Report - urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==

Report Overview

Visited public
2025-07-02 23:21:15
Tags
microsoft phishing suspicious tycoon
Submit Tags
URL
urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==
Finishing URL
urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en
IP / ASN
172.67.167.146
#13335 CLOUDFLARENET
Title
Login Securely For Account
Phishing - Microsoft
Suspicious - Anti-debugging code
Phishing - Tycoon Phishing Kit

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdnjs.cloudflare.com	235	2009-02-17	2012-05-23	2025-07-02	2.3 kB	247 kB	104.17.24.14
get.geojs.io	17418	2017-02-18	2017-03-30	2025-06-26	986 B	2.4 kB	104.26.1.100
urguc4.msyoxvxe.es	unknown	unknown	2025-06-27	2025-06-27	41 kB	976 kB	104.21.57.248
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20	2025-07-02	7.2 kB	611 kB	104.18.95.41
ivm2.igzyhagplqy.es	unknown	unknown	2025-07-02	2025-07-02	456 B	570 B	172.67.150.13
ok4static.oktacdn.com	16592	2014-11-11	2018-06-15	2025-07-02	2.0 kB	268 kB	3.167.2.64
code.jquery.com	634	2005-12-10	2012-05-21	2025-07-02	1.3 kB	270 kB	151.101.2.137
github.com	1423	2007-10-09	2016-07-13	2025-07-02	457 B	15 kB	140.82.121.4
c0uotj6ityvtop79ov0nlxajnrfxse5g1ylv7f1uo6ynefwzrvqw.wxthhsjidr.es	unknown	unknown	2025-07-02	2025-07-02	656 B	1.2 kB	188.114.97.1
aadcdn.msauth.net	1421	2018-10-25	2018-11-19	2025-06-26	506 B	2.6 kB	13.107.246.67
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2025-07-02	449 B	5.5 kB	151.101.129.229
objects.githubusercontent.com	134060	2014-02-06	2021-11-01	2025-07-02	893 B	11 kB	185.199.108.133

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2025-07-02 23:20:57	medium	Client IP	104.26.1.100	ET INFO External IP Address Lookup Domain (get .geojs .io) in TLS SNI

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-07-02	medium	igzyhagplqy.es	Sinkholed

ThreatFox

No alerts detected

JavaScript (170)

	URL	From	Size	First Seen	Last Seen
	urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en	ScriptElement	4.3 kB	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash d23d531410ab892e3e971377002061ba 6456c60c09ee1e6b4f41c36fdee641e3714c4e31 536b190d968200f644bfe9b8bb5ec74babff04fd6b3b15e57af6f21a29c9be38 Loading...

	urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en	ScriptElement	2.9 kB	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 2291f64670e2af2c3be8e8b483acb968 b865756d78be144f61ac9a262c14401d503205bf 38fab1d8d7658f63895d409007c6e2ff7f9392852606d591125119c85f9d8028 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-13
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-13 05:22 Times Seen414101 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-13
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-13 05:22 Times Seen414101 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en	ScriptElement	7.5 kB	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 92d1b38296301ba9bb03a1ed287f7ba7 1f4796ad751614d77201b6c72af10b117576253e a66b6ac4f3062120385c14b0ef523cee2d6cb4c8044fd17af484e206a4c8effa Loading...

	urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en	Eval	1.7 kB	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 9f162eb1f4b24445b2eaafa30a112ef6 dbb929dd492969a86798956fe892643f32a22ac6 4cdd791633261c5323f42351745d3c33b9beca223743e70fc8bf2bbe8fd2c9c6 Loading...

	urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en	ScriptElement	2.9 kB	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 466ec734fa5332cb6c07c217612040d3 1fab2cca8a5a3de8d188520b8699bb94575e2868 2c1924e705f411b3e5ecd51c7bae8a77a580305644df8149c691162dc6963487 Loading...

	urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en	ScriptElement	2.9 kB	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash b2f026ae615c37ef4b5e38425a7ad8a8 e6d412da5bcdfcc693cede3a3173c6d6a2c2f03a 747bfaa4f99838859c3e2e2c6a546612d4c7af278211b06e787abb62d4469153 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-13
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-13 05:22 Times Seen414101 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en	ScriptElement	7.5 kB	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 58f7a74ffd8745e0518eb7fc086ea6ff 90deb5b3cac12a9ca244a6c71d385ebf0b048272 e5895c56d46e843cb8e9cf0ff9a8cc39f27d21a2f47bd9a751cc2784bae6cb3f Loading...

	urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==	ScriptElement	3.1 kB	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA== IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 09a959167b2d5040fc6a1e924e379232 2ed8280a010d1c0b3bdd33d3fed17df963727652 808485db754f884ff9e36553b23ff002ec9572c6695c4c20dd919fdd76eb1928 Loading...

	urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==	ScriptElement	61 B	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA== IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 39413c4551ef430759f58783091cc088 544cebbedbfe981040e27425dc215dbd1e40a18e 9eea57c740d08898f0d2eb315de97b33f3114d3c6b70d28141286fd5d089430d Loading...

	urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en	ScriptElement	2.9 kB	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 913e6380c82d9c1104411c6501cdd836 96b41a1382e835eec9c64cc710fa2328089303a1 ad6f025379ea57eb68b2ce721b75a51dced719bc0e958749d4ee49cb4c991a59 Loading...

	urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en	ScriptElement	2.9 kB	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 3ebfcbed16317be13093d6b04a948a94 d2238024392ae5138f0521f0213f139aea9ef5ef 3aba539671bd3f1d034b40a204b101d82a0197551d72084cb4fc37fe20c67c7f Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-13
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-13 05:22 Times Seen414101 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==	ScriptElement	61 B	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA== IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 6cfcf94671e6f10ab16ecc0044db036c 19d7dee6879375914a36d6ca287bd7d9fbbc2020 8e0c6f6d03c18e963e6c883d4db83e1b78d791f1a7a542aefe1e1b91a4eecb1f Loading...

	urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en	ScriptElement	2.9 kB	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 926bd5a04607c81d670e4b32038299f0 9d8f567d4dc9f979c2dc24e4d67f402879eb8d01 68290a35dc1219d617c285d9dafde75ddf33af340ac390631bed824d9e258419 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-13
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-13 05:22 Times Seen414101 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==	ScriptElement	61 B	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA== IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 8ea4114a0d1971bb00b4a6b9f2622600 18cfcc1e9d4d5cfa874fb5c6bab0624192447f5d 0c1194c8df69d5a875d45d6ff276ab583e80a0f38d4dddc861f8012a0b92628b Loading...

	urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en	ScriptElement	2.9 kB	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 643480fe0d7282a257d53dc2cc102711 96d490ac7c912757876b30bb564624347f8f89ba 426df3cf3790725ebbc8a1708dc5152a3b29d9038fb6423285283b67a3a0adde Loading...

	urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==	ScriptElement	61 B	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA== IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash baba0fe1f36c43df8c4dc8efcf6b337f c88e3ff6584744fe228cf368af7fba32bd8d6809 2270b318aa00351751be39804972ade1059f69d998f556930baa09c488359d35 Loading...

	urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==	ScriptElement	61 B	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA== IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 1c0d2b6405ad1e7487e7e8a927df182a 06a4b9c85f18a2e7a0dc822bc974a4e536769dee db83ec7c947fd7a316a7bf1dfcf2398ae8b0367193e1a3baf903b28fb33c84b7 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/	Eval	16 B	2024-12-12	2025-07-13
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2024-12-12 23:50 Last Seen2025-07-13 05:12 Times Seen43218 Hash ca897fb253cc8807c5aafc947eb02fb6 25137d68712ada7d3ad424c80bc0d688a696f7bb 57f9c536daa79c4d770534dbafbe2e7b2b2aa48b9eb2617b4e670b8a78a4a4ce Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-13
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-13 05:22 Times Seen414101 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-13
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-13 05:22 Times Seen414101 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-07-02	2025-07-02
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 8147cd20ead9a8c013085ebae06de903 c737046cf66e77ffaf5d6631e200c7306da05cd0 7caa29c9d6e1300dc329b606907b33c3b724ccd9877074e41531e9683e397add Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-07-02	2025-07-02
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 5b57ea5e42e4f6fb25925a140c359295 ce8f0c2e921003abcb8b3d9bb8c3b8e8e2cb50cf 37a7ae148093dedb756f3186042ec3f02227931915d90da39a330f7760faeaa1 Loading...

	urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==	Eval	1.0 kB	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA== IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 878ead9711ec9c2b3d96510568b8ed51 9244e1f37bba8e56e05d41a8d3696cb38cd67f32 9087fb3245e4779c738673f253932687037959ffcf2ac13d7f968a94d297ce4f Loading...

	challenges.cloudflare.com/turnstile/v0/api.js?render=explicit	ScriptElement	49 kB	2025-07-02	2025-07-03
Pretty URL challenges.cloudflare.com/turnstile/v0/api.js?render=explicit IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-07-02 11:10 Last Seen2025-07-03 19:36 Times Seen3319 Hash 31ef18c7aa69a5a102364b7938216a12 a3398313b19b1b9c2c929b420c01df000f5d4c6a e35158744fc010eb2219015a6171d7b955674a9f7e11a0d0013e803009454efe Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-13
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-13 05:22 Times Seen414101 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en	ScriptElement	2.9 kB	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 7ce01473be86c0ed59a643ab02ade605 6f55f07c2102afca205e1beae845533ddfa8658d a16151990679003b13c277c99560453165dd383a35997258618f7f18790a1659 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-07-02	2025-07-02
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 1af218aa4facd6e570b16b4ac8013923 e2e784aac38fd8686acb4cdf17f3c6e4410a1df6 516d8bcfcfc911f965519603b1f5ef2d5688516660a204c58fd338560f847385 Loading...

	urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en	ScriptElement	7.5 kB	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 8786bc98b197e66aa0151967e788fb66 8d6a623846a6f26e22de543206343ca41ef6bfc0 9bff5d75677abf6bdbe220e0d7700ac5eaf0468b5b4036f5e1605116b4e1a978 Loading...

	urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en	ScriptElement	2.9 kB	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 9ba09a29b47835d06e0800055854a1bf 62a426df45097722094528ed1f160bc73bda75c0 a1d709d22d5ba6bdf2d42c5a09f6334b95c55738283f6f3adebb040564d86cc2 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-13
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-13 05:22 Times Seen414101 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-13
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-13 05:22 Times Seen414101 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==	ScriptElement	61 B	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA== IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 7155263171a0c9ce40d1cd6e9171679c 7815a3e9bbc6c1da6da0eb7ac533a34b29246a44 b32aeda5c540cf52f9ebaa168269d123a0c81f366c490f9e219ff369e0fd75a7 Loading...

	urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en	ScriptElement	2.9 kB	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 7fbcb0c4ae9f1be9f6cb991d46d2f56a 8a01ff7f0a22d1f029d1d32bef8d27e8b067b19a 1f14844b76bc46300cfbd1f66ec8b7645d4c55f207abbce4dd71b6f85486830b Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-07-02	2025-07-02
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 7f3dc0bc4c03e91a8f2ddd8090be65ff a0dbd8c2e98da72cd6a1756f532d28238f48691a e5266b326543b05ca6311f5144441b3e24372a0e167efb85599ee34ce92a3a13 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-07-02	2025-07-02
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 9297eed5a6c51ea8a17b540372bfd478 072d3638ebc162bfea5ade70ebe51c9eb3a3e453 3cc493c4b7230aceccfeffaa032715baa9c7f291e5b0664fe865d32a91cbdd6f Loading...

	urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en	ScriptElement	7.5 kB	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 22eb6377546defcb77c01ad8fbbb7bac 1eb1d08f07f8f8cc6d19c8313881015fcff77930 95789d6e943abf09ec75af62c9658b37f191ea8154b9bd21884183e1d026d40d Loading...

	urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en	ScriptElement	7.5 kB	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash bcdf3ad306518dfd7e29ca891df99962 11411a674bc5286683648ffabd99ee2bcbe0c72a 575ac8a77e94c9eff151bf8f12e44900795c4b5bb75e03ad6a308b8cec29c2e7 Loading...

	urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en	ScriptElement	729 B	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 0dce71272d0597cd3a89523829f3c3b6 7426ef090b03f74b07b11b12b477377176585f20 b04d3c5dbf3c91e9803a99a8e5977785b1153bb0d81d62fad734f94db02aee83 Loading...

	urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en	ScriptElement	2.9 kB	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 2b6d8662f3924aeb1d9df90b6d7afbd8 d76f4b495336547776961c665f7d03216440bd89 05b976fcdad75e3ec55f7a6eaf30651051cadaf22abac70fc55d9b7c366c783d Loading...

	urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en	Eval	14 kB	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 3c6e632ca8ff577dc6b66d82dfe2210d 452ce20b8837ae63975f308bbf544943602e6ca7 865f4bd2ef576c666cf9c5df9288934f438d3589ba3381e02c03a50dce4b680c Loading...

	urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en	Eval	161 kB	2025-07-01	2025-07-11
Pretty URL urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-07-01 22:37 Last Seen2025-07-11 21:20 Times Seen2050 Hash 246a17b02eca9e796dc1686ff46cc210 452feb09134522b65698f87435e4500c74f1f060 e8d31a577ad4912058d93c4e88059438576e0ecf36fc1fe2e46ed3004c87aa3c Loading...

	urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==	ScriptElement	61 B	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA== IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash b1076e36c02f4d3e03bf645372602de9 267bb9318de0176f4b60ae3ce5d616b3c3478707 6942ea481219ed1f7edcea2ab783566358e95638e1e9b6a802fa93371def2ef4 Loading...

	urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en	ScriptElement	7.5 kB	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 4c53a56914a6253851e0c09c18cb9fa3 64f33ef1b717e0aedd3328be56a765ce72e14590 700881513b9ed1a94d5a282cf6dc2652a4eabfbef3cb2881f68b873f949521b8 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-07-02	2025-07-02
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash a13cc1912ca49e84ae2d84ef83afbae5 8dd9141d7b393771c98cd9947b660a9f05bf2f53 415b8d22ef44395197c29551ed372847a74fd9f82ecd9e4a8e8274d9f1292911 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-13
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-13 05:22 Times Seen414101 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/	Eval	87 B	2025-06-07	2025-07-12
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-06-07 11:38 Last Seen2025-07-12 07:23 Times Seen452 Hash 2348bd774af03feee921ee42e118150f 89846ff606fd75734a2d64baa3d7b6f7adda073a 5f2d3e535ccec730ea49a5c1ce841b81fe5cdf1642ea3935d114a2bb0f02b365 Loading...

	urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==	Function	1.8 kB	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA== IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by Function Embedded in HTML false Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 18822021f519807cf50e71842e0fd65f 2c6d1fd81f271289ca5de7a637c147aabf0cfe87 4667fcf88b93aed73029cfc162a91cffd3773f75fe9c787b2c166fec61b01a4a Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-13
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-13 05:22 Times Seen414101 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-13
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-13 05:22 Times Seen414101 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==	ScriptElement	61 B	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA== IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 41a0eb0a18f267be25a492fb4720c589 b94a77129d9d2eb6baf930f973b35b5b24112788 000520a6dec10b70df9ed9417fc210f2c037cf5a8148601d2c9b1bf621a1c568 Loading...

	urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==	ScriptElement	61 B	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA== IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 987555597acc7eec652c38d2a392925d c13ee9c69f383b8b1c1ac14b211a80329ee02472 a511e5d13b8d67ee6af21bc84da27df22d0f071e3682e02614b31b39356af3c9 Loading...

	urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en	ScriptElement	7.5 kB	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash f3f14612d1355327309c813b63836680 5cdee34bc7f30346d4b4e277aebd9a877a4285ac 89884bd6c547888317ac4ff94a8e75c50c7dfb7e924ac199aba87bc2f4d0259e Loading...

	urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en	ScriptElement	7.5 kB	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 6350edc22664308d2b5d2db8aedd3a18 d3418fdba323f3007bcf7c9b060237016f34a249 3880400403eb6cecabbc1388c3b380cf091251727dcc635a943671116bc1bb00 Loading...

	urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en	ScriptElement	2.9 kB	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 04295e751253cef6e0f603c464af23b4 90df24e0e6cecb21b222f99eeb75f1a207ff7c0b 591ab8daef1174be769dedda912a4fb21be21543a5a675b1739faf5e3453539b Loading...

	urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en	ScriptElement	2.9 kB	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash f5bbf15f88a55dbc82b5429edb1bc26f 4d781e90e21da3c79d7f1752add4be1caedc98ed d95de3dca7f34957e029a65d68cff966b9aeea3fe2d42097bccdb47c23f41679 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/	ScriptElement	3.2 kB	2025-07-02	2025-07-02
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 126dad6f933a6747fe30a5449586aeb0 c509d71f5f87b83b10bd98a4380e546c72c126c2 e70f62dbc9abe356053b48ea36f6777f10319ae0d386530e0916f48332205ecb Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-13
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-13 05:22 Times Seen414101 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en	ScriptElement	7.5 kB	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash b2d11cfda4db27c9381fbb584e240022 b9589e8daa27ca06e2300f68c3bbb1ef9cae3343 0fe1c1fcc0c3c8614d230fce4b67008db97cdbbd6e3d607e5a3a0b12fe5b7c1b Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-13
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-13 05:22 Times Seen414101 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en	ScriptElement	7.5 kB	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash a3001be279040dcaa99d87a085c7ce53 69bf838beb9a59458d9ab4ca60999d955e1dee12 11435882b8d199020f4c0bb61eeffc64414527d13f7a2b652433987bde6810d8 Loading...

	urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==	ScriptElement	61 B	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA== IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash dd927aea09c3a700d02a196b77cc320f 2c9f810cd638f8777c270566cbd75f8012dac78e 55aac28fb3e3d02565795f8b8dee4547467b8e7fc39961067a69f44dd305d9db Loading...

	cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js	ScriptElement	48 kB	2023-03-07	2025-07-13
Pretty URL cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31 Last Seen2025-07-13 05:12 Times Seen114988 Hash 2ca03ad87885ab983541092b87adb299 1a17f60bf776a8c468a185c1e8e985c41a50dc27 8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762 Loading...

	urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==	Eval	32 kB	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA== IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 754c14aae4c32cddd94f0405f63ab5aa 3917dc1eadd97b4e137d710673274e2893091b79 54ea6c5128a9bebc5af3d114b1c12f6961d3a5ce02db28c4cc07bc68a55d8614 Loading...

	urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en	ScriptElement	7.5 kB	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 688d13ab4f2293dc4b0cdd393ec2bce4 c106dae7e5c240bc8d3894bbac18494ce534a77e 7f80d7b4aa4696dd54075a4771e628db0c19ea4fb1a26aa89852ad777bf95e9c Loading...

	urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en	ScriptElement	4.7 kB	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash e5e85104e0e425fe4ec0bb2a478e1086 d98aeb82640f9b664f34a6529305dce2680c30cd 67080df2a7763ddb4ba3c0bc12d394491abcaa789b244d45e26e678c3b317b04 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-13
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-13 05:22 Times Seen414101 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/	Eval	1.0 kB	2025-07-02	2025-07-02
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-07-02 22:43 Last Seen2025-07-02 23:21 Times Seen5 Hash 365bcae09ead38ee65a20b1123ef542e e75d152a7d25c11a9561a467887bcf73d1ef406c a7ff757dd141d87889da530c38ae276a58e8a2236cee4f87a2aaa254bd0d3386 Loading...

	code.jquery.com/jquery-3.6.0.min.js	ScriptElement	90 kB	2023-03-07	2025-07-13
Pretty URL code.jquery.com/jquery-3.6.0.min.js IP 151.101.2.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-07-13 05:26 Times Seen242047 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==	ScriptElement	4.4 kB	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA== IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 9b6138c12723dd1672efec851a698ab8 09f213472910c16b3550a044f938de60c45a5c4d 7a437cb1e02d628d8653b522e245a06b5dcf1e12b34c3c3ab67f54e0f1a9bad5 Loading...

	urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en	Eval	1.7 kB	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 9f162eb1f4b24445b2eaafa30a112ef6 dbb929dd492969a86798956fe892643f32a22ac6 4cdd791633261c5323f42351745d3c33b9beca223743e70fc8bf2bbe8fd2c9c6 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/	Eval	1.0 kB	2025-03-02	2025-07-13
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-03-02 18:12 Last Seen2025-07-13 05:22 Times Seen38341 Hash 6934d9d33cd2d0c005994e7d96d2e0d9 96d89030c1473585f16ec7a52050b410e44dd332 08c9b52f61fadf1eff6fb89169f1735fbae7bb583b23cb119d0e1a0151bac952 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-13
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-13 05:22 Times Seen414101 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-13
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-13 05:22 Times Seen414101 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	urguc4.msyoxvxe.es/34Q19i8A19ppvgX4rjgvtxCTLeijhMXkDB1KYWQe67110	ScriptElement	292 kB	2025-07-01	2025-07-11
Pretty URL urguc4.msyoxvxe.es/34Q19i8A19ppvgX4rjgvtxCTLeijhMXkDB1KYWQe67110 IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-07-01 22:37 Last Seen2025-07-11 21:20 Times Seen2062 Hash 04c1251bae5a4681ad29e5f0846a0ee2 6bd282d27792a21ab43f6210efffabce36c03b07 265d88c373a1f0711c817a8460c9a78512c040047f5ffcb22f380024a629f83a Loading...

	urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==	ScriptElement	61 B	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA== IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 9036d9941e6770a2e5591fa17f3e5ec9 699cd868d206cb39cbdd0368b649479d3b2edf61 af4d222dfb764ec0b898ceffab75c52d851b43db1fb34360f1d1970e6614de31 Loading...

	code.jquery.com/jquery-3.6.0.min.js	ScriptElement	90 kB	2023-03-07	2025-07-13
Pretty URL code.jquery.com/jquery-3.6.0.min.js IP 151.101.2.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-07-13 05:26 Times Seen242047 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js	ScriptElement	48 kB	2023-03-07	2025-07-13
Pretty URL cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31 Last Seen2025-07-13 05:12 Times Seen114988 Hash 2ca03ad87885ab983541092b87adb299 1a17f60bf776a8c468a185c1e8e985c41a50dc27 8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762 Loading...

	urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en	ScriptElement	7.5 kB	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 957bc4753745ca6f200b22dfeb9ea7ff 1ed9ce4f9d4d5cad40f24153515e87efc01cb9da 9db8211be846f35709a972250607c20e8dc63351775f26ed61405b087d49f590 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-07-02	2025-07-02
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 09622b6bf9b73435a17c8dafac1f3b92 4881fe0594e1607f4f1ea5002e376b1b4f8f7805 2ed84c5f234fc8caf98dfc595bdb0cb357e8785e7e6fed71c91c9f439646d9f6 Loading...

	urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==	ScriptElement	61 B	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA== IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 84689a56dfd8e64cb0b493bfe3b2d52d 3385eaa61b976cb3fd1504d351c3ce332f797c9d e0286a355db475c9c74eab21507fb04542c829811ffa84e627900558892d9306 Loading...

	urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en	ScriptElement	7.5 kB	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 050ec0986231384e122aa6b9cc75f496 13350db191cb873a585ab7c3025edcccb7fbd30c 5c915ae0bd119b11996b17cc54b3c27e7606563b5cc9eaf6c563ea216bfb6d73 Loading...

	urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en	ScriptElement	7.5 kB	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 511ead283eb07a0c8929be60f27365e9 dd0b6248d51e33a44a23ebac76cdbb4ce7b011cd ac4f84dcf3f1db71ab427d98d4a0a8ebceec506a54f32b4eefd73d0be9bc67a1 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/	Eval	14 B	2024-12-12	2025-07-13
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2024-12-12 23:50 Last Seen2025-07-13 05:12 Times Seen43506 Hash ff03fc8f0c3179fb4dcf4389f88a1c16 05ff911d7ddf2d7c14b4316a87fd08f42c618f9f 025229ec6bb50e915572750c5045d22c5fe16851fd077f1411f41b19aa1dfece Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-13
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-13 05:22 Times Seen414101 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-13
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-13 05:22 Times Seen414101 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en	ScriptElement	7.5 kB	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 94da8095439cb96048b3f439b3d69916 1024e80600d93c96d238f6c671ac15f1e7eef09f c5184b0cb0be6c5708e5662a4cbff3b1b81fc113ff0d2b11c9696e03d9f435cf Loading...

	urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en	ScriptElement	7.5 kB	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 74a4e48f623e4b19989aee31530c36ba 0ae282bcaa2cc913eca6c54eca22d6d31603b901 b43c65dd72d61fbe83a5e71e5cbfbc19a84fa885df79691b618a51120448131d Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/	Eval	1.0 kB	2025-03-02	2025-07-13
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-03-02 18:12 Last Seen2025-07-13 05:22 Times Seen38341 Hash 6934d9d33cd2d0c005994e7d96d2e0d9 96d89030c1473585f16ec7a52050b410e44dd332 08c9b52f61fadf1eff6fb89169f1735fbae7bb583b23cb119d0e1a0151bac952 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-13
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-13 05:22 Times Seen414101 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-13
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-13 05:22 Times Seen414101 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-13
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-13 05:22 Times Seen414101 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==	ScriptElement	61 B	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA== IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 83ac1a74a08316494fc446abf74e7abe 3b90ea8d212d3ea35373c47dac35a38b3be74085 27996df937cf1cde6499b9c777742dc81c6dbafd0ac7e544fd2227195f293c0e Loading...

	urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==	ScriptElement	61 B	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA== IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash b91e1fae1727e96ab88d154dae8bd482 7e5caf60aaeceb149f89328f38b348a6cff2599c 73303867cc1c8896683382b37767f35e9f1817c872e8b5c3280dc933aafa8e90 Loading...

	urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==	ScriptElement	61 B	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA== IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash ba87a4cacde201c289d892027297d6b3 7bf580a5ab7a94badea5c54166b8fc41b2464772 20324bf11f89122645759afee230b3128cc288aea43ac9e71ffd8f745f7fcaec Loading...

	urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==	ScriptElement	61 B	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA== IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash f21b0fe5077e0451eda0bb0a18fcec5a f6951600f9b99775571197a47d4a5c406ab1bbc3 82e5f628cffbff99ec76df47ed49af1499de08f6089117a5f1d275136ba97de7 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=9591dfe2998b569f&lang=auto	ScriptElement	141 kB	2025-07-02	2025-07-02
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=9591dfe2998b569f&lang=auto IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 69af85dc973410a07c63ed95d69e7a22 33d12207b86c956b296b709680263855a528d59f 154eca8e73bf4c661ef5ab05534686804539e1271da6f9fa035dfbcfe58ef467 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-13
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-13 05:22 Times Seen414101 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en	ScriptElement	7.5 kB	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 650eed94a7d13eae0177c923f70ccb02 e535f14ab3ca6688e03e1551cf677f9d05d81287 4fcb51c9580ad6c4f31d2af7f8a4d5b5558dded7a2d09f07022acce7cfce3db9 Loading...

	urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en	ScriptElement	2.9 kB	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 93bd6a02f08021bed21258edb65173e7 387309c2c8fa6604bdc8884a2341f07a06b3f9a6 5659a82fb0deabe1f84c7d145db4552e9613224e019b1c666bc3a619c76443c6 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-13
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-13 05:22 Times Seen414101 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-13
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-13 05:22 Times Seen414101 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-07-02	2025-07-02
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash a2205a69ca4e53ef2e157f4063a86a86 6450f623e96f2e75b8579751db92c7bbca81587f b6a6ce2dfb3fca4b2dd7520b61ba441169e6ee4fccf7a97e79f31e10060cfa4c Loading...

	urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==	ScriptElement	61 B	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA== IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash c03cc743f3339c34e6da4530c7180f88 ca1a722fbc33c8c93bd7e5036913d2ab2ed3293b 47825cc60797e15f71bc5d0d4a84829b38038553c6cb577f294454a4cf1c9d21 Loading...

	urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==	ScriptElement	61 B	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA== IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash cea0395c317f230bc26175e875e424fb bc6860a1393b2fccfdd5d399b8a22300b2b7f5dd 913b7cb20914dbbf8207095e3c4aae020f7d85327b4d950b7e86c9f8b627f193 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-13
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-13 05:22 Times Seen414101 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==	ScriptElement	61 B	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA== IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash ebd0cfe498ae1436c8a0dc07482e3d5d 0c328a8fdf04ee5960a1ce763b4163cec7d4229b e22052d5bde5c3fba580190ee4b0ee893839ecf1047382237182eb95bfcdfad1 Loading...

	urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==	ScriptElement	61 B	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA== IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash a6c67b0632855d028cbdebc0622ab2ab 52395ca15aee49766d9493711e19c734e7571226 a99d7506a58752f658b07826261d2df957afa6fa664acf2c7ebad47c1d7b0e7f Loading...

	urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==	ScriptElement	61 B	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA== IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash d7e38001a1c5675d803687246d67e053 3e86103893bdfc994fea11b986d05fd1bd226936 ce1aa5e01f4b802e3bc3ae547e032743200c0053d95998ba7b72f434b02f5a2b Loading...

	urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==	ScriptElement	61 B	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA== IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash da35dc948b541f673306674a519228db c51cb8f6445c07fa23a693f11a84b7b783c29ba3 efa69b7dfb9b3eca25957e057625d3db83dd5f55b41352b7db717f812430a0ee Loading...

	code.jquery.com/jquery-3.6.0.min.js	ScriptElement	90 kB	2023-03-07	2025-07-13
Pretty URL code.jquery.com/jquery-3.6.0.min.js IP 151.101.2.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-07-13 05:26 Times Seen242047 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en	ScriptElement	1.9 kB	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 3288fa1b1b6d098fcec56075141c43eb 734ecdce294d10c1606a4db6230c220501cccc8e dd558b2b0f0528181e164381fc25c7cc512bbbb000a383e631520f2b8e6f5ab1 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-13
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-13 05:22 Times Seen414101 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-07-02	2025-07-02
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash b1ffab4925845a779ae2f8bf4bf87e6c d9ff640a094be13747d1f716c3d8b3604e726332 ee769f44ccefbdbd0d26266e137b1371870070a56c6e2a5508783c2cdead3f78 Loading...

	urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==	Eval	1.6 kB	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA== IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 8c90034c6ac88501454313a361d71e72 5436aa05f0dcbbb2613d28fbe872a93ca70055dd f9ef28954c795a945f3013ef97f81645ef8a27d08df0aa11d45bf28f4d2c06f4 Loading...

	urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==	ScriptElement	61 B	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA== IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 12a9c58cb55caafc2a0db066518a81f2 e96fae0fb686c7da0857b6a749f5cb618549e5b2 9639452b92b71ead6fc147f508eb7a2983d74723066c5c3dfd6de66bfc7a1282 Loading...

	cdn.jsdelivr.net/npm/lz-string@1.4.4/libs/lz-string.min.js	ScriptElement	4.7 kB	2023-03-07	2025-07-13
Pretty URL cdn.jsdelivr.net/npm/lz-string@1.4.4/libs/lz-string.min.js IP 151.101.129.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02 Last Seen2025-07-13 01:21 Times Seen6606 Hash 109c13d75d0b6fc6440d3e98f803d396 b69e7073bc2c1bc9a57aada4c73799d182ef8368 9d1a0ef07a2ea5faa8cd4afb60a0518075e6771e341e5ff4e0e481cefedeecbf Loading...

	urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en	ScriptElement	7.5 kB	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash bd688e6cc3b93507bd8f93400fe82b18 fde9e74de7c25780d940a5cc017b5cbee2a0bc93 7e02a7b23db0204fd6d765719a667463069ad6cd30bf6326fdbb8426daf823f7 Loading...

	urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en	ScriptElement	2.9 kB	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash fabb8a3a49c4b997480b330e4bf7a723 7fb8561422ccb8418ebc7121a642a8778d238eaa 846c7f11d47b3a1ec9cd225d1722ca132d19681d55068f5bb4cfe29d944444a9 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-07-02	2025-07-02
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash ca771f4d79a1a9c81f88bea45a23917e 11574ce8d939729c175d56a9f8e4c730b6829dc6 8af5a0de29d1fffca9fae5841e6f80522d9e03466c722a3346c3984862c93e0b Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-07-02	2025-07-02
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash ce1c2e98b2a94e6bb7d5642ab13fe74e c020bb292fc7ee71aaf0334b3ff2bcd28fa0bb35 e8b5144d4a47fd7beef793b77031049730a66f587017e067b22e4f1a220af94f Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-07-02	2025-07-02
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash a5ff57f0480ea88b4718e09296d04490 bc007d7567eff9c1ca5818fbe840970089ba48e0 0849b6512272bdeb8ea7880e23387bd52a3f13273e3b957248247329a0cc4e89 Loading...

	urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en	ScriptElement	7.5 kB	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 746ea3333d1e93fa30c496ef4ddf38da f0a35c77cde4283a20df14db4a2e5a908684c751 b79df90dfe43f64f194f82e852ecfcb8a571a936ab2fe6388ec82ccafc906121 Loading...

	urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==	ScriptElement	61 B	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA== IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 844b88b1a1f93eade31bf8ea4b4c1c5d 37fe100a50723ea1d62cc92d90e603aa4c03abb0 94dea81a86c931486b7e9fc943fc5703e547cba7defbb300b7997da5ec26a9a0 Loading...

	urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en	Eval	152 kB	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 704eb768462c261f9d4a4c27ec03fc47 9aa7fd23f10c49820109801e1402064678e97f39 f43499ed4ab4f8dac7e3d2f1ecef098a2bba17ea50c2d521d1f926430358ec6d Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-07-02	2025-07-02
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 8d3998fef715e640d651431af2c1714c b0e9cdc89ab15e7de472d65e78e6c0667b900827 9d589b8742346dd53e8fb03625d287cb8518a8b58600a7c522a0e55a37f68a91 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/	Eval	14 B	2024-12-12	2025-07-13
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2024-12-12 23:50 Last Seen2025-07-13 05:12 Times Seen43720 Hash 33ff6022e88df59f8dfc9eb546435e9c 7f2ad96c0a1276fbc858c652a6e2d0b3c9d4d3e4 a1c845cab782ea7dec04543ec72e0b354cb8e9aae23acc02ee02b1832e3acd9a Loading...

	urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==	ScriptElement	61 B	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA== IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash c4570b647ee34826046e6decba9d8d0a c210fb65785fbc1200a00fdfa1e3dcdde0d76fcb 6729b2c73521f8493bcdab7e0dcb3c08feed6697bdd41b86fb84c2f97b7dfc57 Loading...

	urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en	ScriptElement	7.5 kB	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash a00c97a92a0b4348fed3da6d88c1ed06 dda99fe70ca267611799f015ae80ace93a5ae763 e6585862cddce8cfbd0e5284951550c5058e4e494c29f90c302e07bed7292910 Loading...

	urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en	ScriptElement	7.5 kB	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 6b1750b90f7dd815ab3b915f79f47aae f407074efef2c99b73788f24beb596d76f2733f5 057fcd4d30e4a08de3332428a3ca833b2c077287139dfcbc3110042fcd83db82 Loading...

	urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en	ScriptElement	7.5 kB	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash c5638252f5c4814ee31ad4b20bc5cd5c 69733ba36729c307961b066a68fe63fd3560bc2c 28c172011eb9aed8b8b5d6ebcd5ff42b3bc9a642d79b4e6d0b4f804b48c034a9 Loading...

	urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en	ScriptElement	7.5 kB	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 8589eebea7c1141989b591398c358f58 45db2dfd0f0395953841d656218531add4167c27 e4fcc08a18e5db2b9af2aa791b7ca404868e85a7cd60ea9c87b83be30adf4b25 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-13
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-13 05:22 Times Seen414101 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-13
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-13 05:22 Times Seen414101 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en	ScriptElement	2.9 kB	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash c1b8f1e3969918fb22f0890facbd777b f0417128bdd63ddf0210f0d4a6d7c860b819dc3f b0bdc9c448286a6a20154ccc4c740e39b9ba136e6c69903e296ddda3d8fea1a2 Loading...

	urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en	ScriptElement	2.9 kB	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash e9bf8e9aaf906f59a516012a855f8c07 c0d318ab3c151943c4bcf7579601a4d0963f1a7a 55ac0fef88f09444458ada28941d9ea6773ae22ed5e37ab544d870509734fbda Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-07-02	2025-07-02
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 84707547adec389de92eb0b78d0cac48 5e41cd3857258a15994ec3fe2d1ed225450c3fc4 a26f582c5517c442cda74e4cc6021e3f24e2ec09e757bf532c6b171d7403e54d Loading...

	urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==	ScriptElement	61 B	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA== IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 988b8b76a6a75a99d6c9bf76666f207c fae578db92ce6b428817c3e075fca4cf71658b64 34a5de73fa455b02a5584702d4f7ee3d268b31abb872a5cf4fd86583eaaff393 Loading...

	urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en	ScriptElement	3.4 kB	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash cb8062b9cafc1a0bec785e78dbca68ec 76d3faeef493963424f9c135f02c1eb56573cf06 aa11c6869ce0d7fe78ab0e52f904249d656c5220a07ddf7d7c39088530e762e6 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-13
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-13 05:22 Times Seen414101 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/	Eval	94 B	2024-12-12	2025-07-13
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2024-12-12 23:50 Last Seen2025-07-13 05:12 Times Seen43183 Hash f47389d2f1abd47dbebeef3e2d3ae8a7 dde5aa75f9a647e73d3e2d3fdda68898f850f72d 30893b81b3c71cdbd5cf34b54fb52f8eef50b27d8a3f2498a28d2b89bd987fda Loading...

	urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en	ScriptElement	7.5 kB	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 72512d2cfc21c3066734e1acd858bf89 3d94263d50facc2a9472a7efd8809af14c385f71 27b12710105560854d5348f6f99844eb8df3b06b5f0645ba676fbc2e5b35cb8a Loading...

	urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==	ScriptElement	2.4 kB	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA== IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 913c53111439f6652733f9a68966e79f 02e59ba69afea5ea222dce2f9985dc1aec0fd972 60c9d558d0db1d52a08664df4dd975cbf0b287bff7dd175a8db530d12a61a8f8 Loading...

	cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js	ScriptElement	48 kB	2023-03-07	2025-07-13
Pretty URL cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31 Last Seen2025-07-13 05:12 Times Seen114988 Hash 2ca03ad87885ab983541092b87adb299 1a17f60bf776a8c468a185c1e8e985c41a50dc27 8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762 Loading...

	urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==	ScriptElement	61 B	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA== IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 9dc26f77fefbaf2ee42b5db7e2ec6069 2c9131b3ad8569660e890614a915f4e50ccf91c6 28567b82910f55fc304003425c8ccee486bd3864313fdcdd6f9a6903658e7c67 Loading...

	urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==	ScriptElement	61 B	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA== IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 1fa551ac7965fa98f4bb99732bbb3b5c 78eadda06f1afda68b25ba30349cb2872d48b125 7c436ea3d1e8d2de4b0d030ad135640024a1ed9d773b3e096e656e7d4fe04137 Loading...

	urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==	ScriptElement	60 B	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA== IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash e0072715da16a927bba2d0fa7ab240a2 0316a2d60088e83eb63068c2d764d861ce1c93c7 2ca3d8ecc953d6dfdae3ed4f48458e4da4f40d8875eaa3a92ad24a074df5880f Loading...

	urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==	ScriptElement	60 B	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA== IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 3f8c12b27512938f063c413cdd1ee319 d88eea3879c07ae284dda6bcb21748b28ac2ecab 0b885a00e6d990110416bf76df8476321e2f766b446639208e8f9adf0a4192af Loading...

	urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==	ScriptElement	105 B	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA== IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash a767136b664dad357bbd1af5522af792 cc7f77cfde89d7cd1c312bbea23504f92752d50d bbc2352610b828f4dd115b590edf9dd5158787b2d7e1cd0821dbf3e0f39e48f0 Loading...

	cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js	ScriptElement	48 kB	2023-03-07	2025-07-13
Pretty URL cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31 Last Seen2025-07-13 05:12 Times Seen114988 Hash 2ca03ad87885ab983541092b87adb299 1a17f60bf776a8c468a185c1e8e985c41a50dc27 8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762 Loading...

	urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en	ScriptElement	7.5 kB	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 59d4e2076a032bba990c73b43dd57fe8 b7148eda7c0e5df546148fa7e3de093fc57df4f5 bae07a5cd8e4cb6a6df36c794c898fafbbcefee8387e0058b3259861b029d657 Loading...

	urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en	ScriptElement	7.5 kB	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 7bd227eb288213e6cdfc5d50a6b12de2 8ed6141790b379a549a8a9661cf4caebae59eebd 2bfddffa833aac365ef438a586581dd0c74d66bf9ba3e7263bd9c17b5408d5ea Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-13
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-13 05:22 Times Seen414101 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==	ScriptElement	785 B	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA== IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 49684b81e51863c51fab86a6dddcab75 dca118eceb703b516fb49c12f2d9cf34a0717939 1440b639147ab78b795384bca4d846d5142a5f7506a9f9c71bfa1dc617fa7dde Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-07-02	2025-07-02
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash b09704e6d9ae090ac5ec5376c20b39b4 8ae1998de119759693812561fe576c91cd71e587 45c80654c6963b751032d3ede307abb16782410442d293ab4cf8612d7c732645 Loading...

	urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en	ScriptElement	7.5 kB	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 796516a6cab288e6597859a04aaf3f4d 7139bb17bd0e012f4772404c70c9136d6d512fbc 786c6c702f15135e84c06cbc232d5debe64dc541ca9a4d984f1fc95b4adb72ec Loading...

	urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en	ScriptElement	158 B	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash c6f3bfe9657eeade1a11fe1d96b90dab bb9070faa5482b2e1e4d536d10589cb07d801e3a 87a80fab75e8758f8e202c6b8aa625134b40aa819da1fddc558f6277860cbd88 Loading...

	urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en	ScriptElement	1.8 kB	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash f9bb1e4f0701e2741aee5960fb899f72 3ef71affcda80cbef6ac2e00eb0b170cf9f58c62 9cec429968e62d620c913c5b5acf2002518ed8f8626ee95ca4b93ef06cfe7181 Loading...

	cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js	ScriptElement	48 kB	2023-03-07	2025-07-13
Pretty URL cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31 Last Seen2025-07-13 05:12 Times Seen114988 Hash 2ca03ad87885ab983541092b87adb299 1a17f60bf776a8c468a185c1e8e985c41a50dc27 8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762 Loading...

	github.com/fent/randexp.js/releases/download/v0.4.3/randexp.min.js	ScriptElement	10 kB	2024-05-30	2025-07-13
Pretty URL github.com/fent/randexp.js/releases/download/v0.4.3/randexp.min.js IP 140.82.121.4 ASN #36459 GITHUB Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-30 22:56 Last Seen2025-07-13 01:21 Times Seen28626 Hash 6c20a2be8ba900bc0a7118893a2b1072 ff7766fde1f33882c6e1c481ceed6f6588ea764c b1c42acd0288c435e95e00332476781532ed002cac6f3dcee9110ced30b31500 Loading...

	urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en	Eval	215 kB	2025-07-01	2025-07-11
Pretty URL urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-07-01 22:37 Last Seen2025-07-11 21:20 Times Seen2050 Hash b7b14d83464b00c2e24ff25c92cabed6 65bf117f3c9907531980b92f2adc423922230dc5 a4659aff267c29499a6083923c3ead5738be9a423323abc2a9cfe0a8231c3bbf Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-13
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-13 05:22 Times Seen414101 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en	Eval	1.7 kB	2025-07-02	2025-07-02
Pretty URL urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en IP 104.21.57.248 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 9f162eb1f4b24445b2eaafa30a112ef6 dbb929dd492969a86798956fe892643f32a22ac6 4cdd791633261c5323f42351745d3c33b9beca223743e70fc8bf2bbe8fd2c9c6 Loading...

		Size	First Seen	Last Seen
	#1 Write - 8183b8fc407b7e0925eaeb95a969e89c	111 kB	2025-07-02 23:21	2025-07-02 23:21
Pretty Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash 8183b8fc407b7e0925eaeb95a969e89c 103b6dfc8e678ac869fa73a8cec9f1108f815185 d07708dfdcdc2a0d16d0223ca7b66a9eefb6100b43c408c6030d997bcdb502d8 Loading...

	#2 Write - 086707e4369f60afedcafb16050a7618	39 B	2023-03-07 01:03	2025-07-13 05:25
Pretty Observations First Seen2023-03-07 01:03 Last Seen2025-07-13 05:25 Times Seen102406 Hash 086707e4369f60afedcafb16050a7618 8216b0cc6876cbd44f01c158e7dff3833ceccd41 a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e Loading...

	#3 Write - d0dd7ce1872860c33d3675b4fd891e35	7.1 kB	2025-07-02 23:21	2025-07-02 23:21
Pretty Observations First Seen2025-07-02 23:21 Last Seen2025-07-02 23:21 Times Seen1 Hash d0dd7ce1872860c33d3675b4fd891e35 82f0a18e8553260be9fc0e0d19e31627861a72af 7afd216440a351e7489b8e6db83f8b7b24ef0202424d7fe8feb21a4c9a5d1a8b Loading...

HTTP Transactions (61)

URL IP Response Size

GET urguc4.msyoxvxe.es/34Q19i8A19ppvgX4rjgvtxCTLeijhMXkDB1KYWQe67110

104.21.57.248

200 OK

292 kB

URL GET
urguc4.msyoxvxe.es/34Q19i8A19ppvgX4rjgvtxCTLeijhMXkDB1KYWQe67110
IP
104.21.57.248:443
ASN
#13335 CLOUDFLARENET

Requested by
https://urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en
Certificate
IssuerGoogle Trust Services
Subjectmsyoxvxe.es
Fingerprint68:E4:97:CA:CE:60:2C:D9:EA:23:38:4E:25:33:39:58:00:7E:AC:67
ValidityMon, 12 May 2025 01:41:38 GMT - Sun, 10 Aug 2025 02:39:18 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
292 kB (292204 bytes)
Hash
04c1251bae5a4681ad29e5f0846a0ee2
6bd282d27792a21ab43f6210efffabce36c03b07
265d88c373a1f0711c817a8460c9a78512c040047f5ffcb22f380024a629f83a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Tycoon Phishing Kit

HTTP Headers

GET /34Q19i8A19ppvgX4rjgvtxCTLeijhMXkDB1KYWQe67110 HTTP/1.1
Host: urguc4.msyoxvxe.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en
Cookie: XSRF-TOKEN=eyJpdiI6IlhBTWJ2WDJGNFNuTkNYL0FsUUE3Q0E9PSIsInZhbHVlIjoiWFZXTUNIUCtqd3VlTzV1Q3RwTnMxMkgxZHB1NzNzQ0pzek5wd3lubFYzMXV3ejhaZlRUTmpjM0ZQWWpIdmh0TVV6cHYwNUhtMEZUbkNTdldFaFM4OWl6QklLMER5cjBYZ0ZOdCtCeWVMa28yR3ZnQXJjcFcvd3JEaHZvVkF0TmIiLCJtYWMiOiIxNjRlOGI4MDUxNGYwOWIwMGE1MDJlNGJlZjFmZTY2ZTgyZWJkZThmNDI4OWUwY2YxYzQwOGJjYTk1MjE2YmRjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImNTdFg4dUFtSkd2OWtHbGhrSVZ4OHc9PSIsInZhbHVlIjoiYjJmekU4N05jTmlQRUFaWVh3Q3pPT0ZocFRwNW5McXpualdid3U2d2JXVkNkRlUzRzdCSkNpR0tRODlPb0ExaEpLd3RwMVQ4SUxDV1RUSVNTc2NWZHdxeHZRLzI5Y1JraVBSOHVzdnordUhsREZtU3VMSW5VbWRvb1NVVUxZeWYiLCJtYWMiOiJhY2NmZDc2YWZmZmIzYjRiNmE0ZTViZGRmMTY2NWYxMGU5YjRmZmY3NmMxNTI1ZmRlMzY1NmMwOWMzNzZkODQ1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 02 Jul 2025 23:20:59 GMT
content-type: application/javascript
cf-ray: 9591e0631c85712b-OSL
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-disposition: inline; filename="34Q19i8A19ppvgX4rjgvtxCTLeijhMXkDB1KYWQe67110"
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=yJuH9urf7ScGb84cmBIIf36i2jyWCbAE6QCaduyguL9QOVc9QSuYNVJnngZw5QiVKA99MOuvjQQ%2FIKaOk3eq57GlTl0ClyJkVXA%3D"}]}
vary: accept-encoding
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1733&min_rtt=0&rtt_var=1013&sent=514&recv=164&lost=4&retrans=4&sent_bytes=568187&recv_bytes=40194&delivery_rate=14365570&ss_exit_cwnd=28822&ss_exit_reason=2&cwnd=19951&unsent_bytes=0&cid=401366e0b4621c11&ts=24915&inflight_dur=466&x=40"

GET challenges.cloudflare.com/turnstile/v0/g/5f8a20c0c87c/api.js

104.18.95.41

200 OK

49 kB

URL GET
challenges.cloudflare.com/turnstile/v0/g/5f8a20c0c87c/api.js
IP
104.18.95.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
FingerprintFC:98:AC:45:6F:F6:41:18:0B:96:F4:70:AB:D7:E3:D4:3D:B4:66:71
ValidityFri, 27 Jun 2025 18:18:48 GMT - Thu, 25 Sep 2025 19:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (48827)
Size
49 kB (48828 bytes)
Hash
31ef18c7aa69a5a102364b7938216a12
a3398313b19b1b9c2c929b420c01df000f5d4c6a
e35158744fc010eb2219015a6171d7b955674a9f7e11a0d0013e803009454efe

HTTP Headers

GET /turnstile/v0/g/5f8a20c0c87c/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://urguc4.msyoxvxe.es/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 02 Jul 2025 23:20:34 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 30 Jun 2025 17:30:47 GMT
cache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 9591dfe0d8450b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET ivm2.igzyhagplqy.es/kanjari@rjpof

172.67.150.13

200 OK

1 B

URL GET
ivm2.igzyhagplqy.es/kanjari@rjpof
IP
172.67.150.13:443
ASN
#13335 CLOUDFLARENET

Requested by
https://urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==
Certificate
IssuerGoogle Trust Services
Subjectigzyhagplqy.es
Fingerprint44:50:39:A8:CB:5D:27:05:6A:38:3C:12:DE:9D:97:6D:3D:B6:76:E1
ValidityTue, 03 Jun 2025 23:14:26 GMT - Tue, 02 Sep 2025 00:12:47 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
cfcd208495d565ef66e7dff9f98764da
b6589fc6ab0dc82cf12099d1c2d40ab994e8410c
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /kanjari@rjpof HTTP/1.1
Host: ivm2.igzyhagplqy.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://urguc4.msyoxvxe.es/
Origin: https://urguc4.msyoxvxe.es
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 02 Jul 2025 23:20:51 GMT
content-type: text/html; charset=UTF-8
server: cloudflare
access-control-allow-origin: *
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=SX1MFjX1rXillJjZLsmDwE7Iz4pSB44gdp3kvQnV%2F21UlL88rXHScirKKbplPXnBLfZwj5%2FWpRLbuINsdt58BoNA8SA8pkqeUX2NkURjNYdV"}]}
content-encoding: br
cf-ray: 9591e044ec270b61-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET urguc4.msyoxvxe.es/GDSherpa-vf.woff2

104.21.57.248

200 OK

44 kB

URL GET
urguc4.msyoxvxe.es/GDSherpa-vf.woff2
IP
104.21.57.248:443
ASN
#13335 CLOUDFLARENET

Requested by
https://urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en
Certificate
IssuerGoogle Trust Services
Subjectmsyoxvxe.es
Fingerprint68:E4:97:CA:CE:60:2C:D9:EA:23:38:4E:25:33:39:58:00:7E:AC:67
ValidityMon, 12 May 2025 01:41:38 GMT - Sun, 10 Aug 2025 02:39:18 GMT

File type
Web Open Font Format (Version 2), TrueType, length 43596, version 1.0
Size
44 kB (43596 bytes)
Hash
2a05e9e5572abc320b2b7ea38a70dcc1
d5fa2a856d5632c2469e42436159375117ef3c35
3efcb941aaddaf4aea08dab3fb97d3e904aa1b83264e64b4d5bda53bc7c798ec

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft
urlquery	phishing	Phishing - Tycoon Phishing Kit

HTTP Headers

GET /GDSherpa-vf.woff2 HTTP/1.1
Host: urguc4.msyoxvxe.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlhBTWJ2WDJGNFNuTkNYL0FsUUE3Q0E9PSIsInZhbHVlIjoiWFZXTUNIUCtqd3VlTzV1Q3RwTnMxMkgxZHB1NzNzQ0pzek5wd3lubFYzMXV3ejhaZlRUTmpjM0ZQWWpIdmh0TVV6cHYwNUhtMEZUbkNTdldFaFM4OWl6QklLMER5cjBYZ0ZOdCtCeWVMa28yR3ZnQXJjcFcvd3JEaHZvVkF0TmIiLCJtYWMiOiIxNjRlOGI4MDUxNGYwOWIwMGE1MDJlNGJlZjFmZTY2ZTgyZWJkZThmNDI4OWUwY2YxYzQwOGJjYTk1MjE2YmRjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImNTdFg4dUFtSkd2OWtHbGhrSVZ4OHc9PSIsInZhbHVlIjoiYjJmekU4N05jTmlQRUFaWVh3Q3pPT0ZocFRwNW5McXpualdid3U2d2JXVkNkRlUzRzdCSkNpR0tRODlPb0ExaEpLd3RwMVQ4SUxDV1RUSVNTc2NWZHdxeHZRLzI5Y1JraVBSOHVzdnordUhsREZtU3VMSW5VbWRvb1NVVUxZeWYiLCJtYWMiOiJhY2NmZDc2YWZmZmIzYjRiNmE0ZTViZGRmMTY2NWYxMGU5YjRmZmY3NmMxNTI1ZmRlMzY1NmMwOWMzNzZkODQ1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 02 Jul 2025 23:20:55 GMT
content-type: font/woff2
content-length: 43596
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-disposition: inline; filename="GDSherpa-vf.woff2"
cf-cache-status: HIT
last-modified: Wed, 02 Jul 2025 21:22:01 GMT
accept-ranges: bytes
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=vqAZeNVq8g7SmI9Y5DUDodDgI59NlpvtgedeoFWTWLmmNosJB36x1J8kFmH1%2BEzHyGXUtqk1UL8KyhMtdEkzXV1mo2RhMpN4teY%3D"}]}
age: 7133
cache-control: max-age=14400
cf-ray: 9591e0628c79712b-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1849&min_rtt=0&rtt_var=1746&sent=336&recv=129&lost=4&retrans=4&sent_bytes=364088&recv_bytes=26989&delivery_rate=14365570&ss_exit_cwnd=28822&ss_exit_reason=2&cwnd=19951&unsent_bytes=0&cid=401366e0b4621c11&ts=21063&inflight_dur=312&x=40"

GET urguc4.msyoxvxe.es/wxrte6SYIX6lwwAGz7A1GiErBnsqr6cXb8BPgnBAzb12121

104.21.57.248

200 OK

644 B

URL GET
urguc4.msyoxvxe.es/wxrte6SYIX6lwwAGz7A1GiErBnsqr6cXb8BPgnBAzb12121
IP
104.21.57.248:443
ASN
#13335 CLOUDFLARENET

Requested by
https://urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en
Certificate
IssuerGoogle Trust Services
Subjectmsyoxvxe.es
Fingerprint68:E4:97:CA:CE:60:2C:D9:EA:23:38:4E:25:33:39:58:00:7E:AC:67
ValidityMon, 12 May 2025 01:41:38 GMT - Sun, 10 Aug 2025 02:39:18 GMT

File type
RIFF (little-endian) data, Web/P image
Size
644 B (644 bytes)
Hash
541b83c2195088043337e4353b6fd60d
f09630596b6713217984785a64f6ea83e91b49c5
2658b8874f0d2a12e8726df78ac8954324c3bbe4695e66bdef89195fde64322f

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft
urlquery	phishing	Phishing - Tycoon Phishing Kit

HTTP Headers

GET /wxrte6SYIX6lwwAGz7A1GiErBnsqr6cXb8BPgnBAzb12121 HTTP/1.1
Host: urguc4.msyoxvxe.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en
Cookie: XSRF-TOKEN=eyJpdiI6IlhBTWJ2WDJGNFNuTkNYL0FsUUE3Q0E9PSIsInZhbHVlIjoiWFZXTUNIUCtqd3VlTzV1Q3RwTnMxMkgxZHB1NzNzQ0pzek5wd3lubFYzMXV3ejhaZlRUTmpjM0ZQWWpIdmh0TVV6cHYwNUhtMEZUbkNTdldFaFM4OWl6QklLMER5cjBYZ0ZOdCtCeWVMa28yR3ZnQXJjcFcvd3JEaHZvVkF0TmIiLCJtYWMiOiIxNjRlOGI4MDUxNGYwOWIwMGE1MDJlNGJlZjFmZTY2ZTgyZWJkZThmNDI4OWUwY2YxYzQwOGJjYTk1MjE2YmRjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImNTdFg4dUFtSkd2OWtHbGhrSVZ4OHc9PSIsInZhbHVlIjoiYjJmekU4N05jTmlQRUFaWVh3Q3pPT0ZocFRwNW5McXpualdid3U2d2JXVkNkRlUzRzdCSkNpR0tRODlPb0ExaEpLd3RwMVQ4SUxDV1RUSVNTc2NWZHdxeHZRLzI5Y1JraVBSOHVzdnordUhsREZtU3VMSW5VbWRvb1NVVUxZeWYiLCJtYWMiOiJhY2NmZDc2YWZmZmIzYjRiNmE0ZTViZGRmMTY2NWYxMGU5YjRmZmY3NmMxNTI1ZmRlMzY1NmMwOWMzNzZkODQ1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 02 Jul 2025 23:20:56 GMT
content-type: image/webp
content-length: 644
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-disposition: inline; filename="wxrte6SYIX6lwwAGz7A1GiErBnsqr6cXb8BPgnBAzb12121"
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=51WGgLJTg%2BB096OamT1HJusSGcdTaoGouUzzBWNnJmxfYN7sHAWL6%2FpbcXK7lopHDLIPqdWCGz4OjpommY6UDFc6eWsS4EWdFcc%3D"}]}
cf-ray: 9591e0628c7b712b-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2473&min_rtt=0&rtt_var=2042&sent=443&recv=147&lost=4&retrans=4&sent_bytes=493513&recv_bytes=34576&delivery_rate=14365570&ss_exit_cwnd=28822&ss_exit_reason=2&cwnd=19951&unsent_bytes=0&cid=401366e0b4621c11&ts=21626&inflight_dur=396&x=40"

GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=9591dfe2998b569f&lang=auto

104.18.95.41

200 OK

141 kB

URL GET
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=9591dfe2998b569f&lang=auto
IP
104.18.95.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
FingerprintFC:98:AC:45:6F:F6:41:18:0B:96:F4:70:AB:D7:E3:D4:3D:B4:66:71
ValidityFri, 27 Jun 2025 18:18:48 GMT - Thu, 25 Sep 2025 19:18:44 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
141 kB (140868 bytes)
Hash
69af85dc973410a07c63ed95d69e7a22
33d12207b86c956b296b709680263855a528d59f
154eca8e73bf4c661ef5ab05534686804539e1271da6f9fa035dfbcfe58ef467

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=9591dfe2998b569f&lang=auto HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 02 Jul 2025 23:20:35 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
priority: u=3,i=?0
server: cloudflare
cf-ray: 9591dfe36a52569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

POST challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1531865007:1751494856:Ocmf3KSCWX-uPOqfUYOvlzdsUjTNy5DvOnnOeOilKhE/9591dfe2998b569f/7ilaPyE2WM4Nc8XNqM5RmwxK5z068lSVzsGOGaZp8kc-1751498434-1.2.1.1-ENDnCp23QhrDI1uqUE2PP67KyTWbIbA0PZEsCvmt8Do9PoUKVUNqWKepWdL3MJSS

104.18.95.41

200 OK

302 kB

URL POST
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1531865007:1751494856:Ocmf3KSCWX-uPOqfUYOvlzdsUjTNy5DvOnnOeOilKhE/9591dfe2998b569f/7ilaPyE2WM4Nc8XNqM5RmwxK5z068lSVzsGOGaZp8kc-1751498434-1.2.1.1-ENDnCp23QhrDI1uqUE2PP67KyTWbIbA0PZEsCvmt8Do9PoUKVUNqWKepWdL3MJSS
IP
104.18.95.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
FingerprintFC:98:AC:45:6F:F6:41:18:0B:96:F4:70:AB:D7:E3:D4:3D:B4:66:71
ValidityFri, 27 Jun 2025 18:18:48 GMT - Thu, 25 Sep 2025 19:18:44 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
302 kB (301836 bytes)
Hash
eb4114310ecc15d7d20422a1c898644e
2a2047a55f14a49e5a6d83483d6f4d7f78d868a2
729e3f1fd1ccac205c00b129192ffb8eb39549a5d8945d44eb30ed9cfb66de95

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1531865007:1751494856:Ocmf3KSCWX-uPOqfUYOvlzdsUjTNy5DvOnnOeOilKhE/9591dfe2998b569f/7ilaPyE2WM4Nc8XNqM5RmwxK5z068lSVzsGOGaZp8kc-1751498434-1.2.1.1-ENDnCp23QhrDI1uqUE2PP67KyTWbIbA0PZEsCvmt8Do9PoUKVUNqWKepWdL3MJSS HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/
cf-chl: 7ilaPyE2WM4Nc8XNqM5RmwxK5z068lSVzsGOGaZp8kc-1751498434-1.2.1.1-ENDnCp23QhrDI1uqUE2PP67KyTWbIbA0PZEsCvmt8Do9PoUKVUNqWKepWdL3MJSS
cf-chl-ra: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 3468
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 02 Jul 2025 23:20:35 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: KFIAvK80bvCYHZC4TzMnrYJp5SPv2feduTZm/dukbk6oBqOzeNlk/zqbWR7gxiMuHs3IvQjt5TWDG7ZDEY97gvnhDrja/bRODnVuT7ENBSpNV5ZLoSJ8+dImHbFRRa5gLEQW1mgmDEItmfHlSuSx0R814WlqyHxUDouCOnbZ0ig5vMEGeL6khyymYj7YfuCpZ7hg6+5JhapXXZcQEE1ZA/TTD/wopNsdg/0D5KhUdw9J3VMZsMRW97EUHtWu8nyM8qOJUYsQc7MfLNAtP+NHZp01/btoP5vcwWjwF+xAexAR4qubRI6L1O92kGZOl28MQL1XrXac7VK5LfX+Q4jrcYULEiOLmgu/EGa8J15YFuGrKm6F8PqtcgejRuQ/B4CXtaYiUnKPlwqlJIcMpvtR5VbzORrAYZC0V0he66zfIYyzMlehOh6KxiF/vHRisuVTgWynPl07r/CX3b/9ZbT6EVtDopvtmXEpvyFFjhycT7SQhKKwNx/YFi4ef89WK/XsVreU8EgipO/sxHvM5qsHZmpzChvjuVfaBq2gNxmebXwKpsGYHVoGNxPMGhHYJiKKhNyrWNx5/3esWi0/xeQDDnzxdMpiIxJmeDEqQ445cBTDir40fFxCKo7WFQLj6kOHNUG/pGkJ6ic6UTZkXlSctvw51zuuA9sLkRwZuMpBz7RfrY8NcF3lzL404TqcolioeXt+QHnqCjYlVjc9fICvBj9/47io7LjHfgsOfa/TdJ4Se8HHav7AsPv0O4Uv42Z8/bfJouAzA2ijhIhfJiuk+xe9zl0+cJo9J/hm2vX/r52nARAVn2XTVLllbNkNzUhcIQ9VxQSpgSlw9dVGTqyp5w==$G3jfhINCMHOpStoviDGQiA==
priority: u=3,i=?0
server: cloudflare
cf-ray: 9591dfe66d50569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET urguc4.msyoxvxe.es/ijZrAcHMam3eokHd2as5eEboJKjOE1syzpQEb2xJYrR0eoQrACrtr56161

104.21.57.248

200 OK

7.4 kB

URL GET
urguc4.msyoxvxe.es/ijZrAcHMam3eokHd2as5eEboJKjOE1syzpQEb2xJYrR0eoQrACrtr56161
IP
104.21.57.248:443
ASN
#13335 CLOUDFLARENET

Requested by
https://urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en
Certificate
IssuerGoogle Trust Services
Subjectmsyoxvxe.es
Fingerprint68:E4:97:CA:CE:60:2C:D9:EA:23:38:4E:25:33:39:58:00:7E:AC:67
ValidityMon, 12 May 2025 01:41:38 GMT - Sun, 10 Aug 2025 02:39:18 GMT

File type
SVG Scalable Vector Graphics image
Size
7.4 kB (7390 bytes)
Hash
b59c16ca9bf156438a8a96d45e33db64
4e51b7d3477414b220f688adabd76d3ae6472ee3
a7ee799dd5b6f6dbb70b043b766362a6724e71458f9839306c995f06b218c2f8

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft
urlquery	phishing	Phishing - Tycoon Phishing Kit

HTTP Headers

GET /ijZrAcHMam3eokHd2as5eEboJKjOE1syzpQEb2xJYrR0eoQrACrtr56161 HTTP/1.1
Host: urguc4.msyoxvxe.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en
Cookie: XSRF-TOKEN=eyJpdiI6IlhBTWJ2WDJGNFNuTkNYL0FsUUE3Q0E9PSIsInZhbHVlIjoiWFZXTUNIUCtqd3VlTzV1Q3RwTnMxMkgxZHB1NzNzQ0pzek5wd3lubFYzMXV3ejhaZlRUTmpjM0ZQWWpIdmh0TVV6cHYwNUhtMEZUbkNTdldFaFM4OWl6QklLMER5cjBYZ0ZOdCtCeWVMa28yR3ZnQXJjcFcvd3JEaHZvVkF0TmIiLCJtYWMiOiIxNjRlOGI4MDUxNGYwOWIwMGE1MDJlNGJlZjFmZTY2ZTgyZWJkZThmNDI4OWUwY2YxYzQwOGJjYTk1MjE2YmRjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImNTdFg4dUFtSkd2OWtHbGhrSVZ4OHc9PSIsInZhbHVlIjoiYjJmekU4N05jTmlQRUFaWVh3Q3pPT0ZocFRwNW5McXpualdid3U2d2JXVkNkRlUzRzdCSkNpR0tRODlPb0ExaEpLd3RwMVQ4SUxDV1RUSVNTc2NWZHdxeHZRLzI5Y1JraVBSOHVzdnordUhsREZtU3VMSW5VbWRvb1NVVUxZeWYiLCJtYWMiOiJhY2NmZDc2YWZmZmIzYjRiNmE0ZTViZGRmMTY2NWYxMGU5YjRmZmY3NmMxNTI1ZmRlMzY1NmMwOWMzNzZkODQ1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 02 Jul 2025 23:20:56 GMT
content-type: image/svg+xml
cf-ray: 9591e062ac7e712b-OSL
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-disposition: inline; filename="ijZrAcHMam3eokHd2as5eEboJKjOE1syzpQEb2xJYrR0eoQrACrtr56161"
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=7rxJFZElMDPJnneogAtea75YbknuPc1Ndv%2B7vKBHntYQh%2FuhRSkbCMQjosj2t4oi57YC7oEl0BBEHjhdoYvfmIlJcXeyr%2FsHd8c%3D"}]}
vary: accept-encoding
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2887&min_rtt=0&rtt_var=2069&sent=455&recv=150&lost=4&retrans=4&sent_bytes=503028&recv_bytes=34715&delivery_rate=14365570&ss_exit_cwnd=28822&ss_exit_reason=2&cwnd=19951&unsent_bytes=0&cid=401366e0b4621c11&ts=22568&inflight_dur=430&x=40"

GET ok4static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.18.0/css/okta-sign-in.min.css

3.167.2.64

200 OK

223 kB

URL GET
ok4static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.18.0/css/okta-sign-in.min.css
IP
3.167.2.64:443
ASN
#0

Requested by
https://urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en
Certificate
IssuerDigiCert Inc
Subject*.oktacdn.com
Fingerprint3E:D7:C7:A6:35:70:74:E4:BF:45:2E:A1:D5:A3:25:88:24:76:B3:B5
ValidityMon, 02 Dec 2024 00:00:00 GMT - Fri, 02 Jan 2026 23:59:59 GMT

File type
ASCII text, with very long lines (51734)
Size
223 kB (222931 bytes)
Hash
0329c939fca7c78756b94fbcd95e322b
7b5499b46660a0348cc2b22cae927dcc3fda8b20
0e47f4d2af98bfe77921113c8aaf0c53614f88ff14ff819be6612538611ed3d1

HTTP Headers

GET /assets/js/sdk/okta-signin-widget/7.18.0/css/okta-sign-in.min.css HTTP/1.1
Host: ok4static.oktacdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://urguc4.msyoxvxe.es/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
server: nginx
last-modified: Tue, 14 May 2024 21:48:24 GMT
x-amz-meta-sha1sum: 7b5499b46660a0348cc2b22cae927dcc3fda8b20
strict-transport-security: max-age=315360000; includeSubDomains
access-control-allow-origin: *
content-encoding: gzip
date: Mon, 16 Jun 2025 04:25:19 GMT
expires: Tue, 16 Jun 2026 04:25:19 GMT
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
etag: W/"0329c939fca7c78756b94fbcd95e322b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 36817f2624d87ea26a28cf9e3afd2402.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P2
x-amz-cf-id: zn1w7DzCZZPn_Vvr4hJR2F-DWI3nqn-n_xA-EY2m66X9hhyib0UmbQ==
age: 1450536
X-Firefox-Spdy: h2

GET code.jquery.com/jquery-3.6.0.min.js

151.101.2.137

200 OK

90 kB

URL GET
code.jquery.com/jquery-3.6.0.min.js
IP
151.101.2.137:443
ASN
#54113 FASTLY

Requested by
https://urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==
Certificate
IssuerSectigo Limited
Subject*.jquery.com
Fingerprint56:36:FB:D3:E0:9E:71:88:98:A4:C9:34:94:9B:43:3A:C4:C5:1E:BE
ValidityThu, 12 Jun 2025 00:00:00 GMT - Fri, 26 Jun 2026 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
90 kB (89501 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

HTTP Headers

GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://urguc4.msyoxvxe.es/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d9d"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 02 Jul 2025 23:20:52 GMT
age: 3227452
x-served-by: cache-lga21931-LGA, cache-hel1410026-HEL
x-cache: HIT, HIT
x-cache-hits: 71, 819383
x-timer: S1751498453.945072,VS0,VE0
vary: Accept-Encoding
content-length: 30875
X-Firefox-Spdy: h2

GET ok4static.oktacdn.com/fs/bcg/4/gfsh9pi7jcWKJKMAs1t7

3.167.2.64

200 OK

11 kB

URL GET
ok4static.oktacdn.com/fs/bcg/4/gfsh9pi7jcWKJKMAs1t7
IP
3.167.2.64:443
ASN
#0

Requested by
https://urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en
Certificate
IssuerDigiCert Inc
Subject*.oktacdn.com
Fingerprint3E:D7:C7:A6:35:70:74:E4:BF:45:2E:A1:D5:A3:25:88:24:76:B3:B5
ValidityMon, 02 Dec 2024 00:00:00 GMT - Fri, 02 Jan 2026 23:59:59 GMT

File type
PNG image data, 420 x 94, 8-bit/color RGBA, non-interlaced
Size
11 kB (10796 bytes)
Hash
12bdacc832185d0367ecc23fd24c86ce
4422f316eb4d8c8d160312bb695fd1d944cbff12
877ae491d9aac5c6ef82a8430f9f652ace8a0dbc7294bd112aad49bd593769d0

HTTP Headers

GET /fs/bcg/4/gfsh9pi7jcWKJKMAs1t7 HTTP/1.1
Host: ok4static.oktacdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://urguc4.msyoxvxe.es/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png
content-length: 10796
date: Sun, 29 Jun 2025 16:32:58 GMT
accept-ranges: bytes
server: nginx
last-modified: Tue, 23 Feb 2021 04:20:08 GMT
etag: "12bdacc832185d0367ecc23fd24c86ce"
expires: Mon, 29 Jun 2026 16:32:58 GMT
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
strict-transport-security: max-age=315360000; includeSubDomains
access-control-allow-origin: *
content-security-policy: default-src 'none'; img-src 'self'; require-trusted-types-for 'script'; report-uri  https://oktacsp.report-uri.com/r/t/csp/enforce
x-content-type-options: nosniff
x-cache: Hit from cloudfront
via: 1.1 36817f2624d87ea26a28cf9e3afd2402.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P2
x-amz-cf-id: w1Hulq9ysGQHroGdGrWGUHFYujQD1-g0tqzBGq6c5jR_yLOdPPamWw==
age: 283677
X-Firefox-Spdy: h2

GET urguc4.msyoxvxe.es/ghjOiDrdG3K2xY9IFtzP1RGJM97cr2klnwLVjLF4AusoIZ67dYef204

104.21.57.248

200 OK

25 kB

URL GET
urguc4.msyoxvxe.es/ghjOiDrdG3K2xY9IFtzP1RGJM97cr2klnwLVjLF4AusoIZ67dYef204
IP
104.21.57.248:443
ASN
#13335 CLOUDFLARENET

Requested by
https://urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en
Certificate
IssuerGoogle Trust Services
Subjectmsyoxvxe.es
Fingerprint68:E4:97:CA:CE:60:2C:D9:EA:23:38:4E:25:33:39:58:00:7E:AC:67
ValidityMon, 12 May 2025 01:41:38 GMT - Sun, 10 Aug 2025 02:39:18 GMT

File type
RIFF (little-endian) data, Web/P image
Size
25 kB (25216 bytes)
Hash
f9a795e2270664a7a169c73b6d84a575
0fbb60ab27ab88c064eb347d0722c8ed4cf5e8b8
d00203b2eea6e418c31baafa949ada5349a9f9b7e99fa003aec7406822693740

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft
urlquery	phishing	Phishing - Tycoon Phishing Kit

HTTP Headers

GET /ghjOiDrdG3K2xY9IFtzP1RGJM97cr2klnwLVjLF4AusoIZ67dYef204 HTTP/1.1
Host: urguc4.msyoxvxe.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en
Cookie: XSRF-TOKEN=eyJpdiI6IlhBTWJ2WDJGNFNuTkNYL0FsUUE3Q0E9PSIsInZhbHVlIjoiWFZXTUNIUCtqd3VlTzV1Q3RwTnMxMkgxZHB1NzNzQ0pzek5wd3lubFYzMXV3ejhaZlRUTmpjM0ZQWWpIdmh0TVV6cHYwNUhtMEZUbkNTdldFaFM4OWl6QklLMER5cjBYZ0ZOdCtCeWVMa28yR3ZnQXJjcFcvd3JEaHZvVkF0TmIiLCJtYWMiOiIxNjRlOGI4MDUxNGYwOWIwMGE1MDJlNGJlZjFmZTY2ZTgyZWJkZThmNDI4OWUwY2YxYzQwOGJjYTk1MjE2YmRjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImNTdFg4dUFtSkd2OWtHbGhrSVZ4OHc9PSIsInZhbHVlIjoiYjJmekU4N05jTmlQRUFaWVh3Q3pPT0ZocFRwNW5McXpualdid3U2d2JXVkNkRlUzRzdCSkNpR0tRODlPb0ExaEpLd3RwMVQ4SUxDV1RUSVNTc2NWZHdxeHZRLzI5Y1JraVBSOHVzdnordUhsREZtU3VMSW5VbWRvb1NVVUxZeWYiLCJtYWMiOiJhY2NmZDc2YWZmZmIzYjRiNmE0ZTViZGRmMTY2NWYxMGU5YjRmZmY3NmMxNTI1ZmRlMzY1NmMwOWMzNzZkODQ1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 02 Jul 2025 23:20:57 GMT
content-type: image/webp
content-length: 25216
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-disposition: inline; filename="ghjOiDrdG3K2xY9IFtzP1RGJM97cr2klnwLVjLF4AusoIZ67dYef204"
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=VHbmm74KeHZR53UZOyzmK14eg2YVE6KrYZSr0gFw%2F4P8OxZYbE9MXtfDxfHXwt0c43qrJWeOMxCi0PDsa6LQKWuf6KFRFzWayUc%3D"}]}
cf-ray: 9591e062dc81712b-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2652&min_rtt=0&rtt_var=2022&sent=475&recv=155&lost=4&retrans=4&sent_bytes=523310&recv_bytes=39776&delivery_rate=14365570&ss_exit_cwnd=28822&ss_exit_reason=2&cwnd=19951&unsent_bytes=0&cid=401366e0b4621c11&ts=23107&inflight_dur=445&x=40"

GET urguc4.msyoxvxe.es/stu65mCA9NLRUnEqSWKqQw1kM945mTf68VdYvIpOvEDWcGCRb54g98J3GGrL3ef260

104.21.57.248

200 OK

18 kB

URL GET
urguc4.msyoxvxe.es/stu65mCA9NLRUnEqSWKqQw1kM945mTf68VdYvIpOvEDWcGCRb54g98J3GGrL3ef260
IP
104.21.57.248:443
ASN
#13335 CLOUDFLARENET

Requested by
https://urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en
Certificate
IssuerGoogle Trust Services
Subjectmsyoxvxe.es
Fingerprint68:E4:97:CA:CE:60:2C:D9:EA:23:38:4E:25:33:39:58:00:7E:AC:67
ValidityMon, 12 May 2025 01:41:38 GMT - Sun, 10 Aug 2025 02:39:18 GMT

File type
RIFF (little-endian) data, Web/P image
Size
18 kB (17842 bytes)
Hash
4b52ecdc33382c9dca874f551990e704
8f3bf8e41cd4cdddb17836b261e73f827b84341b
cce050cc3b150c0b370751021bb15018ee2b64ac369e230fe3b571a9b00d4342

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft
urlquery	phishing	Phishing - Tycoon Phishing Kit

HTTP Headers

GET /stu65mCA9NLRUnEqSWKqQw1kM945mTf68VdYvIpOvEDWcGCRb54g98J3GGrL3ef260 HTTP/1.1
Host: urguc4.msyoxvxe.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en
Cookie: XSRF-TOKEN=eyJpdiI6IlhBTWJ2WDJGNFNuTkNYL0FsUUE3Q0E9PSIsInZhbHVlIjoiWFZXTUNIUCtqd3VlTzV1Q3RwTnMxMkgxZHB1NzNzQ0pzek5wd3lubFYzMXV3ejhaZlRUTmpjM0ZQWWpIdmh0TVV6cHYwNUhtMEZUbkNTdldFaFM4OWl6QklLMER5cjBYZ0ZOdCtCeWVMa28yR3ZnQXJjcFcvd3JEaHZvVkF0TmIiLCJtYWMiOiIxNjRlOGI4MDUxNGYwOWIwMGE1MDJlNGJlZjFmZTY2ZTgyZWJkZThmNDI4OWUwY2YxYzQwOGJjYTk1MjE2YmRjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImNTdFg4dUFtSkd2OWtHbGhrSVZ4OHc9PSIsInZhbHVlIjoiYjJmekU4N05jTmlQRUFaWVh3Q3pPT0ZocFRwNW5McXpualdid3U2d2JXVkNkRlUzRzdCSkNpR0tRODlPb0ExaEpLd3RwMVQ4SUxDV1RUSVNTc2NWZHdxeHZRLzI5Y1JraVBSOHVzdnordUhsREZtU3VMSW5VbWRvb1NVVUxZeWYiLCJtYWMiOiJhY2NmZDc2YWZmZmIzYjRiNmE0ZTViZGRmMTY2NWYxMGU5YjRmZmY3NmMxNTI1ZmRlMzY1NmMwOWMzNzZkODQ1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 02 Jul 2025 23:20:57 GMT
content-type: image/webp
content-length: 17842
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-disposition: inline; filename="stu65mCA9NLRUnEqSWKqQw1kM945mTf68VdYvIpOvEDWcGCRb54g98J3GGrL3ef260"
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=54DtATu35%2FBn3CivWmWEmj3%2BlaUemI9rPiVnG3Rx%2BjOq383p%2FWrI1kj0o3AW7%2FumdKzK1IQNeei4caPF0lvCGP0Ey2DGvKamV7g%3D"}]}
cf-ray: 9591e062dc83712b-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2652&min_rtt=0&rtt_var=2022&sent=464&recv=155&lost=4&retrans=4&sent_bytes=508891&recv_bytes=39776&delivery_rate=14365570&ss_exit_cwnd=28822&ss_exit_reason=2&cwnd=19951&unsent_bytes=0&cid=401366e0b4621c11&ts=23106&inflight_dur=434&x=40"

GET github.com/fent/randexp.js/releases/download/v0.4.3/randexp.min.js

140.82.121.4

302 Found

10 kB

URL GET
github.com/fent/randexp.js/releases/download/v0.4.3/randexp.min.js
IP
140.82.121.4:443
ASN
#36459 GITHUB

Requested by
https://urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en
Certificate
IssuerSectigo Limited
Subjectgithub.com
FingerprintE4:33:71:DD:D6:91:4A:75:B6:1F:9E:4F:74:6D:9B:F0:DD:26:FC:3A
ValidityWed, 05 Feb 2025 00:00:00 GMT - Thu, 05 Feb 2026 23:59:59 GMT

File type

Size
10 kB (10245 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /fent/randexp.js/releases/download/v0.4.3/randexp.min.js HTTP/1.1
Host: github.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://urguc4.msyoxvxe.es/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Wed, 02 Jul 2025 23:19:32 GMT
content-type: text/html; charset=utf-8
content-length: 0
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, X-Requested-With,Accept-Encoding, Accept, X-Requested-With
location: https://objects.githubusercontent.com/github-production-release-asset-2e65be/2925284/11f3acf8-4ccb-11e6-8ce4-c179c0a212de?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20250702%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250702T231932Z&X-Amz-Expires=1800&X-Amz-Signature=46d36701e4d0f075e502172ff03e3239be679c3aec0c630795de33ab6a803401&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3Drandexp.min.js&response-content-type=application%2Foctet-stream
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com release-assets.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com copilotprodattachments.blob.core.windows.net/github-production-copilot-attachments/ github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/
server: github.com
x-github-request-id: 148A:2D27EC:22DDD0B:23D7BFA:6865BED7
X-Firefox-Spdy: h2

GET urguc4.msyoxvxe.es/mnWThlpoBQ2wTEgHE3lGTgysOkz5uvLhtolf2KQNaz9IieZBfDDg9w90146

104.21.57.248

200 OK

270 B

URL GET
urguc4.msyoxvxe.es/mnWThlpoBQ2wTEgHE3lGTgysOkz5uvLhtolf2KQNaz9IieZBfDDg9w90146
IP
104.21.57.248:443
ASN
#13335 CLOUDFLARENET

Requested by
https://urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en
Certificate
IssuerGoogle Trust Services
Subjectmsyoxvxe.es
Fingerprint68:E4:97:CA:CE:60:2C:D9:EA:23:38:4E:25:33:39:58:00:7E:AC:67
ValidityMon, 12 May 2025 01:41:38 GMT - Sun, 10 Aug 2025 02:39:18 GMT

File type
SVG Scalable Vector Graphics image
Size
270 B (270 bytes)
Hash
40eb39126300b56bf66c20ee75b54093
83678d94097257eb474713dec49e8094f49d2e2a
765709425a5b9209e875dccf2217d3161429d2d48159fc1df7b253b77c1574f4

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft
urlquery	phishing	Phishing - Tycoon Phishing Kit

HTTP Headers

GET /mnWThlpoBQ2wTEgHE3lGTgysOkz5uvLhtolf2KQNaz9IieZBfDDg9w90146 HTTP/1.1
Host: urguc4.msyoxvxe.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en
Cookie: XSRF-TOKEN=eyJpdiI6IlhBTWJ2WDJGNFNuTkNYL0FsUUE3Q0E9PSIsInZhbHVlIjoiWFZXTUNIUCtqd3VlTzV1Q3RwTnMxMkgxZHB1NzNzQ0pzek5wd3lubFYzMXV3ejhaZlRUTmpjM0ZQWWpIdmh0TVV6cHYwNUhtMEZUbkNTdldFaFM4OWl6QklLMER5cjBYZ0ZOdCtCeWVMa28yR3ZnQXJjcFcvd3JEaHZvVkF0TmIiLCJtYWMiOiIxNjRlOGI4MDUxNGYwOWIwMGE1MDJlNGJlZjFmZTY2ZTgyZWJkZThmNDI4OWUwY2YxYzQwOGJjYTk1MjE2YmRjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImNTdFg4dUFtSkd2OWtHbGhrSVZ4OHc9PSIsInZhbHVlIjoiYjJmekU4N05jTmlQRUFaWVh3Q3pPT0ZocFRwNW5McXpualdid3U2d2JXVkNkRlUzRzdCSkNpR0tRODlPb0ExaEpLd3RwMVQ4SUxDV1RUSVNTc2NWZHdxeHZRLzI5Y1JraVBSOHVzdnordUhsREZtU3VMSW5VbWRvb1NVVUxZeWYiLCJtYWMiOiJhY2NmZDc2YWZmZmIzYjRiNmE0ZTViZGRmMTY2NWYxMGU5YjRmZmY3NmMxNTI1ZmRlMzY1NmMwOWMzNzZkODQ1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 02 Jul 2025 23:20:56 GMT
content-type: image/svg+xml
cf-ray: 9591e0628c7d712b-OSL
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-disposition: inline; filename="mnWThlpoBQ2wTEgHE3lGTgysOkz5uvLhtolf2KQNaz9IieZBfDDg9w90146"
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=%2FduwcBGeP7tyarDtHZ%2BX9eV9eh%2ByN5YzjoYAeiW1GfEq18uq3YknbTYNpb4hjPyGOz16Kth%2F%2Fib3ONmBUI6HGzoNL6EirEyf%2FBU%3D"}]}
vary: accept-encoding
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2473&min_rtt=0&rtt_var=2042&sent=444&recv=147&lost=4&retrans=4&sent_bytes=494803&recv_bytes=34576&delivery_rate=14365570&ss_exit_cwnd=28822&ss_exit_reason=2&cwnd=19951&unsent_bytes=0&cid=401366e0b4621c11&ts=21647&inflight_dur=396&x=40"

104.18.95.41

200 OK

30 kB

URL POST
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1531865007:1751494856:Ocmf3KSCWX-uPOqfUYOvlzdsUjTNy5DvOnnOeOilKhE/9591dfe2998b569f/7ilaPyE2WM4Nc8XNqM5RmwxK5z068lSVzsGOGaZp8kc-1751498434-1.2.1.1-ENDnCp23QhrDI1uqUE2PP67KyTWbIbA0PZEsCvmt8Do9PoUKVUNqWKepWdL3MJSS
IP
104.18.95.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
FingerprintFC:98:AC:45:6F:F6:41:18:0B:96:F4:70:AB:D7:E3:D4:3D:B4:66:71
ValidityFri, 27 Jun 2025 18:18:48 GMT - Thu, 25 Sep 2025 19:18:44 GMT

File type
ASCII text, with very long lines (29696), with no line terminators
Size
30 kB (29696 bytes)
Hash
912072208bd0eb24c4a5e2b3170de873
827a33c2cbf46309a37d308f8ec7aee086d20e4d
5cf33abd91d2cc89292158069246e36962734a57ad2f884f049bbdb62c0f5ba6

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1531865007:1751494856:Ocmf3KSCWX-uPOqfUYOvlzdsUjTNy5DvOnnOeOilKhE/9591dfe2998b569f/7ilaPyE2WM4Nc8XNqM5RmwxK5z068lSVzsGOGaZp8kc-1751498434-1.2.1.1-ENDnCp23QhrDI1uqUE2PP67KyTWbIbA0PZEsCvmt8Do9PoUKVUNqWKepWdL3MJSS HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/
cf-chl: 7ilaPyE2WM4Nc8XNqM5RmwxK5z068lSVzsGOGaZp8kc-1751498434-1.2.1.1-ENDnCp23QhrDI1uqUE2PP67KyTWbIbA0PZEsCvmt8Do9PoUKVUNqWKepWdL3MJSS
cf-chl-ra: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 35426
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 02 Jul 2025 23:20:43 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: MBz/509gm3u5rQPAkfSMapeAm7aSueVpVzBU9XC9OW7VR52A0Cbd8AORQIfJoCFh$DKm+XPOK1xErBPkPhhoYUw==
priority: u=3,i=?0
server: cloudflare
cf-ray: 9591e014af23569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

POST urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==

104.21.57.248

200 OK

90 B

URL User Request POST
urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==
IP
104.21.57.248:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectmsyoxvxe.es
Fingerprint68:E4:97:CA:CE:60:2C:D9:EA:23:38:4E:25:33:39:58:00:7E:AC:67
ValidityMon, 12 May 2025 01:41:38 GMT - Sun, 10 Aug 2025 02:39:18 GMT

File type
HTML document, ASCII text, with no line terminators
Size
90 B (90 bytes)
Hash
7828f7ae07241c0978ce44e5cc4a0a83
a9c93817a15b03507c3c21021fba863d3ac62b7f
a65713ab569fbcda76f7d8cd7827b5cc51b58eb5d1b03b50c91924ba9c785fd9

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - Anti-debugging code
urlquery	phishing	Phishing - Tycoon Phishing Kit

HTTP Headers

POST /QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA== HTTP/1.1
Host: urguc4.msyoxvxe.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1008
Origin: https://urguc4.msyoxvxe.es
DNT: 1
Connection: keep-alive
Referer: https://urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==
Cookie: XSRF-TOKEN=eyJpdiI6IktEeFUyNlN4M2NudnN5RHFBbzFQWWc9PSIsInZhbHVlIjoiVXVaTEdpNFZKcEUrWUFqYjhNLzJBNDRKandiaGdjeFhWWE5qdy92bG53ZE1DWkIwNllrckJRL0ZjbUxhcE1BcjloTVpxdHdiMkhkNGVnSHJpSGhNV3ZVQ29YUzN6M05PWnhiS25oL21aWHJnV3hQQjZTeVllZVF3amF2QVozYWUiLCJtYWMiOiI4MzM3ZmQwNWU4M2M3NTNjYzAwZTIwZDQ2NzcwYTYwNTNmYTQ2NjIzYjkyYzg0NTJmZGU0YzUxNWIyODlhMzYwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImVteEFZYVErVVE5WERSVGplNjdSTlE9PSIsInZhbHVlIjoiNmhRK21XOG4yNytmdGl3aWhiNGdUNlhVQUpPdXVPM2lXRlBET2RvczdnTnBJeEhNY2VDMVdMc2VlbG5VRlAzeFQwUGNqQlNtZXlqSDNsUUt3eVFNZkVGc3Z2NlcreXJSbDZ3cDM5T1NRRzByWThMN2xkdUxyRG85VHlLNE9ldUIiLCJtYWMiOiJkODVmMzVkYWVlNTJhMWU3ODEwODI4OGYzOGE1NGRkNzIxMjYxZmNkYWE5NTFkYTNlZWNiNzAwMjgxZDY4N2RlIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Sec-Fetch-User: ?1
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 02 Jul 2025 23:20:49 GMT
content-type: text/html; charset=UTF-8
cf-ray: 9591e03a2bc3712b-OSL
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control: no-cache, private
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=ybNs8XD6ZnFPCbdAk3GiR%2FzMZ3%2FFDDzxUFVhvoDK0hZYH%2FW5YDAyFbDP7ULEuDQJ7su6eP23rMELpOzjXqDgj2yIJ0ikFrMCQg0%3D"}]}
cf-cache-status: DYNAMIC
set-cookie: XSRF-TOKEN=eyJpdiI6IkdmY3ZuajJad3hyNjVPWFhlVnJsY2c9PSIsInZhbHVlIjoiNjg3dmlMRlF3UU8vMVhBL0lVL3hpM2pKT1hhbUZqQThKUzFWdnY1eG5rQzJSYXlMdzFEQlF3c1NGMGlvM090YllnTVZmdG9VcU9VR3NuWVNkMEUzMGVGUHNNWXRETlZFVmdkbS9CSWZuOUlLOVVWeGxIU0lxSVg1Y0FscC92WlIiLCJtYWMiOiI2Mjc5NmRiNmFjOWE3YmU4ODM0MzQ3NDA3ZDQyNmM4ZmEwZTQxNWM4ZjlmNDc1Mjg1NTRlM2RiOTA3MDUyZDYxIiwidGFnIjoiIn0%3D; SameSite=None; Secure; Path=/; Max-Age=7200; Expires=Thu, 03 Jul 2025 01:20:49 GMT
laravel_session=eyJpdiI6IkNCM25aVzZibVBYUVRkeElySGdMb3c9PSIsInZhbHVlIjoiWGcweDJ0UnVCUWtGbWZzSHNRdmcyeDJFRnlJSVAybzRIRWxTMllCV1RSNUgzOEQ2RnRTWlJPa0NwSXRPQ0ZaSFlPdEJoQzFwaUdsdDZIMUdnSldXei9hZHR5SU42dnJNaWdVSi9iTTcweTkzZnRYd1hoODFKY0JHYytSUU03ZmQiLCJtYWMiOiJmYTIzZTI5NjE5MzU5OGMxMWI2MjM2MjIyNTcxYjQ4NWE5ZjMzMjUwMWU1N2FjY2YwODA1ODg4MjNlODlmNzQwIiwidGFnIjoiIn0%3D; HttpOnly; SameSite=None; Secure; Path=/; Max-Age=7200; Expires=Thu, 03 Jul 2025 01:20:49 GMT
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=11732&min_rtt=2002&rtt_var=9893&sent=44&recv=60&lost=0&retrans=0&sent_bytes=7352&recv_bytes=6503&delivery_rate=157319&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=18709&unsent_bytes=0&cid=401366e0b4621c11&ts=15188&inflight_dur=71&x=40"

GET urguc4.msyoxvxe.es/favicon.ico

104.21.57.248

404 Not Found

0 B

URL GET
urguc4.msyoxvxe.es/favicon.ico
IP
104.21.57.248:443
ASN
#13335 CLOUDFLARENET

Requested by
https://urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==
Certificate
IssuerGoogle Trust Services
Subjectmsyoxvxe.es
Fingerprint68:E4:97:CA:CE:60:2C:D9:EA:23:38:4E:25:33:39:58:00:7E:AC:67
ValidityMon, 12 May 2025 01:41:38 GMT - Sun, 10 Aug 2025 02:39:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Tycoon Phishing Kit

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: urguc4.msyoxvxe.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==
Cookie: XSRF-TOKEN=eyJpdiI6InRkY1NITzVHZ2tzMzJDSU9DcFpBWHc9PSIsInZhbHVlIjoiMkZ1Z25pWWlvcVNQR21taytIUlovQkJQME9md2N5c0QwVkoySkhSMGoyc3FPZkdyenpWTzZHcW9Bcmg4RkF3TFJzQ1RZRHZGSExtY2E2L1dGMVY0ZHRaakZyTVBoTG9lZklJSzZ2TjBmbjJXLzBWMWd0K0poUlEzSUNMWDFFVk8iLCJtYWMiOiI4MTEwNGNjZDc5NTg2OWYwZDM1NzU4ODhmN2I1YzUyM2Q2ZTQzNThhNGZiNTAxYWQ2YTc2NTMyYTUyNjcwOTcyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ijk2V1hWU2FQMGhsZ1RCMU1pbGNidmc9PSIsInZhbHVlIjoiK1FJbDJKNnVBeEJqbE5CZ1BqbkRVRWFSMForaHQ1b1ZRYU1jZEpFaStvZUJ0ZmdFbUY0a3BIY2JReThybGVMaUFKK09kaTlMdlRwSExuSTBSbW53MHFNbHFZRm9lMXBEMERsUjdDdzNiTVZKcG9jM2ZuUThMU2xIMndhcm1OeTIiLCJtYWMiOiIwMmQ0NjU1ZDA4MTZkMDlhMjA3NzE5MzNlZWMyMjQxMGNkMmIyZmIwNmNhMDU5OGFjZWFkZDg0OGJmOWFlYmJjIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Wed, 02 Jul 2025 23:20:53 GMT
content-type: text/html; charset=UTF-8
cf-ray: 9591e0546c3d712b-OSL
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=qXtyAO6w6duQmjtdycbIrPtWkcXss6sjXDKiu2iWrDlwP8j32pStkrjx9SWrA4BKr9sm%2B2vLIuWVeuGsw8ZIHHtu71ybxez5GOY%3D"}]}
cf-cache-status: HIT
vary: accept-encoding
age: 41
cache-control: max-age=14400
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3661&min_rtt=0&rtt_var=4106&sent=76&recv=79&lost=0&retrans=0&sent_bytes=37239&recv_bytes=13238&delivery_rate=5407723&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=28822&unsent_bytes=0&cid=401366e0b4621c11&ts=18808&inflight_dur=150&x=40"

GET code.jquery.com/jquery-3.6.0.min.js

151.101.2.137

200 OK

90 kB

URL GET
code.jquery.com/jquery-3.6.0.min.js
IP
151.101.2.137:443
ASN
#54113 FASTLY

Requested by
https://urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en
Certificate
IssuerSectigo Limited
Subject*.jquery.com
Fingerprint56:36:FB:D3:E0:9E:71:88:98:A4:C9:34:94:9B:43:3A:C4:C5:1E:BE
ValidityThu, 12 Jun 2025 00:00:00 GMT - Fri, 26 Jun 2026 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
90 kB (89501 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

HTTP Headers

GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://urguc4.msyoxvxe.es/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d9d"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 02 Jul 2025 23:20:55 GMT
age: 3227455
x-served-by: cache-lga21931-LGA, cache-hel1410026-HEL
x-cache: HIT, HIT
x-cache-hits: 71, 819385
x-timer: S1751498455.311847,VS0,VE0
vary: Accept-Encoding
content-length: 30875
X-Firefox-Spdy: h2

GET urguc4.msyoxvxe.es/opik7durA5y1Z7MCdja6hhN4T8tef4gtPgqCAlW8g1E6eRy67140

104.21.57.248

200 OK

892 B

URL GET
urguc4.msyoxvxe.es/opik7durA5y1Z7MCdja6hhN4T8tef4gtPgqCAlW8g1E6eRy67140
IP
104.21.57.248:443
ASN
#13335 CLOUDFLARENET

Requested by
https://urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en
Certificate
IssuerGoogle Trust Services
Subjectmsyoxvxe.es
Fingerprint68:E4:97:CA:CE:60:2C:D9:EA:23:38:4E:25:33:39:58:00:7E:AC:67
ValidityMon, 12 May 2025 01:41:38 GMT - Sun, 10 Aug 2025 02:39:18 GMT

File type
RIFF (little-endian) data, Web/P image
Size
892 B (892 bytes)
Hash
41d62ca205d54a78e4298367482b4e2b
839aae21ed8ecfc238fdc68b93ccb27431cd5393
20a4a780db0bcc047015a0d8037eb4eb58b3e5cb338673799c030a3e1b626b40

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft
urlquery	phishing	Phishing - Tycoon Phishing Kit

HTTP Headers

GET /opik7durA5y1Z7MCdja6hhN4T8tef4gtPgqCAlW8g1E6eRy67140 HTTP/1.1
Host: urguc4.msyoxvxe.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en
Cookie: XSRF-TOKEN=eyJpdiI6IlhBTWJ2WDJGNFNuTkNYL0FsUUE3Q0E9PSIsInZhbHVlIjoiWFZXTUNIUCtqd3VlTzV1Q3RwTnMxMkgxZHB1NzNzQ0pzek5wd3lubFYzMXV3ejhaZlRUTmpjM0ZQWWpIdmh0TVV6cHYwNUhtMEZUbkNTdldFaFM4OWl6QklLMER5cjBYZ0ZOdCtCeWVMa28yR3ZnQXJjcFcvd3JEaHZvVkF0TmIiLCJtYWMiOiIxNjRlOGI4MDUxNGYwOWIwMGE1MDJlNGJlZjFmZTY2ZTgyZWJkZThmNDI4OWUwY2YxYzQwOGJjYTk1MjE2YmRjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImNTdFg4dUFtSkd2OWtHbGhrSVZ4OHc9PSIsInZhbHVlIjoiYjJmekU4N05jTmlQRUFaWVh3Q3pPT0ZocFRwNW5McXpualdid3U2d2JXVkNkRlUzRzdCSkNpR0tRODlPb0ExaEpLd3RwMVQ4SUxDV1RUSVNTc2NWZHdxeHZRLzI5Y1JraVBSOHVzdnordUhsREZtU3VMSW5VbWRvb1NVVUxZeWYiLCJtYWMiOiJhY2NmZDc2YWZmZmIzYjRiNmE0ZTViZGRmMTY2NWYxMGU5YjRmZmY3NmMxNTI1ZmRlMzY1NmMwOWMzNzZkODQ1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 02 Jul 2025 23:20:56 GMT
content-type: image/webp
content-length: 892
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-disposition: inline; filename="opik7durA5y1Z7MCdja6hhN4T8tef4gtPgqCAlW8g1E6eRy67140"
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=BIK3JNmDOjRLUjIy7k9bMEDkSlVoXCATrHsYT0NV8PJqdFFmDKSnsx%2BTSXYC4JN73vfyCG8S1NTCETmHD%2B07p19vc%2FJKEOu0"}]}
cf-ray: 9591e0628c7c712b-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2695&min_rtt=0&rtt_var=2246&sent=453&recv=149&lost=4&retrans=4&sent_bytes=501460&recv_bytes=34669&delivery_rate=14365570&ss_exit_cwnd=28822&ss_exit_reason=2&cwnd=19951&unsent_bytes=0&cid=401366e0b4621c11&ts=21803&inflight_dur=425&x=40"

GET aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg

13.107.246.67

200 OK

1.9 kB

URL GET
aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg
IP
13.107.246.67:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en
Certificate
IssuerDigiCert Inc
Subjectaadcdn.msauth.net
Fingerprint38:05:DB:30:B5:83:1A:A0:A9:AD:24:B2:62:0F:E7:F6:60:9B:7C:00
ValidityTue, 29 Oct 2024 00:00:00 GMT - Wed, 29 Oct 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
1.9 kB (1864 bytes)
Hash
bc3d32a696895f78c19df6c717586a5d
9191cb156a30a3ed79c44c0a16c95159e8ff689d
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

HTTP Headers

GET /shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://urguc4.msyoxvxe.es/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 02 Jul 2025 23:20:57 GMT
content-type: image/svg+xml
content-length: 673
cache-control: public, max-age=31536000
content-encoding: gzip
last-modified: Wed, 24 May 2023 10:11:46 GMT
etag: 0x8DB5C3F47E260FD
x-ms-request-id: 8f437342-e01e-0036-594f-e73999000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 20250702T232057Z-17dfff746846msrfhC1SVGs8nn00000006900000000019qx
x-fd-int-roxy-purgeid: 4554691
x-cache: TCP_HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js

104.17.24.14

200 OK

48 kB

URL GET
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint4B:06:E9:E2:47:47:F5:3C:33:58:F8:2A:95:70:22:5E:23:19:03:77
ValidityThu, 22 May 2025 14:38:44 GMT - Wed, 20 Aug 2025 15:38:38 GMT

File type
JavaScript source, ASCII text, with very long lines (48316), with no line terminators
Size
48 kB (48316 bytes)
Hash
2ca03ad87885ab983541092b87adb299
1a17f60bf776a8c468a185c1e8e985c41a50dc27
8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762

HTTP Headers

GET /ajax/libs/crypto-js/4.1.1/crypto-js.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://urguc4.msyoxvxe.es/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 02 Jul 2025 23:20:50 GMT
content-type: application/javascript; charset=utf-8
content-length: 13972
cf-ray: 9591e041a9f90b61-OSL
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "61182885-3694"
last-modified: Sat, 14 Aug 2021 20:33:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 556888
expires: Mon, 22 Jun 2026 23:20:50 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B8g%2Fay17QQab3Zvolb%2F%2FbTmNi4GO8sj1Nm2SPOmh8VwqyGuOpLvzdTZKVn%2BYAX6B%2BN8L3UpWt1nUOVJCeyNWDrfDQX9n523mgJZBuXOobmCGaEXs1sQuOi%2BM3KWKqU5vakmQkMrZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js

104.17.24.14

200 OK

48 kB

URL GET
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint4B:06:E9:E2:47:47:F5:3C:33:58:F8:2A:95:70:22:5E:23:19:03:77
ValidityThu, 22 May 2025 14:38:44 GMT - Wed, 20 Aug 2025 15:38:38 GMT

File type
JavaScript source, ASCII text, with very long lines (48316), with no line terminators
Size
48 kB (48316 bytes)
Hash
2ca03ad87885ab983541092b87adb299
1a17f60bf776a8c468a185c1e8e985c41a50dc27
8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762

HTTP Headers

GET /ajax/libs/crypto-js/4.1.1/crypto-js.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://urguc4.msyoxvxe.es/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 02 Jul 2025 23:20:54 GMT
content-type: application/javascript; charset=utf-8
content-length: 13972
cf-ray: 9591e05dd995569b-OSL
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "61182885-3694"
last-modified: Sat, 14 Aug 2021 20:33:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 556892
expires: Mon, 22 Jun 2026 23:20:54 GMT
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vi1bZvdwLCEar%2BmOpC8caQeyGFk2uTf3u3HQLSkf5SvgkVOz3JwoBFqFcwG5SModq5N0uBQHS3jvvkn2P8gF8ImPdnDCIyRVLRnkTzG1EN0j1AKY0LOMWeCk2k%2B79qkg56zluKya"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET urguc4.msyoxvxe.es/qrcZWnFkxgwAC5nrv3I658wj2N5D12VLSsauX3i2kX6ohA5dRnfaToVQZH6ef236

104.21.57.248

200 OK

9.6 kB

URL GET
urguc4.msyoxvxe.es/qrcZWnFkxgwAC5nrv3I658wj2N5D12VLSsauX3i2kX6ohA5dRnfaToVQZH6ef236
IP
104.21.57.248:443
ASN
#13335 CLOUDFLARENET

Requested by
https://urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en
Certificate
IssuerGoogle Trust Services
Subjectmsyoxvxe.es
Fingerprint68:E4:97:CA:CE:60:2C:D9:EA:23:38:4E:25:33:39:58:00:7E:AC:67
ValidityMon, 12 May 2025 01:41:38 GMT - Sun, 10 Aug 2025 02:39:18 GMT

File type
RIFF (little-endian) data, Web/P image
Size
9.6 kB (9648 bytes)
Hash
4946eb373b18d178c93d473489673bb6
16477acb73b63ca251d37401249e7e4515febd24
666bc574c9f3fb28a8ac626fa8105c187c2a313736494a06bd5a937473673c92

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft
urlquery	phishing	Phishing - Tycoon Phishing Kit

HTTP Headers

GET /qrcZWnFkxgwAC5nrv3I658wj2N5D12VLSsauX3i2kX6ohA5dRnfaToVQZH6ef236 HTTP/1.1
Host: urguc4.msyoxvxe.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en
Cookie: XSRF-TOKEN=eyJpdiI6IlhBTWJ2WDJGNFNuTkNYL0FsUUE3Q0E9PSIsInZhbHVlIjoiWFZXTUNIUCtqd3VlTzV1Q3RwTnMxMkgxZHB1NzNzQ0pzek5wd3lubFYzMXV3ejhaZlRUTmpjM0ZQWWpIdmh0TVV6cHYwNUhtMEZUbkNTdldFaFM4OWl6QklLMER5cjBYZ0ZOdCtCeWVMa28yR3ZnQXJjcFcvd3JEaHZvVkF0TmIiLCJtYWMiOiIxNjRlOGI4MDUxNGYwOWIwMGE1MDJlNGJlZjFmZTY2ZTgyZWJkZThmNDI4OWUwY2YxYzQwOGJjYTk1MjE2YmRjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImNTdFg4dUFtSkd2OWtHbGhrSVZ4OHc9PSIsInZhbHVlIjoiYjJmekU4N05jTmlQRUFaWVh3Q3pPT0ZocFRwNW5McXpualdid3U2d2JXVkNkRlUzRzdCSkNpR0tRODlPb0ExaEpLd3RwMVQ4SUxDV1RUSVNTc2NWZHdxeHZRLzI5Y1JraVBSOHVzdnordUhsREZtU3VMSW5VbWRvb1NVVUxZeWYiLCJtYWMiOiJhY2NmZDc2YWZmZmIzYjRiNmE0ZTViZGRmMTY2NWYxMGU5YjRmZmY3NmMxNTI1ZmRlMzY1NmMwOWMzNzZkODQ1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 02 Jul 2025 23:20:58 GMT
content-type: image/webp
content-length: 9648
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-disposition: inline; filename="qrcZWnFkxgwAC5nrv3I658wj2N5D12VLSsauX3i2kX6ohA5dRnfaToVQZH6ef236"
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=k0SUk8SIdGuc8DKoIzIpF0YQ%2BMT893mQaMVvJjSEJ82VjBsZb7uBP0sSNHltECFjog5T5d40PbfullGnPREUvItDCkx7KZAoA30%3D"}]}
cf-ray: 9591e062dc82712b-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1941&min_rtt=0&rtt_var=1196&sent=506&recv=162&lost=4&retrans=4&sent_bytes=557682&recv_bytes=40101&delivery_rate=14365570&ss_exit_cwnd=28822&ss_exit_reason=2&cwnd=19951&unsent_bytes=0&cid=401366e0b4621c11&ts=24313&inflight_dur=464&x=40"

GET ok4static.oktacdn.com/assets/loginpage/font/assets/proximanova-reg-webfont.353416ed0ff540352235.woff2

3.167.2.64

200 OK

20 kB

URL GET
ok4static.oktacdn.com/assets/loginpage/font/assets/proximanova-reg-webfont.353416ed0ff540352235.woff2
IP
3.167.2.64:443
ASN
#0

Requested by
https://urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en
Certificate
IssuerDigiCert Inc
Subject*.oktacdn.com
Fingerprint3E:D7:C7:A6:35:70:74:E4:BF:45:2E:A1:D5:A3:25:88:24:76:B3:B5
ValidityMon, 02 Dec 2024 00:00:00 GMT - Fri, 02 Jan 2026 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 20416, version 2.197
Size
20 kB (20416 bytes)
Hash
d99a7377dabb55772ca9f986b0a04b57
2b5fcd8431953c44e410d0489899e74f6d2cfecc
affdba1620552b12a1a8a04467136aeb408c03fa337d20e9c38374d682d4d149

HTTP Headers

GET /assets/loginpage/font/assets/proximanova-reg-webfont.353416ed0ff540352235.woff2 HTTP/1.1
Host: ok4static.oktacdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://urguc4.msyoxvxe.es
DNT: 1
Connection: keep-alive
Referer: https://ok4static.oktacdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/font-woff2
content-length: 20416
date: Mon, 23 Jun 2025 13:02:15 GMT
server: nginx
last-modified: Tue, 07 Nov 2023 18:56:28 GMT
etag: "d99a7377dabb55772ca9f986b0a04b57"
x-amz-meta-sha1sum: 2b5fcd8431953c44e410d0489899e74f6d2cfecc
expires: Tue, 23 Jun 2026 13:02:15 GMT
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
strict-transport-security: max-age=315360000; includeSubDomains
access-control-allow-origin: *
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 36817f2624d87ea26a28cf9e3afd2402.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P2
x-amz-cf-id: Q0i0mZPkdit3ymXN3Lim-i3qidNYqQnVM0Fg5R7VOXUkE5HdnqKc0w==
age: 814722
X-Firefox-Spdy: h2

POST urguc4.msyoxvxe.es/xy26kr8bdJ4LmVVdyRyUs8DfuHwqWl8kTUVbkk4X9yCofq

104.21.57.248

200 OK

396 B

URL POST
urguc4.msyoxvxe.es/xy26kr8bdJ4LmVVdyRyUs8DfuHwqWl8kTUVbkk4X9yCofq
IP
104.21.57.248:443
ASN
#13335 CLOUDFLARENET

Requested by
https://urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==
Certificate
IssuerGoogle Trust Services
Subjectmsyoxvxe.es
Fingerprint68:E4:97:CA:CE:60:2C:D9:EA:23:38:4E:25:33:39:58:00:7E:AC:67
ValidityMon, 12 May 2025 01:41:38 GMT - Sun, 10 Aug 2025 02:39:18 GMT

File type
JSON text data
Size
396 B (396 bytes)
Hash
a58786e71b6624f12678a868f0264a38
e54cfc88ce9913a679e509b2b7cc02301b42ee77
60cf15acf1adb8e7aa2074bac11e00fbb1d67c9aae67bedd7c968fec19b155aa

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Tycoon Phishing Kit

HTTP Headers

POST /xy26kr8bdJ4LmVVdyRyUs8DfuHwqWl8kTUVbkk4X9yCofq HTTP/1.1
Host: urguc4.msyoxvxe.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 31
Origin: https://urguc4.msyoxvxe.es
DNT: 1
Connection: keep-alive
Referer: https://urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==
Cookie: XSRF-TOKEN=eyJpdiI6InRkY1NITzVHZ2tzMzJDSU9DcFpBWHc9PSIsInZhbHVlIjoiMkZ1Z25pWWlvcVNQR21taytIUlovQkJQME9md2N5c0QwVkoySkhSMGoyc3FPZkdyenpWTzZHcW9Bcmg4RkF3TFJzQ1RZRHZGSExtY2E2L1dGMVY0ZHRaakZyTVBoTG9lZklJSzZ2TjBmbjJXLzBWMWd0K0poUlEzSUNMWDFFVk8iLCJtYWMiOiI4MTEwNGNjZDc5NTg2OWYwZDM1NzU4ODhmN2I1YzUyM2Q2ZTQzNThhNGZiNTAxYWQ2YTc2NTMyYTUyNjcwOTcyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ijk2V1hWU2FQMGhsZ1RCMU1pbGNidmc9PSIsInZhbHVlIjoiK1FJbDJKNnVBeEJqbE5CZ1BqbkRVRWFSMForaHQ1b1ZRYU1jZEpFaStvZUJ0ZmdFbUY0a3BIY2JReThybGVMaUFKK09kaTlMdlRwSExuSTBSbW53MHFNbHFZRm9lMXBEMERsUjdDdzNiTVZKcG9jM2ZuUThMU2xIMndhcm1OeTIiLCJtYWMiOiIwMmQ0NjU1ZDA4MTZkMDlhMjA3NzE5MzNlZWMyMjQxMGNkMmIyZmIwNmNhMDU5OGFjZWFkZDg0OGJmOWFlYmJjIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 02 Jul 2025 23:20:53 GMT
content-type: text/html; charset=UTF-8
cf-ray: 9591e0538c37712b-OSL
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control: no-cache, private
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=4HxV60YuM4%2FtEHAZVLksCCnPWnXVKeL6XKxJ2w9Kg3UN1ywu15oH7fvq%2B0bkdzHI3%2B0nvje7cwsyTrpn7%2BJ3jUeBLQ9zsLvVQmU%3D"}]}
cf-cache-status: DYNAMIC
set-cookie: XSRF-TOKEN=eyJpdiI6IklhakJxbGUrd1JDQ1ZXU2RZeHR0Z1E9PSIsInZhbHVlIjoiV2FsV0VZaXRITk1PQ1RSSWhKejhkUjZESXBLRVJjN0o4NisyeC9ScSsrT2FyRjFXcnhuQ2FuVDdSV1doelBlYXFiK1AzK3FIVWR6SWdWdWNIN1Z2b09BZlZ5RURXWklLTXZGbU5qRFlXZlJKUXBXTDNKMWN0cER0WWNNZ0dsYlgiLCJtYWMiOiJiYjY4OTY3YTY1NjI3NmRiOGZhYTcyOWRlYjRlN2M3YzA0YjU3MWI3ZmRhZmFlNzk5NTU1YjQ0YzRhY2NkNjgxIiwidGFnIjoiIn0%3D; SameSite=None; Secure; Path=/; Max-Age=7200; Expires=Thu, 03 Jul 2025 01:20:53 GMT
laravel_session=eyJpdiI6IlpiQk9LcktJRUcvTWIvRVlMdGpNZkE9PSIsInZhbHVlIjoibjlXUEdFT2NrR254enpjbW9ka29ieG16bG95VlhybHJKdU91UVR5bkwySW1sZHZ1TWtVMEFCN1hqTG41ODBPbEVBTlNLTWErSkpmSGUvOEVtVkZhbncrcVp1RXpNcUlHbTVoaldxbVYrYkZ5NUppY3lPbWRhUXlkUmdzMUlEbjMiLCJtYWMiOiJmOTVmZjU5Zjk2ZGIxY2YwYTBmZmUxNjlmNmNkN2VkMDM1OWVjOTk5NWViYmQzNzg5MDJlYTEzMjZiZjJlMTBhIiwidGFnIjoiIn0%3D; HttpOnly; SameSite=None; Secure; Path=/; Max-Age=7200; Expires=Thu, 03 Jul 2025 01:20:53 GMT
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3521&min_rtt=0&rtt_var=3359&sent=77&recv=80&lost=0&retrans=0&sent_bytes=37846&recv_bytes=13283&delivery_rate=5407723&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=28822&unsent_bytes=0&cid=401366e0b4621c11&ts=19098&inflight_dur=173&x=40"

GET urguc4.msyoxvxe.es/opj7CqUYjw1BDRH4kAFx8PuawnxLsnPmsJghbBLjpBZlt40mqRGv7jZA6uFBcd191

104.21.57.248

200 OK

268 B

URL GET
urguc4.msyoxvxe.es/opj7CqUYjw1BDRH4kAFx8PuawnxLsnPmsJghbBLjpBZlt40mqRGv7jZA6uFBcd191
IP
104.21.57.248:443
ASN
#13335 CLOUDFLARENET

Requested by
https://urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en
Certificate
IssuerGoogle Trust Services
Subjectmsyoxvxe.es
Fingerprint68:E4:97:CA:CE:60:2C:D9:EA:23:38:4E:25:33:39:58:00:7E:AC:67
ValidityMon, 12 May 2025 01:41:38 GMT - Sun, 10 Aug 2025 02:39:18 GMT

File type
SVG Scalable Vector Graphics image
Size
268 B (268 bytes)
Hash
59759b80e24a89c8cd029b14700e646d
651b1921c99e143d3c242de3faacfb9ad51dbb53
b02b5df3ecd59d6cd90c60878683477532cbfc24660028657f290bdc7bc774b5

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft
urlquery	phishing	Phishing - Tycoon Phishing Kit

HTTP Headers

GET /opj7CqUYjw1BDRH4kAFx8PuawnxLsnPmsJghbBLjpBZlt40mqRGv7jZA6uFBcd191 HTTP/1.1
Host: urguc4.msyoxvxe.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en
Cookie: XSRF-TOKEN=eyJpdiI6IlhBTWJ2WDJGNFNuTkNYL0FsUUE3Q0E9PSIsInZhbHVlIjoiWFZXTUNIUCtqd3VlTzV1Q3RwTnMxMkgxZHB1NzNzQ0pzek5wd3lubFYzMXV3ejhaZlRUTmpjM0ZQWWpIdmh0TVV6cHYwNUhtMEZUbkNTdldFaFM4OWl6QklLMER5cjBYZ0ZOdCtCeWVMa28yR3ZnQXJjcFcvd3JEaHZvVkF0TmIiLCJtYWMiOiIxNjRlOGI4MDUxNGYwOWIwMGE1MDJlNGJlZjFmZTY2ZTgyZWJkZThmNDI4OWUwY2YxYzQwOGJjYTk1MjE2YmRjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImNTdFg4dUFtSkd2OWtHbGhrSVZ4OHc9PSIsInZhbHVlIjoiYjJmekU4N05jTmlQRUFaWVh3Q3pPT0ZocFRwNW5McXpualdid3U2d2JXVkNkRlUzRzdCSkNpR0tRODlPb0ExaEpLd3RwMVQ4SUxDV1RUSVNTc2NWZHdxeHZRLzI5Y1JraVBSOHVzdnordUhsREZtU3VMSW5VbWRvb1NVVUxZeWYiLCJtYWMiOiJhY2NmZDc2YWZmZmIzYjRiNmE0ZTViZGRmMTY2NWYxMGU5YjRmZmY3NmMxNTI1ZmRlMzY1NmMwOWMzNzZkODQ1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 02 Jul 2025 23:20:57 GMT
content-type: image/svg+xml
cf-ray: 9591e062ac80712b-OSL
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-disposition: inline; filename="opj7CqUYjw1BDRH4kAFx8PuawnxLsnPmsJghbBLjpBZlt40mqRGv7jZA6uFBcd191"
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=jWTw5rwmRZb01fgdNbpGwPSF1CBtjb96qc7zWCkVMzhvH1r8XMuBN8yIwvNwo3FgtiCH2FvS9OUzFlmc5VHFv6xWoN2oEh50jjE%3D"}]}
vary: accept-encoding
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2652&min_rtt=0&rtt_var=2022&sent=463&recv=155&lost=4&retrans=4&sent_bytes=508040&recv_bytes=39776&delivery_rate=14365570&ss_exit_cwnd=28822&ss_exit_reason=2&cwnd=19951&unsent_bytes=0&cid=401366e0b4621c11&ts=23096&inflight_dur=432&x=40"

GET get.geojs.io/v1/ip/geo.json

104.26.1.100

200 OK

335 B

URL GET
get.geojs.io/v1/ip/geo.json
IP
104.26.1.100:443
ASN
#13335 CLOUDFLARENET

Requested by
https://urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en
Certificate
IssuerGoogle Trust Services
Subjectgeojs.io
FingerprintA3:C6:58:F9:E8:49:67:61:59:AC:B4:7D:C8:2F:CB:C3:EC:B2:82:9B
ValidityThu, 26 Jun 2025 06:15:54 GMT - Wed, 24 Sep 2025 07:15:44 GMT

File type
JSON text data
Size
335 B (335 bytes)
Hash
3d97dcaa4218acfe417b53e4b0c3bb65
55c94912bce8abc9dbdb153f537871b6674976a9
3273f73ed53e4f130fb419990b134c2dcb8e0720dea93bc34f3da97cf64a7925

HTTP Headers

GET /v1/ip/geo.json HTTP/1.1
Host: get.geojs.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://urguc4.msyoxvxe.es
DNT: 1
Connection: keep-alive
Referer: https://urguc4.msyoxvxe.es/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 02 Jul 2025 23:20:57 GMT
content-type: application/json
server: cloudflare
x-request-id: f3653246a0a53394497949b6a357dd92-ASH
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-origin: *
access-control-allow-methods: GET
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
geojs-backend: ash-01
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
x-content-type-options: nosniff
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=SrzXO%2FydPoWfO0Te%2BCm58UDjap9ShiiMAr6%2BJwgBRwVA%2FQARIwzKXOxDp0ESihNtzFxicpTZrtCN6L4AUWKDXYM0mqzPJtI%3D"}]}
content-encoding: br
cf-ray: 9591e06caa66569d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/9591dfe2998b569f/1751498435605/db30b85fd974bc68c5c079895c677e9ac7c6cec1c8bc2ddec102fbfbb0e099cd/N1S75A8d5FBLG67

104.18.95.41

401 Unauthorized

1 B

URL GET
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/9591dfe2998b569f/1751498435605/db30b85fd974bc68c5c079895c677e9ac7c6cec1c8bc2ddec102fbfbb0e099cd/N1S75A8d5FBLG67
IP
104.18.95.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
FingerprintFC:98:AC:45:6F:F6:41:18:0B:96:F4:70:AB:D7:E3:D4:3D:B4:66:71
ValidityFri, 27 Jun 2025 18:18:48 GMT - Thu, 25 Sep 2025 19:18:44 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
ff44570aca8241914870afbc310cdb85
58668e7669fd564d99db5d581fcdb6a5618440b5
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/pat/9591dfe2998b569f/1751498435605/db30b85fd974bc68c5c079895c677e9ac7c6cec1c8bc2ddec102fbfbb0e099cd/N1S75A8d5FBLG67 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 401 Unauthorized
date: Wed, 02 Jul 2025 23:20:41 GMT
content-type: text/plain; charset=utf-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20g2zC4X9l0vGjFwHmJXGd-msfGzsHIvC3ewQL7-7Dgmc0AGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAscjm_UO_k901rNdCKgLw5bvI4i6M_jDNCIXpfs2LRbtxwLOrUyplqVvML_hVlB5tIDMuj0ihhaOFHose-Y0_UjQnNUGE_vol46VvGgscTMtTjU4xINriap8AMTIygvljEBt6my-nBwkUGhY3U9v5iKC-eWR5bTfvrqFsuIVxafkSfhHqDXB4KLGNjvOOV71GGJ9x4yxA-C2OcULZ1uDDKuvAaMhuiWdF6OzSTXruP9yPg1vmuteavOW1re0YDbCbtK16PhHdSzWym7v_FrvId-2zf26j50FlTd_vl_DcKNDVCgWDoU0uX3cU6V3rSQoVXREEqPr-2ywSGru8ZuXRoQIDAQAB", max-age=20, PrivateToken challenge="AAIAHXNhdC5wYXQtaXNzdWVyLmNsb3VkZmxhcmUuY29tINswuF_ZdLxoxcB5iVxnfprHxs7ByLwt3sEC-_uw4JnNABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAsLS4HBnLGydwK-bLQGRCaoyMsrXBRrDgQVmxS06j3UF0nYSd6GdTGCKIu1WV60eg-tJtTttfEVq7wHVQf4vzjYBidmCh88ebzxKv2GB6PESSodf5MsEup9xd5dxpkYScgL1CCJq89kRrOQ_CS61bvkL_oGyZf4ffqG5THgaOsopqj8dFLH6_SMy9yf8EgMYqpyjxfKsD-1_qb1m1DRjJEKPWKIGwmHXIKQJUqsxZFm4_Inwkxx7QMpVP4GyqlTxFVz7stWwJRSkMLHjEM_IWLUYfPhuwIUVqmRjGsY1n8flA1bRfxaWHNDxoi25-M2BKTP9NkNNJBbTKErhrZ9LGywIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tINswuF_ZdLxoxcB5iVxnfprHxs7ByLwt3sEC-_uw4JnNABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEArFBSpY0YPcNslVpklXsEb2gfZsCpmIVdQhoS4K7cHrhquWhyk4MLkyi7_s6aWrx_Xf7HlTYTdYhnNJYeSmBvNR-rT9Jr-vgHew2EKxCRkzFMKPiBFgHMw6CQNwFmH4vtDoB7QjzQGuScPRdzh7kPu8509ew2xkFnr9tjB-6n7HM01yE-AK-YLGAsO2pnr7E7uB1wVPOxxon_JAZ3bYOfTUgjOOdXlFNC8lcuocjbz6S74A95qx_Ud-iEvXXfOoBv5KLuG4xndLeZHQmGd8Zt7VxbSldzBAmsB7NLLExZxPD-x71RLAY9HVS2lcMOPbQ3diWMBwpfS95tytYOn-a5rwIDAQAB", max-age=20
priority: u=4,i=?0
server: cloudflare
cf-ray: 9591e008fc54569f-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==

104.21.57.248

200 OK

7.0 kB

URL User Request GET
urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==
IP
104.21.57.248:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectmsyoxvxe.es
Fingerprint68:E4:97:CA:CE:60:2C:D9:EA:23:38:4E:25:33:39:58:00:7E:AC:67
ValidityMon, 12 May 2025 01:41:38 GMT - Sun, 10 Aug 2025 02:39:18 GMT

File type
HTML document, ASCII text, with very long lines (2253), with CRLF line terminators
Size
7.0 kB (7025 bytes)
Hash
c7e9513322629a13070d14461cc7feb0
a1e081f3a44da94be6a3e5ac5d5f414b0f83f65e
8f4012bb1a65d23c95aa65b1c4a317de88c3dcbb6f3f148336bf289f5688882b

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - Anti-debugging code
urlquery	phishing	Phishing - Tycoon Phishing Kit

HTTP Headers

GET /QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA== HTTP/1.1
Host: urguc4.msyoxvxe.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==
Cookie: XSRF-TOKEN=eyJpdiI6IkdmY3ZuajJad3hyNjVPWFhlVnJsY2c9PSIsInZhbHVlIjoiNjg3dmlMRlF3UU8vMVhBL0lVL3hpM2pKT1hhbUZqQThKUzFWdnY1eG5rQzJSYXlMdzFEQlF3c1NGMGlvM090YllnTVZmdG9VcU9VR3NuWVNkMEUzMGVGUHNNWXRETlZFVmdkbS9CSWZuOUlLOVVWeGxIU0lxSVg1Y0FscC92WlIiLCJtYWMiOiI2Mjc5NmRiNmFjOWE3YmU4ODM0MzQ3NDA3ZDQyNmM4ZmEwZTQxNWM4ZjlmNDc1Mjg1NTRlM2RiOTA3MDUyZDYxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkNCM25aVzZibVBYUVRkeElySGdMb3c9PSIsInZhbHVlIjoiWGcweDJ0UnVCUWtGbWZzSHNRdmcyeDJFRnlJSVAybzRIRWxTMllCV1RSNUgzOEQ2RnRTWlJPa0NwSXRPQ0ZaSFlPdEJoQzFwaUdsdDZIMUdnSldXei9hZHR5SU42dnJNaWdVSi9iTTcweTkzZnRYd1hoODFKY0JHYytSUU03ZmQiLCJtYWMiOiJmYTIzZTI5NjE5MzU5OGMxMWI2MjM2MjIyNTcxYjQ4NWE5ZjMzMjUwMWU1N2FjY2YwODA1ODg4MjNlODlmNzQwIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 02 Jul 2025 23:20:50 GMT
content-type: text/html; charset=UTF-8
cf-ray: 9591e03e3bd8712b-OSL
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control: no-cache, private
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=TAxPo1BvmQ9uYGzELCk5o7fw4%2FiE3hL%2Banfs4N%2Ft%2FtL%2BWzz74El8DKOv717yqEQuQ%2BZ2Xai8y50k8L34GF0OCDdSQ6wmjomqyTI%3D"}]}
cf-cache-status: DYNAMIC
set-cookie: XSRF-TOKEN=eyJpdiI6ImhDSVg1WjR0dnRKVlpJYzV1dzZmMGc9PSIsInZhbHVlIjoiMVpFN0VtemZYV1NWZjUwWVhXcHExTFRiTnVNdTF1UGlpdE5kaVhQYURvSTJMZW44VkxzRUR0bDA4NmI0d3pTSGlTRHdXazJ6RktpY0hXNnBndEVMMlVZVkZpODJReVMzTzRhaE5ZdlVYamp2S3RoRHAwaDFGWHkzR2NoWTFFVlAiLCJtYWMiOiI4MTBkZjJjMTNkYjQzMDcyNTZhZjNmNjNjMTVjMzhhZTU0N2VmYzNiYTcxYjAxZjRlMWY0N2NhZmQxZjg2MWY4IiwidGFnIjoiIn0%3D; SameSite=None; Secure; Path=/; Max-Age=7200; Expires=Thu, 03 Jul 2025 01:20:49 GMT
laravel_session=eyJpdiI6InJoMGRTa0Y1N2RCTjZGTFQxanNwenc9PSIsInZhbHVlIjoiZ1ptR0p6S3J0Ykt3NC84am5pRFdaZ21xVEpUdGl6dnp1TEFwdzM3Y2tRNEVCeHgwM1ZreXpueXlxTzhpQmtyN25sMzBEc2J1VEdpdFpvajBDMU0vSC9MQnVmc3F1d1plS3hNMnMySUlYU1RGTmFMZmUwbERQbnh1citCNGJXT3UiLCJtYWMiOiJkYWU1MTZmN2M2MmM0N2U2YmJhZjA0ODIxZDU5YzNjMmU4YjdkOWRlOTg1ZDE0MWU0NjdhNmYzOWFhMzdmMWUwIiwidGFnIjoiIn0%3D; HttpOnly; SameSite=None; Secure; Path=/; Max-Age=7200; Expires=Thu, 03 Jul 2025 01:20:49 GMT
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12891&min_rtt=2002&rtt_var=9739&sent=46&recv=62&lost=0&retrans=0&sent_bytes=8775&recv_bytes=7540&delivery_rate=157319&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=20106&unsent_bytes=0&cid=401366e0b4621c11&ts=15735&inflight_dur=92&x=40"

GET urguc4.msyoxvxe.es/favicon.ico

104.21.57.248

404 Not Found

0 B

URL GET
urguc4.msyoxvxe.es/favicon.ico
IP
104.21.57.248:443
ASN
#13335 CLOUDFLARENET

Requested by
https://urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==
Certificate
IssuerGoogle Trust Services
Subjectmsyoxvxe.es
Fingerprint68:E4:97:CA:CE:60:2C:D9:EA:23:38:4E:25:33:39:58:00:7E:AC:67
ValidityMon, 12 May 2025 01:41:38 GMT - Sun, 10 Aug 2025 02:39:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Tycoon Phishing Kit

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: urguc4.msyoxvxe.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==
Cookie: XSRF-TOKEN=eyJpdiI6ImhDSVg1WjR0dnRKVlpJYzV1dzZmMGc9PSIsInZhbHVlIjoiMVpFN0VtemZYV1NWZjUwWVhXcHExTFRiTnVNdTF1UGlpdE5kaVhQYURvSTJMZW44VkxzRUR0bDA4NmI0d3pTSGlTRHdXazJ6RktpY0hXNnBndEVMMlVZVkZpODJReVMzTzRhaE5ZdlVYamp2S3RoRHAwaDFGWHkzR2NoWTFFVlAiLCJtYWMiOiI4MTBkZjJjMTNkYjQzMDcyNTZhZjNmNjNjMTVjMzhhZTU0N2VmYzNiYTcxYjAxZjRlMWY0N2NhZmQxZjg2MWY4IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InJoMGRTa0Y1N2RCTjZGTFQxanNwenc9PSIsInZhbHVlIjoiZ1ptR0p6S3J0Ykt3NC84am5pRFdaZ21xVEpUdGl6dnp1TEFwdzM3Y2tRNEVCeHgwM1ZreXpueXlxTzhpQmtyN25sMzBEc2J1VEdpdFpvajBDMU0vSC9MQnVmc3F1d1plS3hNMnMySUlYU1RGTmFMZmUwbERQbnh1citCNGJXT3UiLCJtYWMiOiJkYWU1MTZmN2M2MmM0N2U2YmJhZjA0ODIxZDU5YzNjMmU4YjdkOWRlOTg1ZDE0MWU0NjdhNmYzOWFhMzdmMWUwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Wed, 02 Jul 2025 23:20:50 GMT
content-type: text/html; charset=UTF-8
cf-ray: 9591e043fbf5712b-OSL
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=qXtyAO6w6duQmjtdycbIrPtWkcXss6sjXDKiu2iWrDlwP8j32pStkrjx9SWrA4BKr9sm%2B2vLIuWVeuGsw8ZIHHtu71ybxez5GOY%3D"}]}
cf-cache-status: HIT
vary: accept-encoding
age: 39
cache-control: max-age=14400
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9951&min_rtt=0&rtt_var=10600&sent=51&recv=65&lost=0&retrans=0&sent_bytes=14223&recv_bytes=8534&delivery_rate=724739&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=25528&unsent_bytes=0&cid=401366e0b4621c11&ts=16173&inflight_dur=95&x=40"

GET cdn.jsdelivr.net/npm/lz-string@1.4.4/libs/lz-string.min.js

151.101.129.229

200 OK

4.7 kB

URL GET
cdn.jsdelivr.net/npm/lz-string@1.4.4/libs/lz-string.min.js
IP
151.101.129.229:443
ASN
#54113 FASTLY

Requested by
https://urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4
ValidityMon, 02 Jun 2025 15:43:52 GMT - Sat, 04 Jul 2026 15:43:51 GMT

File type
JavaScript source, ASCII text, with very long lines (4718)
Size
4.7 kB (4719 bytes)
Hash
109c13d75d0b6fc6440d3e98f803d396
b69e7073bc2c1bc9a57aada4c73799d182ef8368
9d1a0ef07a2ea5faa8cd4afb60a0518075e6771e341e5ff4e0e481cefedeecbf

HTTP Headers

GET /npm/lz-string@1.4.4/libs/lz-string.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://urguc4.msyoxvxe.es/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.4.4
x-jsd-version-type: version
etag: W/"126f-tp5wc7wsG8mleq2kxzeZ0YLvg2g"
content-encoding: br
accept-ranges: bytes
date: Wed, 02 Jul 2025 23:20:52 GMT
age: 1906739
x-served-by: cache-fra-etou8220041-FRA, cache-hel1410024-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1425
X-Firefox-Spdy: h2

GET urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==

104.21.57.248

200 OK

1.1 kB

URL User Request GET
urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==
IP
104.21.57.248:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectmsyoxvxe.es
Fingerprint68:E4:97:CA:CE:60:2C:D9:EA:23:38:4E:25:33:39:58:00:7E:AC:67
ValidityMon, 12 May 2025 01:41:38 GMT - Sun, 10 Aug 2025 02:39:18 GMT

File type
HTML document, ASCII text, with very long lines (471)
Size
1.1 kB (1064 bytes)
Hash
8e6ec24b7a94760c875f829d465f8f74
55729ec7d403ab4cab436222c7f8c0cf58383e1c
d29276aff13cfc8a5244ab16bd7e5f5e6f30eb81c19835b04e58ee70de35a9a3

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - Anti-debugging code
urlquery	phishing	Phishing - Tycoon Phishing Kit

HTTP Headers

GET /QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA== HTTP/1.1
Host: urguc4.msyoxvxe.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 02 Jul 2025 23:20:34 GMT
content-type: text/html; charset=UTF-8
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control: no-cache, private
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=nB6tP4wzo0CkALRTzFZ%2BcpFB6e4XWOvkyRFHewRidlOXBuLHmovR3iQOIzlB3X31Q9%2Fq6WicF6X0y9rdd5y3%2F8K6%2BGowj4Xrtlo%3D"}]}
cf-cache-status: DYNAMIC
content-encoding: br
set-cookie: XSRF-TOKEN=eyJpdiI6IktEeFUyNlN4M2NudnN5RHFBbzFQWWc9PSIsInZhbHVlIjoiVXVaTEdpNFZKcEUrWUFqYjhNLzJBNDRKandiaGdjeFhWWE5qdy92bG53ZE1DWkIwNllrckJRL0ZjbUxhcE1BcjloTVpxdHdiMkhkNGVnSHJpSGhNV3ZVQ29YUzN6M05PWnhiS25oL21aWHJnV3hQQjZTeVllZVF3amF2QVozYWUiLCJtYWMiOiI4MzM3ZmQwNWU4M2M3NTNjYzAwZTIwZDQ2NzcwYTYwNTNmYTQ2NjIzYjkyYzg0NTJmZGU0YzUxNWIyODlhMzYwIiwidGFnIjoiIn0%3D; SameSite=None; Secure; Path=/; Max-Age=7200; Expires=Thu, 03 Jul 2025 01:20:34 GMT
laravel_session=eyJpdiI6ImVteEFZYVErVVE5WERSVGplNjdSTlE9PSIsInZhbHVlIjoiNmhRK21XOG4yNytmdGl3aWhiNGdUNlhVQUpPdXVPM2lXRlBET2RvczdnTnBJeEhNY2VDMVdMc2VlbG5VRlAzeFQwUGNqQlNtZXlqSDNsUUt3eVFNZkVGc3Z2NlcreXJSbDZ3cDM5T1NRRzByWThMN2xkdUxyRG85VHlLNE9ldUIiLCJtYWMiOiJkODVmMzVkYWVlNTJhMWU3ODEwODI4OGYzOGE1NGRkNzIxMjYxZmNkYWE5NTFkYTNlZWNiNzAwMjgxZDY4N2RlIiwidGFnIjoiIn0%3D; HttpOnly; SameSite=None; Secure; Path=/; Max-Age=7200; Expires=Thu, 03 Jul 2025 01:20:34 GMT
cf-ray: 9591dfdb081ab512-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET urguc4.msyoxvxe.es/GDSherpa-bold.woff2

104.21.57.248

200 OK

28 kB

URL GET
urguc4.msyoxvxe.es/GDSherpa-bold.woff2
IP
104.21.57.248:443
ASN
#13335 CLOUDFLARENET

Requested by
https://urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en
Certificate
IssuerGoogle Trust Services
Subjectmsyoxvxe.es
Fingerprint68:E4:97:CA:CE:60:2C:D9:EA:23:38:4E:25:33:39:58:00:7E:AC:67
ValidityMon, 12 May 2025 01:41:38 GMT - Sun, 10 Aug 2025 02:39:18 GMT

File type
Web Open Font Format (Version 2), TrueType, length 28000, version 1.66
Size
28 kB (28000 bytes)
Hash
a4bca6c95fed0d0c5cc46cf07710dcec
73b56e33b82b42921db8702a33efd0f2b2ec9794
5a51d246af54d903f67f07f2bd820ce77736f8d08c5f1602db07469d96dbf77f

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft
urlquery	phishing	Phishing - Tycoon Phishing Kit

HTTP Headers

GET /GDSherpa-bold.woff2 HTTP/1.1
Host: urguc4.msyoxvxe.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlhBTWJ2WDJGNFNuTkNYL0FsUUE3Q0E9PSIsInZhbHVlIjoiWFZXTUNIUCtqd3VlTzV1Q3RwTnMxMkgxZHB1NzNzQ0pzek5wd3lubFYzMXV3ejhaZlRUTmpjM0ZQWWpIdmh0TVV6cHYwNUhtMEZUbkNTdldFaFM4OWl6QklLMER5cjBYZ0ZOdCtCeWVMa28yR3ZnQXJjcFcvd3JEaHZvVkF0TmIiLCJtYWMiOiIxNjRlOGI4MDUxNGYwOWIwMGE1MDJlNGJlZjFmZTY2ZTgyZWJkZThmNDI4OWUwY2YxYzQwOGJjYTk1MjE2YmRjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImNTdFg4dUFtSkd2OWtHbGhrSVZ4OHc9PSIsInZhbHVlIjoiYjJmekU4N05jTmlQRUFaWVh3Q3pPT0ZocFRwNW5McXpualdid3U2d2JXVkNkRlUzRzdCSkNpR0tRODlPb0ExaEpLd3RwMVQ4SUxDV1RUSVNTc2NWZHdxeHZRLzI5Y1JraVBSOHVzdnordUhsREZtU3VMSW5VbWRvb1NVVUxZeWYiLCJtYWMiOiJhY2NmZDc2YWZmZmIzYjRiNmE0ZTViZGRmMTY2NWYxMGU5YjRmZmY3NmMxNTI1ZmRlMzY1NmMwOWMzNzZkODQ1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 02 Jul 2025 23:20:55 GMT
content-type: font/woff2
content-length: 28000
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-disposition: inline; filename="GDSherpa-bold.woff2"
cf-cache-status: HIT
last-modified: Wed, 02 Jul 2025 21:22:02 GMT
accept-ranges: bytes
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=B3P8mlUJjelgPat3w9as77p1sOVSzin2myY20ta4qpG2cR5E7LYuNQ%2Bj5V4cWHfX9s4UJO0mEnCO7Qqv1RQiZkaYrnre%2BF%2FPA68%3D"}]}
age: 7133
cache-control: max-age=14400
cf-ray: 9591e0621c73712b-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1505&min_rtt=0&rtt_var=1164&sent=211&recv=111&lost=4&retrans=4&sent_bytes=209225&recv_bytes=18508&delivery_rate=14365570&ss_exit_cwnd=28822&ss_exit_reason=2&cwnd=19814&unsent_bytes=0&cid=401366e0b4621c11&ts=21001&inflight_dur=268&x=40"

104.18.95.41

200 OK

4.9 kB

URL POST
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1531865007:1751494856:Ocmf3KSCWX-uPOqfUYOvlzdsUjTNy5DvOnnOeOilKhE/9591dfe2998b569f/7ilaPyE2WM4Nc8XNqM5RmwxK5z068lSVzsGOGaZp8kc-1751498434-1.2.1.1-ENDnCp23QhrDI1uqUE2PP67KyTWbIbA0PZEsCvmt8Do9PoUKVUNqWKepWdL3MJSS
IP
104.18.95.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
FingerprintFC:98:AC:45:6F:F6:41:18:0B:96:F4:70:AB:D7:E3:D4:3D:B4:66:71
ValidityFri, 27 Jun 2025 18:18:48 GMT - Thu, 25 Sep 2025 19:18:44 GMT

File type
ASCII text, with very long lines (4944), with no line terminators
Size
4.9 kB (4944 bytes)
Hash
8cdb85344ae4fdf32f3bec917f17a142
8ca8aab847b51baaccbab771a764f595d0de8af3
b621efe1ee350311360a5dad98a5712c13c6c5c2218a8bc35fd7be2b9f7777d6

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1531865007:1751494856:Ocmf3KSCWX-uPOqfUYOvlzdsUjTNy5DvOnnOeOilKhE/9591dfe2998b569f/7ilaPyE2WM4Nc8XNqM5RmwxK5z068lSVzsGOGaZp8kc-1751498434-1.2.1.1-ENDnCp23QhrDI1uqUE2PP67KyTWbIbA0PZEsCvmt8Do9PoUKVUNqWKepWdL3MJSS HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/
cf-chl: 7ilaPyE2WM4Nc8XNqM5RmwxK5z068lSVzsGOGaZp8kc-1751498434-1.2.1.1-ENDnCp23QhrDI1uqUE2PP67KyTWbIbA0PZEsCvmt8Do9PoUKVUNqWKepWdL3MJSS
cf-chl-ra: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 45079
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 02 Jul 2025 23:20:48 GMT
content-type: text/html; charset=UTF-8
cf-chl-out: Alcg5a+62XCEJh4u9tRv7z9suHQ2e2A6AS4J5peKHkFpIS4SR4oehwLPF3E+/FL95yTlQaP8xJ4zQXNMFRmHjg==$qhWgkhw05d1toygNo1gDJw==
cf-chl-out-s: 0SsnT67WH8nJxhAtD3E9droeR5nRKk1NNXezxEdbl18OEaGw5Bh/URPIcvkB+BDfAJ5Grnhb3AcEM3VkIKwcj1tlFtPKvgorLGhp9P/cDbopNxtB2StxJcaRyiR0k1cUSEo7ozd5sKh5D3JxWVkzLSR3UdVASNU6FcQAr5Vuh0Knl0tc8w4NPRYLdaFM5u00MiZ1OTwYdMAO3o4MBEtWWrCg7xaucL/NcbZMGDFw299kTGkxAcnAyuaHvW2UJkKbDOKZrXsl6pqD8HVpr76106R8LP+UTwCU+1iu5qyaZYpmsfVDR2D4nNrCWlYLjSXc0Rm9DrQSUfT+FVWcF8tedG4Ds94S1X4ecBTps/vWRdoQor4cMIb2JRHSF0BaZ6T91MNYmpFtFAn7kRbsLMbYM2hMNd7oBJgKR8x7OfY0Kdyk93mOaBSb2KJdQGxxrFWNHfOZuPDno+TuYOUkUTESy7ikBBLOaRNB6UekLOZRE/lrzSC3XcbPNXh/IodDsC0NMsg6lSr4re6hZaAeQRc/Z+BsiGT8y8sTCqM0107MRgKu8ckTWHKVZpvfpnvcN6Sp3qpP7Pf9Wvf41CAoX801NyD8iPEXpzBURFlEFSYwdGwFamvBgmFT6dqMmo6Olfg7DcsvIvoiUZ1kQtNt1XakeWMWvuahwl1SnEB0ZU6y5CPofpDs9yltu3G3OKSMxM49rBUnADL36FDUY5CUBo6GNEi9xn9zN5JbHN5H8tE6iFNunkjKUCgam/q0weZLMpe73d24d573feOACuIXsd5GqEoIQkDPmHhoqwNGTdIMJmd1++x8EU2hoTDz4GAPsXnop6yOz6kzpwf4ZJSQL6egqhbv61g5AXrdup85JYLoWwaft4TZUf1bCDpwKQZkF99zmOtED9Ui5cDw0nUP9yYpwyGpa+xGEvGxaDwA6U+qOQkek77hNJf2kwhiU04Oo7QClmFXZllss75xlRZZ1bAGHvr4ap7e4jfV+B1PZmQNhxlS7FJQAYbBptobllICIFqh1UReelaMSlMgkpwYWuy/AqT+vIbEpEkpaZ18ozb3qO0e2BL7L4f2BhaBgt8yxqDl113XwobqNsOOi1VU7qk1HQZZ/r/cYriKYt52tY0iWLXwTjpGuJZJzIba3wG9acUC12OZn5RysBAIoQjqhE6tX6fMfx8sHgPKVox6IT/q61CvuoLCoWcJ3XMW/5Iwx8HTvZE9m3tGKdQfygZut+RupxVLuKWtoJeLbIDgcKTy+I1akfcQRgJW6KzduKImEyz1mpjUQBmTYV68/DixteRp+xqZ8fIA0W9ThPXKOwJ0gKoCBjOmZXtXzcri80PBY7OFpbN3IE9X4tEMQhsZAlJGrGp3tG7i6nHERAj9pXt7qjqw5rs8rpMCjhvo6t0TEdEl$8iEVEm2CVHge59SPxHxBdw==
priority: u=3,i=?0
server: cloudflare
cf-ray: 9591e0397829569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET code.jquery.com/jquery-3.6.0.min.js

151.101.2.137

200 OK

90 kB

URL GET
code.jquery.com/jquery-3.6.0.min.js
IP
151.101.2.137:443
ASN
#54113 FASTLY

Requested by
https://urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==
Certificate
IssuerSectigo Limited
Subject*.jquery.com
Fingerprint56:36:FB:D3:E0:9E:71:88:98:A4:C9:34:94:9B:43:3A:C4:C5:1E:BE
ValidityThu, 12 Jun 2025 00:00:00 GMT - Fri, 26 Jun 2026 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
90 kB (89501 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

HTTP Headers

GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://urguc4.msyoxvxe.es/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d9d"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 02 Jul 2025 23:20:50 GMT
age: 3227450
x-served-by: cache-lga21931-LGA, cache-hel1410026-HEL
x-cache: HIT, HIT
x-cache-hits: 71, 819382
x-timer: S1751498450.342680,VS0,VE0
vary: Accept-Encoding
content-length: 30875
X-Firefox-Spdy: h2

POST c0uotj6ityvtop79ov0nlxajnrfxse5g1ylv7f1uo6ynefwzrvqw.wxthhsjidr.es/qmkklytltrrugguhoczytpuygVaABADQNMBIWUFDQKTPGJEBNHOYZMWAKrs5cp5u71USW51342Ghuv32

188.114.97.1

200 OK

536 B

URL POST
c0uotj6ityvtop79ov0nlxajnrfxse5g1ylv7f1uo6ynefwzrvqw.wxthhsjidr.es/qmkklytltrrugguhoczytpuygVaABADQNMBIWUFDQKTPGJEBNHOYZMWAKrs5cp5u71USW51342Ghuv32
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en
Certificate
IssuerGoogle Trust Services
Subjectwxthhsjidr.es
Fingerprint70:B5:F2:10:27:A3:88:E0:17:D6:90:42:7C:92:5F:03:8D:EC:68:E3
ValidityThu, 12 Jun 2025 15:13:22 GMT - Wed, 10 Sep 2025 16:12:10 GMT

File type
ASCII text, with very long lines (536), with no line terminators
Size
536 B (536 bytes)
Hash
b700a2408fff4601b18b91dd7b1adf0f
294a42cbff29c06fe6bff0cc3d5d6b93f7fda3dc
23731d6f86bfade6b1fd1acf5985785e9e1cb0f155f662cf89464d7a6f2c04b6

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /qmkklytltrrugguhoczytpuygVaABADQNMBIWUFDQKTPGJEBNHOYZMWAKrs5cp5u71USW51342Ghuv32 HTTP/1.1
Host: c0uotj6ityvtop79ov0nlxajnrfxse5g1ylv7f1uo6ynefwzrvqw.wxthhsjidr.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 103
Origin: https://urguc4.msyoxvxe.es
DNT: 1
Connection: keep-alive
Referer: https://urguc4.msyoxvxe.es/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 02 Jul 2025 23:21:02 GMT
content-type: text/plain; charset=utf-8
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Origin
access-control-allow-origin: https://urguc4.msyoxvxe.es
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=81LNqXWhA7dkmsxsDmG9LeSlz%2FGE3iCB8l2QJSvM4BNFtnUC137UmkUMvizZHwsqT2aczo01qS5m%2BwEnrXiR2pNUah46j2V1d%2FWQboxcF3iAxkKJFNHn4FAT%2FPN9ENBVH%2F0kJFmO%2FAEIHzeSa%2FmAu18hTegMwvuCDX0FlRZylo4%3D"}]}
content-encoding: br
cf-ray: 9591e0871fcfb4ee-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET ok4static.oktacdn.com/assets/loginpage/css/loginpage-theme.e0d37a504604ef874bad26435d62011f.css

3.167.2.64

200 OK

10 kB

URL GET
ok4static.oktacdn.com/assets/loginpage/css/loginpage-theme.e0d37a504604ef874bad26435d62011f.css
IP
3.167.2.64:443
ASN
#0

Requested by
https://urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en
Certificate
IssuerDigiCert Inc
Subject*.oktacdn.com
Fingerprint3E:D7:C7:A6:35:70:74:E4:BF:45:2E:A1:D5:A3:25:88:24:76:B3:B5
ValidityMon, 02 Dec 2024 00:00:00 GMT - Fri, 02 Jan 2026 23:59:59 GMT

File type
ASCII text, with very long lines (10450)
Size
10 kB (10498 bytes)
Hash
e0d37a504604ef874bad26435d62011f
4301f0d2b729ae22adece657d79eccaa25f429b1
c39ff65e2a102e644eb0bf2e31d2bad3d18f7afb25b3b9ba7a4d46263a711179

HTTP Headers

GET /assets/loginpage/css/loginpage-theme.e0d37a504604ef874bad26435d62011f.css HTTP/1.1
Host: ok4static.oktacdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://urguc4.msyoxvxe.es/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
server: nginx
last-modified: Thu, 14 Mar 2024 00:03:58 GMT
x-amz-meta-sha1sum: 4301f0d2b729ae22adece657d79eccaa25f429b1
strict-transport-security: max-age=315360000; includeSubDomains
access-control-allow-origin: *
content-encoding: gzip
date: Mon, 16 Jun 2025 04:25:19 GMT
expires: Tue, 16 Jun 2026 04:25:19 GMT
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
etag: W/"e0d37a504604ef874bad26435d62011f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 36817f2624d87ea26a28cf9e3afd2402.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P2
x-amz-cf-id: zwrpck-E2oGObhWU52Htg1-cgWEClDpZKUROVLjJoJ8sScfUbBsWtw==
age: 1450536
X-Firefox-Spdy: h2

GET objects.githubusercontent.com/github-production-release-asset-2e65be/2925284/11f3acf8-4ccb-11e6-8ce4-c179c0a212de?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20250702%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250702T231932Z&X-Amz-Expires=1800&X-Amz-Signature=46d36701e4d0f075e502172ff03e3239be679c3aec0c630795de33ab6a803401&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3Drandexp.min.js&response-content-type=application%2Foctet-stream

185.199.108.133

200 OK

10 kB

URL GET
objects.githubusercontent.com/github-production-release-asset-2e65be/2925284/11f3acf8-4ccb-11e6-8ce4-c179c0a212de?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20250702%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250702T231932Z&X-Amz-Expires=1800&X-Amz-Signature=46d36701e4d0f075e502172ff03e3239be679c3aec0c630795de33ab6a803401&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3Drandexp.min.js&response-content-type=application%2Foctet-stream
IP
185.199.108.133:443
ASN
#54113 FASTLY

Requested by
https://urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en
Certificate
IssuerSectigo Limited
Subject*.github.io
Fingerprint8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91
ValidityFri, 07 Mar 2025 00:00:00 GMT - Sat, 07 Mar 2026 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (10017)
Size
10 kB (10245 bytes)
Hash
6c20a2be8ba900bc0a7118893a2b1072
ff7766fde1f33882c6e1c481ceed6f6588ea764c
b1c42acd0288c435e95e00332476781532ed002cac6f3dcee9110ced30b31500

HTTP Headers

GET /github-production-release-asset-2e65be/2925284/11f3acf8-4ccb-11e6-8ce4-c179c0a212de?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20250702%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250702T231932Z&X-Amz-Expires=1800&X-Amz-Signature=46d36701e4d0f075e502172ff03e3239be679c3aec0c630795de33ab6a803401&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3Drandexp.min.js&response-content-type=application%2Foctet-stream HTTP/1.1
Host: objects.githubusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://urguc4.msyoxvxe.es/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/octet-stream
last-modified: Tue, 07 Dec 2021 16:38:45 GMT
etag: "0x8D9B9A009499A1E"
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d91f6eaf-e01e-0032-2f18-13e122000000
x-ms-version: 2023-11-03
x-ms-creation-time: Tue, 17 Aug 2021 14:57:31 GMT
x-ms-blob-content-md5: bCCivoupALwKcRiJOisQcg==
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
content-disposition: attachment; filename=randexp.min.js
x-ms-server-encrypted: true
via: 1.1 varnish, 1.1 varnish
fastly-restarts: 1
accept-ranges: bytes
age: 5204
date: Wed, 02 Jul 2025 23:20:56 GMT
x-served-by: cache-iad-kiad7000045-IAD, cache-hel1410031-HEL
x-cache: HIT, HIT
x-cache-hits: 23045, 0
x-timer: S1751498456.253948,VS0,VE1
content-length: 10245
X-Firefox-Spdy: h2

GET cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js

104.17.24.14

200 OK

48 kB

URL GET
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint4B:06:E9:E2:47:47:F5:3C:33:58:F8:2A:95:70:22:5E:23:19:03:77
ValidityThu, 22 May 2025 14:38:44 GMT - Wed, 20 Aug 2025 15:38:38 GMT

File type
JavaScript source, ASCII text, with very long lines (48316), with no line terminators
Size
48 kB (48316 bytes)
Hash
2ca03ad87885ab983541092b87adb299
1a17f60bf776a8c468a185c1e8e985c41a50dc27
8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762

HTTP Headers

GET /ajax/libs/crypto-js/4.1.1/crypto-js.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://urguc4.msyoxvxe.es/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 02 Jul 2025 23:20:56 GMT
content-type: application/javascript; charset=utf-8
content-length: 13972
cf-ray: 9591e06bdce2569b-OSL
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "61182885-3694"
last-modified: Sat, 14 Aug 2021 20:33:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 556894
expires: Mon, 22 Jun 2026 23:20:56 GMT
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nZ2gSa8CVJLjGAFz%2B%2FCYcjYvsULeqJtcuLQudeXB6%2BOsM3MQCSMPnlK0v3zZ3PHSECXfs1iij287bsoxN7CmxRhKWo7KhrcQrWwnBPVKRYuA5ZJC4dp4JoG2c7CdrxS%2FzsshY8Rm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/

104.18.95.41

200 OK

27 kB

URL GET
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/
IP
104.18.95.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
FingerprintFC:98:AC:45:6F:F6:41:18:0B:96:F4:70:AB:D7:E3:D4:3D:B4:66:71
ValidityFri, 27 Jun 2025 18:18:48 GMT - Thu, 25 Sep 2025 19:18:44 GMT

File type
HTML document, ASCII text, with very long lines (26554), with no line terminators
Size
27 kB (26554 bytes)
Hash
1ee66e8da7d2d62cea89168bf853e679
62ca9c4989fb43c0eb03d46bc88764f83476fa6e
81d777ac40878137b38b07679f3dcd34335095d29c6643a06d7281b1c3beb055

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/ HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://urguc4.msyoxvxe.es/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 02 Jul 2025 23:20:34 GMT
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
content-security-policy: default-src 'none'; script-src 'nonce-P7GcL9IMCAgYIE8g' 'unsafe-eval'; script-src-attr 'none'; worker-src blob:; style-src 'unsafe-inline'; img-src 'self'; connect-src 'self'; frame-src 'self' blob:; child-src 'self' blob:; form-action 'none'; base-uri 'self'; sandbox allow-same-origin allow-scripts allow-popups allow-forms
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
origin-agent-cluster: ?1
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
referrer-policy: same-origin
document-policy: js-profiling
priority: u=4,i=?0
server: cloudflare
cf-ray: 9591dfe2998b569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1

104.18.95.41

200 OK

86 B

URL GET
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1
IP
104.18.95.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
FingerprintFC:98:AC:45:6F:F6:41:18:0B:96:F4:70:AB:D7:E3:D4:3D:B4:66:71
ValidityFri, 27 Jun 2025 18:18:48 GMT - Thu, 25 Sep 2025 19:18:44 GMT

File type
PNG image data, 2 x 2, 8-bit/color RGBA, non-interlaced
Size
86 B (86 bytes)
Hash
70c202196187ab3c11b4e094c20c6de1
9c52b959e74aee9d79cbc9f35d1f9f65a3b8c863
6255b9231d09ebe6aa1ac19ba46bdd81f3df58989c9ef2e11d6cd6e2e7b21643

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/cmg/1 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 02 Jul 2025 23:20:35 GMT
content-type: image/png
content-length: 86
priority: u=4,i=?0
server: cloudflare
cf-ray: 9591dfe34a32569f-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

POST urguc4.msyoxvxe.es/dctrU4TDuv3RovRLaSDYzbxCRX3PZ1DLDkDod

104.21.57.248

200 OK

20 B

URL POST
urguc4.msyoxvxe.es/dctrU4TDuv3RovRLaSDYzbxCRX3PZ1DLDkDod
IP
104.21.57.248:443
ASN
#13335 CLOUDFLARENET

Requested by
https://urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==
Certificate
IssuerGoogle Trust Services
Subjectmsyoxvxe.es
Fingerprint68:E4:97:CA:CE:60:2C:D9:EA:23:38:4E:25:33:39:58:00:7E:AC:67
ValidityMon, 12 May 2025 01:41:38 GMT - Sun, 10 Aug 2025 02:39:18 GMT

File type
JSON text data
Size
20 B (20 bytes)
Hash
5820854f62a6eb3d38ba7ba0d1b3ea75
639df0b84fe699b4a290a713fd6b9a94bd4deb95
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft
urlquery	phishing	Phishing - Tycoon Phishing Kit

HTTP Headers

POST /dctrU4TDuv3RovRLaSDYzbxCRX3PZ1DLDkDod HTTP/1.1
Host: urguc4.msyoxvxe.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==
Content-Type: multipart/form-data; boundary=---------------------------355413480710942098772170324076
Content-Length: 328
Origin: https://urguc4.msyoxvxe.es
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImhDSVg1WjR0dnRKVlpJYzV1dzZmMGc9PSIsInZhbHVlIjoiMVpFN0VtemZYV1NWZjUwWVhXcHExTFRiTnVNdTF1UGlpdE5kaVhQYURvSTJMZW44VkxzRUR0bDA4NmI0d3pTSGlTRHdXazJ6RktpY0hXNnBndEVMMlVZVkZpODJReVMzTzRhaE5ZdlVYamp2S3RoRHAwaDFGWHkzR2NoWTFFVlAiLCJtYWMiOiI4MTBkZjJjMTNkYjQzMDcyNTZhZjNmNjNjMTVjMzhhZTU0N2VmYzNiYTcxYjAxZjRlMWY0N2NhZmQxZjg2MWY4IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InJoMGRTa0Y1N2RCTjZGTFQxanNwenc9PSIsInZhbHVlIjoiZ1ptR0p6S3J0Ykt3NC84am5pRFdaZ21xVEpUdGl6dnp1TEFwdzM3Y2tRNEVCeHgwM1ZreXpueXlxTzhpQmtyN25sMzBEc2J1VEdpdFpvajBDMU0vSC9MQnVmc3F1d1plS3hNMnMySUlYU1RGTmFMZmUwbERQbnh1citCNGJXT3UiLCJtYWMiOiJkYWU1MTZmN2M2MmM0N2U2YmJhZjA0ODIxZDU5YzNjMmU4YjdkOWRlOTg1ZDE0MWU0NjdhNmYzOWFhMzdmMWUwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 02 Jul 2025 23:20:52 GMT
content-type: application/json
cf-ray: 9591e04aac1b712b-OSL
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control: no-cache, private
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=UErHF0%2FFfuTTCnurf8JVAIIZroeomI4fYvHcIJNQh5GyOcHwIrf4Y1TxxU6icIRIdWu%2BkVmfYEUQ0K%2FlJUh1aoKFlLrur%2BWE7dg%3D"}]}
set-cookie: XSRF-TOKEN=eyJpdiI6Ilc5UzBOcVcvcUo2c2t3c0NkOW4zN3c9PSIsInZhbHVlIjoia0FOcmk2V3pRT3p4b2FOQXBqZWk3emowYzk3bFd2WXl3OXJLeFI1VDlkc2FYd3hQYmpCZkRlOVMzSlVUZXpWRzV3WkdXV01EUWpzeWhUM2V5S3IrTzJtSjEvY1NycXRYRS9icEpYME1lNk9iQXV3Vi9oL1R0cXExcnNHMDVyY3oiLCJtYWMiOiI0OTY2Mjk2MTdjYWIwY2I4MDFkZGEwMjAwN2U0ZmFmMWRlMTZhODQwZDc1YzcyZTkyNGZmNzRiYWFlNDUyZDliIiwidGFnIjoiIn0%3D; SameSite=None; Secure; Path=/; Max-Age=7200; Expires=Thu, 03 Jul 2025 01:20:51 GMT
laravel_session=eyJpdiI6InVjOEVFVkxGUi83VnNPMlE2ZU5MSVE9PSIsInZhbHVlIjoiK2h3ZjYzNDE4Q1RweElwQTl0RzI2dmszdzluNUc2ZjRMS0FocExmeW5jaUphUlkySHhXSXZyMVFMWFZlWWVCYlhjSnY4bnl3bnp3aHduLyttSmFPUUFrWUxDdVNuSCs0ZjRDVnRuVFEyMnZSUGRseXpON284bG00SU84b3NRVlUiLCJtYWMiOiIyOTRjOTFlYTNhYTJlMDU2NjY2ZmVjNjEwMDYzOGU5YWM0Yzc0MGZjNWRkMGQ1MmE4ODJiNjEzNjgxYzdhY2NhIiwidGFnIjoiIn0%3D; HttpOnly; SameSite=None; Secure; Path=/; Max-Age=7200; Expires=Thu, 03 Jul 2025 01:20:51 GMT
vary: accept-encoding
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8800&min_rtt=0&rtt_var=10251&sent=54&recv=67&lost=0&retrans=0&sent_bytes=14882&recv_bytes=9908&delivery_rate=724739&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=26161&unsent_bytes=0&cid=401366e0b4621c11&ts=17653&inflight_dur=97&x=40"

GET urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==

104.21.57.248

200 OK

26 kB

URL User Request GET
urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==
IP
104.21.57.248:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectmsyoxvxe.es
Fingerprint68:E4:97:CA:CE:60:2C:D9:EA:23:38:4E:25:33:39:58:00:7E:AC:67
ValidityMon, 12 May 2025 01:41:38 GMT - Sun, 10 Aug 2025 02:39:18 GMT

File type
JavaScript source, ASCII text, with very long lines (24833), with CRLF line terminators
Size
26 kB (25720 bytes)
Hash
af91475be1395e57c68230c6edfccb3e
d3cea2303aecfea26419dccd0a79172e6792a204
958c8ddec460cd39df1af6282b5c06a7c94a56b152ffb47498827acd4d012c25

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - Anti-debugging code
urlquery	phishing	Phishing - Tycoon Phishing Kit

HTTP Headers

GET /QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA== HTTP/1.1
Host: urguc4.msyoxvxe.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5UzBOcVcvcUo2c2t3c0NkOW4zN3c9PSIsInZhbHVlIjoia0FOcmk2V3pRT3p4b2FOQXBqZWk3emowYzk3bFd2WXl3OXJLeFI1VDlkc2FYd3hQYmpCZkRlOVMzSlVUZXpWRzV3WkdXV01EUWpzeWhUM2V5S3IrTzJtSjEvY1NycXRYRS9icEpYME1lNk9iQXV3Vi9oL1R0cXExcnNHMDVyY3oiLCJtYWMiOiI0OTY2Mjk2MTdjYWIwY2I4MDFkZGEwMjAwN2U0ZmFmMWRlMTZhODQwZDc1YzcyZTkyNGZmNzRiYWFlNDUyZDliIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InVjOEVFVkxGUi83VnNPMlE2ZU5MSVE9PSIsInZhbHVlIjoiK2h3ZjYzNDE4Q1RweElwQTl0RzI2dmszdzluNUc2ZjRMS0FocExmeW5jaUphUlkySHhXSXZyMVFMWFZlWWVCYlhjSnY4bnl3bnp3aHduLyttSmFPUUFrWUxDdVNuSCs0ZjRDVnRuVFEyMnZSUGRseXpON284bG00SU84b3NRVlUiLCJtYWMiOiIyOTRjOTFlYTNhYTJlMDU2NjY2ZmVjNjEwMDYzOGU5YWM0Yzc0MGZjNWRkMGQ1MmE4ODJiNjEzNjgxYzdhY2NhIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 02 Jul 2025 23:20:52 GMT
content-type: text/html; charset=UTF-8
cf-ray: 9591e04d5c23712b-OSL
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control: no-cache, private
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=MkX6Q7DszhbOVsDMPbv46ek8VEfUQ7B7q4wWp9Y1LQn0fad66jTjOTcJP4%2BQ%2FAV5ftbdEq7sjzwXtyMsRATIz0U8VYnXFsuxUeg%3D"}]}
cf-cache-status: DYNAMIC
set-cookie: XSRF-TOKEN=eyJpdiI6InRkY1NITzVHZ2tzMzJDSU9DcFpBWHc9PSIsInZhbHVlIjoiMkZ1Z25pWWlvcVNQR21taytIUlovQkJQME9md2N5c0QwVkoySkhSMGoyc3FPZkdyenpWTzZHcW9Bcmg4RkF3TFJzQ1RZRHZGSExtY2E2L1dGMVY0ZHRaakZyTVBoTG9lZklJSzZ2TjBmbjJXLzBWMWd0K0poUlEzSUNMWDFFVk8iLCJtYWMiOiI4MTEwNGNjZDc5NTg2OWYwZDM1NzU4ODhmN2I1YzUyM2Q2ZTQzNThhNGZiNTAxYWQ2YTc2NTMyYTUyNjcwOTcyIiwidGFnIjoiIn0%3D; SameSite=None; Secure; Path=/; Max-Age=7200; Expires=Thu, 03 Jul 2025 01:20:52 GMT
laravel_session=eyJpdiI6Ijk2V1hWU2FQMGhsZ1RCMU1pbGNidmc9PSIsInZhbHVlIjoiK1FJbDJKNnVBeEJqbE5CZ1BqbkRVRWFSMForaHQ1b1ZRYU1jZEpFaStvZUJ0ZmdFbUY0a3BIY2JReThybGVMaUFKK09kaTlMdlRwSExuSTBSbW53MHFNbHFZRm9lMXBEMERsUjdDdzNiTVZKcG9jM2ZuUThMU2xIMndhcm1OeTIiLCJtYWMiOiIwMmQ0NjU1ZDA4MTZkMDlhMjA3NzE5MzNlZWMyMjQxMGNkMmIyZmIwNmNhMDU5OGFjZWFkZDg0OGJmOWFlYmJjIiwidGFnIjoiIn0%3D; HttpOnly; SameSite=None; Secure; Path=/; Max-Age=7200; Expires=Thu, 03 Jul 2025 01:20:52 GMT
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7789&min_rtt=0&rtt_var=9711&sent=56&recv=69&lost=0&retrans=0&sent_bytes=16241&recv_bytes=10944&delivery_rate=724739&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=27494&unsent_bytes=0&cid=401366e0b4621c11&ts=18163&inflight_dur=118&x=40"

GET challenges.cloudflare.com/turnstile/v0/api.js?render=explicit

104.18.95.41

302 Found

49 kB

URL GET
challenges.cloudflare.com/turnstile/v0/api.js?render=explicit
IP
104.18.95.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
FingerprintFC:98:AC:45:6F:F6:41:18:0B:96:F4:70:AB:D7:E3:D4:3D:B4:66:71
ValidityFri, 27 Jun 2025 18:18:48 GMT - Thu, 25 Sep 2025 19:18:44 GMT

File type

Size
49 kB (48828 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /turnstile/v0/api.js?render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://urguc4.msyoxvxe.es/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Wed, 02 Jul 2025 23:20:34 GMT
content-length: 0
access-control-allow-origin: *
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=300, public
cross-origin-resource-policy: cross-origin
location: /turnstile/v0/g/5f8a20c0c87c/api.js
vary: Accept-Encoding
server: cloudflare
cf-ray: 9591dfe0a8230b65-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js

104.17.24.14

200 OK

48 kB

URL GET
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint4B:06:E9:E2:47:47:F5:3C:33:58:F8:2A:95:70:22:5E:23:19:03:77
ValidityThu, 22 May 2025 14:38:44 GMT - Wed, 20 Aug 2025 15:38:38 GMT

File type
JavaScript source, ASCII text, with very long lines (48316), with no line terminators
Size
48 kB (48316 bytes)
Hash
2ca03ad87885ab983541092b87adb299
1a17f60bf776a8c468a185c1e8e985c41a50dc27
8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762

HTTP Headers

GET /ajax/libs/crypto-js/4.1.1/crypto-js.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://urguc4.msyoxvxe.es/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 02 Jul 2025 23:20:52 GMT
content-type: application/javascript; charset=utf-8
content-length: 13972
cf-ray: 9591e052d855569b-OSL
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "61182885-3694"
last-modified: Sat, 14 Aug 2021 20:33:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 556890
expires: Mon, 22 Jun 2026 23:20:52 GMT
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=22YMTT7TYqjy%2F2f77PZ3GtYy2o2CUs0VFr0BaEoZzQbjl%2BsQO1zRaj%2BlRA5%2FHKnvmyJN2%2B6wKbo%2BQxMjZ%2BRwH%2BNuK95TPQgHVFwhg30EB4%2B1GYWBUd7vi3xo9ON2EWNIXzBiU43e"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en

104.21.57.248

200 OK

219 kB

URL User Request GET
urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en
IP
104.21.57.248:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectmsyoxvxe.es
Fingerprint68:E4:97:CA:CE:60:2C:D9:EA:23:38:4E:25:33:39:58:00:7E:AC:67
ValidityMon, 12 May 2025 01:41:38 GMT - Sun, 10 Aug 2025 02:39:18 GMT

File type
HTML document, ASCII text, with very long lines (7497), with CRLF line terminators
Size
219 kB (218824 bytes)
Hash
702731d514f800236f9b4c11ca9675f0
2899ce6af091d96f0cbaaaac7967b799f3bd0c71
bfb27c57303a5221bf6206618184daf4852063e24a81b5c2a009782afe55f811

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - Anti-debugging code
urlquery	phishing	Phishing - Tycoon Phishing Kit

HTTP Headers

GET /8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en HTTP/1.1
Host: urguc4.msyoxvxe.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==
Cookie: XSRF-TOKEN=eyJpdiI6IklhakJxbGUrd1JDQ1ZXU2RZeHR0Z1E9PSIsInZhbHVlIjoiV2FsV0VZaXRITk1PQ1RSSWhKejhkUjZESXBLRVJjN0o4NisyeC9ScSsrT2FyRjFXcnhuQ2FuVDdSV1doelBlYXFiK1AzK3FIVWR6SWdWdWNIN1Z2b09BZlZ5RURXWklLTXZGbU5qRFlXZlJKUXBXTDNKMWN0cER0WWNNZ0dsYlgiLCJtYWMiOiJiYjY4OTY3YTY1NjI3NmRiOGZhYTcyOWRlYjRlN2M3YzA0YjU3MWI3ZmRhZmFlNzk5NTU1YjQ0YzRhY2NkNjgxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlpiQk9LcktJRUcvTWIvRVlMdGpNZkE9PSIsInZhbHVlIjoibjlXUEdFT2NrR254enpjbW9ka29ieG16bG95VlhybHJKdU91UVR5bkwySW1sZHZ1TWtVMEFCN1hqTG41ODBPbEVBTlNLTWErSkpmSGUvOEVtVkZhbncrcVp1RXpNcUlHbTVoaldxbVYrYkZ5NUppY3lPbWRhUXlkUmdzMUlEbjMiLCJtYWMiOiJmOTVmZjU5Zjk2ZGIxY2YwYTBmZmUxNjlmNmNkN2VkMDM1OWVjOTk5NWViYmQzNzg5MDJlYTEzMjZiZjJlMTBhIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 02 Jul 2025 23:20:54 GMT
content-type: text/html; charset=UTF-8
cf-ray: 9591e0577c47712b-OSL
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control: no-cache, private
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=wqYA35jzHngGjDJktD4N3No%2BWYAx%2BkJauiYwfR1ndusat2GPVgqAp9TnvWlR%2FMNUo9GetZqrlnpUuKa5wV2VN5FDNrmLjuWnaKI%3D"}]}
cf-cache-status: DYNAMIC
set-cookie: XSRF-TOKEN=eyJpdiI6IlhBTWJ2WDJGNFNuTkNYL0FsUUE3Q0E9PSIsInZhbHVlIjoiWFZXTUNIUCtqd3VlTzV1Q3RwTnMxMkgxZHB1NzNzQ0pzek5wd3lubFYzMXV3ejhaZlRUTmpjM0ZQWWpIdmh0TVV6cHYwNUhtMEZUbkNTdldFaFM4OWl6QklLMER5cjBYZ0ZOdCtCeWVMa28yR3ZnQXJjcFcvd3JEaHZvVkF0TmIiLCJtYWMiOiIxNjRlOGI4MDUxNGYwOWIwMGE1MDJlNGJlZjFmZTY2ZTgyZWJkZThmNDI4OWUwY2YxYzQwOGJjYTk1MjE2YmRjIiwidGFnIjoiIn0%3D; SameSite=None; Secure; Path=/; Max-Age=7200; Expires=Thu, 03 Jul 2025 01:20:53 GMT
laravel_session=eyJpdiI6ImNTdFg4dUFtSkd2OWtHbGhrSVZ4OHc9PSIsInZhbHVlIjoiYjJmekU4N05jTmlQRUFaWVh3Q3pPT0ZocFRwNW5McXpualdid3U2d2JXVkNkRlUzRzdCSkNpR0tRODlPb0ExaEpLd3RwMVQ4SUxDV1RUSVNTc2NWZHdxeHZRLzI5Y1JraVBSOHVzdnordUhsREZtU3VMSW5VbWRvb1NVVUxZeWYiLCJtYWMiOiJhY2NmZDc2YWZmZmIzYjRiNmE0ZTViZGRmMTY2NWYxMGU5YjRmZmY3NmMxNTI1ZmRlMzY1NmMwOWMzNzZkODQ1IiwidGFnIjoiIn0%3D; HttpOnly; SameSite=None; Secure; Path=/; Max-Age=7200; Expires=Thu, 03 Jul 2025 01:20:53 GMT
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3205&min_rtt=0&rtt_var=3151&sent=81&recv=82&lost=0&retrans=0&sent_bytes=39588&recv_bytes=14384&delivery_rate=5407723&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=28822&unsent_bytes=0&cid=401366e0b4621c11&ts=19759&inflight_dur=175&x=40"

GET get.geojs.io/v1/ip/geo.json

104.26.1.100

200 OK

335 B

URL GET
get.geojs.io/v1/ip/geo.json
IP
104.26.1.100:443
ASN
#13335 CLOUDFLARENET

Requested by
https://urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en
Certificate
IssuerGoogle Trust Services
Subjectgeojs.io
FingerprintA3:C6:58:F9:E8:49:67:61:59:AC:B4:7D:C8:2F:CB:C3:EC:B2:82:9B
ValidityThu, 26 Jun 2025 06:15:54 GMT - Wed, 24 Sep 2025 07:15:44 GMT

File type
JSON text data
Size
335 B (335 bytes)
Hash
3d97dcaa4218acfe417b53e4b0c3bb65
55c94912bce8abc9dbdb153f537871b6674976a9
3273f73ed53e4f130fb419990b134c2dcb8e0720dea93bc34f3da97cf64a7925

HTTP Headers

GET /v1/ip/geo.json HTTP/1.1
Host: get.geojs.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://urguc4.msyoxvxe.es
DNT: 1
Connection: keep-alive
Referer: https://urguc4.msyoxvxe.es/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 02 Jul 2025 23:21:01 GMT
content-type: application/json
server: cloudflare
x-request-id: 97fa608ffdab15679aef50d0a82e10d2-ASH
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-origin: *
access-control-allow-methods: GET
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
geojs-backend: ash-01
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
x-content-type-options: nosniff
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=VonNyWEuUawPOdl%2Bjlmyl339UpMyvjH%2BHnHdy3NakiaQwNSOdEtU7D%2BqiMtX8cCwtojDvAlnQVRKYrPEcxzO%2F6itaGF5sCk%3D"}]}
content-encoding: br
cf-ray: 9591e085ccdc569d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET urguc4.msyoxvxe.es/GDSherpa-vf2.woff2

104.21.57.248

200 OK

93 kB

URL GET
urguc4.msyoxvxe.es/GDSherpa-vf2.woff2
IP
104.21.57.248:443
ASN
#13335 CLOUDFLARENET

Requested by
https://urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en
Certificate
IssuerGoogle Trust Services
Subjectmsyoxvxe.es
Fingerprint68:E4:97:CA:CE:60:2C:D9:EA:23:38:4E:25:33:39:58:00:7E:AC:67
ValidityMon, 12 May 2025 01:41:38 GMT - Sun, 10 Aug 2025 02:39:18 GMT

File type
Web Open Font Format (Version 2), TrueType, length 93276, version 1.0
Size
93 kB (93276 bytes)
Hash
bcd7983ea5aa57c55f6758b4977983cb
ef3a009e205229e07fb0ec8569e669b11c378ef1
6528a0bf9a836a53dfd8536e1786ba6831c9d1faa74967126fddf5b2081b858c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft
urlquery	phishing	Phishing - Tycoon Phishing Kit

HTTP Headers

GET /GDSherpa-vf2.woff2 HTTP/1.1
Host: urguc4.msyoxvxe.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlhBTWJ2WDJGNFNuTkNYL0FsUUE3Q0E9PSIsInZhbHVlIjoiWFZXTUNIUCtqd3VlTzV1Q3RwTnMxMkgxZHB1NzNzQ0pzek5wd3lubFYzMXV3ejhaZlRUTmpjM0ZQWWpIdmh0TVV6cHYwNUhtMEZUbkNTdldFaFM4OWl6QklLMER5cjBYZ0ZOdCtCeWVMa28yR3ZnQXJjcFcvd3JEaHZvVkF0TmIiLCJtYWMiOiIxNjRlOGI4MDUxNGYwOWIwMGE1MDJlNGJlZjFmZTY2ZTgyZWJkZThmNDI4OWUwY2YxYzQwOGJjYTk1MjE2YmRjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImNTdFg4dUFtSkd2OWtHbGhrSVZ4OHc9PSIsInZhbHVlIjoiYjJmekU4N05jTmlQRUFaWVh3Q3pPT0ZocFRwNW5McXpualdid3U2d2JXVkNkRlUzRzdCSkNpR0tRODlPb0ExaEpLd3RwMVQ4SUxDV1RUSVNTc2NWZHdxeHZRLzI5Y1JraVBSOHVzdnordUhsREZtU3VMSW5VbWRvb1NVVUxZeWYiLCJtYWMiOiJhY2NmZDc2YWZmZmIzYjRiNmE0ZTViZGRmMTY2NWYxMGU5YjRmZmY3NmMxNTI1ZmRlMzY1NmMwOWMzNzZkODQ1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 02 Jul 2025 23:20:55 GMT
content-type: font/woff2
content-length: 93276
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-disposition: inline; filename="GDSherpa-vf2.woff2"
cf-cache-status: HIT
last-modified: Wed, 02 Jul 2025 21:22:01 GMT
accept-ranges: bytes
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=uV7J3yp3all2l9V1LuteBjEto8AMWKZ0ryrx1fjk4LOoWEB89y%2Fi73tqR5o3Z2R7rs55%2BN68UpzSPitRdxw8BMT3ZWTE%2Bx8QNdw%3D"}]}
age: 7133
cache-control: max-age=14400
cf-ray: 9591e0628c7a712b-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1849&min_rtt=0&rtt_var=1746&sent=321&recv=129&lost=4&retrans=4&sent_bytes=344137&recv_bytes=26989&delivery_rate=14365570&ss_exit_cwnd=28822&ss_exit_reason=2&cwnd=19951&unsent_bytes=0&cid=401366e0b4621c11&ts=21062&inflight_dur=311&x=40"

GET urguc4.msyoxvxe.es/yzGv7b5RdCJwQDWjhWO2WNLxE46BmnxXN0v29ftDXjLrWz890179

104.21.57.248

200 OK

2.9 kB

URL GET
urguc4.msyoxvxe.es/yzGv7b5RdCJwQDWjhWO2WNLxE46BmnxXN0v29ftDXjLrWz890179
IP
104.21.57.248:443
ASN
#13335 CLOUDFLARENET

Requested by
https://urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en
Certificate
IssuerGoogle Trust Services
Subjectmsyoxvxe.es
Fingerprint68:E4:97:CA:CE:60:2C:D9:EA:23:38:4E:25:33:39:58:00:7E:AC:67
ValidityMon, 12 May 2025 01:41:38 GMT - Sun, 10 Aug 2025 02:39:18 GMT

File type
SVG Scalable Vector Graphics image
Size
2.9 kB (2905 bytes)
Hash
fe87496cc7a44412f7893a72099c120a
a0c1458c08a815df63d3cb0406d60be6607ca699
55ce3b0ce5bc71339308107982cd7671f96014256ded0be36dc8062e64c847f1

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft
urlquery	phishing	Phishing - Tycoon Phishing Kit

HTTP Headers

GET /yzGv7b5RdCJwQDWjhWO2WNLxE46BmnxXN0v29ftDXjLrWz890179 HTTP/1.1
Host: urguc4.msyoxvxe.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en
Cookie: XSRF-TOKEN=eyJpdiI6IlhBTWJ2WDJGNFNuTkNYL0FsUUE3Q0E9PSIsInZhbHVlIjoiWFZXTUNIUCtqd3VlTzV1Q3RwTnMxMkgxZHB1NzNzQ0pzek5wd3lubFYzMXV3ejhaZlRUTmpjM0ZQWWpIdmh0TVV6cHYwNUhtMEZUbkNTdldFaFM4OWl6QklLMER5cjBYZ0ZOdCtCeWVMa28yR3ZnQXJjcFcvd3JEaHZvVkF0TmIiLCJtYWMiOiIxNjRlOGI4MDUxNGYwOWIwMGE1MDJlNGJlZjFmZTY2ZTgyZWJkZThmNDI4OWUwY2YxYzQwOGJjYTk1MjE2YmRjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImNTdFg4dUFtSkd2OWtHbGhrSVZ4OHc9PSIsInZhbHVlIjoiYjJmekU4N05jTmlQRUFaWVh3Q3pPT0ZocFRwNW5McXpualdid3U2d2JXVkNkRlUzRzdCSkNpR0tRODlPb0ExaEpLd3RwMVQ4SUxDV1RUSVNTc2NWZHdxeHZRLzI5Y1JraVBSOHVzdnordUhsREZtU3VMSW5VbWRvb1NVVUxZeWYiLCJtYWMiOiJhY2NmZDc2YWZmZmIzYjRiNmE0ZTViZGRmMTY2NWYxMGU5YjRmZmY3NmMxNTI1ZmRlMzY1NmMwOWMzNzZkODQ1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 02 Jul 2025 23:20:57 GMT
content-type: image/svg+xml
cf-ray: 9591e062ac7f712b-OSL
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-disposition: inline; filename="yzGv7b5RdCJwQDWjhWO2WNLxE46BmnxXN0v29ftDXjLrWz890179"
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Z%2BHwVzrS1WMui8tJVZXqBrMrgw1FSxdCW3StxNIHUhQ5ikQYf4AHsGR6hN0Y0gRTa4mI9CiMC7g%2Fm1mCHMrgFEqWGxva1Sby7T4%3D"}]}
vary: accept-encoding
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2652&min_rtt=0&rtt_var=2022&sent=460&recv=155&lost=4&retrans=4&sent_bytes=506168&recv_bytes=39776&delivery_rate=14365570&ss_exit_cwnd=28822&ss_exit_reason=2&cwnd=19951&unsent_bytes=0&cid=401366e0b4621c11&ts=23093&inflight_dur=431&x=40"

POST urguc4.msyoxvxe.es/rocbrFaKiqKJ3pUnAhu6UwVe5MAkFq0dcIwy8A00UpIhyS4Ym7

104.21.57.248

200 OK

1 B

URL POST
urguc4.msyoxvxe.es/rocbrFaKiqKJ3pUnAhu6UwVe5MAkFq0dcIwy8A00UpIhyS4Ym7
IP
104.21.57.248:443
ASN
#13335 CLOUDFLARENET

Requested by
https://urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en
Certificate
IssuerGoogle Trust Services
Subjectmsyoxvxe.es
Fingerprint68:E4:97:CA:CE:60:2C:D9:EA:23:38:4E:25:33:39:58:00:7E:AC:67
ValidityMon, 12 May 2025 01:41:38 GMT - Sun, 10 Aug 2025 02:39:18 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft
urlquery	phishing	Phishing - Tycoon Phishing Kit

HTTP Headers

POST /rocbrFaKiqKJ3pUnAhu6UwVe5MAkFq0dcIwy8A00UpIhyS4Ym7 HTTP/1.1
Host: urguc4.msyoxvxe.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 2832
Origin: https://urguc4.msyoxvxe.es
DNT: 1
Connection: keep-alive
Referer: https://urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en
Cookie: XSRF-TOKEN=eyJpdiI6IlhBTWJ2WDJGNFNuTkNYL0FsUUE3Q0E9PSIsInZhbHVlIjoiWFZXTUNIUCtqd3VlTzV1Q3RwTnMxMkgxZHB1NzNzQ0pzek5wd3lubFYzMXV3ejhaZlRUTmpjM0ZQWWpIdmh0TVV6cHYwNUhtMEZUbkNTdldFaFM4OWl6QklLMER5cjBYZ0ZOdCtCeWVMa28yR3ZnQXJjcFcvd3JEaHZvVkF0TmIiLCJtYWMiOiIxNjRlOGI4MDUxNGYwOWIwMGE1MDJlNGJlZjFmZTY2ZTgyZWJkZThmNDI4OWUwY2YxYzQwOGJjYTk1MjE2YmRjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImNTdFg4dUFtSkd2OWtHbGhrSVZ4OHc9PSIsInZhbHVlIjoiYjJmekU4N05jTmlQRUFaWVh3Q3pPT0ZocFRwNW5McXpualdid3U2d2JXVkNkRlUzRzdCSkNpR0tRODlPb0ExaEpLd3RwMVQ4SUxDV1RUSVNTc2NWZHdxeHZRLzI5Y1JraVBSOHVzdnordUhsREZtU3VMSW5VbWRvb1NVVUxZeWYiLCJtYWMiOiJhY2NmZDc2YWZmZmIzYjRiNmE0ZTViZGRmMTY2NWYxMGU5YjRmZmY3NmMxNTI1ZmRlMzY1NmMwOWMzNzZkODQ1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 02 Jul 2025 23:20:57 GMT
content-type: text/html; charset=UTF-8
cf-ray: 9591e06e1cf0712b-OSL
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control: no-cache, private
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=eORmz0Ha%2FO4K3EChI6eLlk2YNAqSAGdqdTh6wakuCnb%2BBswFrNEcY4bmUZnl%2FjlVLG7c1fQhQR9lQFO9BzEdAARGYiRlawa1i2o%3D"}]}
cf-cache-status: DYNAMIC
set-cookie: XSRF-TOKEN=eyJpdiI6ImR4VjdBNHVHV2QyeHZUL3Exa3VzQ1E9PSIsInZhbHVlIjoiZW4xUURHOTYxclkrMFpyR29NWmtVQ1psait4TVZZQzJac0lmaDk3V3JxUE9vZjBYUmhMM3p6LzYxZ3lFckhIc1lteUZERXZpVWxPK3U3QlVmUjR3MDNKWlJsenNIT1V3VGZmdkZGQWJZZDN5NE1MdmdtSUgzNS9MSzBmNGVQMEIiLCJtYWMiOiJmMjMxODc2YTQ4Mjk5NWNkYjQ2MjAyMzYxMjdjYzY4MzMzNGVmY2QwNTE1NmQ2ZDRlMWU2NWRmMmE4NGM1OThhIiwidGFnIjoiIn0%3D; SameSite=None; Secure; Path=/; Max-Age=7200; Expires=Thu, 03 Jul 2025 01:20:57 GMT
laravel_session=eyJpdiI6ImR6YXJSeVBDSUM2UkxBa1R1SXpObmc9PSIsInZhbHVlIjoibmFqZVc1TXdUZ0dvTVdsUVVjZGUxRlVKN08yMnpRcUlZRklJdjViVkdhNGxTNjF3TmhmbU1NVWF5Qm1MNXhrVWMvdjVIYkFITFI3OWF4NGZjMEpmbForbTJNc3Y3K2tkcjlNRWxYMWNYb2RseFNzdUo4ekdFbmY4VisveVlCc1UiLCJtYWMiOiJhNjdiZTIyYWVlNTY2MmEyZDA1OWVhYmIzMjJhZDZiMjhiZmIxYTgzYzI0MjBhNDNjZmMxNzQwZGQxMzg3Yzc0IiwidGFnIjoiIn0%3D; HttpOnly; SameSite=None; Secure; Path=/; Max-Age=7200; Expires=Thu, 03 Jul 2025 01:20:57 GMT
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2077&min_rtt=0&rtt_var=1230&sent=503&recv=161&lost=4&retrans=4&sent_bytes=556284&recv_bytes=40054&delivery_rate=14365570&ss_exit_cwnd=28822&ss_exit_reason=2&cwnd=19951&unsent_bytes=0&cid=401366e0b4621c11&ts=23525&inflight_dur=462&x=40"

GET urguc4.msyoxvxe.es/favicon.ico

104.21.57.248

404 Not Found

0 B

URL GET
urguc4.msyoxvxe.es/favicon.ico
IP
104.21.57.248:443
ASN
#13335 CLOUDFLARENET

Requested by
https://urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en
Certificate
IssuerGoogle Trust Services
Subjectmsyoxvxe.es
Fingerprint68:E4:97:CA:CE:60:2C:D9:EA:23:38:4E:25:33:39:58:00:7E:AC:67
ValidityMon, 12 May 2025 01:41:38 GMT - Sun, 10 Aug 2025 02:39:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Tycoon Phishing Kit

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: urguc4.msyoxvxe.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en
Cookie: XSRF-TOKEN=eyJpdiI6ImR4VjdBNHVHV2QyeHZUL3Exa3VzQ1E9PSIsInZhbHVlIjoiZW4xUURHOTYxclkrMFpyR29NWmtVQ1psait4TVZZQzJac0lmaDk3V3JxUE9vZjBYUmhMM3p6LzYxZ3lFckhIc1lteUZERXZpVWxPK3U3QlVmUjR3MDNKWlJsenNIT1V3VGZmdkZGQWJZZDN5NE1MdmdtSUgzNS9MSzBmNGVQMEIiLCJtYWMiOiJmMjMxODc2YTQ4Mjk5NWNkYjQ2MjAyMzYxMjdjYzY4MzMzNGVmY2QwNTE1NmQ2ZDRlMWU2NWRmMmE4NGM1OThhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImR6YXJSeVBDSUM2UkxBa1R1SXpObmc9PSIsInZhbHVlIjoibmFqZVc1TXdUZ0dvTVdsUVVjZGUxRlVKN08yMnpRcUlZRklJdjViVkdhNGxTNjF3TmhmbU1NVWF5Qm1MNXhrVWMvdjVIYkFITFI3OWF4NGZjMEpmbForbTJNc3Y3K2tkcjlNRWxYMWNYb2RseFNzdUo4ekdFbmY4VisveVlCc1UiLCJtYWMiOiJhNjdiZTIyYWVlNTY2MmEyZDA1OWVhYmIzMjJhZDZiMjhiZmIxYTgzYzI0MjBhNDNjZmMxNzQwZGQxMzg3Yzc0IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Wed, 02 Jul 2025 23:20:59 GMT
content-type: text/html; charset=UTF-8
cf-ray: 9591e07e6d34712b-OSL
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=qXtyAO6w6duQmjtdycbIrPtWkcXss6sjXDKiu2iWrDlwP8j32pStkrjx9SWrA4BKr9sm%2B2vLIuWVeuGsw8ZIHHtu71ybxez5GOY%3D"}]}
cf-cache-status: HIT
vary: accept-encoding
age: 48
cache-control: max-age=14400
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2081&min_rtt=0&rtt_var=1454&sent=516&recv=166&lost=4&retrans=4&sent_bytes=568843&recv_bytes=41216&delivery_rate=14365570&ss_exit_cwnd=28822&ss_exit_reason=2&cwnd=19951&unsent_bytes=0&cid=401366e0b4621c11&ts=25538&inflight_dur=491&x=40"

GET urguc4.msyoxvxe.es/favicon.ico

104.21.57.248

404 Not Found

0 B

URL GET
urguc4.msyoxvxe.es/favicon.ico
IP
104.21.57.248:443
ASN
#13335 CLOUDFLARENET

Requested by
https://urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==
Certificate
IssuerGoogle Trust Services
Subjectmsyoxvxe.es
Fingerprint68:E4:97:CA:CE:60:2C:D9:EA:23:38:4E:25:33:39:58:00:7E:AC:67
ValidityMon, 12 May 2025 01:41:38 GMT - Sun, 10 Aug 2025 02:39:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Tycoon Phishing Kit

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: urguc4.msyoxvxe.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://urguc4.msyoxvxe.es/QuUCYCCiUGyALqM!t/$cnphamRsZXJAc2x1cnBtYWlsLm5ldA==
Cookie: XSRF-TOKEN=eyJpdiI6IktEeFUyNlN4M2NudnN5RHFBbzFQWWc9PSIsInZhbHVlIjoiVXVaTEdpNFZKcEUrWUFqYjhNLzJBNDRKandiaGdjeFhWWE5qdy92bG53ZE1DWkIwNllrckJRL0ZjbUxhcE1BcjloTVpxdHdiMkhkNGVnSHJpSGhNV3ZVQ29YUzN6M05PWnhiS25oL21aWHJnV3hQQjZTeVllZVF3amF2QVozYWUiLCJtYWMiOiI4MzM3ZmQwNWU4M2M3NTNjYzAwZTIwZDQ2NzcwYTYwNTNmYTQ2NjIzYjkyYzg0NTJmZGU0YzUxNWIyODlhMzYwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImVteEFZYVErVVE5WERSVGplNjdSTlE9PSIsInZhbHVlIjoiNmhRK21XOG4yNytmdGl3aWhiNGdUNlhVQUpPdXVPM2lXRlBET2RvczdnTnBJeEhNY2VDMVdMc2VlbG5VRlAzeFQwUGNqQlNtZXlqSDNsUUt3eVFNZkVGc3Z2NlcreXJSbDZ3cDM5T1NRRzByWThMN2xkdUxyRG85VHlLNE9ldUIiLCJtYWMiOiJkODVmMzVkYWVlNTJhMWU3ODEwODI4OGYzOGE1NGRkNzIxMjYxZmNkYWE5NTFkYTNlZWNiNzAwMjgxZDY4N2RlIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Wed, 02 Jul 2025 23:20:34 GMT
content-type: text/html; charset=UTF-8
cf-ray: 9591dfe1e920712b-OSL
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=qXtyAO6w6duQmjtdycbIrPtWkcXss6sjXDKiu2iWrDlwP8j32pStkrjx9SWrA4BKr9sm%2B2vLIuWVeuGsw8ZIHHtu71ybxez5GOY%3D"}]}
cf-cache-status: HIT
vary: accept-encoding
age: 23
cache-control: max-age=14400
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12503&min_rtt=2002&rtt_var=11134&sent=41&recv=57&lost=0&retrans=0&sent_bytes=6657&recv_bytes=4367&delivery_rate=157319&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=18066&unsent_bytes=0&cid=401366e0b4621c11&ts=496&inflight_dur=45&x=40"

GET cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js

104.17.24.14

200 OK

48 kB

URL GET
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint4B:06:E9:E2:47:47:F5:3C:33:58:F8:2A:95:70:22:5E:23:19:03:77
ValidityThu, 22 May 2025 14:38:44 GMT - Wed, 20 Aug 2025 15:38:38 GMT

File type
JavaScript source, ASCII text, with very long lines (48316), with no line terminators
Size
48 kB (48316 bytes)
Hash
2ca03ad87885ab983541092b87adb299
1a17f60bf776a8c468a185c1e8e985c41a50dc27
8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762

HTTP Headers

GET /ajax/libs/crypto-js/4.1.1/crypto-js.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://urguc4.msyoxvxe.es/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 02 Jul 2025 23:20:54 GMT
content-type: application/javascript; charset=utf-8
content-length: 13972
cf-ray: 9591e05e3a07569b-OSL
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "61182885-3694"
last-modified: Sat, 14 Aug 2021 20:33:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 556892
expires: Mon, 22 Jun 2026 23:20:54 GMT
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dz34TNSbFdttBqkQnbY5NSUiGEsU06mL%2F7IShWCyUQMPbJjr1WGzpRDVwsGWs%2BCYc0VVwB%2BON6TBR9EB4vF2EK7UdwugZtqwCik%2FaS2Ow3pTLqpsRFKZ7U3YCphyLdZQ3d3cEGcl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET urguc4.msyoxvxe.es/GDSherpa-bold.woff

104.21.57.248

200 OK

36 kB

URL GET
urguc4.msyoxvxe.es/GDSherpa-bold.woff
IP
104.21.57.248:443
ASN
#13335 CLOUDFLARENET

Requested by
https://urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en
Certificate
IssuerGoogle Trust Services
Subjectmsyoxvxe.es
Fingerprint68:E4:97:CA:CE:60:2C:D9:EA:23:38:4E:25:33:39:58:00:7E:AC:67
ValidityMon, 12 May 2025 01:41:38 GMT - Sun, 10 Aug 2025 02:39:18 GMT

File type
Web Open Font Format, TrueType, length 35970, version 1.0
Size
36 kB (35970 bytes)
Hash
496b7bbde91c7dc7cf9bbabbb3921da8
2bd3c406a715ab52dad84c803c55bf4a6e66a924
ae40a04f95df12b0c364f26ab691dc0c391d394a28bcdb4aeacfaca325d0a798

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft
urlquery	phishing	Phishing - Tycoon Phishing Kit

HTTP Headers

GET /GDSherpa-bold.woff HTTP/1.1
Host: urguc4.msyoxvxe.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlhBTWJ2WDJGNFNuTkNYL0FsUUE3Q0E9PSIsInZhbHVlIjoiWFZXTUNIUCtqd3VlTzV1Q3RwTnMxMkgxZHB1NzNzQ0pzek5wd3lubFYzMXV3ejhaZlRUTmpjM0ZQWWpIdmh0TVV6cHYwNUhtMEZUbkNTdldFaFM4OWl6QklLMER5cjBYZ0ZOdCtCeWVMa28yR3ZnQXJjcFcvd3JEaHZvVkF0TmIiLCJtYWMiOiIxNjRlOGI4MDUxNGYwOWIwMGE1MDJlNGJlZjFmZTY2ZTgyZWJkZThmNDI4OWUwY2YxYzQwOGJjYTk1MjE2YmRjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImNTdFg4dUFtSkd2OWtHbGhrSVZ4OHc9PSIsInZhbHVlIjoiYjJmekU4N05jTmlQRUFaWVh3Q3pPT0ZocFRwNW5McXpualdid3U2d2JXVkNkRlUzRzdCSkNpR0tRODlPb0ExaEpLd3RwMVQ4SUxDV1RUSVNTc2NWZHdxeHZRLzI5Y1JraVBSOHVzdnordUhsREZtU3VMSW5VbWRvb1NVVUxZeWYiLCJtYWMiOiJhY2NmZDc2YWZmZmIzYjRiNmE0ZTViZGRmMTY2NWYxMGU5YjRmZmY3NmMxNTI1ZmRlMzY1NmMwOWMzNzZkODQ1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 02 Jul 2025 23:20:55 GMT
content-type: font/woff
content-length: 35970
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-disposition: inline; filename="GDSherpa-bold.woff"
cf-cache-status: HIT
last-modified: Wed, 02 Jul 2025 21:22:02 GMT
accept-ranges: bytes
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Z3lruh6dpIrz4GXC5%2FUeADYSNr9uM8hP5dqexF2Z270fdB%2FNZwwifgcIc4JeSLYnfbbjmjlthRB%2BGsNxdyHSwjqUB9fCq4pFPgQ%3D"}]}
age: 7133
cache-control: max-age=14400
cf-ray: 9591e0623c74712b-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1585&min_rtt=0&rtt_var=780&sent=235&recv=115&lost=4&retrans=4&sent_bytes=238535&recv_bytes=20596&delivery_rate=14365570&ss_exit_cwnd=28822&ss_exit_reason=2&cwnd=19814&unsent_bytes=0&cid=401366e0b4621c11&ts=21024&inflight_dur=278&x=40"

GET urguc4.msyoxvxe.es/GDSherpa-regular.woff2

104.21.57.248

200 OK

29 kB

URL GET
urguc4.msyoxvxe.es/GDSherpa-regular.woff2
IP
104.21.57.248:443
ASN
#13335 CLOUDFLARENET

Requested by
https://urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en
Certificate
IssuerGoogle Trust Services
Subjectmsyoxvxe.es
Fingerprint68:E4:97:CA:CE:60:2C:D9:EA:23:38:4E:25:33:39:58:00:7E:AC:67
ValidityMon, 12 May 2025 01:41:38 GMT - Sun, 10 Aug 2025 02:39:18 GMT

File type
Web Open Font Format (Version 2), TrueType, length 28584, version 1.66
Size
29 kB (28584 bytes)
Hash
17081510f3a6f2f619ec8c6f244523c7
87f34b2a1532c50f2a424c345d03fe028db35635
2c7292014e2ef00374aeb63691d9f23159a010455784ee0b274ba7db2bcca956

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft
urlquery	phishing	Phishing - Tycoon Phishing Kit

HTTP Headers

GET /GDSherpa-regular.woff2 HTTP/1.1
Host: urguc4.msyoxvxe.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlhBTWJ2WDJGNFNuTkNYL0FsUUE3Q0E9PSIsInZhbHVlIjoiWFZXTUNIUCtqd3VlTzV1Q3RwTnMxMkgxZHB1NzNzQ0pzek5wd3lubFYzMXV3ejhaZlRUTmpjM0ZQWWpIdmh0TVV6cHYwNUhtMEZUbkNTdldFaFM4OWl6QklLMER5cjBYZ0ZOdCtCeWVMa28yR3ZnQXJjcFcvd3JEaHZvVkF0TmIiLCJtYWMiOiIxNjRlOGI4MDUxNGYwOWIwMGE1MDJlNGJlZjFmZTY2ZTgyZWJkZThmNDI4OWUwY2YxYzQwOGJjYTk1MjE2YmRjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImNTdFg4dUFtSkd2OWtHbGhrSVZ4OHc9PSIsInZhbHVlIjoiYjJmekU4N05jTmlQRUFaWVh3Q3pPT0ZocFRwNW5McXpualdid3U2d2JXVkNkRlUzRzdCSkNpR0tRODlPb0ExaEpLd3RwMVQ4SUxDV1RUSVNTc2NWZHdxeHZRLzI5Y1JraVBSOHVzdnordUhsREZtU3VMSW5VbWRvb1NVVUxZeWYiLCJtYWMiOiJhY2NmZDc2YWZmZmIzYjRiNmE0ZTViZGRmMTY2NWYxMGU5YjRmZmY3NmMxNTI1ZmRlMzY1NmMwOWMzNzZkODQ1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 02 Jul 2025 23:20:55 GMT
content-type: font/woff2
content-length: 28584
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-disposition: inline; filename="GDSherpa-regular.woff2"
cf-cache-status: HIT
last-modified: Wed, 02 Jul 2025 21:22:01 GMT
accept-ranges: bytes
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=csZeGvxnmsXYO2rhkO24177%2FhAsOfzdnIpe8rQn4Kwg8LKx7JtTe6pScqpudbmDl8wOnaR%2F5T5w0MSuq56icr7WmPpJXFhA2DPQ%3D"}]}
age: 7133
cache-control: max-age=14400
cf-ray: 9591e0624c75712b-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1379&min_rtt=0&rtt_var=649&sent=264&recv=119&lost=4&retrans=4&sent_bytes=275969&recv_bytes=21727&delivery_rate=14365570&ss_exit_cwnd=28822&ss_exit_reason=2&cwnd=19951&unsent_bytes=0&cid=401366e0b4621c11&ts=21031&inflight_dur=281&x=40"

GET urguc4.msyoxvxe.es/ijpKfy5alvNxvVwtT5rMycovqjOVSJIJAQiRT9SqrDvyehQ4W9Uk7gp39SYGx4qYRo3GW3Yeab228

104.21.57.248

200 OK

1.3 kB

URL GET
urguc4.msyoxvxe.es/ijpKfy5alvNxvVwtT5rMycovqjOVSJIJAQiRT9SqrDvyehQ4W9Uk7gp39SYGx4qYRo3GW3Yeab228
IP
104.21.57.248:443
ASN
#13335 CLOUDFLARENET

Requested by
https://urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en
Certificate
IssuerGoogle Trust Services
Subjectmsyoxvxe.es
Fingerprint68:E4:97:CA:CE:60:2C:D9:EA:23:38:4E:25:33:39:58:00:7E:AC:67
ValidityMon, 12 May 2025 01:41:38 GMT - Sun, 10 Aug 2025 02:39:18 GMT

File type
RIFF (little-endian) data, Web/P image
Size
1.3 kB (1298 bytes)
Hash
32ca2081553e969f9fdd4374134521ad
7b09924c4c3d8b6e41fe38363e342da098be4173
216fc342a469aa6a005b2eacc24622095e5282d3e9f1ae99ce54c27b92ec3587

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft
urlquery	phishing	Phishing - Tycoon Phishing Kit

HTTP Headers

GET /ijpKfy5alvNxvVwtT5rMycovqjOVSJIJAQiRT9SqrDvyehQ4W9Uk7gp39SYGx4qYRo3GW3Yeab228 HTTP/1.1
Host: urguc4.msyoxvxe.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en
Cookie: XSRF-TOKEN=eyJpdiI6IlhBTWJ2WDJGNFNuTkNYL0FsUUE3Q0E9PSIsInZhbHVlIjoiWFZXTUNIUCtqd3VlTzV1Q3RwTnMxMkgxZHB1NzNzQ0pzek5wd3lubFYzMXV3ejhaZlRUTmpjM0ZQWWpIdmh0TVV6cHYwNUhtMEZUbkNTdldFaFM4OWl6QklLMER5cjBYZ0ZOdCtCeWVMa28yR3ZnQXJjcFcvd3JEaHZvVkF0TmIiLCJtYWMiOiIxNjRlOGI4MDUxNGYwOWIwMGE1MDJlNGJlZjFmZTY2ZTgyZWJkZThmNDI4OWUwY2YxYzQwOGJjYTk1MjE2YmRjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImNTdFg4dUFtSkd2OWtHbGhrSVZ4OHc9PSIsInZhbHVlIjoiYjJmekU4N05jTmlQRUFaWVh3Q3pPT0ZocFRwNW5McXpualdid3U2d2JXVkNkRlUzRzdCSkNpR0tRODlPb0ExaEpLd3RwMVQ4SUxDV1RUSVNTc2NWZHdxeHZRLzI5Y1JraVBSOHVzdnordUhsREZtU3VMSW5VbWRvb1NVVUxZeWYiLCJtYWMiOiJhY2NmZDc2YWZmZmIzYjRiNmE0ZTViZGRmMTY2NWYxMGU5YjRmZmY3NmMxNTI1ZmRlMzY1NmMwOWMzNzZkODQ1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 02 Jul 2025 23:20:57 GMT
content-type: image/webp
content-length: 1298
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-disposition: inline; filename="ijpKfy5alvNxvVwtT5rMycovqjOVSJIJAQiRT9SqrDvyehQ4W9Uk7gp39SYGx4qYRo3GW3Yeab228"
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=qGVRO8mxm0ywPbuilfv2QjyrkN2H1TfBGi3MlVy%2B0y1y2yGZexmkBkeFgIy7KkXElbPjXDAO%2BPch63qF5UvTE7rdphg4S3Lntvs%3D"}]}
cf-ray: 9591e06ccceb712b-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2088&min_rtt=0&rtt_var=1696&sent=486&recv=158&lost=4&retrans=4&sent_bytes=536817&recv_bytes=39914&delivery_rate=14365570&ss_exit_cwnd=28822&ss_exit_reason=2&cwnd=19951&unsent_bytes=0&cid=401366e0b4621c11&ts=23138&inflight_dur=450&x=40"

GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/d/9591dfe2998b569f/1751498435603/THIU6bmh6M3JuA7

104.18.95.41

200 OK

260 B

URL GET
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/d/9591dfe2998b569f/1751498435603/THIU6bmh6M3JuA7
IP
104.18.95.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
FingerprintFC:98:AC:45:6F:F6:41:18:0B:96:F4:70:AB:D7:E3:D4:3D:B4:66:71
ValidityFri, 27 Jun 2025 18:18:48 GMT - Thu, 25 Sep 2025 19:18:44 GMT

File type
PNG image data, 95 x 26, 8-bit/color RGBA, non-interlaced
Size
260 B (260 bytes)
Hash
efc41c3671c9c68c53c09986690b576c
b2523a99b8a16a909e8f043b7170f95455843444
181ea36770e3fd21089ea435a45b6954e48ec094ea17d93b087b296fd8a39951

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/d/9591dfe2998b569f/1751498435603/THIU6bmh6M3JuA7 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/veggy/0x4AAAAAABApdrPmtMhtCFHl/auto/fbE/new/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 02 Jul 2025 23:20:39 GMT
content-type: image/png
content-length: 260
priority: u=4,i=?0
server: cloudflare
cf-ray: 9591e0002cb4569f-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET urguc4.msyoxvxe.es/56Hqmn6lTicdJRXL6720

104.21.57.248

200 OK

28 kB

URL GET
urguc4.msyoxvxe.es/56Hqmn6lTicdJRXL6720
IP
104.21.57.248:443
ASN
#13335 CLOUDFLARENET

Requested by
https://urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en
Certificate
IssuerGoogle Trust Services
Subjectmsyoxvxe.es
Fingerprint68:E4:97:CA:CE:60:2C:D9:EA:23:38:4E:25:33:39:58:00:7E:AC:67
ValidityMon, 12 May 2025 01:41:38 GMT - Sun, 10 Aug 2025 02:39:18 GMT

File type
ASCII text, with very long lines (28186), with no line terminators
Size
28 kB (28186 bytes)
Hash
a1606fe4c64f4a7649b295a56b8d4b47
ffea9bddd62c0ddfe5f3c314f885da0bc2cf8a1e
8734d2dcfa9c93df3e755660ba1c6bb54ed5fb2a7bfac1b0410d017f11129746

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Tycoon Phishing Kit

HTTP Headers

GET /56Hqmn6lTicdJRXL6720 HTTP/1.1
Host: urguc4.msyoxvxe.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en
Cookie: XSRF-TOKEN=eyJpdiI6IlhBTWJ2WDJGNFNuTkNYL0FsUUE3Q0E9PSIsInZhbHVlIjoiWFZXTUNIUCtqd3VlTzV1Q3RwTnMxMkgxZHB1NzNzQ0pzek5wd3lubFYzMXV3ejhaZlRUTmpjM0ZQWWpIdmh0TVV6cHYwNUhtMEZUbkNTdldFaFM4OWl6QklLMER5cjBYZ0ZOdCtCeWVMa28yR3ZnQXJjcFcvd3JEaHZvVkF0TmIiLCJtYWMiOiIxNjRlOGI4MDUxNGYwOWIwMGE1MDJlNGJlZjFmZTY2ZTgyZWJkZThmNDI4OWUwY2YxYzQwOGJjYTk1MjE2YmRjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImNTdFg4dUFtSkd2OWtHbGhrSVZ4OHc9PSIsInZhbHVlIjoiYjJmekU4N05jTmlQRUFaWVh3Q3pPT0ZocFRwNW5McXpualdid3U2d2JXVkNkRlUzRzdCSkNpR0tRODlPb0ExaEpLd3RwMVQ4SUxDV1RUSVNTc2NWZHdxeHZRLzI5Y1JraVBSOHVzdnordUhsREZtU3VMSW5VbWRvb1NVVUxZeWYiLCJtYWMiOiJhY2NmZDc2YWZmZmIzYjRiNmE0ZTViZGRmMTY2NWYxMGU5YjRmZmY3NmMxNTI1ZmRlMzY1NmMwOWMzNzZkODQ1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 02 Jul 2025 23:20:55 GMT
content-type: text/css;charset=UTF-8
cf-ray: 9591e0620c71712b-OSL
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-disposition: inline; filename="56Hqmn6lTicdJRXL6720"
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=lQv6ip8Iz8Nz2KH9CujGqvsaZ0nedcRy3dRhElZUjxAXT%2Fl8bu3PAw%2BBbFPYCYqB7Vnb1mLhFBOyBoKHK5FTFiejdOCU%2B8HqdGQ%3D"}]}
vary: accept-encoding
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2242&min_rtt=0&rtt_var=2340&sent=435&recv=144&lost=4&retrans=4&sent_bytes=485637&recv_bytes=34436&delivery_rate=14365570&ss_exit_cwnd=28822&ss_exit_reason=2&cwnd=19951&unsent_bytes=0&cid=401366e0b4621c11&ts=21397&inflight_dur=358&x=40"

GET urguc4.msyoxvxe.es/abM9Kaorsbfw1cd30

104.21.57.248

200 OK

36 kB

URL GET
urguc4.msyoxvxe.es/abM9Kaorsbfw1cd30
IP
104.21.57.248:443
ASN
#13335 CLOUDFLARENET

Requested by
https://urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en
Certificate
IssuerGoogle Trust Services
Subjectmsyoxvxe.es
Fingerprint68:E4:97:CA:CE:60:2C:D9:EA:23:38:4E:25:33:39:58:00:7E:AC:67
ValidityMon, 12 May 2025 01:41:38 GMT - Sun, 10 Aug 2025 02:39:18 GMT

File type
ASCII text, with CRLF line terminators
Size
36 kB (35786 bytes)
Hash
38501e3fbbbd89b56aa5ba35de1a32fe
d9b31981b6f834e8480ba28fbc1cff1be772f589
a1ca6b381cb01968851c98512c6e7f6c5309a49f7a16b864813135cbff82a85b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft
urlquery	phishing	Phishing - Tycoon Phishing Kit

HTTP Headers

GET /abM9Kaorsbfw1cd30 HTTP/1.1
Host: urguc4.msyoxvxe.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en
Cookie: XSRF-TOKEN=eyJpdiI6IlhBTWJ2WDJGNFNuTkNYL0FsUUE3Q0E9PSIsInZhbHVlIjoiWFZXTUNIUCtqd3VlTzV1Q3RwTnMxMkgxZHB1NzNzQ0pzek5wd3lubFYzMXV3ejhaZlRUTmpjM0ZQWWpIdmh0TVV6cHYwNUhtMEZUbkNTdldFaFM4OWl6QklLMER5cjBYZ0ZOdCtCeWVMa28yR3ZnQXJjcFcvd3JEaHZvVkF0TmIiLCJtYWMiOiIxNjRlOGI4MDUxNGYwOWIwMGE1MDJlNGJlZjFmZTY2ZTgyZWJkZThmNDI4OWUwY2YxYzQwOGJjYTk1MjE2YmRjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImNTdFg4dUFtSkd2OWtHbGhrSVZ4OHc9PSIsInZhbHVlIjoiYjJmekU4N05jTmlQRUFaWVh3Q3pPT0ZocFRwNW5McXpualdid3U2d2JXVkNkRlUzRzdCSkNpR0tRODlPb0ExaEpLd3RwMVQ4SUxDV1RUSVNTc2NWZHdxeHZRLzI5Y1JraVBSOHVzdnordUhsREZtU3VMSW5VbWRvb1NVVUxZeWYiLCJtYWMiOiJhY2NmZDc2YWZmZmIzYjRiNmE0ZTViZGRmMTY2NWYxMGU5YjRmZmY3NmMxNTI1ZmRlMzY1NmMwOWMzNzZkODQ1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 02 Jul 2025 23:20:55 GMT
content-type: text/css;charset=UTF-8
cf-ray: 9591e0621c72712b-OSL
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-disposition: inline; filename="abM9Kaorsbfw1cd30"
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=x3tPvUGMzlHbaLGQttLkpvlxLGM9b%2BvkK%2BWiNEdsYS0tTOPvHfEiyl1wgE5jZ3gzKpQkW9M7P01%2BYLqvaRy6NmqYzat4DEinqT8%3D"}]}
vary: accept-encoding
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2222&min_rtt=0&rtt_var=2053&sent=442&recv=146&lost=4&retrans=4&sent_bytes=492887&recv_bytes=34529&delivery_rate=14365570&ss_exit_cwnd=28822&ss_exit_reason=2&cwnd=19951&unsent_bytes=0&cid=401366e0b4621c11&ts=21580&inflight_dur=383&x=40"

GET urguc4.msyoxvxe.es/GDSherpa-regular.woff

104.21.57.248

200 OK

37 kB

URL GET
urguc4.msyoxvxe.es/GDSherpa-regular.woff
IP
104.21.57.248:443
ASN
#13335 CLOUDFLARENET

Requested by
https://urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en
Certificate
IssuerGoogle Trust Services
Subjectmsyoxvxe.es
Fingerprint68:E4:97:CA:CE:60:2C:D9:EA:23:38:4E:25:33:39:58:00:7E:AC:67
ValidityMon, 12 May 2025 01:41:38 GMT - Sun, 10 Aug 2025 02:39:18 GMT

File type
Web Open Font Format, TrueType, length 36696, version 1.0
Size
37 kB (36696 bytes)
Hash
a69e9ab8afdd7486ec0749c551051ff2
c34e6aa327b536fb48d1fe03577a47c7ee2231b8
fd78a1913db912221b8ead1e62fad47d1ff0a9fa6cd88d3b128a721ad91d2faf

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft
urlquery	phishing	Phishing - Tycoon Phishing Kit

HTTP Headers

GET /GDSherpa-regular.woff HTTP/1.1
Host: urguc4.msyoxvxe.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://urguc4.msyoxvxe.es/8h0pnye8dr74dc?common/oauth2/v2.0/authorize?client_id=fd338d68b201f-8ae4ec29-e373394f-9d4bf0c4300-df174261a-abb423fca756-b6a537209561&locales=en
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlhBTWJ2WDJGNFNuTkNYL0FsUUE3Q0E9PSIsInZhbHVlIjoiWFZXTUNIUCtqd3VlTzV1Q3RwTnMxMkgxZHB1NzNzQ0pzek5wd3lubFYzMXV3ejhaZlRUTmpjM0ZQWWpIdmh0TVV6cHYwNUhtMEZUbkNTdldFaFM4OWl6QklLMER5cjBYZ0ZOdCtCeWVMa28yR3ZnQXJjcFcvd3JEaHZvVkF0TmIiLCJtYWMiOiIxNjRlOGI4MDUxNGYwOWIwMGE1MDJlNGJlZjFmZTY2ZTgyZWJkZThmNDI4OWUwY2YxYzQwOGJjYTk1MjE2YmRjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImNTdFg4dUFtSkd2OWtHbGhrSVZ4OHc9PSIsInZhbHVlIjoiYjJmekU4N05jTmlQRUFaWVh3Q3pPT0ZocFRwNW5McXpualdid3U2d2JXVkNkRlUzRzdCSkNpR0tRODlPb0ExaEpLd3RwMVQ4SUxDV1RUSVNTc2NWZHdxeHZRLzI5Y1JraVBSOHVzdnordUhsREZtU3VMSW5VbWRvb1NVVUxZeWYiLCJtYWMiOiJhY2NmZDc2YWZmZmIzYjRiNmE0ZTViZGRmMTY2NWYxMGU5YjRmZmY3NmMxNTI1ZmRlMzY1NmMwOWMzNzZkODQ1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 02 Jul 2025 23:20:55 GMT
content-type: font/woff
content-length: 36696
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-disposition: inline; filename="GDSherpa-regular.woff"
cf-cache-status: HIT
last-modified: Wed, 02 Jul 2025 21:22:02 GMT
accept-ranges: bytes
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=w%2BegzuCIpwPlBb5W4%2BNnyZCFRhdgCvSkhPUg5iiVkhtzyIG061bVo0qUyLNUSNylO20CI0g1RmVoNLokwvEFtUtcOjDowtUr8mg%3D"}]}
age: 7133
cache-control: max-age=14400
cf-ray: 9591e0625c76712b-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1347&min_rtt=0&rtt_var=552&sent=279&recv=120&lost=4&retrans=4&sent_bytes=295920&recv_bytes=21772&delivery_rate=14365570&ss_exit_cwnd=28822&ss_exit_reason=2&cwnd=19951&unsent_bytes=0&cid=401366e0b4621c11&ts=21037&inflight_dur=289&x=40"

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (170)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML