heliatoras.gr/officeap/faxxx/mqxo/bHdAcGh4Y2FwaXRhbGdyb3VwLmNvbQ==
95.217.126.106 0 B URL heliatoras.gr/officeap/faxxx/mqxo/bHdAcGh4Y2FwaXRhbGdyb3VwLmNvbQ==
IP 95.217.126.106:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft Outlook
GET /officeap/faxxx/mqxo/bHdAcGh4Y2FwaXRhbGdyb3VwLmNvbQ== HTTP/1.1
Host: heliatoras.gr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 21:56:38 GMT
Server: Apache
refresh: 0;url=https://8700fa55.5b9152b535ba1f6f4629776b.workers.dev/?qrc=lw@phxcapitalgroup.com
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
8700fa55.5b9152b535ba1f6f4629776b.workers.dev/?qrc=lw@phxcapitalgroup.com
188.114.96.1200 OK 3.3 kB URL User Request GET HTTP/2 8700fa55.5b9152b535ba1f6f4629776b.workers.dev/?qrc=lw@phxcapitalgroup.com
IP 188.114.96.1:443
Certificate IssuerGoogle Trust Services LLC
Subject5b9152b535ba1f6f4629776b.workers.dev
FingerprintD9:E8:1E:60:6A:4E:C0:2C:A6:00:B2:32:69:B9:8D:FF:D6:5C:DA:7E
ValidityWed, 29 Nov 2023 14:37:08 GMT - Tue, 27 Feb 2024 14:37:07 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3271), with no line terminators
Hash a73efca3e48d87594279e7830639e97c
d370754b76386a15abb63ac7560702605dad2514
a1b37825d9c17bed0118594c80b510c4283d436d5f8c2d775773f1a9d4230e9c
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft Outlook
GET /?qrc=lw@phxcapitalgroup.com HTTP/1.1
Host: 8700fa55.5b9152b535ba1f6f4629776b.workers.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 21:56:39 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xgDlxpEdjpkCgwurqvcQHJv4NyfFrtQJ8797tqzE1sW7Ta%2FU8Lcr4T1f3UejzcpcLRwtRd%2BTkQFDfUHiHl4rlThPBRHf01Pn2GPTUilIZuy59qIidOcgv5dOoYJs%2BJu7sXL793Tv5tKJ7Vtq5EhNJkiENjMRyPGeNEqP9b3ALFE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83074cf13eb256c1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/83074cf4b923b51b/1701727000156/kIh6gyLF7-SZGNp
104.17.2.184200 OK 61 B URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/83074cf4b923b51b/1701727000156/kIh6gyLF7-SZGNp
IP 104.17.2.184:443
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/a95rz/0x4AAAAAAAN2eaxTJGN9gGJh/auto/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File type PNG image data, 48 x 19, 8-bit/color RGB, non-interlaced\012- data
Hash 50f3c3ee0a85f64cb38462954be929c6
2852a9b1d832f5903f2bfe734a4564e64e1969e9
1243d5c4d2346d516382c8fc33f9fd8ff9e5d30c453c884df2addbba24136d03
GET /cdn-cgi/challenge-platform/h/b/i/83074cf4b923b51b/1701727000156/kIh6gyLF7-SZGNp HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/a95rz/0x4AAAAAAAN2eaxTJGN9gGJh/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 21:56:40 GMT
content-type: image/png
server: cloudflare
cf-ray: 83074cfbbf6cb51b-OSL
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/891491746:1701724225:k1cyyuh0QyjWAC24zXGqvbhHW2ldg6d31QcqVNUd2gs/83074cf4b923b51b/b9f89887e1e3176
104.17.2.184200 OK 18 kB URL POST HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/891491746:1701724225:k1cyyuh0QyjWAC24zXGqvbhHW2ldg6d31QcqVNUd2gs/83074cf4b923b51b/b9f89887e1e3176
IP 104.17.2.184:443
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/a95rz/0x4AAAAAAAN2eaxTJGN9gGJh/auto/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File type ASCII text, with very long lines (17848), with no line terminators
Hash 3584942def4032df17f92ad7046f06a6
1d859f17e87fb9e25032a9c3fa30dc0e89754f5e
3000a0f22cf8acc937007157bbdd7c20eed457bda7ef329fa843c1a71364ae3c
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/891491746:1701724225:k1cyyuh0QyjWAC24zXGqvbhHW2ldg6d31QcqVNUd2gs/83074cf4b923b51b/b9f89887e1e3176 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/a95rz/0x4AAAAAAAN2eaxTJGN9gGJh/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: b9f89887e1e3176
Content-Length: 25705
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 21:56:42 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: 59yFsQ0LlX9OO2w+jXNdXD/QVNoPHYM7Dg0Rt1kdgFH0nyr9cReLABRtV87Gsexb$1UegQOjfc7uT8VWnzArXYA==
server: cloudflare
cf-ray: 83074d02ce12b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/turnstile/v0/b/56d3063b/api.js?onload=onloadTurnstileCallback
104.17.2.184200 OK 34 kB URL GET HTTP/3 challenges.cloudflare.com/turnstile/v0/b/56d3063b/api.js?onload=onloadTurnstileCallback
IP 104.17.2.184:443
Requested by https://8700fa55.5b9152b535ba1f6f4629776b.workers.dev/?qrc=lw@phxcapitalgroup.com
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File type ASCII text, with very long lines (33875)
Hash 8c90f391245a994ae95e644a587c8626
7bfc99336571d0ccfe38f9e1d18cb26b4adfc316
acbe221d9bb71e85d0a3b52a7a9d44ee4669ab664186b32d0c737a2be62681e7
GET /turnstile/v0/b/56d3063b/api.js?onload=onloadTurnstileCallback HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://8700fa55.5b9152b535ba1f6f4629776b.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 21:56:39 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 83074cf39ff2b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
8700fa55.5b9152b535ba1f6f4629776b.workers.dev/favicon.ico
188.114.96.1200 OK 3.3 kB URL GET HTTP/3 8700fa55.5b9152b535ba1f6f4629776b.workers.dev/favicon.ico
IP 188.114.96.1:443
Requested by https://8700fa55.5b9152b535ba1f6f4629776b.workers.dev/?qrc=lw@phxcapitalgroup.com
Certificate IssuerGoogle Trust Services LLC
Subject5b9152b535ba1f6f4629776b.workers.dev
FingerprintD9:E8:1E:60:6A:4E:C0:2C:A6:00:B2:32:69:B9:8D:FF:D6:5C:DA:7E
ValidityWed, 29 Nov 2023 14:37:08 GMT - Tue, 27 Feb 2024 14:37:07 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3271), with no line terminators
Hash a73efca3e48d87594279e7830639e97c
d370754b76386a15abb63ac7560702605dad2514
a1b37825d9c17bed0118594c80b510c4283d436d5f8c2d775773f1a9d4230e9c
GET /favicon.ico HTTP/1.1
Host: 8700fa55.5b9152b535ba1f6f4629776b.workers.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8700fa55.5b9152b535ba1f6f4629776b.workers.dev/?qrc=lw@phxcapitalgroup.com
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 21:56:39 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=30A8ay4QzGdDSwU%2Fnk%2Fw0A8wv%2BuTJRsXnxkqYGHAUFXTA6eL3Ot1v9LFdYko3c00di7rorjLzIZ8iGdFORZ9R4f2L4KFiFomDbaL7SHA9OuoumB5RgPA7aLbQK9MHGrFnymlpcritDjC3Q3M%2FTUiIel6wB1%2FjGJ5%2BAsebACQ7b4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83074cf48ef0b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=83074cf4b923b51b
104.17.2.184200 OK 169 kB URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=83074cf4b923b51b
IP 104.17.2.184:443
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/a95rz/0x4AAAAAAAN2eaxTJGN9gGJh/auto/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 169 kB (169267 bytes)
Hash bd56636f59b6dcc59a1a56584b5c4b68
77d2bdbf704477c0d75c590b7de60b1c8e973b79
c6bc418547e1540acc6fe888fceeaa43a0fb75b50146ed37ef3a3ef548b40f14
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=83074cf4b923b51b HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/a95rz/0x4AAAAAAAN2eaxTJGN9gGJh/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 21:56:39 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: cloudflare
cf-ray: 83074cf589c7b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/891491746:1701724225:k1cyyuh0QyjWAC24zXGqvbhHW2ldg6d31QcqVNUd2gs/83074cf4b923b51b/b9f89887e1e3176
104.17.2.184200 OK 113 kB URL POST HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/891491746:1701724225:k1cyyuh0QyjWAC24zXGqvbhHW2ldg6d31QcqVNUd2gs/83074cf4b923b51b/b9f89887e1e3176
IP 104.17.2.184:443
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/a95rz/0x4AAAAAAAN2eaxTJGN9gGJh/auto/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 113 kB (112940 bytes)
Hash 0dec012582f5aad69dac9c91d586a27d
a58d097e3df1d3969b2f6182b869cf93099ba67f
f999ecce25336bcd56a3958d30bc6f6d541d062219692ed3d5d188863fafbf04
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/891491746:1701724225:k1cyyuh0QyjWAC24zXGqvbhHW2ldg6d31QcqVNUd2gs/83074cf4b923b51b/b9f89887e1e3176 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/a95rz/0x4AAAAAAAN2eaxTJGN9gGJh/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: b9f89887e1e3176
Content-Length: 2533
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 21:56:40 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: 6yF3/tO/Ql0p1eZ9TJX9vbCJNYxx9uav9KIUHyqDIHg4u8Cc6+OIOR/HO7btZR1ioDpJt2J810ijeBwAsb2k98znFev1xk/BhuvKpIbxmcId679HW5gaRFAqBy+SHvWDRwDTSzu4f499Ftt3XRf/dGyn15ZpGE5djGiM5ZveMhMrmFlY49NpiOj7WVBCwYQOKpuEwEjd691G8tK/0KHtawKcPvkKw2m1uREMzOSVjFCgT5TmfO+VunSZlpq5dBlflw9m9guHr0+LSkB5KROA9h8rbxtti5BPYLkwIXSBo1I5NYLhNVmIvlOwlWr8K04BFPuCk9xSAZ/4nDvDMmFvToyu9aNdlhCYDuaM/yoyF5Heixw5FxmCBS5pILFxsKlOG2ZknpLqpfYdce3JSFOnFpG9tKcYsw1s4VVvxiQvqyr7IOighzUb6OE2x+8SdXt17AqEWJtnyybgKqKlnu8WPMQVnvjo3+S4pWdkKhbPQK82rov3fiMPruB7JLbKR0HxfxUhEIgbdf4ofaPdgfvIwQ==$i06hEYtuJ++5gavF31/Wcw==
server: cloudflare
cf-ray: 83074cf6eb55b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/83074cf4b923b51b/1701727000162/7a1f4f2bbe34add075a3628835375bb0aca872bc6adf95b7b7cdaabfd3f4082f/Ud_OYdfL_s4L9Pv
104.17.2.184401 Unauthorized 1 B URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/83074cf4b923b51b/1701727000162/7a1f4f2bbe34add075a3628835375bb0aca872bc6adf95b7b7cdaabfd3f4082f/Ud_OYdfL_s4L9Pv
IP 104.17.2.184:443
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/a95rz/0x4AAAAAAAN2eaxTJGN9gGJh/auto/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File type very short file (no magic)
Hash ff44570aca8241914870afbc310cdb85
58668e7669fd564d99db5d581fcdb6a5618440b5
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
GET /cdn-cgi/challenge-platform/h/b/pat/83074cf4b923b51b/1701727000162/7a1f4f2bbe34add075a3628835375bb0aca872bc6adf95b7b7cdaabfd3f4082f/Ud_OYdfL_s4L9Pv HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/a95rz/0x4AAAAAAAN2eaxTJGN9gGJh/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 401 Unauthorized
date: Mon, 04 Dec 2023 21:56:41 GMT
content-type: text/plain; charset=UTF-8
www-authenticate: PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20geh9PK740rdB1o2KINTdbsKyocrxq35W3t82qv9P0CC8AGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEApsOXvs4inomvHEEJWeAmbewj10vTdOMUJh5YooYpzkcTFx8O1fGckZDmN__WSsDanz_dK-uZ_ETYKIumajyX7F3zXM4AXeZC2iYL_e3-Pi1TmaGIMJZdPWVVC9cf8AFwX7fRkcgCHxky-BRBi2T8ry--e2NK119BZC3f1t7LwQTVpP1LL3UYxZNFWJTGISYzuWNO5NvmWgGr2V4bint7BqWVsBG5VguykSCXBQX0WyMxge5W5z-tspRPjpXtc35sgdq737t6ATIZ2BVH0nyYaECjgMbN-BY6w9Y_jz03Ce0StP3YSZijpo1lfW2_lIX3SvsNX-SYCOkZ-9685ZUBSQIDAQAB, max-age=20, PrivateToken challenge=AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIHofTyu-NK3QdaNiiDU3W7CsqHK8at-Vt7fNqr_T9AgvABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAyAcIyqXWj0XAym0z5V844rFA0WOzLVwj0uCwmVj6zC4qOH40oBiGHrMNMBnDyk95jvnBAuHeEs855e7nA4l4DPJ4jUWKZbua8BxGAzjn74A1BV81a52F1zvBPUm-VEJXPAPXQehXphSv51uR7HKtfcM5oaS33TGDSy-6xv0r84xjMuTBvwPgXGehxpi1MCGGE5yWkzKN5Zzllk7m6Nkiv6learV-Uz7tzaoPbdZkBk1bFXxm2q07jWavoBZ-JEuEJyjQ00PSTz2Zjpbct6AlR3eCS9sbmXtb5XxSs7JMsvoa8uojD7a5m2SEJIwaf8xKL6wtxkaPonUfvsLj4JoJZQIDAQAB, max-age=20
server: cloudflare
cf-ray: 83074cfd38acb51b-OSL
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback
104.17.2.184302 Found 34 kB URL GET HTTP/2 challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback
IP 104.17.2.184:443
Requested by https://8700fa55.5b9152b535ba1f6f4629776b.workers.dev/?qrc=lw@phxcapitalgroup.com
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8700fa55.5b9152b535ba1f6f4629776b.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Mon, 04 Dec 2023 21:56:39 GMT
location: /turnstile/v0/b/56d3063b/api.js?onload=onloadTurnstileCallback
access-control-allow-origin: *
cache-control: max-age=300, public
vary: accept-encoding
server: cloudflare
cf-ray: 83074cf328a2b500-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/a95rz/0x4AAAAAAAN2eaxTJGN9gGJh/auto/normal
104.17.2.184200 OK 73 kB URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/a95rz/0x4AAAAAAAN2eaxTJGN9gGJh/auto/normal
IP 104.17.2.184:443
Requested by https://8700fa55.5b9152b535ba1f6f4629776b.workers.dev/?qrc=lw@phxcapitalgroup.com
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (40091)
Hash e5b61393cc736ed04ad67a2992fda2c1
4c7c653252af78182e31f27d48c6f0798f7e7732
b924532a14304246043e9ae25f49b2b834d1cdcb5c4013bded188927e85538f9
GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/a95rz/0x4AAAAAAAN2eaxTJGN9gGJh/auto/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8700fa55.5b9152b535ba1f6f4629776b.workers.dev/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 21:56:39 GMT
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
cf-ray: 83074cf4b923b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/ew4g0I%2FZYomJh1e75pupA0WLfHDXy%2FQKEyLTEDfnNN8%3D
104.17.2.184200 OK 61 B URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/ew4g0I%2FZYomJh1e75pupA0WLfHDXy%2FQKEyLTEDfnNN8%3D
IP 104.17.2.184:443
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/a95rz/0x4AAAAAAAN2eaxTJGN9gGJh/auto/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File type PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced\012- data
Hash 9246cca8fc3c00f50035f28e9f6b7f7d
3aa538440f70873b574f40cd793060f53ec17a5d
c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84
GET /cdn-cgi/challenge-platform/h/b/cmg/1/ew4g0I%2FZYomJh1e75pupA0WLfHDXy%2FQKEyLTEDfnNN8%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/a95rz/0x4AAAAAAAN2eaxTJGN9gGJh/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 21:56:39 GMT
content-type: image/png
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 83074cf589c6b51b-OSL
alt-svc: h3=":443"; ma=86400