Report - www.goodnewsliverpool.co.uk/?ads_click=1&data=10345-9192-0-3318-1&nonce=b019a2f042&redir=http:aiitpune.com/js/o4uu//cm9zcy5hZGFtc0BiaXJtaW5naGFtLmdvdi51aw==&$

Report Overview

Submitted URL
www.goodnewsliverpool.co.uk/?ads_click=1&data=10345-9192-0-3318-1&nonce=b019a2f042&redir=http:aiitpune.com/js/o4uu//cm9zcy5hZGFtc0BiaXJtaW5naGFtLmdvdi51aw==&$
IP
95.215.226.7
ASN
#59778 Synextra Limited
Submitted
2024-04-16 07:50:57
Access
public
Website Title
Just a moment...
Final URL
dc3889e1.b24b366159a504c34a2004dc.workers.dev/?qrc=ross.adams@birmingham.gov.uk
Tags
phishing microsoft outlook
urlquery detections
Phishing - Microsoft Outlook

Detections

urlquery
3
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
aiitpune.com	unknown	2013-02-06	2017-08-24	2024-04-15	947 B	863 B	132.148.128.8
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20	2024-04-15	7.3 kB	853 kB	104.17.3.184
dc3889e1.b24b366159a504c34a2004dc.workers.dev	unknown	2019-02-08	2024-04-11	2024-04-15	1.1 kB	7.7 kB	104.21.94.180
www.goodnewsliverpool.co.uk	unknown	2013-11-01	2017-12-11	2024-03-02	1.5 kB	2.1 kB	95.215.226.7

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (39)

	URL	Size	First Seen	Last Seen
	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=875296429aec56cc	426 kB	2024-04-16	2024-04-16
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=875296429aec56cc IP 104.17.3.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 09:50:58 Last Seen2024-04-16 09:50:59 Times Seen2 Hash 84cf4ce3bbc859724063c0238cd9a0ec 7f57ae6fe72aae63feae10fde525ff95410968cb 88cb4f6f08b9716cb4b37255dce6fe3b751f4d7f50944807f305eb871e12f1cf Loading...

	dc3889e1.b24b366159a504c34a2004dc.workers.dev/?qrc=ross.adams@birmingham.gov.uk	311 B	2024-04-12	2024-04-18
Pretty URL dc3889e1.b24b366159a504c34a2004dc.workers.dev/?qrc=ross.adams@birmingham.gov.uk IP 104.21.94.180 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-12 05:39:03 Last Seen2024-04-18 02:09:21 Times Seen48 Hash 7dc8cae8b188859b7613193201f866b2 26b47b4a496f30fbf7a070b8530adaa4c22fe8ce 42d496ee0a1317071f5f523a4bafc905ee9317fe26e1a5c05715d37f1a931b3e Loading...

	challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback	41 kB	2024-04-04	2024-04-17
Pretty URL challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback IP 104.17.3.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-04 12:45:54 Last Seen2024-04-17 16:04:31 Times Seen3430 Hash d1048a66fc11ea28c3cb1488fac82c62 f055707cf91f637ec19bf5e65bf378857e798469 8f1ad19042c2f9ee60c2de21f37f788af7b1ecccda8eec1d877f9b9c0e994370 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/toL804vmeDYrjlL/m3m2s/0x4AAAAAAAW6FMm8tl7BXPFe/auto/normal	3.2 kB	2024-04-16	2024-04-16
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/toL804vmeDYrjlL/m3m2s/0x4AAAAAAAW6FMm8tl7BXPFe/auto/normal IP 104.17.3.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-16 09:50:58 Last Seen2024-04-16 09:50:58 Times Seen1 Hash 6461bb110f0e1f611bc233865b355441 71a2e6992d3a9b855f726424acd388c05024bbec a0ea5095bc4e226026a8ca57184e70b1c5c74430452b820018a82b34a9cf9e0b Loading...

		Size	First Seen	Last Seen
	#1 Eval - 41c3ad6c72ac94148c6932b9f6d980e1	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:50:58 Last Seen2024-04-16 09:50:58 Times Seen1 Hash 41c3ad6c72ac94148c6932b9f6d980e1 f5b3fb6b5f3bfb0d567669e0f26fe6463025da41 e7e3f737a14097317ea890470a7302b1fa1f56f1e55413db983c0d98c7592182 Loading...

	#2 Eval - bd2795ed75d5dcff1e83bbdb6d454beb	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:50:58 Last Seen2024-04-16 09:50:58 Times Seen1 Hash bd2795ed75d5dcff1e83bbdb6d454beb a45a2c2ea3545f41027691182511f19c25c30b68 9091fdd2fc19df01bdc853e5d3f7c0031fe59b7745e30ece3a36ad8a28b5e2e8 Loading...

	#3 Eval - adc93b7c38e041d3841eb751225de878	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:50:58 Last Seen2024-04-16 09:50:58 Times Seen1 Hash adc93b7c38e041d3841eb751225de878 133ed2ec2009de8972215db71589d59e6d2a7d54 fcf3ae7b9184bc6aae9609f12515c6696e2bc54c6a4a86905c466b29860f6339 Loading...

	#4 Eval - 53e2c31e737f1aec2b2d9a2b0ac41c4e	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:50:58 Last Seen2024-04-16 09:50:58 Times Seen1 Hash 53e2c31e737f1aec2b2d9a2b0ac41c4e 8a353971e8e4a8c4cf0b52e183a67791b045df5e b1c2884881d2ecab7b8ddd7333e1f80aaad301950d15b2ceedaaf6965071aa38 Loading...

	#5 Eval - 2a9e656d35337141fbb9aa4dc5f22ca6	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:50:58 Last Seen2024-04-16 09:50:58 Times Seen1 Hash 2a9e656d35337141fbb9aa4dc5f22ca6 da1d40918a59fc1141ec5f56fccab652832cdc5c 83234120e8127b9c627264ac5ef44de39c173c7750b731923cdec849c9a56888 Loading...

	#6 Eval - 423d04eec45382f2c274aebe28d4e088	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:50:58 Last Seen2024-04-16 09:50:58 Times Seen1 Hash 423d04eec45382f2c274aebe28d4e088 3ad4b9a71135ba789f14009979415a4751540c9c 0650444335958cf7db7818c9b1d8b079f5feb523b57e6a61ff587e8efbc0eeab Loading...

	#7 Eval - 845fd4b4bbca524cfe72eebba610d01f	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:50:58 Last Seen2024-04-16 09:50:58 Times Seen1 Hash 845fd4b4bbca524cfe72eebba610d01f a61534244f7a5fbb891fa0aad58f8108afc76037 1e09e4c00c6ba0290b9e698b30ab7f7e89074485bf509692b8827824a80a1384 Loading...

	#8 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07	2024-04-29
Pretty Observations First Seen2023-03-07 01:03:43 Last Seen2024-04-29 21:19:11 Times Seen350642 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	#9 Eval - ac6d43b49aec2f87daf340337b6a7882	60 B	2024-04-04	2024-04-17
Pretty Observations First Seen2024-04-04 12:28:09 Last Seen2024-04-17 16:04:31 Times Seen3428 Hash ac6d43b49aec2f87daf340337b6a7882 d3874a31a6b7fe11121edc3ed80fdc8b66f6589a 1af55b64e0b39e0f5f760a8050b284a66fe404ddff945697590f8240798311b2 Loading...

	#10 Eval - af1a8c5513790132a4b87b4b731d7ced	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:50:58 Last Seen2024-04-16 09:50:58 Times Seen1 Hash af1a8c5513790132a4b87b4b731d7ced 46ffe79b1f386d6976d4a6dcab2c108f1c04564c 8cbad6192d70fd92465751aaffd15b7841382405cca7746018ee1ddb9a23a101 Loading...

	#11 Eval - 9381cc2439cffb737aa30df1cb975373	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:50:58 Last Seen2024-04-16 09:50:58 Times Seen1 Hash 9381cc2439cffb737aa30df1cb975373 bc1023968a6390da837f20b4a0ed961e28e7820b dca41cdb317af703fa0979d316216d523ab121ef6631cd246e96dfe72fb00764 Loading...

	#12 Eval - 8a4603814e4577016b560ed33e99f691	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:50:58 Last Seen2024-04-16 09:50:58 Times Seen1 Hash 8a4603814e4577016b560ed33e99f691 4754896afadfc42b12d9e679aed619f311e94285 46b5f8cbd1bef8c5fdc1588c635f0285f8907e900e396c6453a173d8a270ed45 Loading...

	#13 Eval - b18b455da5e2e1b6242b944ef272a037	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:50:58 Last Seen2024-04-16 09:50:58 Times Seen1 Hash b18b455da5e2e1b6242b944ef272a037 dba07e3c480ae6f4121436e045f18eb2c007b8dc e52a457d3b550a4abf5582f79fde8c0f7b9933a72f14f1becbd1b30d7c65a248 Loading...

	#14 Eval - ceeea21b1e788e01c06ef648f948761d	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:50:58 Last Seen2024-04-16 09:50:58 Times Seen1 Hash ceeea21b1e788e01c06ef648f948761d 409675dd9d0452194f283e01494fe0a7c026f8b9 1ddb0693078d4a4af5386722f1d450b55b374ec240a5102e25614140ec92ddc6 Loading...

	#15 Eval - c09335169cc9355f7127b60bb19d5b8f	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:50:58 Last Seen2024-04-16 09:50:58 Times Seen1 Hash c09335169cc9355f7127b60bb19d5b8f d706341261781d0e7547f60661bef0f43683452e eb5663169363d036117b866667425b25f789b8aecec17219ae25f8dd76a22285 Loading...

	#16 Eval - ad54b01da102839b95019170495b86a1	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:50:58 Last Seen2024-04-16 09:50:58 Times Seen1 Hash ad54b01da102839b95019170495b86a1 3090964b89dc9da378195e4d768c550d2bfb925a 53e0db114bb01738964ca783a3577e0e3e4b8aa90dfa9a5f3ac839d4ce5f16b8 Loading...

	#17 Eval - 9fb8f2d7c7f072c703cff7e0afeb47a1	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:50:58 Last Seen2024-04-16 09:50:58 Times Seen1 Hash 9fb8f2d7c7f072c703cff7e0afeb47a1 3a0acfc3511e2156f680212e700b645d1eef6513 602da26c09354133b562555a8a19211f2353f3eefa7a4280a4aa1a705c50c9e2 Loading...

	#18 Eval - 9b28ce436d61cd81d023a67f0e7e1ed9	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:50:58 Last Seen2024-04-16 09:50:58 Times Seen1 Hash 9b28ce436d61cd81d023a67f0e7e1ed9 1f7e0a54fa3d18368a0a2e10131ec792b8305dbf cdeca45c39042c9e329a229e7267eb527d2007dc885576bfd9f7d1ac1f1cbc7b Loading...

	#19 Eval - 61d6e804f7aace60b0b141201b4978c0	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:50:58 Last Seen2024-04-16 09:50:58 Times Seen1 Hash 61d6e804f7aace60b0b141201b4978c0 62fc6c20fba273f049b61c27cbc790d957695e99 842da5f31e967184c7d4f74b66d7170ea3f57b9086165f136ea9e6dca822ca6e Loading...

	#20 Eval - fba833ed463707a42980dac351d675ef	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:50:58 Last Seen2024-04-16 09:50:58 Times Seen1 Hash fba833ed463707a42980dac351d675ef e09867a9d007588bb132c91b3d791a1bca2f48a6 0a9ba15a6ca5e7dcc3c36d38894f5abf87c9fb814482499f209062f683f7eac9 Loading...

	#21 Eval - 350df6ff652e9fbfa5417a3620d602de	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:50:59 Last Seen2024-04-16 09:50:59 Times Seen1 Hash 350df6ff652e9fbfa5417a3620d602de 2ee6faaf9c6c32637c00891f95f1e8af81b081ce 27749c5405abaa1eb7a681d9c39aa7da37b39340697d736a5c22b3425ecf7572 Loading...

	#22 Eval - 8a092adccb6bbb96b034da1518a99a02	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:50:59 Last Seen2024-04-16 09:50:59 Times Seen1 Hash 8a092adccb6bbb96b034da1518a99a02 df6f11ed3f12acd87063b0fecc035a75e6ca4bb2 a2e4c26707796321e7164c18cc33347b64ec7969e5342031eaefa1abd2287e82 Loading...

	#23 Eval - 4f52174fd0539bb38caf2264ef06c3bc	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:50:59 Last Seen2024-04-16 09:50:59 Times Seen1 Hash 4f52174fd0539bb38caf2264ef06c3bc 3689738e17ef9256065b5b6edfb26c7b1168b377 4a58cc2b3244933766bd77e48d1c127a70fc7dea2b840bb9bb0858809308bccf Loading...

	#24 Eval - a849cb7be10227842b35a1b364755f31	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:50:59 Last Seen2024-04-16 09:50:59 Times Seen1 Hash a849cb7be10227842b35a1b364755f31 e94829236888f80f051950997a4f1dc388926c98 f3af754a9d20d9873b30af2e982caa52e263e7aedff5861756514d4f08d599f3 Loading...

	#25 Eval - 059d9c223cfdaed00b1487d49a0e4de9	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:50:59 Last Seen2024-04-16 09:50:59 Times Seen1 Hash 059d9c223cfdaed00b1487d49a0e4de9 bf1b194e2a36c06cca6f6ae0e0bf620438c881b9 14a85e78f8f4096f27cdf01ac2a76004b3135d6a3deec67dcccd1f6e16910b5f Loading...

	#26 Eval - c023594750761cc509088018eeab68b4	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:50:59 Last Seen2024-04-16 09:50:59 Times Seen1 Hash c023594750761cc509088018eeab68b4 1c273523f7726e8446c48246586d774afb09cc64 e3e8fcc8ab58090aaa00f81790c9bc407c822b71d741e45fae69ea59f2be070a Loading...

	#27 Eval - 7a8e8a14cc58718c95ce728eb7ab60cb	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:50:59 Last Seen2024-04-16 09:50:59 Times Seen1 Hash 7a8e8a14cc58718c95ce728eb7ab60cb a0c0a8b57354529cb49b0bb36bbcff5f98cfe259 decd60d2dcb4a45e3dc72b855b5b5ac8acd3eb0858f4e902d45b03330aa08369 Loading...

	#28 Eval - a491ad5a1d0857c20d7a2326a8f37efe	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:50:59 Last Seen2024-04-16 09:50:59 Times Seen1 Hash a491ad5a1d0857c20d7a2326a8f37efe e4570139ce437b308723b411f664fd7f6b97b60f 21a4d98d07f305e862b300c2a1f4ae146d99f77340abe1d29357926da3aa53d4 Loading...

	#29 Eval - 4021093a7a8fcd91922cfe86225d4b32	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:50:59 Last Seen2024-04-16 09:50:59 Times Seen1 Hash 4021093a7a8fcd91922cfe86225d4b32 376166cb832ae76a38766885f84c564ae8366f4b 0d47970d677d27a84f941fdc47418c37bb88a4159e7212e639be68567f421d3e Loading...

	#30 Eval - 6f82329145516328ef7ac6b7e56445f5	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:50:59 Last Seen2024-04-16 09:50:59 Times Seen1 Hash 6f82329145516328ef7ac6b7e56445f5 4067b28f7d83ed34b1f17918f08b1b5e2cb4b1a1 4db1cedb4f82c5c178634d874e704fb22704dbe0d09449787c80dc3d3fb02344 Loading...

	#31 Eval - b139f7802e6030b46911d92b3007ee20	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:50:59 Last Seen2024-04-16 09:50:59 Times Seen1 Hash b139f7802e6030b46911d92b3007ee20 1666f447f53b7ba4fa6503495bd6cab202db5d8d fbb9cb84330f25041badfd1eabc7388acc7841fe3738628ee448e48bca11ae67 Loading...

	#32 Eval - 39bfc0c7deea60157bdcc4522bcb7015	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:50:59 Last Seen2024-04-16 09:50:59 Times Seen1 Hash 39bfc0c7deea60157bdcc4522bcb7015 f9887f161ab06a4eccc0bde65b9664fd3215861b d68171a0a25dc06c68866d420a56aa2683099105a2a473226093d9752c4cbb47 Loading...

	#33 Eval - e7bc62b2a4b7b6fb3fa5ccc7b9e549a3	605 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:50:59 Last Seen2024-04-16 09:50:59 Times Seen1 Hash e7bc62b2a4b7b6fb3fa5ccc7b9e549a3 b2d0b2a58e87bbafc4d4e8c781a6a1f41f142e05 61cc7108a6dd99015a77f58ded806e176f125787ddc543f66fdc330f43705e41 Loading...

	#34 Eval - 2dfb135477ead476160aa7d5625fb733	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:50:59 Last Seen2024-04-16 09:50:59 Times Seen1 Hash 2dfb135477ead476160aa7d5625fb733 82c00ebb1f2331d4934d66ec83f67fe9d4e1e245 2b9f30f213b030295caea9d75f3c8e42e5d05a8c59413cdb28d846d205c8a1df Loading...

	#35 Eval - 25d9bb40353ae161988c201dc854c907	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:50:59 Last Seen2024-04-16 09:50:59 Times Seen1 Hash 25d9bb40353ae161988c201dc854c907 bfdd57537a5838b6f3c8e44ff50c69a681cc5d7d 5b561c9017a3af17d8b9440d1202d4c2a6d5ed943d9b18ae431e06d6cdb6d799 Loading...

HTTP Transactions (18)

URL IP Response Size

www.goodnewsliverpool.co.uk/?ads_click=1&data=10345-9192-0-3318-1&nonce=b019a2f042&redir=http:aiitpune.com/js/o4uu//cm9zcy5hZGFtc0BiaXJtaW5naGFtLmdvdi51aw==&$

95.215.226.7

0 B

URL
www.goodnewsliverpool.co.uk/?ads_click=1&data=10345-9192-0-3318-1&nonce=b019a2f042&redir=http:aiitpune.com/js/o4uu//cm9zcy5hZGFtc0BiaXJtaW5naGFtLmdvdi51aw==&$
IP
95.215.226.7:0
ASN
#59778 Synextra Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?ads_click=1&data=10345-9192-0-3318-1&nonce=b019a2f042&redir=http:aiitpune.com/js/o4uu//cm9zcy5hZGFtc0BiaXJtaW5naGFtLmdvdi51aw==&$ HTTP/1.1
Host: www.goodnewsliverpool.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
x-litespeed-tag: fcc_HTTP.200,fcc_HTTP.301
x-redirect-by: WordPress
location: https://www.goodnewsliverpool.co.uk/?ads_click=1&data=10345-9192-0-3318-1&nonce=b019a2f042&redir=http%3Aaiitpune.com%2Fjs%2Fo4uu%2F%2Fcm9zcy5hZGFtc0BiaXJtaW5naGFtLmdvdi51aw%3D%3D&%24
content-length: 0
date: Tue, 16 Apr 2024 07:50:34 GMT
server: LiteSpeed
vary: User-Agent
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

www.goodnewsliverpool.co.uk/

95.215.226.7

795 B

URL
www.goodnewsliverpool.co.uk/
IP
95.215.226.7:0
ASN
#59778 Synextra Limited

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
795 B (795 bytes)
Hash
5d8d79c3cb9af023240b1be6f5057aaa
df22980677b134e83d878893f7c7984e0d78a240
e8b101a7c7f64aad528cc734513cbeb02243c0af37930dc0f3239749cff184b6

HTTP Headers

GET / HTTP/1.1
Host: www.goodnewsliverpool.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 795
date: Tue, 16 Apr 2024 07:50:34 GMT
server: LiteSpeed
location: https://www.goodnewsliverpool.co.uk/
vary: User-Agent

www.goodnewsliverpool.co.uk/?ads_click=1&data=10345-9192-0-3318-1&nonce=b019a2f042&redir=http%3Aaiitpune.com%2Fjs%2Fo4uu%2F%2Fcm9zcy5hZGFtc0BiaXJtaW5naGFtLmdvdi51aw%3D%3D&%24

95.215.226.7

0 B

URL
www.goodnewsliverpool.co.uk/?ads_click=1&data=10345-9192-0-3318-1&nonce=b019a2f042&redir=http%3Aaiitpune.com%2Fjs%2Fo4uu%2F%2Fcm9zcy5hZGFtc0BiaXJtaW5naGFtLmdvdi51aw%3D%3D&%24
IP
95.215.226.7:0
ASN
#59778 Synextra Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?ads_click=1&data=10345-9192-0-3318-1&nonce=b019a2f042&redir=http%3Aaiitpune.com%2Fjs%2Fo4uu%2F%2Fcm9zcy5hZGFtc0BiaXJtaW5naGFtLmdvdi51aw%3D%3D&%24 HTTP/1.1
Host: www.goodnewsliverpool.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-litespeed-tag: fcc_HTTP.200,fcc_HTTP.302
x-redirect-by: WordPress
location: http:aiitpune.com/js/o4uu//cm9zcy5hZGFtc0BiaXJtaW5naGFtLmdvdi51aw==
content-length: 0
date: Tue, 16 Apr 2024 07:50:36 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
vary: User-Agent
X-Firefox-Spdy: h2

aiitpune.com/js/o4uu//cm9zcy5hZGFtc0BiaXJtaW5naGFtLmdvdi51aw==

132.148.128.8

277 B

URL
aiitpune.com/js/o4uu//cm9zcy5hZGFtc0BiaXJtaW5naGFtLmdvdi51aw==
IP
132.148.128.8:0
ASN
#398101 GO-DADDY-COM-LLC

File type
HTML document, ASCII text
Size
277 B (277 bytes)
Hash
09356eeb3317b9f69960321376f440c0
f474f654de35dce89e57ced620fe82dcce204844
5f8682a27dd51858c78334544a20eb559b7e3fcc341274540618fa4e7eceb500

HTTP Headers

GET /js/o4uu//cm9zcy5hZGFtc0BiaXJtaW5naGFtLmdvdi51aw== HTTP/1.1
Host: aiitpune.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Tue, 16 Apr 2024 07:50:36 GMT
Server: Apache
Location: https://aiitpune.com/js/o4uu/cm9zcy5hZGFtc0BiaXJtaW5naGFtLmdvdi51aw==
Content-Length: 277
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

aiitpune.com/js/o4uu/cm9zcy5hZGFtc0BiaXJtaW5naGFtLmdvdi51aw==

132.148.128.8

0 B

URL
aiitpune.com/js/o4uu/cm9zcy5hZGFtc0BiaXJtaW5naGFtLmdvdi51aw==
IP
132.148.128.8:0
ASN
#398101 GO-DADDY-COM-LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET /js/o4uu/cm9zcy5hZGFtc0BiaXJtaW5naGFtLmdvdi51aw== HTTP/1.1
Host: aiitpune.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 07:50:37 GMT
Server: Apache
refresh: 0;url=https://dc3889e1.b24b366159a504c34a2004dc.workers.dev/?qrc=ross.adams@birmingham.gov.uk
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback

104.17.3.184

302 Found

0 B

URL GET HTTP/2
challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dc3889e1.b24b366159a504c34a2004dc.workers.dev/?qrc=ross.adams@birmingham.gov.uk
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dc3889e1.b24b366159a504c34a2004dc.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
date: Tue, 16 Apr 2024 07:50:37 GMT
content-length: 0
cache-control: max-age=300, public
cross-origin-resource-policy: cross-origin
location: /turnstile/v0/b/bcc5fb0a8815/api.js?onload=onloadTurnstileCallback
access-control-allow-origin: *
vary: Accept-Encoding
server: cloudflare
cf-ray: 875295e47f2c5693-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/601893388:1713252818:CTixhC3WX5lZ5sK2BDgg0FX-S7OyOZa2v-vb70m2Ypk/875295e55a9a56cc/dc7b1a9838aba4f

104.17.3.184

110 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/601893388:1713252818:CTixhC3WX5lZ5sK2BDgg0FX-S7OyOZa2v-vb70m2Ypk/875295e55a9a56cc/dc7b1a9838aba4f
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
110 kB (110420 bytes)
Hash
5a5ffe07c105d31ff86ecde8583a6b0e
c269165de6073a97ebf69785c6ed1631244f6eca
b932b32ef1e61fa5af84888eab7c46ab2490296188b725a6b072a298089d317e

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/601893388:1713252818:CTixhC3WX5lZ5sK2BDgg0FX-S7OyOZa2v-vb70m2Ypk/875295e55a9a56cc/dc7b1a9838aba4f HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/m3m2s/0x4AAAAAAAW6FMm8tl7BXPFe/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: dc7b1a9838aba4f
Content-Length: 2644
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 16 Apr 2024 07:50:38 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: Wv6UtnmGFSTIcDR/8eEsdI0RUawVQEFod/BTidLmhYNW5RJYcBZQ0NqhMC4AQ/NeZlOe6zDh22Uy4asB4zsyRiB0rulvIpBF6uuT5PA/VXOcDgXQvDKQliVvY0x0zs+5tn6FufP8VIIeoppPgCWFfAUUvJusrKhohWY+1JjGmaqs/W5afKp3qBavSA53XXg7cP+Z1htFPvDKdAg7Ye7iwFwY7Vm1Zq7eu70FPszM2RV98EGUcwakOssR9xHjztsZ8aYriVFyhu3ZbGV0iRzXtyj4W04VKg9wBmyN1Sy7X7EAxzNbiJiBQcfcuPxXaQY3G+2jCVMB1ZIa5rr2K1NgEkPJpV/7SMdQx8RHEyg/yErfkYLGWwrAMvdtLlMH3kU7UO8ldkV48yVnT5z4PZwEhpQKlC6IIleBt/ENprPS4e8NbyIcnTT1/L8Fk6m+uPUhEvrAEP/x3veaDJUY3ecbtiMblTwVidEaY0QvQFjMD6c=$5j2kaVCIQFbNrbI2cMKjPw==
server: cloudflare
cf-ray: 875295e77ca356cc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/turnstile/v0/b/bcc5fb0a8815/api.js?onload=onloadTurnstileCallback

104.17.3.184

200 OK

42 kB

URL GET HTTP/3
challenges.cloudflare.com/turnstile/v0/b/bcc5fb0a8815/api.js?onload=onloadTurnstileCallback
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dc3889e1.b24b366159a504c34a2004dc.workers.dev/?qrc=ross.adams@birmingham.gov.uk
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (40613)
Size
42 kB (41848 bytes)
Hash
d1048a66fc11ea28c3cb1488fac82c62
f055707cf91f637ec19bf5e65bf378857e798469
8f1ad19042c2f9ee60c2de21f37f788af7b1ecccda8eec1d877f9b9c0e994370

HTTP Headers

GET /turnstile/v0/b/bcc5fb0a8815/api.js?onload=onloadTurnstileCallback HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dc3889e1.b24b366159a504c34a2004dc.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 16 Apr 2024 07:50:37 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 875295e4b9d456cc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/toL804vmeDYrjlL/m3m2s/0x4AAAAAAAW6FMm8tl7BXPFe/auto/normal

104.17.3.184

200 OK

78 kB

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/toL804vmeDYrjlL/m3m2s/0x4AAAAAAAW6FMm8tl7BXPFe/auto/normal
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dc3889e1.b24b366159a504c34a2004dc.workers.dev/?qrc=ross.adams@birmingham.gov.uk
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (41919)
Size
78 kB (77717 bytes)
Hash
2f9ea4a5ff01d3189d74a569b0109dee
11170cd5804e13660255292589cabf6194ffb2c3
cc447d0e59d862aa49b126cf6f5923a1173e0eb23cb2eb66975ffcf402621624

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/toL804vmeDYrjlL/m3m2s/0x4AAAAAAAW6FMm8tl7BXPFe/auto/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dc3889e1.b24b366159a504c34a2004dc.workers.dev/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 16 Apr 2024 07:50:52 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
cf-ray: 875296429aec56cc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=875296429aec56cc

104.17.3.184

200 OK

426 kB

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=875296429aec56cc
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/toL804vmeDYrjlL/m3m2s/0x4AAAAAAAW6FMm8tl7BXPFe/auto/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
426 kB (425998 bytes)
Hash
84cf4ce3bbc859724063c0238cd9a0ec
7f57ae6fe72aae63feae10fde525ff95410968cb
88cb4f6f08b9716cb4b37255dce6fe3b751f4d7f50944807f305eb871e12f1cf

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=875296429aec56cc HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/toL804vmeDYrjlL/m3m2s/0x4AAAAAAAW6FMm8tl7BXPFe/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 16 Apr 2024 07:50:52 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: cloudflare
cf-ray: 87529642db4f56cc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/875296429aec56cc/1713253852838/38b41282cbabc805558a8e2a70066dd08235933a794c5c01c3df615cf6b5c8f8/bb7ukdbd9rRWo2L

104.17.3.184

401 Unauthorized

1 B

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/875296429aec56cc/1713253852838/38b41282cbabc805558a8e2a70066dd08235933a794c5c01c3df615cf6b5c8f8/bb7ukdbd9rRWo2L
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/toL804vmeDYrjlL/m3m2s/0x4AAAAAAAW6FMm8tl7BXPFe/auto/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
ff44570aca8241914870afbc310cdb85
58668e7669fd564d99db5d581fcdb6a5618440b5
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/pat/875296429aec56cc/1713253852838/38b41282cbabc805558a8e2a70066dd08235933a794c5c01c3df615cf6b5c8f8/bb7ukdbd9rRWo2L HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/toL804vmeDYrjlL/m3m2s/0x4AAAAAAAW6FMm8tl7BXPFe/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 401 Unauthorized
date: Tue, 16 Apr 2024 07:50:53 GMT
content-type: text/plain; charset=UTF-8
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gOLQSgsuryAVVio4qcAZt0II1kzp5TFwBw99hXPa1yPgAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA1QvuFhVj8-HIEpd2829MedEvnrcAHahftJq4lCTdordKDtEpBDr1tC6_z1kq102Fe8SVbT4nRFRPCH_vL6Pwcc16C8jLMMvXraoC-BiyzAX3Yyr6lZj9UCQ7aK3JEr-tlD2wmLRtqyXfZQu9FdZsCMm0LU5LDAKE1uUBeAV-vLkP_1imLjHgbFE2lJH52yahbxiIjoqT_3PjB45ow3W9ciKiR89cUoS7X-sc6I2Lo7P_Y_FH4aGxC4fBDbjKZDO7UYOs3i1xJCHhgRA2dPWk0tZTjV7-jJE-oyRiReJNq7shr4jYws0e9BzlY1UCMa-U_JWdRb9So4JnoGPmfvSU_QIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIDi0EoLLq8gFVYqOKnAGbdCCNZM6eUxcAcPfYVz2tcj4ABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA1FEYykHcK8H9rb_u0aFz3CmWgYloQw4YhedoEOAjJ0vy2Axa4f9UG9Dzs4uXS34_h8l6MDo2nRCvLI9lvebilMnTjCn-6D77bewqYxJKUFZW1z2jBIdu03TrETczfEg7kxgKtJE9NXGDjYJcF_iMgzgNA0PEAVM89tUYXXlFy4cUAGlqU2mPpIEOxm5ARsXC-zlLK60fkJ4cOsZRkZa6EExdhmgdwQ0fEJuSOHrBO_-zJn4hUP8q9g4yqkxW2UrfJgD07F4HaHGBEiei06sGDvH2NEPvswEl5dTGxutNrxlU7W24iYhNa2nhjlc53nNb0mKtszv-czVE9UhXyJ7-RQIDAQAB", max-age=20
server: cloudflare
cf-ray: 87529646be8356cc-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/875296429aec56cc/1713253852843/fQkyQdc-0je3_Y-

104.17.3.184

200 OK

61 B

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/875296429aec56cc/1713253852843/fQkyQdc-0je3_Y-
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/toL804vmeDYrjlL/m3m2s/0x4AAAAAAAW6FMm8tl7BXPFe/auto/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
PNG image data, 51 x 10, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
9c05892230477f54af6618e36b467ec1
18f57c0e1a693698d5623fcf6fc1c10c2094fb53
e24671754d01106567d097a5851d0e3ab55c42a1de4e1e25767249f63d6b3b30

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/i/875296429aec56cc/1713253852843/fQkyQdc-0je3_Y- HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/toL804vmeDYrjlL/m3m2s/0x4AAAAAAAW6FMm8tl7BXPFe/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 16 Apr 2024 07:50:53 GMT
content-type: image/png
server: cloudflare
cf-ray: 8752964afb3f56cc-OSL
alt-svc: h3=":443"; ma=86400

dc3889e1.b24b366159a504c34a2004dc.workers.dev/favicon.ico

104.21.94.180

200 OK

3.3 kB

URL GET HTTP/3
dc3889e1.b24b366159a504c34a2004dc.workers.dev/favicon.ico
IP
104.21.94.180:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dc3889e1.b24b366159a504c34a2004dc.workers.dev/?qrc=ross.adams@birmingham.gov.uk
Certificate
IssuerGoogle Trust Services LLC
Subjectb24b366159a504c34a2004dc.workers.dev
FingerprintBC:41:71:93:F8:C2:C5:7E:66:EE:C8:3A:E4:16:06:3D:23:73:EE:5F
ValidityThu, 11 Apr 2024 15:41:38 GMT - Wed, 10 Jul 2024 15:41:37 GMT

File type
HTML document, ASCII text, with very long lines (3271), with no line terminators
Size
3.3 kB (3255 bytes)
Hash
ade935fdb28f6baa87d11e6a17499976
959d967f84b0c84423c25be6a41565929327f4c1
d4f7590edfe99b50c22b6d0a64768f419a2654233a88bdfd7fc3e9150ab9314c

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: dc3889e1.b24b366159a504c34a2004dc.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dc3889e1.b24b366159a504c34a2004dc.workers.dev/?qrc=ross.adams@birmingham.gov.uk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 16 Apr 2024 07:50:37 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kAZDQDAK%2Fk%2FviuSKck4s60d4vheas2UV4ckLIrQQGhu5EgLH0TuF%2BYGS3%2F%2BTz6SrzUH3fJsnCYbtMinpwa%2FLd61bv%2F7SW2DHjSsVWhhkJCdE3q0Jzl6SP2m2Sr6KFq6zqHcy%2BMMMAPjubnZrfsDXhIL%2FZ48DBlhQH8KeWicHqS4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875295e539e656c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D

104.17.3.184

200 OK

61 B

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/toL804vmeDYrjlL/m3m2s/0x4AAAAAAAW6FMm8tl7BXPFe/auto/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
9246cca8fc3c00f50035f28e9f6b7f7d
3aa538440f70873b574f40cd793060f53ec17a5d
c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/toL804vmeDYrjlL/m3m2s/0x4AAAAAAAW6FMm8tl7BXPFe/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 16 Apr 2024 07:50:52 GMT
content-type: image/png
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 87529642db4d56cc-OSL
alt-svc: h3=":443"; ma=86400

dc3889e1.b24b366159a504c34a2004dc.workers.dev/?qrc=ross.adams@birmingham.gov.uk

104.21.94.180

200 OK

3.3 kB

URL User Request GET HTTP/2
dc3889e1.b24b366159a504c34a2004dc.workers.dev/?qrc=ross.adams@birmingham.gov.uk
IP
104.21.94.180:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectb24b366159a504c34a2004dc.workers.dev
FingerprintBC:41:71:93:F8:C2:C5:7E:66:EE:C8:3A:E4:16:06:3D:23:73:EE:5F
ValidityThu, 11 Apr 2024 15:41:38 GMT - Wed, 10 Jul 2024 15:41:37 GMT

File type
HTML document, ASCII text, with very long lines (3271), with no line terminators
Size
3.3 kB (3255 bytes)
Hash
ade935fdb28f6baa87d11e6a17499976
959d967f84b0c84423c25be6a41565929327f4c1
d4f7590edfe99b50c22b6d0a64768f419a2654233a88bdfd7fc3e9150ab9314c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET /?qrc=ross.adams@birmingham.gov.uk HTTP/1.1
Host: dc3889e1.b24b366159a504c34a2004dc.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 16 Apr 2024 07:50:37 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4m6cGvvhPzXcLogym92l2NjX9rRvb1JzYqvCO0cMQls94vBhdJeaye2zkmzYVClhrlkfeZd617UH0AOOpL8NDrtT59J4b18amLvBKIVGoekbaz1wY36W0V9s4nAVHF%2B11gbyFD5ZL6xranNVOHKvUWAmQzVOi2NcusvxONxuSWI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875295e3dbf8568e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/m3m2s/0x4AAAAAAAW6FMm8tl7BXPFe/auto/normal

104.17.3.184

200 OK

78 kB

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/m3m2s/0x4AAAAAAAW6FMm8tl7BXPFe/auto/normal
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dc3889e1.b24b366159a504c34a2004dc.workers.dev/?qrc=ross.adams@birmingham.gov.uk
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (41919)
Size
78 kB (77698 bytes)
Hash
98fbfef6f062d0669fd6b16f7aaf9c77
02401643915985ec57f0264c97b4cdf6873420f8
d06497e979dd2de07b9cb0a88c448718aeaed98be051e8e94ff46409ad347efc

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/m3m2s/0x4AAAAAAAW6FMm8tl7BXPFe/auto/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dc3889e1.b24b366159a504c34a2004dc.workers.dev/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 16 Apr 2024 07:50:37 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
cf-ray: 875295e55a9a56cc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1811543467:1713252881:A8EYouVTbfP4hpXfmQ3z5wK-_xJB3jvDXfEl0LQWT8k/875296429aec56cc/be644c1c0fb4d55

104.17.3.184

200 OK

89 kB

URL POST HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1811543467:1713252881:A8EYouVTbfP4hpXfmQ3z5wK-_xJB3jvDXfEl0LQWT8k/875296429aec56cc/be644c1c0fb4d55
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/toL804vmeDYrjlL/m3m2s/0x4AAAAAAAW6FMm8tl7BXPFe/auto/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
89 kB (89084 bytes)
Hash
4ddd7f19f6b5ba1f386faa2e218d5018
b58ee1034fefcb08b0cb87fcd241a8b3dd565d78
95ef77b2d86b15e66fb7b1ad5b03a57f323a65bb2badf2b474ca828504bccd3d

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1811543467:1713252881:A8EYouVTbfP4hpXfmQ3z5wK-_xJB3jvDXfEl0LQWT8k/875296429aec56cc/be644c1c0fb4d55 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/toL804vmeDYrjlL/m3m2s/0x4AAAAAAAW6FMm8tl7BXPFe/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: be644c1c0fb4d55
Content-Length: 2677
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 16 Apr 2024 07:50:52 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: BHLdQDhFmbTTB8jz+n8AX4eNBPpKaKcEmARest0o1Sh1UI84GfnqvwCTvbgxV68N620yv+JfVmYAro4L5ItmyNsZAYKDS1RyM7gzhDn2BvY5mWttBc1CmvnVwF3nKanyYSlMOpYykZmcThXZrb1lR7JBAPFTd/XK7GiwEaAn1uMnaILShzD4vrYysK1prQarFQzqf4QwOmmskh6cpNBvh0A/wRVrPmGq2yVfDqFSNy1F5UTuKUBIgnwft43RastEGhBA8bOCSRdSr8jT9C5g3/x31Hg+rJh3sQw9wYEpJ+yrwNfSuqofGgYYpOG3P50amPisq3dcx/wL+W9Sl/FOu2QmqHTp07wgqAGU5oqMkX6zQTY7j78+4r9Sq8sp4rjP$WGHjLiuV0nCsEv6qjC3rig==
server: cloudflare
cf-ray: 875296442c7156cc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1811543467:1713252881:A8EYouVTbfP4hpXfmQ3z5wK-_xJB3jvDXfEl0LQWT8k/875296429aec56cc/be644c1c0fb4d55

104.17.3.184

200 OK

23 kB

URL POST HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1811543467:1713252881:A8EYouVTbfP4hpXfmQ3z5wK-_xJB3jvDXfEl0LQWT8k/875296429aec56cc/be644c1c0fb4d55
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/toL804vmeDYrjlL/m3m2s/0x4AAAAAAAW6FMm8tl7BXPFe/auto/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (22552), with no line terminators
Size
23 kB (22552 bytes)
Hash
42405dcc56cc3e1cc34796d21a511625
4a479e3e8a08e05c7176cb995da604d93300e075
112611539a24ec9e28ad1ce91bcf5de106a7ddb3bff16020ef1fca522824d0c6

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1811543467:1713252881:A8EYouVTbfP4hpXfmQ3z5wK-_xJB3jvDXfEl0LQWT8k/875296429aec56cc/be644c1c0fb4d55 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/toL804vmeDYrjlL/m3m2s/0x4AAAAAAAW6FMm8tl7BXPFe/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: be644c1c0fb4d55
Content-Length: 25578
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 16 Apr 2024 07:50:54 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: wKW+udMS41c7R2+wsnsqCsQ2E5yBq5ltSZ/AtaH+67Uaa1zyMSCvJ15PlXibMuoi$M0OGRlBohfnt6kwNTU63oA==
server: cloudflare
cf-ray: 8752964bbbf856cc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (39)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash