Report - jerfm.com/gkvd/hGhk/89098b8e3b63e405ef60f87965cd1e2a/bDWxeV/cGF1bC5oZWlzc0BvbmNvci5jb20=

Report Overview

Submitted URL
jerfm.com/gkvd/hGhk/89098b8e3b63e405ef60f87965cd1e2a/bDWxeV/cGF1bC5oZWlzc0BvbmNvci5jb20=
IP
192.99.71.92
ASN
#16276 OVH SAS
Submitted
2024-04-17 05:14:11
Access
public
Website Title
Just a moment...
Final URL
94e6f5a7.58598891ef09ac737cee0cf3.workers.dev/?qrc=paul.heiss@oncor.com
Tags
phishing microsoft outlook
urlquery detections
Phishing - Microsoft Outlook

Detections

urlquery
3
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
jerfm.com	unknown	2023-06-27	2015-02-06	2024-04-16	542 B	290 B	192.99.71.92
94e6f5a7.58598891ef09ac737cee0cf3.workers.dev	unknown	2019-02-08	2024-04-12	2024-04-16	1.0 kB	94 kB	188.114.97.1
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20	2024-04-16	7.8 kB	867 kB	104.17.3.184

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-16	medium	jerfm.com/gkvd/hGhk/89098b8e3b63e405ef60f87965cd1e2a/bDWxeV/cGF1bC5oZWlzc0BvbmNvci5jb20=	Office365
2024-04-14	medium	94e6f5a7.58598891ef09ac737cee0cf3.workers.dev/	Office365
2024-04-14	medium	94e6f5a7.58598891ef09ac737cee0cf3.workers.dev/	Office365

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (43)

	URL	Size	First Seen	Last Seen
	challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback	41 kB	2024-04-04	2024-04-17
Pretty URL challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback IP 104.17.3.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-04 12:45:54 Last Seen2024-04-17 16:04:31 Times Seen3430 Hash d1048a66fc11ea28c3cb1488fac82c62 f055707cf91f637ec19bf5e65bf378857e798469 8f1ad19042c2f9ee60c2de21f37f788af7b1ecccda8eec1d877f9b9c0e994370 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8759ede0ebe492d6	427 kB	2024-04-17	2024-04-17
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8759ede0ebe492d6 IP 104.17.3.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-17 07:14:12 Last Seen2024-04-17 07:14:13 Times Seen2 Hash 282ad23e175b69dda2e85baf21bd5663 cc7256b9ff209a9cc4777e6bbdbda0b300bb54ba 658a997b9c532092eaa15bcfcf71c4753a7e6637968f27791b0138d8e53f2e51 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/toL804vmeDYrjlL/r5iod/0x4AAAAAAAW-lbDQI7I0Z-Zf/auto/normal	3.2 kB	2024-04-17	2024-04-17
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/toL804vmeDYrjlL/r5iod/0x4AAAAAAAW-lbDQI7I0Z-Zf/auto/normal IP 104.17.3.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-17 07:14:12 Last Seen2024-04-17 07:14:12 Times Seen1 Hash c7ec59463a27906d33e5b8888210803d bc1cb2685bde98ece0ff9502057b03f86affdd38 874932b6280a5f64ec16671071939b1099815d60bc097fbc80ff620bcd9e687f Loading...

	94e6f5a7.58598891ef09ac737cee0cf3.workers.dev/?qrc=paul.heiss@oncor.com	311 B	2024-04-12	2024-04-28
Pretty URL 94e6f5a7.58598891ef09ac737cee0cf3.workers.dev/?qrc=paul.heiss@oncor.com IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-12 18:49:52 Last Seen2024-04-28 15:07:35 Times Seen74 Hash aaca1f4d05478b4382beddfdbd4a854b dba5271c67fe07d2293e8f75306005638e170bee 4c1c37fca410fb27d54bf20678f64596e20d27eb6ca088f60eaaa23394a97058 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 4e17aacb99a2190561bfd486a28585a9	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 07:14:12 Last Seen2024-04-17 07:14:12 Times Seen1 Hash 4e17aacb99a2190561bfd486a28585a9 1477f924386a934a4d5285d3879fceb9197502ca 971bbad06e14ee92b379bf2e1e48e2ccf7f4f8c3c661c4a41093928140478290 Loading...

	#2 Eval - 9325b80b783f81c0daa057f2a4e0e934	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 07:14:12 Last Seen2024-04-17 07:14:12 Times Seen1 Hash 9325b80b783f81c0daa057f2a4e0e934 4b453ac0a64f6f3cabb73eed0dc24dfaa609795b 5c7a5ee7e5d4c7eb7be63526aae8e25edbfe84d4bae150fd935c4b509721276e Loading...

	#3 Eval - 171a6e5a556e3a6d3febe4baf8c485d4	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 07:14:12 Last Seen2024-04-17 07:14:12 Times Seen1 Hash 171a6e5a556e3a6d3febe4baf8c485d4 fd2f2e316bc0672d863ec91de61919d16f022912 06b74cad39a551564cbf9dc3465d8b24f06fe445a8789157ed3ba6bd2de26e1e Loading...

	#4 Eval - 278d7b65dcdee99eca5888cca791a0f9	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 07:14:12 Last Seen2024-04-17 07:14:12 Times Seen1 Hash 278d7b65dcdee99eca5888cca791a0f9 136cbb964634bd071dc2d4de4509b3b5104ef273 b53b923abb2e60302e04bb600af7763bfa9e02545f1aa877cd9a6b644a0e2776 Loading...

	#5 Eval - f05b1bec241d15e9d4798fbcd00c699d	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 07:14:12 Last Seen2024-04-17 07:14:12 Times Seen1 Hash f05b1bec241d15e9d4798fbcd00c699d 29d5c92998ec6d2800249c5376f703205722b4f5 3c8bd04de1c991ecf796ffc13b179e5dfc83ce262a5ddacf598f50426710b5ee Loading...

	#6 Eval - e0b01048ad45d0f29c819ef07e572c77	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 07:14:12 Last Seen2024-04-17 07:14:12 Times Seen1 Hash e0b01048ad45d0f29c819ef07e572c77 c3d8d1275154231896fa19d24dab1ec843ccffb8 e9b6a1b595463feb196aea589f1dadba34ab7383201f0f99d62b2ceba25b61f0 Loading...

	#7 Eval - ac6d43b49aec2f87daf340337b6a7882	60 B	2024-04-04	2024-04-17
Pretty Observations First Seen2024-04-04 12:28:09 Last Seen2024-04-17 16:04:31 Times Seen3428 Hash ac6d43b49aec2f87daf340337b6a7882 d3874a31a6b7fe11121edc3ed80fdc8b66f6589a 1af55b64e0b39e0f5f760a8050b284a66fe404ddff945697590f8240798311b2 Loading...

	#8 Eval - aaa14dc292bec56e72b0b441aa4b0d93	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 07:14:12 Last Seen2024-04-17 07:14:12 Times Seen1 Hash aaa14dc292bec56e72b0b441aa4b0d93 0fd55ed293cbeac34bf303a81da7332bb22e1813 b0bcf6f6b698df7929049f76fe67dcf5bdcc472956cb5c362267417d294aaf5c Loading...

	#9 Eval - fc4414cdd4aeb62774a0bd9cfbae3268	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 07:14:12 Last Seen2024-04-17 07:14:12 Times Seen1 Hash fc4414cdd4aeb62774a0bd9cfbae3268 721a4f1221d573674e10152e047b8fd8acd8531a a31369f508b49fa687f1a3fd9a5b73dad3652dfe93d823d58b3f2ba98f8ca69c Loading...

	#10 Eval - 51b5cbe772814133096c65ae6b9fff75	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 07:14:12 Last Seen2024-04-17 07:14:12 Times Seen1 Hash 51b5cbe772814133096c65ae6b9fff75 952fc291b321fed952e0cec9658f2f6f550a68e0 e5b1bdf2ce4cf355a1c9245db0ce5949c232a35f310fc19cb4106cd9a8bba6b2 Loading...

	#11 Eval - 4677b0f8e6158facfba5e57fd15eae8a	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 07:14:12 Last Seen2024-04-17 07:14:12 Times Seen1 Hash 4677b0f8e6158facfba5e57fd15eae8a bda7e92ef24775d78c3f1e05306656af726f2877 6187c588bc4920415e034432743b9c83ea5f0c4636a72403c394f37275c8c17e Loading...

	#12 Eval - 76d57555853e1da132f06abb0f0f534e	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 07:14:12 Last Seen2024-04-17 07:14:12 Times Seen1 Hash 76d57555853e1da132f06abb0f0f534e a07e6c683b71ed9ce6f311d24d6ff0393c251ea5 b5fb1a8c529c04af928ed62216045adbeb36d2478f6dd554e1bb6aef761fbd90 Loading...

	#13 Eval - dca79dc4a49ba0a649a4ac2dfc47ddb1	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 07:14:12 Last Seen2024-04-17 07:14:12 Times Seen1 Hash dca79dc4a49ba0a649a4ac2dfc47ddb1 62a4101936d0badc920cfea4a2ed0e7774bc533f e27c902e2352517808d8a3762cf6963191b980c6d06cc4537c59b62bc028583f Loading...

	#14 Eval - e2a2962567d5df24c51ae2e4221c0c34	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 07:14:12 Last Seen2024-04-17 07:14:12 Times Seen1 Hash e2a2962567d5df24c51ae2e4221c0c34 806b1caf1ab4e2d1c89e731ab0cb7537ebac5e88 52d3bfcf60d4bf4f360f1e9419c37445639acccc301ebd85b152dc207b865d31 Loading...

	#15 Eval - 77c1e199b796f18980cf82be28306fd7	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 07:14:12 Last Seen2024-04-17 07:14:12 Times Seen1 Hash 77c1e199b796f18980cf82be28306fd7 c6553192872c837a3e724609d63d8ed464114a7c dd27c11b01ff125c286805cc34be4685bd49e67e871c6b690864d325c855f3a2 Loading...

	#16 Eval - bf465b81dee01748847141c4ee958667	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 07:14:12 Last Seen2024-04-17 07:14:12 Times Seen1 Hash bf465b81dee01748847141c4ee958667 38cfeb79ec6efe230126b5d314bc17e2825e8563 4d3a6d04f668e058da5aa75e76f263042306d88f09d70936496c20c3fd30c83a Loading...

	#17 Eval - c806811b63a60b5bfbce21864b774dca	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 07:14:12 Last Seen2024-04-17 07:14:12 Times Seen1 Hash c806811b63a60b5bfbce21864b774dca fad88b8c1c258a20b2371fb5fb21b678c4b3cf9b 9a8ed8730f6e2d90289423a0157d749fb27b9109e4dd260d5ed53466d45698df Loading...

	#18 Eval - 469b37f0c6709f63613ba9a57b6b63c3	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 07:14:12 Last Seen2024-04-17 07:14:12 Times Seen1 Hash 469b37f0c6709f63613ba9a57b6b63c3 79f213290fcb6e22370fb809c8b655621d0e8299 4900cb8d0dfaec6f4aca2a8b2d77b8e0f8ef89133ff029f119d006504f2040be Loading...

	#19 Eval - 6fe39d4e8df77308d79c9373bccbd8a2	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 07:14:12 Last Seen2024-04-17 07:14:12 Times Seen1 Hash 6fe39d4e8df77308d79c9373bccbd8a2 281e6a28fcb776dcd48be1ae7640aa68010979f5 5922df093213e2079405eba074bc42e07eea8929d114fd60a2c5855e981137e9 Loading...

	#20 Eval - 8d2662d78af2db8d2e653afc4769bf38	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 07:14:12 Last Seen2024-04-17 07:14:12 Times Seen1 Hash 8d2662d78af2db8d2e653afc4769bf38 994d6127f62758c0c32dd69feb96b468d10e1e54 a8906fdf58001d507cc39260e010ab7357d0857fd2525ffa781fe3b91cac16c8 Loading...

	#21 Eval - 04be1b8db6ad85e94a73ca10153f9ce8	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 07:14:13 Last Seen2024-04-17 07:14:13 Times Seen1 Hash 04be1b8db6ad85e94a73ca10153f9ce8 1da9b8a0c6d4fcad37cf10917ecfdf5d3544be96 4347c68a703bcb75028aae76ba3dab9c9f3fe2cfbca10b0d76d1bc4a3c99b19b Loading...

	#22 Eval - 8afbbdfd2824c8b25a5debc7d146e09c	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 07:14:13 Last Seen2024-04-17 07:14:13 Times Seen1 Hash 8afbbdfd2824c8b25a5debc7d146e09c ed78be1e5143dd0bacdc01ecb1f0cf8372048289 55b1c3223f3f9e102f596ab096242c2d4f5661ec95d3e586665889694fd460a7 Loading...

	#23 Eval - 320a0e03db28ccecedeb5a98a982a808	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 07:14:13 Last Seen2024-04-17 07:14:13 Times Seen1 Hash 320a0e03db28ccecedeb5a98a982a808 30b5a4778185b6435d5af3ebf8acb7f5668acaae 37583ed03c5d4805954bcdd6eb379dc8202f2e0d50302b42b3aa6945fd0132d2 Loading...

	#24 Eval - f896ecab6a161615ee53d541dca3b6e3	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 07:14:13 Last Seen2024-04-17 07:14:13 Times Seen1 Hash f896ecab6a161615ee53d541dca3b6e3 4419fb8f7f41dd2983548282ec2c75bf55d3753e 543b9ce24be86e0f170505aca82d879a6a63c23ce6ebc943bfa2737c1bac19c6 Loading...

	#25 Eval - 3a9b217ee61f9f53d3a55e941fc1eb07	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 07:14:13 Last Seen2024-04-17 07:14:13 Times Seen1 Hash 3a9b217ee61f9f53d3a55e941fc1eb07 980ff837a1667b6b8c5bfc3b37dd7cd4140c27bf 291b2a90118ceee4448b42bc8f87047c32b8cf1f206650d2c5c355e4de23be1d Loading...

	#26 Eval - 962b06ea73dff8948aa117d6e6302bdc	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 07:14:13 Last Seen2024-04-17 07:14:13 Times Seen1 Hash 962b06ea73dff8948aa117d6e6302bdc 4a222c97a0b1c2ee69ce983256303a0b4b94f134 2caead98bb035d56197cee24fd916cc91f57ca55253613d3f7c5696fa461ca35 Loading...

	#27 Eval - 2ca8474901c837e527dde1bcb9c7b852	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 07:14:13 Last Seen2024-04-17 07:14:13 Times Seen1 Hash 2ca8474901c837e527dde1bcb9c7b852 28e54a43ea5f5538a4ff088d511af94006a2e494 0a1d7d117a50f7635084119117136da657b409962fcd940fa14ea2a9d4c72406 Loading...

	#28 Eval - 40784ef2e894150237d3f22ac91418f6	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 07:14:13 Last Seen2024-04-17 07:14:13 Times Seen1 Hash 40784ef2e894150237d3f22ac91418f6 96d5ab976b9fbc8d4d35a3145833976d22ed1b4a a2f899f26fca488157b2536b0ff87a00a2e7c32774eb8f8c4ccc943d1f87a1d6 Loading...

	#29 Eval - 1524d8e9ebb505665a46859db70a2dc0	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 07:14:13 Last Seen2024-04-17 07:14:13 Times Seen1 Hash 1524d8e9ebb505665a46859db70a2dc0 dbb458d8287c1ed88d753b06c1bcc60ac4935bbc 1a9c7b44defbe8c81c6a63a85fce56b4b00a325846a7af6ae3155fd81342caf9 Loading...

	#30 Eval - d542a5c1219325edbe67c1bb3353a250	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 07:14:13 Last Seen2024-04-17 07:14:13 Times Seen1 Hash d542a5c1219325edbe67c1bb3353a250 70d2f445af607a3ba753c9f5faeffaae875fc9fa 9be5d039a6ba6521d93d9de33e48d0a3c1e0b51b9df2d3b69bf26e9b6e6fefbb Loading...

	#31 Eval - 76cac87dd1632bffb8ad182d1369e176	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 07:14:13 Last Seen2024-04-17 07:14:13 Times Seen1 Hash 76cac87dd1632bffb8ad182d1369e176 50965e39f4f244fbdf5192b0bff78efb6ffb0ba0 c8db3cb7f440b6993f58a43c4af438edd490e4cdbc05ab3de752a0a10d19c0bf Loading...

	#32 Eval - d3363207886df19a749d77b1de727ad4	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 07:14:13 Last Seen2024-04-17 07:14:13 Times Seen1 Hash d3363207886df19a749d77b1de727ad4 2e5bc0cac5b4b2f71719ee99d7d35215c1ae5186 77df5227cb6a5ac4df42197a1f150475e7399685877644326084bc8b3a1f847a Loading...

	#33 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07	2024-04-30
Pretty Observations First Seen2023-03-07 01:03:43 Last Seen2024-04-30 02:21:15 Times Seen350685 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	#34 Eval - 548b3e2dedbee4fb94db82a7d56f29c3	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 07:14:13 Last Seen2024-04-17 07:14:13 Times Seen1 Hash 548b3e2dedbee4fb94db82a7d56f29c3 5ff4d0beee6cf70dbb14978c9ab4447028fd248f 248ed4f36a58dfd9b1ae76b55acbd3d4066d16f1c47717d221160c2d9c1ffda1 Loading...

	#35 Eval - 6006691be9bfc36713885435b8ff491f	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 07:14:13 Last Seen2024-04-17 07:14:13 Times Seen1 Hash 6006691be9bfc36713885435b8ff491f 734f79603faaf7a20c1c03663b70568264c0f4bc 5d36fc1a47c94b6f5ec777168a8674c5b1b88fdcf4bfbcc63d92dfc25af2894f Loading...

	#36 Eval - 056c277cd7494ea16f94a64e89d5c249	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 07:14:13 Last Seen2024-04-17 07:14:13 Times Seen1 Hash 056c277cd7494ea16f94a64e89d5c249 3fe9460045c3187f73ad567ec07e8b5b410a91cf 42c3aa0d019e381a089ebd56390e5b903333b11d3680aafaa88abc086a90262f Loading...

	#37 Eval - 24043737ae2d13001c9d942cd63b911b	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 07:14:13 Last Seen2024-04-17 07:14:13 Times Seen1 Hash 24043737ae2d13001c9d942cd63b911b 616130da6d83feaa74200cae48c473937edd84f0 8862c4effd6fc547ceb651cd44276cedadb082f630a2a4461b50c8e4f946fd24 Loading...

	#38 Eval - 795a0e563c43b960bec5b20342c50f43	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 07:14:13 Last Seen2024-04-17 07:14:13 Times Seen1 Hash 795a0e563c43b960bec5b20342c50f43 73ce1df1db208253c52e3ad688d74dd053f3f513 7f0765fa59fa43955e8c28f92260cff84617e98bc5bdc5c01a345f4613f96e97 Loading...

	#39 Eval - 10810d0e4a8188921b1bb87dec53b343	28 B	2024-04-17	2024-04-17
Pretty Observations First Seen2024-04-17 07:14:13 Last Seen2024-04-17 07:14:13 Times Seen1 Hash 10810d0e4a8188921b1bb87dec53b343 73b26390b20fb33e137be2a1bade0085ed8effa2 318f9deea3d886e53c109125b448e006b69de4fdcd1f3febffe921aa6d0b5027 Loading...

HTTP Transactions (15)

URL IP Response Size

jerfm.com/gkvd/hGhk/89098b8e3b63e405ef60f87965cd1e2a/bDWxeV/cGF1bC5oZWlzc0BvbmNvci5jb20=

192.99.71.92

0 B

URL
jerfm.com/gkvd/hGhk/89098b8e3b63e405ef60f87965cd1e2a/bDWxeV/cGF1bC5oZWlzc0BvbmNvci5jb20=
IP
192.99.71.92:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook
OpenPhish	phishing	Office365

HTTP Headers

GET /gkvd/hGhk/89098b8e3b63e405ef60f87965cd1e2a/bDWxeV/cGF1bC5oZWlzc0BvbmNvci5jb20= HTTP/1.1
Host: jerfm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 17 Apr 2024 05:13:46 GMT
Server: Apache
refresh: 0;url=https://94e6f5a7.58598891ef09ac737cee0cf3.workers.dev/?qrc=paul.heiss@oncor.com
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

94e6f5a7.58598891ef09ac737cee0cf3.workers.dev/?qrc=paul.heiss@oncor.com

188.114.97.1

200 OK

63 kB

URL User Request GET HTTP/2
94e6f5a7.58598891ef09ac737cee0cf3.workers.dev/?qrc=paul.heiss@oncor.com
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subject58598891ef09ac737cee0cf3.workers.dev
FingerprintD0:7E:0D:A9:25:22:78:7A:45:69:2E:89:48:E8:33:A8:4A:15:BD:DF
ValidityFri, 12 Apr 2024 13:36:58 GMT - Thu, 11 Jul 2024 13:36:57 GMT

File type
HTML document, ASCII text, with very long lines (3255), with no line terminators
Size
63 kB (62995 bytes)
Hash
27a21d95b21c86ff67d170a4a775f1d8
1768764bf90726bc090971dbe0fd6eef1477e49d
4b35a01d5d3493c6cc57d5692e65b3a1678c345b3f45057804e5ad94c174e9a9

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook
OpenPhish	phishing	Office365

HTTP Headers

GET /?qrc=paul.heiss@oncor.com HTTP/1.1
Host: 94e6f5a7.58598891ef09ac737cee0cf3.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 17 Apr 2024 05:13:46 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BiEpTOiPeuw0jFJscNufjmmnkSdFoylZH7a5b%2BIbhbK8CSSu3fSGNFxYJhoBOYXljgQlgomU3B8piv7RRiTY%2BojurO0QqNRo%2BPkt%2Fe7vYB%2BQhbu137Akikgcw6HDH0K9xsQLGiWAoMP3dbFpA0syNH1LbVa9MjAFiFIRCuyllGE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8759ed820b5abe5b-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback

104.17.3.184

302 Found

0 B

URL GET HTTP/2
challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://94e6f5a7.58598891ef09ac737cee0cf3.workers.dev/?qrc=paul.heiss@oncor.com
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://94e6f5a7.58598891ef09ac737cee0cf3.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Wed, 17 Apr 2024 05:13:46 GMT
content-length: 0
access-control-allow-origin: *
cache-control: max-age=300, public
cross-origin-resource-policy: cross-origin
location: /turnstile/v0/b/bcc5fb0a8815/api.js?onload=onloadTurnstileCallback
vary: Accept-Encoding
server: cloudflare
cf-ray: 8759ed838b0092ac-CPH
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

94e6f5a7.58598891ef09ac737cee0cf3.workers.dev/favicon.ico

188.114.97.1

200 OK

30 kB

URL GET HTTP/3
94e6f5a7.58598891ef09ac737cee0cf3.workers.dev/favicon.ico
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://94e6f5a7.58598891ef09ac737cee0cf3.workers.dev/?qrc=paul.heiss@oncor.com
Certificate
IssuerGoogle Trust Services LLC
Subject58598891ef09ac737cee0cf3.workers.dev
FingerprintD0:7E:0D:A9:25:22:78:7A:45:69:2E:89:48:E8:33:A8:4A:15:BD:DF
ValidityFri, 12 Apr 2024 13:36:58 GMT - Thu, 11 Jul 2024 13:36:57 GMT

File type
HTML document, ASCII text, with very long lines (3255), with no line terminators
Size
30 kB (29462 bytes)
Hash
27a21d95b21c86ff67d170a4a775f1d8
1768764bf90726bc090971dbe0fd6eef1477e49d
4b35a01d5d3493c6cc57d5692e65b3a1678c345b3f45057804e5ad94c174e9a9

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 94e6f5a7.58598891ef09ac737cee0cf3.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://94e6f5a7.58598891ef09ac737cee0cf3.workers.dev/?qrc=paul.heiss@oncor.com
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:13:46 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wCqYdJqeN2E2LyOrt7O2r6E89JodRfFhqPiSXPRrIFwdV1%2BnA7wrwG77%2FyGaUS1ouZd2%2B7jfZJrvK3KunJsXfmKDBqFqUfJ0yuy5NZfPzaWqxnMnee%2BrTVrZZz1Ejww4%2BNw30RbpvMfps8%2Bt0wGCiB6P6G%2FGOUHgD7hLru7IKXU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8759ed83e9688f63-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8759ed84dbb592d6

104.17.3.184

123 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8759ed84dbb592d6
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
123 kB (123427 bytes)
Hash
8f5cf7d23449b06ac9f1c91e3e228b5b
7af4ffc46d827cf5508f06fec049dd09cd19e4fc
71ce955ed687757da81abf9515158f3ce1c68370fbdc3970a5edb5c9707f4da0

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8759ed84dbb592d6 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/r5iod/0x4AAAAAAAW-lbDQI7I0Z-Zf/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:13:47 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: cloudflare
cf-ray: 8759ed85dc8492d6-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/turnstile/v0/b/bcc5fb0a8815/api.js?onload=onloadTurnstileCallback

104.17.3.184

200 OK

41 kB

URL GET HTTP/2
challenges.cloudflare.com/turnstile/v0/b/bcc5fb0a8815/api.js?onload=onloadTurnstileCallback
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://94e6f5a7.58598891ef09ac737cee0cf3.workers.dev/?qrc=paul.heiss@oncor.com
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (40613)
Size
41 kB (40614 bytes)
Hash
d1048a66fc11ea28c3cb1488fac82c62
f055707cf91f637ec19bf5e65bf378857e798469
8f1ad19042c2f9ee60c2de21f37f788af7b1ecccda8eec1d877f9b9c0e994370

HTTP Headers

GET /turnstile/v0/b/bcc5fb0a8815/api.js?onload=onloadTurnstileCallback HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://94e6f5a7.58598891ef09ac737cee0cf3.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 17 Apr 2024 05:13:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 8759ed83eb6292ac-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/765931253:1713329383:e4PeQJtadabyupLXY-XaRyGbAsgysGxVWVRTb-M0ITg/8759ede0ebe492d6/4bee270640d6277

104.17.3.184

200 OK

976 B

URL POST HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/765931253:1713329383:e4PeQJtadabyupLXY-XaRyGbAsgysGxVWVRTb-M0ITg/8759ede0ebe492d6/4bee270640d6277
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/toL804vmeDYrjlL/r5iod/0x4AAAAAAAW-lbDQI7I0Z-Zf/auto/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (976), with no line terminators
Size
976 B (976 bytes)
Hash
454639e000dea0184dfc3905e61fa577
c018d542975bdced7f4f1e0f1ae5626f7f7ca86e
740baba6381628735d885041c006ce302a7dd7ce0eb90e3cd9ca2d3b1297af6d

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/765931253:1713329383:e4PeQJtadabyupLXY-XaRyGbAsgysGxVWVRTb-M0ITg/8759ede0ebe492d6/4bee270640d6277 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/toL804vmeDYrjlL/r5iod/0x4AAAAAAAW-lbDQI7I0Z-Zf/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 4bee270640d6277
Content-Length: 36931
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:14:06 GMT
content-type: text/html; charset=UTF-8
cf-chl-out: OlmPJbiR5E6QM1oW+6CWOnAMFx8VUhItA1sEAeWLIR1huY0QvpB4dJKdI4OV4MJMQLy8bW5RHP76Ls6ffyy6gcc84ycU0nUDNgkDOYsjP1o=$zSoUFmrW0aPyc3/5G5dM4w==
cf-chl-out-s: 6rHo0sXRR3OchO8CoG5MdylWl0/FpjrHrHtMwJt4gfk1izE1BLrVGrrSYiPeImdMHc3gKK5bFnlXRw4qtf+NE+xboWSZfgaQ/WGOjM/hIqHDa+oj3wEF9pOTY7mXd/i0RRMkry/T8kaDn1QnWQi/VA==$32As2yvtb9ozSP+BLErd4w==
server: cloudflare
cf-ray: 8759edfd1d2292d6-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/toL804vmeDYrjlL/r5iod/0x4AAAAAAAW-lbDQI7I0Z-Zf/auto/normal

104.17.3.184

200 OK

78 kB

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/toL804vmeDYrjlL/r5iod/0x4AAAAAAAW-lbDQI7I0Z-Zf/auto/normal
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://94e6f5a7.58598891ef09ac737cee0cf3.workers.dev/?qrc=paul.heiss@oncor.com
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (41919)
Size
78 kB (77674 bytes)
Hash
e3cbbb03d15ecd5cbb61e7cd3de5955c
4752786bffb78a3938f7ceaf86c1e42cc835ee3e
70ddf4e9f5072cb3b433d4c925f3bc60279f8c0c7e9bf9e00b8a4f85e7cdbe0c

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/toL804vmeDYrjlL/r5iod/0x4AAAAAAAW-lbDQI7I0Z-Zf/auto/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://94e6f5a7.58598891ef09ac737cee0cf3.workers.dev/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:14:01 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
cf-ray: 8759ede0ebe492d6-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D

104.17.3.184

200 OK

61 B

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/toL804vmeDYrjlL/r5iod/0x4AAAAAAAW-lbDQI7I0Z-Zf/auto/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
9246cca8fc3c00f50035f28e9f6b7f7d
3aa538440f70873b574f40cd793060f53ec17a5d
c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/toL804vmeDYrjlL/r5iod/0x4AAAAAAAW-lbDQI7I0Z-Zf/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:14:01 GMT
content-type: image/png
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 8759ede15c4592d6-CPH
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/765931253:1713329383:e4PeQJtadabyupLXY-XaRyGbAsgysGxVWVRTb-M0ITg/8759ede0ebe492d6/4bee270640d6277

104.17.3.184

200 OK

23 kB

URL POST HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/765931253:1713329383:e4PeQJtadabyupLXY-XaRyGbAsgysGxVWVRTb-M0ITg/8759ede0ebe492d6/4bee270640d6277
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/toL804vmeDYrjlL/r5iod/0x4AAAAAAAW-lbDQI7I0Z-Zf/auto/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (22552), with no line terminators
Size
23 kB (22552 bytes)
Hash
8a53ab104082db9afcda794a8dd92047
53ad6b0bfe8f66ecdc75c7a775f89bfce7bb2353
273bac98963bea5785856c07615a111c8cf350fcb1a3fac306d238eb38a1e1a3

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/765931253:1713329383:e4PeQJtadabyupLXY-XaRyGbAsgysGxVWVRTb-M0ITg/8759ede0ebe492d6/4bee270640d6277 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/toL804vmeDYrjlL/r5iod/0x4AAAAAAAW-lbDQI7I0Z-Zf/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 4bee270640d6277
Content-Length: 25147
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:14:03 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: O40WP0bqIFwW25SPmXJ4fvUSyY+9Ivny7GbnEtbnMzHmMSlbn6j4qTT9bGhSAlTi$cERc9mJ7wWFbSehOfC3I5g==
server: cloudflare
cf-ray: 8759edea8cf092d6-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/r5iod/0x4AAAAAAAW-lbDQI7I0Z-Zf/auto/normal

104.17.3.184

200 OK

78 kB

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/r5iod/0x4AAAAAAAW-lbDQI7I0Z-Zf/auto/normal
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://94e6f5a7.58598891ef09ac737cee0cf3.workers.dev/?qrc=paul.heiss@oncor.com
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (41919)
Size
78 kB (77654 bytes)
Hash
46ed4af2bb3fe25e2f3082dddbe2e28a
c517ca094dad8b00e62a1c621aa41fecfc3ce862
bcdd19e76ab32c6504bb584994065b25ac46d885997e982c3977142018a865aa

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/r5iod/0x4AAAAAAAW-lbDQI7I0Z-Zf/auto/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://94e6f5a7.58598891ef09ac737cee0cf3.workers.dev/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:13:47 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
cf-ray: 8759ed84dbb592d6-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8759ede0ebe492d6

104.17.3.184

200 OK

427 kB

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8759ede0ebe492d6
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/toL804vmeDYrjlL/r5iod/0x4AAAAAAAW-lbDQI7I0Z-Zf/auto/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
427 kB (427150 bytes)
Hash
282ad23e175b69dda2e85baf21bd5663
cc7256b9ff209a9cc4777e6bbdbda0b300bb54ba
658a997b9c532092eaa15bcfcf71c4753a7e6637968f27791b0138d8e53f2e51

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8759ede0ebe492d6 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/toL804vmeDYrjlL/r5iod/0x4AAAAAAAW-lbDQI7I0Z-Zf/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:14:01 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: cloudflare
cf-ray: 8759ede15c4992d6-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/765931253:1713329383:e4PeQJtadabyupLXY-XaRyGbAsgysGxVWVRTb-M0ITg/8759ede0ebe492d6/4bee270640d6277

104.17.3.184

200 OK

89 kB

URL POST HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/765931253:1713329383:e4PeQJtadabyupLXY-XaRyGbAsgysGxVWVRTb-M0ITg/8759ede0ebe492d6/4bee270640d6277
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/toL804vmeDYrjlL/r5iod/0x4AAAAAAAW-lbDQI7I0Z-Zf/auto/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
89 kB (88988 bytes)
Hash
60cdbbae6e6c198a91afc60e2c60bcf4
ae1024ab4f790a97c12383189c87703b1856348f
3ef339e365294cbab5f7c260e492f29bd209fd191d419a3a7a38a80c7f0c52d6

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/765931253:1713329383:e4PeQJtadabyupLXY-XaRyGbAsgysGxVWVRTb-M0ITg/8759ede0ebe492d6/4bee270640d6277 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/toL804vmeDYrjlL/r5iod/0x4AAAAAAAW-lbDQI7I0Z-Zf/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 4bee270640d6277
Content-Length: 2640
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:14:02 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: TNaN87NA1/ez7z5ckWnVcLULgfsH5dbFgxk/oygq/VZRYXjPtIdxQqCwZ0OU1TM/BeTERSb+QQ3iteAP6DmOF84Y0fmihF4afvr3zPsUb0HzgBSzMm92j47TSbYu7qjFQoBQs8OoXYyPuwHjcA3zyyw4XnFbvTID9NXwpiSrhypMk5jvumdppdDe7zmOJ95/By3eCdoTubyL35nEBhH1jXBNJttGWMNQqcoY0DuOX/edroPGQpiw6m11aTY2aaJMyqfNJpjxNHnmvI7Q2rXsPxwJXBlXdmyYxYIGXNCOe+a1erzqxPGlMM15C0cBnmZcSqEk14dtfrI8gmcY9kn2HVe2Mi7q4rVQSX12w28Ewib+AATh6T63/2BI7+b0sM2B$L2iiqztjLu4x9YE9DYem1A==
server: cloudflare
cf-ray: 8759ede2dda892d6-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/8759ede0ebe492d6/1713330842074/FrR3cENSKDnOG_L

104.17.3.184

200 OK

61 B

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/8759ede0ebe492d6/1713330842074/FrR3cENSKDnOG_L
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/toL804vmeDYrjlL/r5iod/0x4AAAAAAAW-lbDQI7I0Z-Zf/auto/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
PNG image data, 67 x 18, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
767c9470c664bbef6e3ae5603ad07fe4
9b46e1833c15ac5ce52f662d20a2c80ebebbc010
1c140ee04aa4ad670fd9195e2c94cfb577eea45bfbccb0699486a48990e257c7

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/i/8759ede0ebe492d6/1713330842074/FrR3cENSKDnOG_L HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/toL804vmeDYrjlL/r5iod/0x4AAAAAAAW-lbDQI7I0Z-Zf/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:14:02 GMT
content-type: image/png
server: cloudflare
cf-ray: 8759ede5786192d6-CPH
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/8759ede0ebe492d6/1713330842074/e4a8dd7a4f7b7f5cc91e31c12822a1004a8499f3d1016be527e1488e89e6225e/u_BKWFFBAMhCiQu

104.17.3.184

401 Unauthorized

1 B

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/8759ede0ebe492d6/1713330842074/e4a8dd7a4f7b7f5cc91e31c12822a1004a8499f3d1016be527e1488e89e6225e/u_BKWFFBAMhCiQu
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/toL804vmeDYrjlL/r5iod/0x4AAAAAAAW-lbDQI7I0Z-Zf/auto/normal
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
ff44570aca8241914870afbc310cdb85
58668e7669fd564d99db5d581fcdb6a5618440b5
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/pat/8759ede0ebe492d6/1713330842074/e4a8dd7a4f7b7f5cc91e31c12822a1004a8499f3d1016be527e1488e89e6225e/u_BKWFFBAMhCiQu HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv1/toL804vmeDYrjlL/r5iod/0x4AAAAAAAW-lbDQI7I0Z-Zf/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 401 Unauthorized
date: Wed, 17 Apr 2024 05:14:02 GMT
content-type: text/plain; charset=UTF-8
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20g5Kjdek97f1zJHjHBKCKhAEqEmfPRAWvlJ-FIjonmIl4AGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEArny_u1wyrVg8e-Kmwxyfb2WoiwwZ2VR7QAnot_CrcySq56Rui-jZM9090K9_dW6HmpAKhOjYXLCJ7g4U74G4z6SRM_YRj-GLp3EaBxay798DZIeAtv_N7Z9CHI_0VTYiqNXVm2z1bF5VtFasnv3JDaWb4yIjBd8vMfNUM4Y4nXXIeMIyXdVK2hlzVO8VxBkXca7UzhCq51WDKlSYPWUy9ieZTdwNf5Q49DwdF9woTnuKPY26TxVlEHMcf8JJiXLUR2bbdG-Qv1fqbwQloSjintj5uXWLsZd84bMpNedRNJBV22T0PgKNeip6oalvdYbaiHiyDATsKlA6-8KJ-CUQTQIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIOSo3XpPe39cyR4xwSgioQBKhJnz0QFr5SfhSI6J5iJeABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA1FEYykHcK8H9rb_u0aFz3CmWgYloQw4YhedoEOAjJ0vy2Axa4f9UG9Dzs4uXS34_h8l6MDo2nRCvLI9lvebilMnTjCn-6D77bewqYxJKUFZW1z2jBIdu03TrETczfEg7kxgKtJE9NXGDjYJcF_iMgzgNA0PEAVM89tUYXXlFy4cUAGlqU2mPpIEOxm5ARsXC-zlLK60fkJ4cOsZRkZa6EExdhmgdwQ0fEJuSOHrBO_-zJn4hUP8q9g4yqkxW2UrfJgD07F4HaHGBEiei06sGDvH2NEPvswEl5dTGxutNrxlU7W24iYhNa2nhjlc53nNb0mKtszv-czVE9UhXyJ7-RQIDAQAB", max-age=20
server: cloudflare
cf-ray: 8759ede5d8b092d6-CPH
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (43)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash