Report - www.goodnewsliverpool.co.uk/?ads_click=1&data=10345-9192-0-3318-1&nonce=b019a2f042&redir=http:aiitpune.com/js/euof//bGlzYS5oZWRsdW5kQGluZm92aXN0YS5jb20=&$

Report Overview

Submitted URL
www.goodnewsliverpool.co.uk/?ads_click=1&data=10345-9192-0-3318-1&nonce=b019a2f042&redir=http:aiitpune.com/js/euof//bGlzYS5oZWRsdW5kQGluZm92aXN0YS5jb20=&$
IP
95.215.226.7
ASN
#59778 Synextra Limited
Submitted
2024-04-16 07:24:40
Access
public
Website Title
Just a moment...
Final URL
dc3889e1.b24b366159a504c34a2004dc.workers.dev/?qrc=lisa.hedlund@infovista.com
Tags
phishing microsoft outlook
urlquery detections
Phishing - Microsoft Outlook

Detections

urlquery
3
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.goodnewsliverpool.co.uk	unknown	2013-11-01	2017-12-11	2024-03-02	1.5 kB	2.0 kB	95.215.226.7
aiitpune.com	unknown	2013-02-06	2017-08-24	2024-04-15	939 B	853 B	132.148.128.8
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20	2024-04-15	6.5 kB	701 kB	104.17.3.184
dc3889e1.b24b366159a504c34a2004dc.workers.dev	unknown	2019-02-08	2024-04-11	2024-04-15	1.0 kB	7.7 kB	104.21.94.180

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (38)

	URL	Size	First Seen	Last Seen
	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/iqxlq/0x4AAAAAAAW6FMm8tl7BXPFe/auto/normal	3.2 kB	2024-04-16	2024-04-16
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/iqxlq/0x4AAAAAAAW6FMm8tl7BXPFe/auto/normal IP 104.17.3.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-16 09:24:41 Last Seen2024-04-16 09:24:41 Times Seen1 Hash 1c2095754263800ff0f67757034911af 70ce21dbc7075fce5b54724e2bb9aef359e64ddf 67365e6689ea8eaefa23fba71bec90ecd20c187fc04bf47c0e750826e6847ea8 Loading...

	dc3889e1.b24b366159a504c34a2004dc.workers.dev/?qrc=lisa.hedlund@infovista.com	311 B	2024-04-12	2024-04-18
Pretty URL dc3889e1.b24b366159a504c34a2004dc.workers.dev/?qrc=lisa.hedlund@infovista.com IP 104.21.94.180 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-12 05:39:03 Last Seen2024-04-18 02:09:21 Times Seen48 Hash 7dc8cae8b188859b7613193201f866b2 26b47b4a496f30fbf7a070b8530adaa4c22fe8ce 42d496ee0a1317071f5f523a4bafc905ee9317fe26e1a5c05715d37f1a931b3e Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=87526f5cadc2569f	430 kB	2024-04-16	2024-04-16
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=87526f5cadc2569f IP 104.17.3.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 09:24:41 Last Seen2024-04-16 09:24:42 Times Seen2 Hash b915e6bc9185250049e981a3a19f1a55 c6a020b454b55e20b60ccb6ad7cbfe1016ce2547 2466799a979254f35ac2c93aab5b4b42f43e97b24fbf3beff1a7fbaf22c7d9d7 Loading...

	challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback	41 kB	2024-04-04	2024-04-17
Pretty URL challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback IP 104.17.3.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-04 12:45:54 Last Seen2024-04-17 16:04:31 Times Seen3430 Hash d1048a66fc11ea28c3cb1488fac82c62 f055707cf91f637ec19bf5e65bf378857e798469 8f1ad19042c2f9ee60c2de21f37f788af7b1ecccda8eec1d877f9b9c0e994370 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07	2024-04-30
Pretty Observations First Seen2023-03-07 01:03:43 Last Seen2024-04-30 01:39:38 Times Seen350669 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	#2 Eval - 937b984196a2806c5f317d45bde3e07d	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:24:41 Last Seen2024-04-16 09:24:41 Times Seen1 Hash 937b984196a2806c5f317d45bde3e07d 08d90f82ce8b0a0949a6c0520136ef640359ab72 d771319b9bd363e2068bb6911de482a8c654315f4b6f91ce3dd80173b973c006 Loading...

	#3 Eval - 654a87a74548843432f2b87c5e295bad	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:24:41 Last Seen2024-04-16 09:24:41 Times Seen1 Hash 654a87a74548843432f2b87c5e295bad 6b24fa5966a8f68036745b26c50ab69da5701266 95e7205402b243dddc047b1dfa38234d43da21ca4fd3705af88c7c5d0643d836 Loading...

	#4 Eval - 3dbef140866cecd5ea9ff7237718ad50	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:24:41 Last Seen2024-04-16 09:24:41 Times Seen1 Hash 3dbef140866cecd5ea9ff7237718ad50 d3590e7fd420520b8f9195b32427bb7d52e55723 c8156ec50ecfa5fe85e23ca56d77fbce39b26d5271c2f629cbd4fe9be246942c Loading...

	#5 Eval - 868712bb91e684652a881bc2272e6db0	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:24:41 Last Seen2024-04-16 09:24:41 Times Seen1 Hash 868712bb91e684652a881bc2272e6db0 41a3dbf9aabd82af0b1cb11f8d218cd77f90fe6a c096aea70d1362ceaeeef3b329480c781fd1ecc84c4797170860701caae80028 Loading...

	#6 Eval - e85bf80a1b62e4c2fd608579fa5e8235	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:24:41 Last Seen2024-04-16 09:24:41 Times Seen1 Hash e85bf80a1b62e4c2fd608579fa5e8235 c0ab74e9b3d638ebad68319145285be7bf412fb2 d61998efe8c3a996f27519c5ce392e16d2b5da5c2d4fd9b19dc4c356ec183a59 Loading...

	#7 Eval - 5f138ae7b165e4c9f3303fa77157d404	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:24:41 Last Seen2024-04-16 09:24:41 Times Seen1 Hash 5f138ae7b165e4c9f3303fa77157d404 19a8fae25f4d8410d4b4a0373600b05a87c0c111 8cfae20547804c1a1c0e689e6efeecd26044d4c43114a03d1e9e25f4552b9735 Loading...

	#8 Eval - 54b0dc97c5c5841c4d3c5451d9400195	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:24:41 Last Seen2024-04-16 09:24:41 Times Seen1 Hash 54b0dc97c5c5841c4d3c5451d9400195 98dfcb119b666035bfe1f4e3a981c8def7a9297d 419cb76d6a1c9fa3ee3e09ded16678c786e0ba5800542d7b8e151b58470ab6a9 Loading...

	#9 Eval - 6ce2ac989345463405206aa3c7b606cb	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:24:41 Last Seen2024-04-16 09:24:41 Times Seen1 Hash 6ce2ac989345463405206aa3c7b606cb 69a2ebda8d8d4d0c1deadc56a9b0204dfb2fb618 55423f79fe0e5b7b6b97875ab3ee11075cb6402f6524073673a51914d28e306a Loading...

	#10 Eval - ad6375fcc441dd1e851b74151c05c275	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:24:41 Last Seen2024-04-16 09:24:41 Times Seen1 Hash ad6375fcc441dd1e851b74151c05c275 3a673283dfb6e7f277e7fb2f62cc94103dc1a212 4f2278acd72827226b85778e5c1fbd2f6bc30f3819f1f3e0a6d56083ee99ed0d Loading...

	#11 Eval - 04d196c4c729ae48ec83d3523ccbf4cf	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:24:41 Last Seen2024-04-16 09:24:41 Times Seen1 Hash 04d196c4c729ae48ec83d3523ccbf4cf 167aa5fa05242b962cfb311abb78cb410404b73d 63107bfdb833baf43e35605660059eb1e701a5681a63fd587d7e9c943d948a07 Loading...

	#12 Eval - 671bf3b06fd1f1dbea85e24ef0b98b3f	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:24:41 Last Seen2024-04-16 09:24:41 Times Seen1 Hash 671bf3b06fd1f1dbea85e24ef0b98b3f 8b341ad0e96e2b7fb5061e37e706a4f457ffd802 80411dcab0550ff55da36da469c70c022f8c8e2916cf5db8e3969f968ca2bbe7 Loading...

	#13 Eval - 212a1ae3655efe2860a3a5246e0c3c99	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:24:41 Last Seen2024-04-16 09:24:41 Times Seen1 Hash 212a1ae3655efe2860a3a5246e0c3c99 f811af8514d3b2f68c7cb9822d928f8b61b5054a 8f3dcf2ec3dc209c9e64d21f9d2cee5b20ed20002a156dd39a3f4ae6d202e286 Loading...

	#14 Eval - 71084f52027f084d4e982e38cbf128b6	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:24:41 Last Seen2024-04-16 09:24:41 Times Seen1 Hash 71084f52027f084d4e982e38cbf128b6 92677db7dfffa29f368224204ccc430b94dd4333 bfa932d5b26df31bfcb17b76e3cfc6fd3208d1c3bfd5f5034a605b8eaaa5dcfe Loading...

	#15 Eval - ab27300c36d594f6a69a65ef191f1412	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:24:41 Last Seen2024-04-16 09:24:41 Times Seen1 Hash ab27300c36d594f6a69a65ef191f1412 53cf7c88ff6cc0fa0ccf09afb32f97dc92534e12 1a72fa0a46e9004f99959c059abb4a3863b80a5bcc22a2fc7165a9d1a70311c5 Loading...

	#16 Eval - 1de8ebc870f251b7d0237a3267da0806	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:24:41 Last Seen2024-04-16 09:24:41 Times Seen1 Hash 1de8ebc870f251b7d0237a3267da0806 104abab622f9e5d0b1671626bcebf5ccf706d0f2 1a35252b570b7f6e0368270ae569973537c4e09db37496533e3f144939bccf51 Loading...

	#17 Eval - ee907033afec3f1d6bcdc45ef34d1a26	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:24:41 Last Seen2024-04-16 09:24:41 Times Seen1 Hash ee907033afec3f1d6bcdc45ef34d1a26 497872dd2d8963d613ce7873b0befb91966c9c1c a8a46d878c5307baeb7fddf077dc35bdfe96a8fc3aca37efb54deb1bc40e5070 Loading...

	#18 Eval - ac7636d77e3ac8fbf7cb9da8a0d0ff72	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:24:41 Last Seen2024-04-16 09:24:41 Times Seen1 Hash ac7636d77e3ac8fbf7cb9da8a0d0ff72 ed6771c7cd74f4bec6be22b252825d4e5ff60946 21d52865d24c7b80644a275b2b34991ff6bfd337cf9be3611bd97795b6651979 Loading...

	#19 Eval - 9beb1af695ee3553e262cee73ecd1112	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:24:41 Last Seen2024-04-16 09:24:41 Times Seen1 Hash 9beb1af695ee3553e262cee73ecd1112 dfca76b2fba404f71a383f1305b67464b6de653d 947d71d03e1d07426b9951d81e498dfd4d498996aeeaca552374b380741d1a32 Loading...

	#20 Eval - 8dbf55cfa362d4c7e8ea391b4c70fa9a	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:24:41 Last Seen2024-04-16 09:24:41 Times Seen1 Hash 8dbf55cfa362d4c7e8ea391b4c70fa9a 411daa202d027dedaaa33df299e18a7a8b60415b 906779f013f11d937d6f78381926f1bee5a4493259769ee9d906a62f4a5d3300 Loading...

	#21 Eval - edd37ad16659e2d19eaf04a893522d47	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:24:41 Last Seen2024-04-16 09:24:41 Times Seen1 Hash edd37ad16659e2d19eaf04a893522d47 16c94ad1280ca7a7e28f0cf07240c78aee2063ab 713a81a7a8969ec978ebdd3f23a3f204574af5ba7ce00c89b520219906eeccba Loading...

	#22 Eval - ac6d43b49aec2f87daf340337b6a7882	60 B	2024-04-04	2024-04-17
Pretty Observations First Seen2024-04-04 12:28:09 Last Seen2024-04-17 16:04:31 Times Seen3428 Hash ac6d43b49aec2f87daf340337b6a7882 d3874a31a6b7fe11121edc3ed80fdc8b66f6589a 1af55b64e0b39e0f5f760a8050b284a66fe404ddff945697590f8240798311b2 Loading...

	#23 Eval - b1ba3606ae46d5ad404f6ee00ea2cac9	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:24:41 Last Seen2024-04-16 09:24:41 Times Seen1 Hash b1ba3606ae46d5ad404f6ee00ea2cac9 e7309712d3f0692c1b1513b49d9c3505def9f0a8 ae4e1ee1db0f42b35baa957095094275097d3abeacb577db417ef69b3c2ea83e Loading...

	#24 Eval - e12395ab72761841e51d6ba740a94e96	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:24:41 Last Seen2024-04-16 09:24:41 Times Seen1 Hash e12395ab72761841e51d6ba740a94e96 31fc13145b5cb31ff324fdbd574f1fa8bb308534 a808008354e66cf88cc69e24833a78d21ab064404be4768627a2da9dd2c78a27 Loading...

	#25 Eval - 032c56671ec825565ba62fe5c9ac8bb9	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:24:41 Last Seen2024-04-16 09:24:41 Times Seen1 Hash 032c56671ec825565ba62fe5c9ac8bb9 91aba4352a7c7d3b6b16b042f3aa82bc2eb0441c 20f5f0a938c04b82706ed3d59fd24762f6f06d5d431660f6b348f69d3c537c2e Loading...

	#26 Eval - 2adbf8c219a4aaed9a291489df51b29d	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:24:41 Last Seen2024-04-16 09:24:41 Times Seen1 Hash 2adbf8c219a4aaed9a291489df51b29d 042bf911b0eb05854263642c84fff9a26f0b53e5 be1a4962e79c17a0e16cc0bdcab85864d118aa59ea93f70f57f700d5ca6f1dcb Loading...

	#27 Eval - dc695ad6efd0fd1cd26b0714b382904f	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:24:41 Last Seen2024-04-16 09:24:41 Times Seen1 Hash dc695ad6efd0fd1cd26b0714b382904f 81b494f37a76b85d91948ffdae7ffc2057008a88 2b7f177e3fa6fd994b5c05ff9b2f8448792a0f16cb7a845b0d6868e5502ae26e Loading...

	#28 Eval - 576045152377bf034979b44baf4f11a2	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:24:41 Last Seen2024-04-16 09:24:41 Times Seen1 Hash 576045152377bf034979b44baf4f11a2 416b1d5424dfd0f66e2398e568ee8630597e3432 0cb6fc8cd26bb8fea1b2a8a14cd0e00b157625d138d33ba8a0a67dbdcf23589e Loading...

	#29 Eval - 7219c29fdd5795113e410ee7ea596b60	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:24:42 Last Seen2024-04-16 09:24:42 Times Seen1 Hash 7219c29fdd5795113e410ee7ea596b60 ef97bee9ba34ae1f1e1c1b33e03281c2586f1eea 0ef92057c0c4e6ffddb0aeba865739eb4d12b9f86d4b94a45302a624b90c16bb Loading...

	#30 Eval - e432eeb22b281e7b409f403ca0e6692d	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:24:42 Last Seen2024-04-16 09:24:42 Times Seen1 Hash e432eeb22b281e7b409f403ca0e6692d 98696da2e1979609fc82b04d4dfc59119e11033f fa2622789e0cd6b96e0120ac790162f364e0260879313e613986b0a1a2b2cf5a Loading...

	#31 Eval - 2e33e0bc185dab8303b8f02321ed8d28	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:24:42 Last Seen2024-04-16 09:24:42 Times Seen1 Hash 2e33e0bc185dab8303b8f02321ed8d28 4352fd895bc6d27c29323fd54c425fa7d48d86ad 1c051c287d53af79ac9d229280a6d5332b5e3bfe163e2930e4bff74ddc2a6e4f Loading...

	#32 Eval - c50e690a7ef14cbad849c2cefbb41da1	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:24:42 Last Seen2024-04-16 09:24:42 Times Seen1 Hash c50e690a7ef14cbad849c2cefbb41da1 0662e07ea83aaa3f54a42e918ef7f5f30a247d09 dbad90011cae4774f9b6126e8e239cd4ef669c21d7fce4d83aaec7cf07265aa2 Loading...

	#33 Eval - 1578f9fceed55c0315a874ebbb6335b7	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:24:42 Last Seen2024-04-16 09:24:42 Times Seen1 Hash 1578f9fceed55c0315a874ebbb6335b7 ae26837b34a472d98c091bbc700b569b477b67fb a5fb742bbe0f0ef26b74826f39ebe499b46ea78d2f6f2dc9c805f493ed39db96 Loading...

	#34 Eval - 0b69eb3898da2bec5a8691af83939534	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 09:24:42 Last Seen2024-04-16 09:24:42 Times Seen1 Hash 0b69eb3898da2bec5a8691af83939534 bb0d5ddaa7cb09960b2d8bd3a8a26599561333f2 cd948ad529e2d4fca2fde0c6702cef3baed43a04505fdb2b6fffbcf6115dd0a7 Loading...

HTTP Transactions (17)

URL IP Response Size

www.goodnewsliverpool.co.uk/?ads_click=1&data=10345-9192-0-3318-1&nonce=b019a2f042&redir=http:aiitpune.com/js/euof//bGlzYS5oZWRsdW5kQGluZm92aXN0YS5jb20=&$

95.215.226.7

0 B

URL
www.goodnewsliverpool.co.uk/?ads_click=1&data=10345-9192-0-3318-1&nonce=b019a2f042&redir=http:aiitpune.com/js/euof//bGlzYS5oZWRsdW5kQGluZm92aXN0YS5jb20=&$
IP
95.215.226.7:0
ASN
#59778 Synextra Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?ads_click=1&data=10345-9192-0-3318-1&nonce=b019a2f042&redir=http:aiitpune.com/js/euof//bGlzYS5oZWRsdW5kQGluZm92aXN0YS5jb20=&$ HTTP/1.1
Host: www.goodnewsliverpool.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
x-litespeed-tag: fcc_HTTP.200,fcc_HTTP.301
x-redirect-by: WordPress
location: https://www.goodnewsliverpool.co.uk/?ads_click=1&data=10345-9192-0-3318-1&nonce=b019a2f042&redir=http%3Aaiitpune.com%2Fjs%2Feuof%2F%2FbGlzYS5oZWRsdW5kQGluZm92aXN0YS5jb20%3D&%24
content-length: 0
date: Tue, 16 Apr 2024 07:24:16 GMT
server: LiteSpeed
vary: User-Agent
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

www.goodnewsliverpool.co.uk/

95.215.226.7

795 B

URL
www.goodnewsliverpool.co.uk/
IP
95.215.226.7:0
ASN
#59778 Synextra Limited

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
795 B (795 bytes)
Hash
5d8d79c3cb9af023240b1be6f5057aaa
df22980677b134e83d878893f7c7984e0d78a240
e8b101a7c7f64aad528cc734513cbeb02243c0af37930dc0f3239749cff184b6

HTTP Headers

GET / HTTP/1.1
Host: www.goodnewsliverpool.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 795
date: Tue, 16 Apr 2024 07:24:17 GMT
server: LiteSpeed
location: https://www.goodnewsliverpool.co.uk/
vary: User-Agent

www.goodnewsliverpool.co.uk/?ads_click=1&data=10345-9192-0-3318-1&nonce=b019a2f042&redir=http%3Aaiitpune.com%2Fjs%2Feuof%2F%2FbGlzYS5oZWRsdW5kQGluZm92aXN0YS5jb20%3D&%24

95.215.226.7

0 B

URL
www.goodnewsliverpool.co.uk/?ads_click=1&data=10345-9192-0-3318-1&nonce=b019a2f042&redir=http%3Aaiitpune.com%2Fjs%2Feuof%2F%2FbGlzYS5oZWRsdW5kQGluZm92aXN0YS5jb20%3D&%24
IP
95.215.226.7:0
ASN
#59778 Synextra Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?ads_click=1&data=10345-9192-0-3318-1&nonce=b019a2f042&redir=http%3Aaiitpune.com%2Fjs%2Feuof%2F%2FbGlzYS5oZWRsdW5kQGluZm92aXN0YS5jb20%3D&%24 HTTP/1.1
Host: www.goodnewsliverpool.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-litespeed-tag: fcc_HTTP.200,fcc_HTTP.302
x-redirect-by: WordPress
location: http:aiitpune.com/js/euof//bGlzYS5oZWRsdW5kQGluZm92aXN0YS5jb20=
content-length: 0
date: Tue, 16 Apr 2024 07:24:17 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
vary: User-Agent
X-Firefox-Spdy: h2

aiitpune.com/js/euof//bGlzYS5oZWRsdW5kQGluZm92aXN0YS5jb20=

132.148.128.8

273 B

URL
aiitpune.com/js/euof//bGlzYS5oZWRsdW5kQGluZm92aXN0YS5jb20=
IP
132.148.128.8:0
ASN
#398101 GO-DADDY-COM-LLC

File type
HTML document, ASCII text
Size
273 B (273 bytes)
Hash
319784de1ca9c70a93daea4c0afd1da2
731626d4de2fa43c665596296aaa694473543780
57fc107b74a81b576fb0f0ff18d5d93ad9ff293d42698d76c16cb5438cb9e5c2

HTTP Headers

GET /js/euof//bGlzYS5oZWRsdW5kQGluZm92aXN0YS5jb20= HTTP/1.1
Host: aiitpune.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Tue, 16 Apr 2024 07:24:18 GMT
Server: Apache
Location: https://aiitpune.com/js/euof/bGlzYS5oZWRsdW5kQGluZm92aXN0YS5jb20=
Content-Length: 273
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

aiitpune.com/js/euof/bGlzYS5oZWRsdW5kQGluZm92aXN0YS5jb20=

132.148.128.8

0 B

URL
aiitpune.com/js/euof/bGlzYS5oZWRsdW5kQGluZm92aXN0YS5jb20=
IP
132.148.128.8:0
ASN
#398101 GO-DADDY-COM-LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET /js/euof/bGlzYS5oZWRsdW5kQGluZm92aXN0YS5jb20= HTTP/1.1
Host: aiitpune.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 07:24:18 GMT
Server: Apache
refresh: 0;url=https://dc3889e1.b24b366159a504c34a2004dc.workers.dev/?qrc=lisa.hedlund@infovista.com
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback

104.17.3.184

302 Found

0 B

URL GET HTTP/2
challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dc3889e1.b24b366159a504c34a2004dc.workers.dev/?qrc=lisa.hedlund@infovista.com
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dc3889e1.b24b366159a504c34a2004dc.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Tue, 16 Apr 2024 07:24:19 GMT
content-length: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
location: /turnstile/v0/b/bcc5fb0a8815/api.js?onload=onloadTurnstileCallback
cache-control: max-age=300, public
vary: Accept-Encoding
server: cloudflare
cf-ray: 87526f5bde87b50f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

challenges.cloudflare.com/turnstile/v0/b/bcc5fb0a8815/api.js?onload=onloadTurnstileCallback

104.17.3.184

200 OK

41 kB

URL GET HTTP/2
challenges.cloudflare.com/turnstile/v0/b/bcc5fb0a8815/api.js?onload=onloadTurnstileCallback
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dc3889e1.b24b366159a504c34a2004dc.workers.dev/?qrc=lisa.hedlund@infovista.com
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (40613)
Size
41 kB (40614 bytes)
Hash
d1048a66fc11ea28c3cb1488fac82c62
f055707cf91f637ec19bf5e65bf378857e798469
8f1ad19042c2f9ee60c2de21f37f788af7b1ecccda8eec1d877f9b9c0e994370

HTTP Headers

GET /turnstile/v0/b/bcc5fb0a8815/api.js?onload=onloadTurnstileCallback HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dc3889e1.b24b366159a504c34a2004dc.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 16 Apr 2024 07:24:19 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 87526f5bfee9b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/iqxlq/0x4AAAAAAAW6FMm8tl7BXPFe/auto/normal

104.17.3.184

200 OK

78 kB

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/iqxlq/0x4AAAAAAAW6FMm8tl7BXPFe/auto/normal
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dc3889e1.b24b366159a504c34a2004dc.workers.dev/?qrc=lisa.hedlund@infovista.com
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (41919)
Size
78 kB (77698 bytes)
Hash
838026fd2c57b383f1c8079c5f40b225
7a97865f6f9f3c9facb80c5051dba51822ed8723
43aea4e545cd59a63f870e4b41af6cc14ab9b99a13b4d9daa535c50ab42c3f70

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/iqxlq/0x4AAAAAAAW6FMm8tl7BXPFe/auto/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dc3889e1.b24b366159a504c34a2004dc.workers.dev/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 16 Apr 2024 07:24:19 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
cf-ray: 87526f5cadc2569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1665529526:1713249233:ajVYOSCLFayqqfV1g1Ey8Xm9F2nWCc88QP837zFTaOo/87526f5cadc2569f/9a693b3616722b5

104.17.3.184

200 OK

123 kB

URL POST HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1665529526:1713249233:ajVYOSCLFayqqfV1g1Ey8Xm9F2nWCc88QP837zFTaOo/87526f5cadc2569f/9a693b3616722b5
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/iqxlq/0x4AAAAAAAW6FMm8tl7BXPFe/auto/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
123 kB (122848 bytes)
Hash
6c6bf0a65eba4518a074eaa6d960c814
8ad50dfb51545ed155a9e5887ad004e2dd3ecf3e
1fd28f2b8ae8e05606cd4b057909c120608705b7d72ad475c60366697ea22979

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1665529526:1713249233:ajVYOSCLFayqqfV1g1Ey8Xm9F2nWCc88QP837zFTaOo/87526f5cadc2569f/9a693b3616722b5 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/iqxlq/0x4AAAAAAAW6FMm8tl7BXPFe/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 9a693b3616722b5
Content-Length: 2681
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 16 Apr 2024 07:24:19 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: 4SJDVFCxrSWXlUH2SYO+/+QXQChFIR41kU/D9TUaRLsvSmyM9hBx2onOn+xhpAMBSIP1DxsJB4/1LsHsy7yrhwd2WVHPNk1lSB8cDM/pfRN0QZW1a7S3HE+K5JCgGMOCz/ArBTXeWz7q555/OVUIXz6AG2/BGmcL2sBYen6V4hYzjvXElc4JSERVaHcaLtfjVmqYt2O0DhKbApNVcIAmzKbCknSQ5WHffgmCkpCxsApCV+hqreXYLXiRfHW2li554kFWfoTUYBQYvfzCnMSEk/CCOeXNKi8FkiQeLkrG1f3yFRI9qmkLlZNIQ8NLvGUCj2iKMY4n9Xn2xBSAB3n71/SnQCmbpFQX0gK0uFBoKysVtLZBNwGLmtRJGYsgL27cMaTSC1xIE5dl43lp9jdtyzQousRp3QDZRNkfSLdTfNY=$1yTbrk/0MVsxozj+bgsOSg==
server: cloudflare
cf-ray: 87526f5eafda569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

dc3889e1.b24b366159a504c34a2004dc.workers.dev/?qrc=lisa.hedlund@infovista.com

104.21.94.180

200 OK

3.3 kB

URL User Request GET HTTP/2
dc3889e1.b24b366159a504c34a2004dc.workers.dev/?qrc=lisa.hedlund@infovista.com
IP
104.21.94.180:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectb24b366159a504c34a2004dc.workers.dev
FingerprintBC:41:71:93:F8:C2:C5:7E:66:EE:C8:3A:E4:16:06:3D:23:73:EE:5F
ValidityThu, 11 Apr 2024 15:41:38 GMT - Wed, 10 Jul 2024 15:41:37 GMT

File type
HTML document, ASCII text, with very long lines (3271), with no line terminators
Size
3.3 kB (3255 bytes)
Hash
ade935fdb28f6baa87d11e6a17499976
959d967f84b0c84423c25be6a41565929327f4c1
d4f7590edfe99b50c22b6d0a64768f419a2654233a88bdfd7fc3e9150ab9314c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET /?qrc=lisa.hedlund@infovista.com HTTP/1.1
Host: dc3889e1.b24b366159a504c34a2004dc.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 16 Apr 2024 07:24:19 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gjT1AsaSXY75QVinkkSVUuCNImGhC0DYP5QMaXdJXOGDl6wXjaiLhHN69RIsWasGRB4LXhu852dz711nmlUYhHqDur4u84hWPphIggZXozbIgfRlJLXJZ4MpTd%2FxeQanGlMcRo8Pg4ZUPvgypHAGSNP9Vb%2BHeNhpXUStmZecLKU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87526f5aef26b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=87526f5cadc2569f

104.17.3.184

200 OK

430 kB

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=87526f5cadc2569f
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/iqxlq/0x4AAAAAAAW6FMm8tl7BXPFe/auto/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
430 kB (429931 bytes)
Hash
b915e6bc9185250049e981a3a19f1a55
c6a020b454b55e20b60ccb6ad7cbfe1016ce2547
2466799a979254f35ac2c93aab5b4b42f43e97b24fbf3beff1a7fbaf22c7d9d7

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=87526f5cadc2569f HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/iqxlq/0x4AAAAAAAW6FMm8tl7BXPFe/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 16 Apr 2024 07:24:19 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: cloudflare
cf-ray: 87526f5d2e70569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/87526f5cadc2569f/1713252259643/7icKymXIgI17QXE

104.17.3.184

200 OK

61 B

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/87526f5cadc2569f/1713252259643/7icKymXIgI17QXE
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/iqxlq/0x4AAAAAAAW6FMm8tl7BXPFe/auto/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
PNG image data, 34 x 53, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
b801c845722bb02a006977c892f370c5
d812f0fc281158941e02caaff3e219fccdc60a74
24b7dcf02eb4e3fdd1bce4cca4f9d622106d09c3efae8b76a6b225e7f8e83326

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/i/87526f5cadc2569f/1713252259643/7icKymXIgI17QXE HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/iqxlq/0x4AAAAAAAW6FMm8tl7BXPFe/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 16 Apr 2024 07:24:20 GMT
content-type: image/png
server: cloudflare
cf-ray: 87526f615afc569f-OSL
alt-svc: h3=":443"; ma=86400

dc3889e1.b24b366159a504c34a2004dc.workers.dev/favicon.ico

104.21.94.180

200 OK

3.3 kB

URL GET HTTP/3
dc3889e1.b24b366159a504c34a2004dc.workers.dev/favicon.ico
IP
104.21.94.180:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dc3889e1.b24b366159a504c34a2004dc.workers.dev/?qrc=lisa.hedlund@infovista.com
Certificate
IssuerGoogle Trust Services LLC
Subjectb24b366159a504c34a2004dc.workers.dev
FingerprintBC:41:71:93:F8:C2:C5:7E:66:EE:C8:3A:E4:16:06:3D:23:73:EE:5F
ValidityThu, 11 Apr 2024 15:41:38 GMT - Wed, 10 Jul 2024 15:41:37 GMT

File type
HTML document, ASCII text, with very long lines (3271), with no line terminators
Size
3.3 kB (3255 bytes)
Hash
ade935fdb28f6baa87d11e6a17499976
959d967f84b0c84423c25be6a41565929327f4c1
d4f7590edfe99b50c22b6d0a64768f419a2654233a88bdfd7fc3e9150ab9314c

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: dc3889e1.b24b366159a504c34a2004dc.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dc3889e1.b24b366159a504c34a2004dc.workers.dev/?qrc=lisa.hedlund@infovista.com
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 16 Apr 2024 07:24:19 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4lniuJmwEdqUysMuHFkqkddYsT8yEJr68fhhVBiOpL6tNPieKIiveF%2B4k1K%2FmzM5dZ6qmBar0ZYxIHKydSml6L7eo0iK%2FpieuFjBu2ZRV%2BBkg2jshg3o4r9Gt0vI4Ha52M1jEC7j7nlvz0T1hKgJNh8VxePKnArSpdzs6OcpJpc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87526f5c8a7ab511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D

104.17.3.184

200 OK

61 B

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/iqxlq/0x4AAAAAAAW6FMm8tl7BXPFe/auto/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
9246cca8fc3c00f50035f28e9f6b7f7d
3aa538440f70873b574f40cd793060f53ec17a5d
c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/iqxlq/0x4AAAAAAAW6FMm8tl7BXPFe/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 16 Apr 2024 07:24:19 GMT
content-type: image/png
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 87526f5d2e6f569f-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/87526f5cadc2569f/1713252259647/f4d9a21a06b7936386fae912fe53f2a2b0f18505d145cfb058d9bdde04501177/qO7XIq3WbCIO4tx

104.17.3.184

401 Unauthorized

1 B

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/87526f5cadc2569f/1713252259647/f4d9a21a06b7936386fae912fe53f2a2b0f18505d145cfb058d9bdde04501177/qO7XIq3WbCIO4tx
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/iqxlq/0x4AAAAAAAW6FMm8tl7BXPFe/auto/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
ff44570aca8241914870afbc310cdb85
58668e7669fd564d99db5d581fcdb6a5618440b5
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/pat/87526f5cadc2569f/1713252259647/f4d9a21a06b7936386fae912fe53f2a2b0f18505d145cfb058d9bdde04501177/qO7XIq3WbCIO4tx HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/iqxlq/0x4AAAAAAAW6FMm8tl7BXPFe/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 401 Unauthorized
date: Tue, 16 Apr 2024 07:24:28 GMT
content-type: text/plain; charset=UTF-8
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20g9NmiGga3k2OG-ukS_lPyorDxhQXRRc-wWNm93gRQEXcAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA1QvuFhVj8-HIEpd2829MedEvnrcAHahftJq4lCTdordKDtEpBDr1tC6_z1kq102Fe8SVbT4nRFRPCH_vL6Pwcc16C8jLMMvXraoC-BiyzAX3Yyr6lZj9UCQ7aK3JEr-tlD2wmLRtqyXfZQu9FdZsCMm0LU5LDAKE1uUBeAV-vLkP_1imLjHgbFE2lJH52yahbxiIjoqT_3PjB45ow3W9ciKiR89cUoS7X-sc6I2Lo7P_Y_FH4aGxC4fBDbjKZDO7UYOs3i1xJCHhgRA2dPWk0tZTjV7-jJE-oyRiReJNq7shr4jYws0e9BzlY1UCMa-U_JWdRb9So4JnoGPmfvSU_QIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIPTZohoGt5NjhvrpEv5T8qKw8YUF0UXPsFjZvd4EUBF3ABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA1FEYykHcK8H9rb_u0aFz3CmWgYloQw4YhedoEOAjJ0vy2Axa4f9UG9Dzs4uXS34_h8l6MDo2nRCvLI9lvebilMnTjCn-6D77bewqYxJKUFZW1z2jBIdu03TrETczfEg7kxgKtJE9NXGDjYJcF_iMgzgNA0PEAVM89tUYXXlFy4cUAGlqU2mPpIEOxm5ARsXC-zlLK60fkJ4cOsZRkZa6EExdhmgdwQ0fEJuSOHrBO_-zJn4hUP8q9g4yqkxW2UrfJgD07F4HaHGBEiei06sGDvH2NEPvswEl5dTGxutNrxlU7W24iYhNa2nhjlc53nNb0mKtszv-czVE9UhXyJ7-RQIDAQAB", max-age=20
server: cloudflare
cf-ray: 87526f654f60569f-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1665529526:1713249233:ajVYOSCLFayqqfV1g1Ey8Xm9F2nWCc88QP837zFTaOo/87526f5cadc2569f/9a693b3616722b5

104.17.3.184

200 OK

23 kB

URL POST HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1665529526:1713249233:ajVYOSCLFayqqfV1g1Ey8Xm9F2nWCc88QP837zFTaOo/87526f5cadc2569f/9a693b3616722b5
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/iqxlq/0x4AAAAAAAW6FMm8tl7BXPFe/auto/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (22576), with no line terminators
Size
23 kB (22576 bytes)
Hash
667131634a71c83262e9181c04b22763
2cd8c1c1f6c69c8dd9cefd27aa4b2284c55dfcfc
a51a167535a70bdb0318dfdd34fa19a71d9db7340a3657c95ef600d3b380ffc0

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1665529526:1713249233:ajVYOSCLFayqqfV1g1Ey8Xm9F2nWCc88QP837zFTaOo/87526f5cadc2569f/9a693b3616722b5 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/iqxlq/0x4AAAAAAAW6FMm8tl7BXPFe/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 9a693b3616722b5
Content-Length: 25967
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 16 Apr 2024 07:24:29 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: /2tOK8exKUeGEcI7MqeD9O+Ju2fejJmWfCzNqZWsTn/63h/v6J+z6ZcKlWT3I9CJ$mFW61p9DVqDs5hvgYUUudQ==
server: cloudflare
cf-ray: 87526f99cbc9569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1665529526:1713249233:ajVYOSCLFayqqfV1g1Ey8Xm9F2nWCc88QP837zFTaOo/87526f5cadc2569f/9a693b3616722b5

104.17.3.184

200 OK

976 B

URL POST HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1665529526:1713249233:ajVYOSCLFayqqfV1g1Ey8Xm9F2nWCc88QP837zFTaOo/87526f5cadc2569f/9a693b3616722b5
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/iqxlq/0x4AAAAAAAW6FMm8tl7BXPFe/auto/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (976), with no line terminators
Size
976 B (976 bytes)
Hash
a181824b79d0979e3191b1b45be5cd9f
29890a261b280a2fe142ae09930b4e047d7c11e5
3d9d9f447c45f63ed76c7ef1113317933e82d4310c3cfe43856a50ccb1a0d375

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1665529526:1713249233:ajVYOSCLFayqqfV1g1Ey8Xm9F2nWCc88QP837zFTaOo/87526f5cadc2569f/9a693b3616722b5 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/iqxlq/0x4AAAAAAAW6FMm8tl7BXPFe/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 9a693b3616722b5
Content-Length: 37764
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 16 Apr 2024 07:24:31 GMT
content-type: text/html; charset=UTF-8
cf-chl-out: POuiotJ7Wsj6w7DB/bWRvva5GjHZjn0PJQCtCi5mllZZOR6mOtdGf8WFTHU5nAkmjtOzjKafKMmr385L6NPzg6slCpyxDd4SJFyh849nA1g=$Ly46N00EQAAETlo/BN9vQA==
cf-chl-out-s: /KEP3QnFKfQpdN46jKbrY4VbMnfrwVpJ0E4Qwsf8/f/BrR9YKxJ0/+Xme5sj/nRFJsLDkwduyvRZIEb5VNFWWjO9m9a8wDhSnD2ne0f9EoofZOLVeSjXlAxxGmRTqyj8nTyfYsg/mAHcOVbOpWrErQ==$yoXPLpxlM7x0RejY+S/g6g==
server: cloudflare
cf-ray: 87526fabc8dc569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (38)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash