JMsvoa8uojD7a5m2SEJIwaf8xKL6wtxkaPonUfvsLj4JoJZQIDAQAB, max-age=20\r\nserver: cloudflare\r\ncf-ray: 8435ab8adc3a0b61-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"401","status_text":"Unauthorized","fingerprints":null,"data":{"size":1,"size_decoded":1,"mime_type":"text/plain; charset=UTF-8","magic":"very short file (no magic)","md5":"ff44570aca8241914870afbc310cdb85","sha1":"58668e7669fd564d99db5d581fcdb6a5618440b5","sha256":"6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5","sha512":"3c266c0035de59eab2a0dd31b3dcb4a9dd157b310289e5db9ab4f8c2fddb7433466d48f25da7ad735a1cb8f2935aa612ad1f62f0efcece3933ba9979082e2304","ssdeep":"","tlshash":"c700000000000003c00000300000003000000000000000000003000000000000000000","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T09:40:40.350034Z","times_seen":400082,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}