Report - redirect.viglink.com/?format=go&jsonp=vglnk_1528334718170259&key=172579b97fa4d5e8c1a3c2918a03e499&libId=ji37348e01012xfz000DA40uyjt16&loc=jamestowndeals.com/rq3dv?q=Blumenau&btnG=Pesquisar&v=1&out=jannanddl.com/aadmin/860387255806435580421707015687330a07771e19894b0a8aea2ea73c17f929/ZGF2ZS5idXJrYXJkQHNsdXJwbWFpbC5uZXQ=

Report Overview

Visited public
2025-05-28 17:40:32
Tags
phishing nakedpages
Submit Tags
URL
redirect.viglink.com/?format=go&jsonp=vglnk_1528334718170259&key=172579b97fa4d5e8c1a3c2918a03e499&libId=ji37348e01012xfz000DA40uyjt16&loc=jamestowndeals.com/rq3dv?q=Blumenau&btnG=Pesquisar&v=1&out=jannanddl.com/aadmin/860387255806435580421707015687330a07771e19894b0a8aea2ea73c17f929/ZGF2ZS5idXJrYXJkQHNsdXJwbWFpbC5uZXQ=
Finishing URL
otpurn.com/mail/
IP / ASN
34.251.214.4
#16509 AMAZON-02
Title
sr2bdq9gvb
Phishing - NakedPages Phishing Kit

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
login.microsoftonline.com	25	2002-07-09	2017-02-19	2025-05-28	1.0 kB	4.3 kB	20.190.181.6
res-1.cdn.office.net	1093	1994-11-14	2020-12-08	2025-05-22	541 B	38 kB	23.36.76.120
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20	2025-05-28	7.3 kB	508 kB	104.18.95.41
otpurn.com	unknown	unknown	No data	No data	2.7 kB	44 kB	196.251.85.17
jannanddl.com	unknown	unknown	No data	No data	506 B	293 B	51.79.72.226
5f3050f6.1a90ef4bd33032bbd4554830.workers.dev	unknown	2019-02-08	2025-05-28	2025-05-28	1.1 kB	15 kB	172.67.154.102
praivosecurity.com	unknown	2025-03-12	2025-05-28	2025-05-28	1.3 kB	861 B	196.251.85.17
res.public.onecdn.static.microsoft	unknown	2023-05-05	2024-03-21	2025-05-22	12 kB	12 MB	23.36.76.179
redirect.viglink.com	37247	2008-12-17	2012-09-09	2025-05-24	787 B	331 B	52.16.229.40

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2025-05-28 17:39:51	low	Client IP	172.67.154.102	ET INFO Observed Cloudflare workers.dev Domain in TLS SNI
2025-05-28 17:40:06	medium	196.251.85.17	Client IP	ET DROP Spamhaus DROP Listed Traffic Inbound group 40
2025-05-28 17:40:08	low	Client IP	192.0.78.27	ETPRO INFO Referer Obfuscation/Hiding Service Domain (href .li in TLS SNI)

Threat Detection Systems

Public InfoSec YARA rules

Scan Date	Severity	Indicator	Alert
2025-05-28	medium	res.public.onecdn.static.microsoft/owamail/20250516009.14/resources/suiteux-shell/js/suiteux.shell.plus.js	Detect files is `SliverFox` malware

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (61)

	URL	From	Size	First Seen	Last Seen
	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-25
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-25 04:05 Times Seen430095 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-25
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-25 04:05 Times Seen430095 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-25
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-25 04:05 Times Seen430095 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-25
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-25 04:05 Times Seen430095 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-25
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-25 04:05 Times Seen430095 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-05-28	2025-05-28
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-05-28 17:40 Last Seen2025-05-28 17:40 Times Seen1 Hash 0f8a722a19a7025103426ff67f69f2ce 3a954c27ad0d7347837b5114e4889e867723f409 03a3d8f29cfb930404ffe68059f5b88741810be05f1bf40dee495df7c3e9db81 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-25
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-25 04:05 Times Seen430095 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	otpurn.com/mail/?login_hint=dave.burkard%40slurpmail.net	ScriptElement	293 B	2025-05-05	2025-07-24
Pretty URL otpurn.com/mail/?login_hint=dave.burkard%40slurpmail.net IP 196.251.85.17 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-05 19:45 Last Seen2025-07-24 17:56 Times Seen570 Hash 276660cec535bb7beface6db248d2fdb d81d43b88403cdcf657b1ce136b512f651ca8938 c8b623dcc7ec9f656785611271b4fc801e008f590dad963e9937b1ec1e75f4bc Loading...

	res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.mailindex.487dd620.js	ScriptElement	369 kB	2025-05-22	2025-06-11
Pretty URL res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.mailindex.487dd620.js IP 23.36.76.179 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-22 15:57 Last Seen2025-06-11 12:03 Times Seen80 Hash 7fb53aeaaa359f5305fb8722fa3b8c72 3b15cad3290099999da3e6e005841663dd303cdb a106c906fe36bd13c2bbf8b7bef00ba9c3f39781a174c612cab03cb73a283c86 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-05-28	2025-05-28
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-05-28 17:40 Last Seen2025-05-28 17:40 Times Seen1 Hash 8295be8fd42b7a0430307b1f8236c37d 11deb39441c99c324b6e04c7754caa9e0d363bdf 13f0020451b692689420b4b015306fa1f6a37b9e5aa243e3bd3e13590362dde5 Loading...

	res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.36255.m.85592bef.js	ScriptElement	18 kB	2025-05-14	2025-07-01
Pretty URL res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.36255.m.85592bef.js IP 23.36.76.179 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-14 17:00 Last Seen2025-07-01 06:38 Times Seen257 Hash 07fbf5b4834cc35cd83b3f8fad1abd58 997308e5c5b2f8ef8bc663e9a70e6dc9479d5f9d 2a04686df1e38c21b160bfc6a40a11db7dd35e3208a69679cfb1dc4813ccb3de Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-25
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-25 04:05 Times Seen430095 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-25
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-25 04:05 Times Seen430095 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-25
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-25 04:05 Times Seen430095 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-05-28	2025-05-28
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-05-28 17:40 Last Seen2025-05-28 17:40 Times Seen1 Hash c2df4b181d07d919b4a1aa093b457823 6eab4242e2e269f6ff5a1fe654f13d24d253e48a a84ebcf093f5b58f683c7d6f714646514e27c346778870acb6a8e1f2e2c26392 Loading...

	res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.94868.m.95e1be97.js	ScriptElement	301 kB	2025-05-21	2025-07-01
Pretty URL res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.94868.m.95e1be97.js IP 23.36.76.179 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-21 14:12 Last Seen2025-07-01 06:38 Times Seen256 Hash 594603948c8deae5eb49e47227625875 b8d251ac9faeb52637ee3e47362de05e44cdfc3f 085d1d2151db80b2fee87697b9fac5366d3002a0bc807afd507c683c547f5801 Loading...

	data:text/javascript;base64,ZnVuY3Rpb24gYygpe2lmKCFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuYiIpIHx8ICFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuZyIpKXtkb2N1bWVudC5oZWFkLmFwcGVuZENoaWxkKE9iamVjdC5hc3NpZ24oZG9jdW1lbnQuY3JlYXRlRWxlbWVudCgiZGl2Iikse2NsYXNzTGlzdDpbImIiXX0pKTtkb2N1bWVudC5kb2N1bWVudEVsZW1lbnQuc3R5bGUuZmlsdGVyPSJodWUtcm90YXRlKDRkZWcpIjtkb2N1bWVudC5oZWFkLmFwcGVuZENoaWxkKE9iamVjdC5hc3NpZ24oZG9jdW1lbnQuY3JlYXRlRWxlbWVudCgiZGl2Iikse2NsYXNzTGlzdDpbImciXX0pKTtzZXRUaW1lb3V0KGMsMWUzKX19YygpOwo=	ScriptElement	341 B	2023-10-02	2025-07-24
Pretty URL data:text/javascript;base64,ZnVuY3Rpb24gYygpe2lmKCFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuYiIpIHx8ICFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuZyIpKXtkb2N1bWVudC5oZWFkLmFwcGVuZENoaWxkKE9iamVjdC5hc3NpZ24oZG9jdW1lbnQuY3JlYXRlRWxlbWVudCgiZGl2Iikse2NsYXNzTGlzdDpbImIiXX0pKTtkb2N1bWVudC5kb2N1bWVudEVsZW1lbnQuc3R5bGUuZmlsdGVyPSJodWUtcm90YXRlKDRkZWcpIjtkb2N1bWVudC5oZWFkLmFwcGVuZENoaWxkKE9iamVjdC5hc3NpZ24oZG9jdW1lbnQuY3JlYXRlRWxlbWVudCgiZGl2Iikse2NsYXNzTGlzdDpbImciXX0pKTtzZXRUaW1lb3V0KGMsMWUzKX19YygpOwo= IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-02 01:17 Last Seen2025-07-24 17:56 Times Seen42342 Hash d6f18bfe02b31db3664d5d27f03ea142 aae6f850e8ea4ff74dcd6213ad6a4565cbd6802e 90682803943448f3acffc81014c87fdd71f30d8cf97335fcea451fac1e568221 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/	Eval	1.0 kB	2025-05-28	2025-05-28
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-05-28 17:40 Last Seen2025-05-28 18:36 Times Seen5 Hash 3b8dcb71a963cea32541f0e727b688c5 b9694f937712488ef70ffb0c081429d72e34f56d e0608e523cdfbca85b01d2c08a938394f7557d80a28a23c88262d29b252fda92 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-25
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-25 04:05 Times Seen430095 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/	Eval	1.0 kB	2025-03-02	2025-07-25
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-03-02 18:12 Last Seen2025-07-25 04:05 Times Seen50783 Hash 6934d9d33cd2d0c005994e7d96d2e0d9 96d89030c1473585f16ec7a52050b410e44dd332 08c9b52f61fadf1eff6fb89169f1735fbae7bb583b23cb119d0e1a0151bac952 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-25
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-25 04:05 Times Seen430095 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-25
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-25 04:05 Times Seen430095 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-05-28	2025-05-28
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-05-28 17:40 Last Seen2025-05-28 17:40 Times Seen1 Hash be31b802d3402321135e0a001bcc350f b7f2cd5b52d85e1f0e6c63ff129309b7d8e235b3 0c170c690a9b750f2e2d60606c4bb10e64e1aefa764072cbf9bff95d5cd57b4d Loading...

	res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.27755.m.d33f0608.js	ScriptElement	19 kB	2025-05-14	2025-06-11
Pretty URL res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.27755.m.d33f0608.js IP 23.36.76.179 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-14 17:00 Last Seen2025-06-11 12:03 Times Seen91 Hash 109a568b4158d80c9b82b9c0a785e17b 2d48a8676b1a4b0c2289fc3d3ab4c7b393a54404 3dc80f180de52faec5d92263c8085e9e63fb7fde2bef00ee3990a85ffb2979d7 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=946f88a70d9d56b1&lang=auto	ScriptElement	114 kB	2025-05-28	2025-05-28
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=946f88a70d9d56b1&lang=auto IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-28 17:40 Last Seen2025-05-28 17:40 Times Seen1 Hash 4d9ae33f9b981cadedd8883e538c789e c9dd5f64535181c8f30c53288f16e855dd9c9ec9 1174d7310e1dd68a6134ceb3e993a077ff919f06975e6b18ef0c7deb1c10d663 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-25
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-25 04:05 Times Seen430095 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-05-28	2025-05-28
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-05-28 17:40 Last Seen2025-05-28 17:40 Times Seen1 Hash b667c01a3839ed3bd80e4a02f937bee6 cb6240ec75ab367b6766c0c723cb9e84f16da3a6 0d76400910e37873063aa85d5e67ce464719943b92e50397cb4452409989c26c Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/	ScriptElement	4.6 kB	2025-05-28	2025-05-28
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-28 17:40 Last Seen2025-05-28 17:40 Times Seen1 Hash a85c4f814cf54d6d805dd5f181b3ccea 7e781021599a63a577bbe0f8f0eca5051ce2b0b0 579d3969dcbe946640154a4aecb791a18ccb7d6395b5bbb3a56d40f334d599fd Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-25
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-25 04:05 Times Seen430095 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-05-28	2025-05-28
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-05-28 17:40 Last Seen2025-05-28 17:40 Times Seen1 Hash 3932a0191175ed792184cdf1ceec51b3 b3cf577ccaf059b46ee1e7dc0e3228117150e434 bfa1297f6fa349fa0966761d0b52dc5ad7d5d808cc04636ed48aa08001a0a75f Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-25
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-25 04:05 Times Seen430095 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-25
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-25 04:05 Times Seen430095 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-25
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-25 04:05 Times Seen430095 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-05-28	2025-05-28
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-05-28 17:40 Last Seen2025-05-28 17:40 Times Seen1 Hash f981317d84db10d15d6f6f20869413ac ba38803baab123c0ed8147d4f399220586324889 d082d1a13eb623b7f712e9ca3746f2f32e4ba8a1be61ed88fd723046175204a3 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-05-28	2025-05-28
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-05-28 17:40 Last Seen2025-05-28 17:40 Times Seen1 Hash 2aeb7c1c630406f3ae018864b3927f50 d250cc52dfb3d30dcf5c917370734fa4dd755bf7 d04533a95b44500d4920c510543eb71b130802e7a06458fe7d259388e1549d51 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-05-28	2025-05-28
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-05-28 17:40 Last Seen2025-05-28 17:40 Times Seen1 Hash 7f40b067814652ae4363455149d480dd ed0954eefb1b5ab573162b3032c46fc184563341 9960b197ba78ce73da1e19809355ea1bec3b188a6d969d075443506d6641142c Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-05-28	2025-05-28
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-05-28 17:40 Last Seen2025-05-28 17:40 Times Seen1 Hash 7fd33ce42cb2371e06fb3d0e4e02095b 686ef9957d9c9fb26e561108ccd0a7cecb1225ef 3460ea13b81218e44b14e1e24bda5bf66b8aa5a8f1c0adb8515057fe082f67de Loading...

	5f3050f6.1a90ef4bd33032bbd4554830.workers.dev/?email=dave.burkard@slurpmail.net	ScriptElement	2.6 kB	2025-05-28	2025-05-28
Pretty URL 5f3050f6.1a90ef4bd33032bbd4554830.workers.dev/?email=dave.burkard@slurpmail.net IP 172.67.154.102 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-28 17:40 Last Seen2025-05-28 17:40 Times Seen2 Hash 7d4b02575fae10caa6e1bd259a26da5b 35854d1fa4b23bc6be7d31c487ac2e5c5113ba87 74ba88b910773cc44dc1493806fcb7ab4ff43efc9e615196c047fe16d3798fe5 Loading...

	challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback	ScriptElement	48 kB	2025-05-13	2025-06-03
Pretty URL challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-13 14:11 Last Seen2025-06-03 19:41 Times Seen7393 Hash 3946a8b345d6020f3f424ae5f37e818f 27267dd319814b647f04bfe0ae09e1ca51ddc896 a7fdcf655a6349724c367f366c852b2e0309e9ad7a25b376df82a48e1dd98482 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-25
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-25 04:05 Times Seen430095 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-05-28	2025-05-28
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-05-28 17:40 Last Seen2025-05-28 17:40 Times Seen1 Hash 99a38e1106f80216afa5a7e8195b812e 3eb054304834019641a31c45782cdfb28e252ef2 24ac229b6c2a01c66bce337f1b0c89fcbd1725b91a5d039989a23a2cfd109b06 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-05-28	2025-05-28
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-05-28 17:40 Last Seen2025-05-28 17:40 Times Seen1 Hash c896b94a01e6f04b8fa0920568431a88 c12b84db0ef8b247fc91a5a853c1f6a287ee03a1 61883b73882cb6675aa874175d438942a7c58735531bf3834da6421dbbabbd6b Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-05-28	2025-05-28
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-05-28 17:40 Last Seen2025-05-28 17:40 Times Seen1 Hash 4c172520d2055922c91993b1204d2fe1 4c7cc800ab730b55be54362b83c3c7d8355ffe8e f0c46bf259c4523edc961398df28fd22d2f38c9906d0e8ab9ed2e76b6247f034 Loading...

	res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.MsalAuth.m.4006ac62.js	ScriptElement	23 kB	2025-05-23	2025-06-11
Pretty URL res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.MsalAuth.m.4006ac62.js IP 23.36.76.179 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-23 21:53 Last Seen2025-06-11 12:03 Times Seen139 Hash b641973a3a369d7ba27ecf23d5f6ddad 170127cd6848adf9d62e5f74c4a71f1019c0651b 48c91ea308b0bd1851ce17bb8f1df433a787c2ccc8a4a5db20d96724cccbc5b9 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-25
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-25 04:05 Times Seen430095 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-25
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-25 04:05 Times Seen430095 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-05-28	2025-05-28
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-05-28 17:40 Last Seen2025-05-28 17:40 Times Seen1 Hash 2583faee92409fb59fd89ebcb0c7ecb7 92d20fc2c15c94951bd5dbbc05ed0116d53d5243 0e6a886324c5a7c55de7d126c7e5193b8f58e6e4c8aa457cc0b4bb5c8ec90d8e Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-05-28	2025-05-28
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-05-28 17:40 Last Seen2025-05-28 17:40 Times Seen1 Hash 3203466b5b4071314f4574a3cd5a886d 4d337c1341a594875abd72ba9d572172b5dca955 358509f20fee2fb0546d9a1a1b86b96624954d82165d70b0bac7e1dcbdfc8231 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/	Eval	1.0 kB	2025-03-02	2025-07-25
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-03-02 18:12 Last Seen2025-07-25 04:05 Times Seen50783 Hash 6934d9d33cd2d0c005994e7d96d2e0d9 96d89030c1473585f16ec7a52050b410e44dd332 08c9b52f61fadf1eff6fb89169f1735fbae7bb583b23cb119d0e1a0151bac952 Loading...

	res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.AppBoot.m.41f7c64e.js	ScriptElement	1.9 MB	2025-05-21	2025-06-11
Pretty URL res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.AppBoot.m.41f7c64e.js IP 23.36.76.179 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-21 14:12 Last Seen2025-06-11 12:03 Times Seen85 Hash 96c0fd2b17d4db73154832168d3f7d48 01df63e4770efca8eae11b2a10ba9c2a61840c96 03767db2b2f9cdcce4152d7782a7f2bebb47a392f6db39c4e8c5e19a0b59ff30 Loading...

	res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.36078.m.e76f2ec9.js	ScriptElement	2.8 MB	2025-05-21	2025-06-11
Pretty URL res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.36078.m.e76f2ec9.js IP 23.36.76.179 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-21 14:12 Last Seen2025-06-11 12:03 Times Seen87 Hash 52d6a027aa667c30e83d1a717607564c 0f824c023ae837c13415db42ef74f0783823f03e 9ddfa12bedf1da4d75b2e08c5c64a5ae0b50e74a37bc7d927a0a7d09854e8a78 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-25
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-25 04:05 Times Seen430095 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-05-28	2025-05-28
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-05-28 17:40 Last Seen2025-05-28 17:40 Times Seen1 Hash bb65d9a45ca9441dc434c1bf03fc0cdc ad14e0e7d3a459e59e0e30c10acfa51d410ba731 3e2c5ff3cbbf601c27de2934f9b1ebc5579e61c6d37ce88eb190ccfb11f58b6c Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-05-28	2025-05-28
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-05-28 17:40 Last Seen2025-05-28 17:40 Times Seen1 Hash 167af847c35c08a134d1a49aa9ebf7dd 04c338c4fabdf5382e21732dedfd1a47aefb2af8 f7f98ea5f5da68dc2984b19b74fc4dbc3faa54117bd8cfe13d2bb4bdbab370c8 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-25
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-25 04:05 Times Seen430095 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-25
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-25 04:05 Times Seen430095 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-25
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-25 04:05 Times Seen430095 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-07-25
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-25 04:05 Times Seen430095 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/	Eval	1.3 MB	2025-05-28	2025-05-28
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/ IP 104.18.95.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-05-28 17:40 Last Seen2025-05-28 17:40 Times Seen1 Hash 7a4d28aa5792967de3e975eec8308af6 89ddf2218ab50682d1b52a2d3e147f5f3f9d80e0 9e56ab4e95af37a8f05cdc1a83c99feb986447d7cd138e69896b78728fef9dee Loading...

	res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.mail.runtime.ca7dc427.js	ScriptElement	228 kB	2025-05-26	2025-05-28
Pretty URL res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.mail.runtime.ca7dc427.js IP 23.36.76.179 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-26 10:27 Last Seen2025-05-28 17:52 Times Seen28 Hash 26fe850ae0ccce63b6b7a7a3a21e9625 7ab9f47f5b2910a26bb83e4262d8219a5fd593fe 349d329a531d351332f6d1e6b28753e4cd0523c8d9ac79d82434913953383fa3 Loading...

		Size	First Seen	Last Seen
	#1 Write - 086707e4369f60afedcafb16050a7618	39 B	2023-03-07 01:03	2025-07-25 04:05
Pretty Observations First Seen2023-03-07 01:03 Last Seen2025-07-25 04:05 Times Seen118043 Hash 086707e4369f60afedcafb16050a7618 8216b0cc6876cbd44f01c158e7dff3833ceccd41 a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e Loading...

HTTP Transactions (49)

URL IP Response Size

GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/946f88a70d9d56b1/1748453992155/edf3c279ef9a553a3e8d7ec4b75c69182412510d047ad7521d3f28c2eefb0663/XPcJ7B6487T9gCX

104.18.95.41

401 Unauthorized

1 B

URL GET
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/946f88a70d9d56b1/1748453992155/edf3c279ef9a553a3e8d7ec4b75c69182412510d047ad7521d3f28c2eefb0663/XPcJ7B6487T9gCX
IP
104.18.95.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint66:48:DF:B4:8B:9D:6A:8C:3A:B7:0F:CF:92:C7:AF:56:B9:3D:A2:1C
ValidityTue, 29 Apr 2025 17:49:00 GMT - Mon, 28 Jul 2025 18:48:58 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
ff44570aca8241914870afbc310cdb85
58668e7669fd564d99db5d581fcdb6a5618440b5
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/pat/946f88a70d9d56b1/1748453992155/edf3c279ef9a553a3e8d7ec4b75c69182412510d047ad7521d3f28c2eefb0663/XPcJ7B6487T9gCX HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 401 Unauthorized
date: Wed, 28 May 2025 17:39:54 GMT
content-type: text/plain; charset=utf-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20g7fPCee-aVTo-jX7Et1xpGCQSUQ0EetdSHT8owu77BmMAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAscjm_UO_k901rNdCKgLw5bvI4i6M_jDNCIXpfs2LRbtxwLOrUyplqVvML_hVlB5tIDMuj0ihhaOFHose-Y0_UjQnNUGE_vol46VvGgscTMtTjU4xINriap8AMTIygvljEBt6my-nBwkUGhY3U9v5iKC-eWR5bTfvrqFsuIVxafkSfhHqDXB4KLGNjvOOV71GGJ9x4yxA-C2OcULZ1uDDKuvAaMhuiWdF6OzSTXruP9yPg1vmuteavOW1re0YDbCbtK16PhHdSzWym7v_FrvId-2zf26j50FlTd_vl_DcKNDVCgWDoU0uX3cU6V3rSQoVXREEqPr-2ywSGru8ZuXRoQIDAQAB", max-age=20, PrivateToken challenge="AAIAHXNhdC5wYXQtaXNzdWVyLmNsb3VkZmxhcmUuY29tIO3zwnnvmlU6Po1-xLdcaRgkElENBHrXUh0_KMLu-wZjABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAsLS4HBnLGydwK-bLQGRCaoyMsrXBRrDgQVmxS06j3UF0nYSd6GdTGCKIu1WV60eg-tJtTttfEVq7wHVQf4vzjYBidmCh88ebzxKv2GB6PESSodf5MsEup9xd5dxpkYScgL1CCJq89kRrOQ_CS61bvkL_oGyZf4ffqG5THgaOsopqj8dFLH6_SMy9yf8EgMYqpyjxfKsD-1_qb1m1DRjJEKPWKIGwmHXIKQJUqsxZFm4_Inwkxx7QMpVP4GyqlTxFVz7stWwJRSkMLHjEM_IWLUYfPhuwIUVqmRjGsY1n8flA1bRfxaWHNDxoi25-M2BKTP9NkNNJBbTKErhrZ9LGywIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIO3zwnnvmlU6Po1-xLdcaRgkElENBHrXUh0_KMLu-wZjABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA1r6z50Qwapjvi7gKQBPiehOkJb40cvj8RgN_zo7Ag1Zt0ItIZ08z6yBoyxcQd_a3O1eJagQvs0q2WZqQcXhBy3zBsvQBUQF8QxmVXDj3rgtzSqQSahQmiLHDl8Bcv0QZEdy4zOIIyDuI5UyRXhX7XZGrCVD8CZ90xBA5BKM69472-2BHpBla9Lbeh9YUrkZ5O98MUI_u6VEapusnXAf_lwrQA8tyF-9S11SxHG6uu9ywb9GCpVeaxdoonr9TgwPU5JgXSFuW_Ow1I_O2alIJcGt4Lb8SBKG-hKMrnxnwzFPje27Rczkpqu7PtgYXJvH_uDRKG-nqq_rghxAOH_kchwIDAQAB", max-age=20
priority: u=4,i=?0
server: cloudflare
cf-ray: 946f88b7596356b1-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

POST challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1970388246:1748453621:ABdzdO3DuHZ_-pCFSMGHde5bY6gm8S49a785nUEvDTQ/946f88a70d9d56b1/axdg1A6w71fOvQfAOuYBaLBMzyOYmpoS10.cuF7Yh_4-1748453991-1.2.1.1-LzdlZqYUE7sDF.dwou8p3_el1sEfXNFx59L_Ko4YUg66OejTQXAmozq8qhkewPt2

104.18.95.41

200 OK

28 kB

URL POST
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1970388246:1748453621:ABdzdO3DuHZ_-pCFSMGHde5bY6gm8S49a785nUEvDTQ/946f88a70d9d56b1/axdg1A6w71fOvQfAOuYBaLBMzyOYmpoS10.cuF7Yh_4-1748453991-1.2.1.1-LzdlZqYUE7sDF.dwou8p3_el1sEfXNFx59L_Ko4YUg66OejTQXAmozq8qhkewPt2
IP
104.18.95.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint66:48:DF:B4:8B:9D:6A:8C:3A:B7:0F:CF:92:C7:AF:56:B9:3D:A2:1C
ValidityTue, 29 Apr 2025 17:49:00 GMT - Mon, 28 Jul 2025 18:48:58 GMT

File type
ASCII text, with very long lines (28120), with no line terminators
Size
28 kB (28120 bytes)
Hash
5e040efe4af46b5166d2b9dcb3ca35c2
af90cc34658b0c26b1cbf05270e73565d88e3c1f
149927209ae67e924b6213e47a55d1da398043f4fce15982475da38ff7521317

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1970388246:1748453621:ABdzdO3DuHZ_-pCFSMGHde5bY6gm8S49a785nUEvDTQ/946f88a70d9d56b1/axdg1A6w71fOvQfAOuYBaLBMzyOYmpoS10.cuF7Yh_4-1748453991-1.2.1.1-LzdlZqYUE7sDF.dwou8p3_el1sEfXNFx59L_Ko4YUg66OejTQXAmozq8qhkewPt2 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/
cf-chl: axdg1A6w71fOvQfAOuYBaLBMzyOYmpoS10.cuF7Yh_4-1748453991-1.2.1.1-LzdlZqYUE7sDF.dwou8p3_el1sEfXNFx59L_Ko4YUg66OejTQXAmozq8qhkewPt2
cf-chl-ra: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 33480
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 28 May 2025 17:39:56 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: K9ApWuNrJQd518ukVlE1KI4v6HjWRVxD4PWsWIbzdWRMKE+aAz2SDPpzCFzJjzDc$zpYp6zkOePqJbq24WLpitw==
priority: u=3,i=?0
server: cloudflare
cf-ray: 946f88c7cf5556b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET res.public.onecdn.static.microsoft/assets/framework/microsoft.svg

23.36.76.179

200 OK

3.2 kB

URL GET
res.public.onecdn.static.microsoft/assets/framework/microsoft.svg
IP
23.36.76.179:443
ASN
#20940 Akamai International B.V.

Requested by
https://otpurn.com/mail/?login_hint=dave.burkard%40slurpmail.net
Certificate
IssuerMicrosoft Corporation
Subject*.public.onecdn.static.microsoft
FingerprintDA:6B:54:51:45:33:19:15:88:0A:52:3C:DB:68:FC:AD:F9:44:BE:4A
ValidityMon, 16 Dec 2024 20:47:14 GMT - Thu, 11 Dec 2025 20:47:14 GMT

File type
SVG Scalable Vector Graphics image
Size
3.2 kB (3202 bytes)
Hash
7d2b8f25545a2894e2721e9fe528e34c
d0dae76f4bf5c04acd5fcdf1bcb12908099e328c
797bda35d13e5130fe5a14e0069c31b46ec1af6ea47f2d300309803bb4d2608c

HTTP Headers

GET /assets/framework/microsoft.svg HTTP/1.1
Host: res.public.onecdn.static.microsoft
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-length: 1405
last-modified: Wed, 30 Aug 2023 00:34:56 GMT
x-ms-request-id: fd4b084c-801e-002d-1c6d-a24ce4000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 28 May 2025 17:40:08 GMT
akamai-request-bc: [a=23.36.76.116,b=845611860,c=g,n=NO__OSLO,o=20940]
ak-network: FF
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=OSLO&ASN=20940&Country=NO&Region=&RequestIdentifier=0.744c2417.1748454008.32670354&TotalRTCDNTime=1&CompressionType=br&FileSize=1405"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server-timing: clientrtt; dur=1, clienttt; dur=, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/svg+xml
x-cdn-provider: Akamai
X-Firefox-Spdy: h2

GET challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback

104.18.95.41

302 Found

48 kB

URL GET
challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback
IP
104.18.95.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://5f3050f6.1a90ef4bd33032bbd4554830.workers.dev/?email=dave.burkard@slurpmail.net
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint66:48:DF:B4:8B:9D:6A:8C:3A:B7:0F:CF:92:C7:AF:56:B9:3D:A2:1C
ValidityTue, 29 Apr 2025 17:49:00 GMT - Mon, 28 Jul 2025 18:48:58 GMT

File type

Size
48 kB (48200 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://5f3050f6.1a90ef4bd33032bbd4554830.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Wed, 28 May 2025 17:39:51 GMT
content-length: 0
access-control-allow-origin: *
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=300, public
cross-origin-resource-policy: cross-origin
location: /turnstile/v0/g/6fab0cec561d/api.js
vary: Accept-Encoding
server: cloudflare
cf-ray: 946f88a61e9a5684-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/

104.18.95.41

200 OK

28 kB

URL GET
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/
IP
104.18.95.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://5f3050f6.1a90ef4bd33032bbd4554830.workers.dev/?email=dave.burkard@slurpmail.net
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint66:48:DF:B4:8B:9D:6A:8C:3A:B7:0F:CF:92:C7:AF:56:B9:3D:A2:1C
ValidityTue, 29 Apr 2025 17:49:00 GMT - Mon, 28 Jul 2025 18:48:58 GMT

File type
HTML document, ASCII text, with very long lines (22245)
Size
28 kB (27994 bytes)
Hash
f55a5caece160c6a01ab0d907d8774b6
3daa2274b07d2156ab410a1743b447673a6e3ebf
49bf8ac02f33873a9fc124807d392a2426933f9c04fa706962043634045e1e5a

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/ HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://5f3050f6.1a90ef4bd33032bbd4554830.workers.dev/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 28 May 2025 17:39:51 GMT
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
content-security-policy: default-src 'none'; script-src 'nonce-mT5Pib6UT2ymcrcc' 'unsafe-eval'; script-src-attr 'none'; worker-src blob:; style-src 'unsafe-inline'; img-src 'self'; connect-src 'self'; frame-src 'self' blob:; child-src 'self' blob:; form-action 'none'; base-uri 'self'; sandbox allow-same-origin allow-scripts allow-popups allow-forms
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
origin-agent-cluster: ?1
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
referrer-policy: same-origin
document-policy: js-profiling
priority: u=4,i=?0
server: cloudflare
cf-ray: 946f88a70d9d56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET otpurn.com/?qrc=dave.burkard%40slurpmail.net

196.251.85.17

302 Moved Temporarily

13 kB

URL User Request GET
otpurn.com/?qrc=dave.burkard%40slurpmail.net
IP
196.251.85.17:443
ASN
#0

Certificate
IssuerLet's Encrypt
Subjectotpurn.com
FingerprintAA:E0:18:6C:98:5D:05:5F:10:BD:C3:2C:02:3A:64:FB:44:9A:B8:FD
ValidityTue, 27 May 2025 16:04:04 GMT - Mon, 25 Aug 2025 16:04:03 GMT

File type

Size
13 kB (12877 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - NakedPages Phishing Kit

HTTP Headers

GET /?qrc=dave.burkard%40slurpmail.net HTTP/1.1
Host: otpurn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://5f3050f6.1a90ef4bd33032bbd4554830.workers.dev/
DNT: 1
Connection: keep-alive
Cookie: qPdM=yMLpZGZjxKjk; qPdM.sig=_4n5O7rm5XfthN-T76v9WJYDhew
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Sec-Fetch-User: ?1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache
Pragma: no-cache
Location: https://otpurn.com/mail/?login_hint=dave.burkard%40slurpmail.net
Server: Microsoft-IIS/10.0
request-id: e5547031-2ecc-eafe-f6b4-e1c71dbb8a3a
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-FEServer: AM8P251CA0017, AM8P251CA0017
X-RequestId: feb39e79-d7fc-4219-aa8d-88a4495efaef
Alt-Svc: ":443";ma=2592000,h3-29=":443";ma=2592000
X-FEProxyInfo: AM8P251CA0017.EURP251.PROD.OUTLOOK.COM
X-FEEFZInfo: AMS
MS-CV: MXBU5cwu/ur2tOHHHbuKOg.0
X-Powered-By: ASP.NET
Date: Wed, 28 May 2025 17:40:06 GMT
Connection: close
Content-Length: 0
Content-Security-Policy: default-src *  data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval';  script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

GET res.public.onecdn.static.microsoft/assets/mail/fonts/v1/fonts/segoeui-westeuropean/segoeui-regular.woff2

23.36.76.179

200 OK

36 kB

URL GET
res.public.onecdn.static.microsoft/assets/mail/fonts/v1/fonts/segoeui-westeuropean/segoeui-regular.woff2
IP
23.36.76.179:443
ASN
#20940 Akamai International B.V.

Requested by
https://otpurn.com/mail/?login_hint=dave.burkard%40slurpmail.net
Certificate
IssuerMicrosoft Corporation
Subject*.public.onecdn.static.microsoft
FingerprintDA:6B:54:51:45:33:19:15:88:0A:52:3C:DB:68:FC:AD:F9:44:BE:4A
ValidityMon, 16 Dec 2024 20:47:14 GMT - Thu, 11 Dec 2025 20:47:14 GMT

File type
Web Open Font Format (Version 2), TrueType, length 36344, version 0.0
Size
36 kB (36344 bytes)
Hash
865f1db6545fc94a2f4444dd60e7bbc6
b00d806dd42101881ab94e1c96f8235b74f6ab7f
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49

HTTP Headers

GET /assets/mail/fonts/v1/fonts/segoeui-westeuropean/segoeui-regular.woff2 HTTP/1.1
Host: res.public.onecdn.static.microsoft
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://otpurn.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-length: 36344
content-type: font/woff2
last-modified: Tue, 19 Oct 2021 00:48:13 GMT
x-ms-request-id: e890d9da-901e-001e-151f-5b134f000000
cache-control: max-age=630720000
date: Wed, 28 May 2025 17:40:12 GMT
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,quic=":443"; ma=93600; v="43"
akamai-request-bc: [a=23.36.76.175,b=12324102,c=g,n=NO__OSLO,o=20940]
quic-version: 0x00000001
ak-network: FF
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=OSLO&ASN=20940&Country=NO&Region=&RequestIdentifier=0.af4c2417.1748454012.bc0d06&TotalRTCDNTime=11&CompressionType=&FileSize=36344"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server-timing: clientrtt; dur=11, clienttt; dur=, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn-provider: Akamai

GET res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.AppBoot.m.2deeea90.css

23.36.76.179

200 OK

107 kB

URL GET
res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.AppBoot.m.2deeea90.css
IP
23.36.76.179:443
ASN
#20940 Akamai International B.V.

Requested by
https://otpurn.com/mail/?login_hint=dave.burkard%40slurpmail.net
Certificate
IssuerMicrosoft Corporation
Subject*.public.onecdn.static.microsoft
FingerprintDA:6B:54:51:45:33:19:15:88:0A:52:3C:DB:68:FC:AD:F9:44:BE:4A
ValidityMon, 16 Dec 2024 20:47:14 GMT - Thu, 11 Dec 2025 20:47:14 GMT

File type
Unicode text, UTF-8 text, with very long lines (65194), with no line terminators
Size
107 kB (106824 bytes)
Hash
04f7ddc7833c0f1b153ff2a5da6e7179
7fd0b1a8026be17a740989b885de9dd57b018899
162d372689492201a71477a0d2e105a8b9fa8047fcb4919461c314729a8ff4fd

HTTP Headers

GET /owamail/hashed-v1/scripts/owa.AppBoot.m.2deeea90.css HTTP/1.1
Host: res.public.onecdn.static.microsoft
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://otpurn.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-length: 18864
content-type: text/css
last-modified: Wed, 14 May 2025 13:37:55 GMT
x-ms-request-id: 973d639f-701e-0064-3dee-c40e0f000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 28 May 2025 17:40:11 GMT
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,quic=":443"; ma=93600; v="43"
akamai-request-bc: [a=23.36.76.175,b=12322407,c=g,n=NO__OSLO,o=20940]
quic-version: 0x00000001
ak-network: FF
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=OSLO&ASN=20940&Country=NO&Region=&RequestIdentifier=0.af4c2417.1748454011.bc0667&TotalRTCDNTime=11&CompressionType=br&FileSize=18864"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server-timing: clientrtt; dur=11, clienttt; dur=, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn-provider: Akamai

GET res.public.onecdn.static.microsoft/assets/mail/fonts/v1/fonts/segoeui-semilight.woff

23.36.76.179

200 OK

30 kB

URL GET
res.public.onecdn.static.microsoft/assets/mail/fonts/v1/fonts/segoeui-semilight.woff
IP
23.36.76.179:443
ASN
#20940 Akamai International B.V.

Requested by
https://otpurn.com/mail/?login_hint=dave.burkard%40slurpmail.net
Certificate
IssuerMicrosoft Corporation
Subject*.public.onecdn.static.microsoft
FingerprintDA:6B:54:51:45:33:19:15:88:0A:52:3C:DB:68:FC:AD:F9:44:BE:4A
ValidityMon, 16 Dec 2024 20:47:14 GMT - Thu, 11 Dec 2025 20:47:14 GMT

File type
Web Open Font Format, TrueType, length 29464, version 1.0
Size
30 kB (29464 bytes)
Hash
6a419545705dee19082e8e62105488df
72a5d33a47932ed6cf2d196c8d8222204e4a71fd
c63a3930ec9dd26c24b4c62b83d8cf778416a0ded1d9aa83e0840a675155b71b

HTTP Headers

GET /assets/mail/fonts/v1/fonts/segoeui-semilight.woff HTTP/1.1
Host: res.public.onecdn.static.microsoft
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://otpurn.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-length: 29464
last-modified: Tue, 19 Oct 2021 00:48:25 GMT
x-ms-request-id: cccd7861-a01e-0015-321f-5be824000000
cache-control: max-age=630720000
date: Wed, 28 May 2025 17:40:11 GMT
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,quic=":443"; ma=93600; v="43"
akamai-request-bc: [a=23.36.76.175,b=12322479,c=g,n=NO__OSLO,o=20940]
quic-version: 0x00000001
ak-network: FF
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=OSLO&ASN=20940&Country=NO&Region=&RequestIdentifier=0.af4c2417.1748454011.bc06af&TotalRTCDNTime=11&CompressionType=&FileSize=29464"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server-timing: clientrtt; dur=11, clienttt; dur=, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/font-woff
x-cdn-provider: Akamai

GET res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.36078.m.e76f2ec9.js

23.36.76.179

200 OK

2.8 MB

URL GET
res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.36078.m.e76f2ec9.js
IP
23.36.76.179:443
ASN
#20940 Akamai International B.V.

Requested by
https://otpurn.com/mail/?login_hint=dave.burkard%40slurpmail.net
Certificate
IssuerMicrosoft Corporation
Subject*.public.onecdn.static.microsoft
FingerprintDA:6B:54:51:45:33:19:15:88:0A:52:3C:DB:68:FC:AD:F9:44:BE:4A
ValidityMon, 16 Dec 2024 20:47:14 GMT - Thu, 11 Dec 2025 20:47:14 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
2.8 MB (2834334 bytes)
Hash
52d6a027aa667c30e83d1a717607564c
0f824c023ae837c13415db42ef74f0783823f03e
9ddfa12bedf1da4d75b2e08c5c64a5ae0b50e74a37bc7d927a0a7d09854e8a78

HTTP Headers

GET /owamail/hashed-v1/scripts/owa.36078.m.e76f2ec9.js HTTP/1.1
Host: res.public.onecdn.static.microsoft
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://otpurn.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-length: 690429
last-modified: Fri, 16 May 2025 13:44:41 GMT
x-ms-request-id: aa58387f-e01e-0004-32d7-c87290000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 28 May 2025 17:40:11 GMT
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,quic=":443"; ma=93600; v="43"
akamai-request-bc: [a=23.36.76.175,b=12322370,c=g,n=NO__OSLO,o=20940]
quic-version: 0x00000001
ak-network: FF
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=OSLO&ASN=20940&Country=NO&Region=&RequestIdentifier=0.af4c2417.1748454011.bc0642&TotalRTCDNTime=11&CompressionType=br&FileSize=690429"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server-timing: clientrtt; dur=11, clienttt; dur=, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai

104.18.95.41

200 OK

4.8 kB

URL POST
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1970388246:1748453621:ABdzdO3DuHZ_-pCFSMGHde5bY6gm8S49a785nUEvDTQ/946f88a70d9d56b1/axdg1A6w71fOvQfAOuYBaLBMzyOYmpoS10.cuF7Yh_4-1748453991-1.2.1.1-LzdlZqYUE7sDF.dwou8p3_el1sEfXNFx59L_Ko4YUg66OejTQXAmozq8qhkewPt2
IP
104.18.95.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint66:48:DF:B4:8B:9D:6A:8C:3A:B7:0F:CF:92:C7:AF:56:B9:3D:A2:1C
ValidityTue, 29 Apr 2025 17:49:00 GMT - Mon, 28 Jul 2025 18:48:58 GMT

File type
ASCII text, with very long lines (4796), with no line terminators
Size
4.8 kB (4796 bytes)
Hash
c2031a74f13ae2b98805a384781342be
aa0818127ccb93dc219b0642e0bda27cc798fc91
018931a6a49b1b7d6dab7155287e0f3db2948b4f02fca6168837dfaf8f364aa0

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1970388246:1748453621:ABdzdO3DuHZ_-pCFSMGHde5bY6gm8S49a785nUEvDTQ/946f88a70d9d56b1/axdg1A6w71fOvQfAOuYBaLBMzyOYmpoS10.cuF7Yh_4-1748453991-1.2.1.1-LzdlZqYUE7sDF.dwou8p3_el1sEfXNFx59L_Ko4YUg66OejTQXAmozq8qhkewPt2 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/
cf-chl: axdg1A6w71fOvQfAOuYBaLBMzyOYmpoS10.cuF7Yh_4-1748453991-1.2.1.1-LzdlZqYUE7sDF.dwou8p3_el1sEfXNFx59L_Ko4YUg66OejTQXAmozq8qhkewPt2
cf-chl-ra: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 44387
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 28 May 2025 17:40:06 GMT
content-type: text/html; charset=UTF-8
cf-chl-out-s: jNJWGpTnQiU0Xy61eNwyVIhiCVLk600t+6Pnh8P5nkaP98N10DUfvgBWJp9Hl99WXb2V4xzXY0HilQwwxP8LmD3VC0aIoCcSkUpBEIT/yyls3BmA6qJEeudQg+ma3FRx+nFsLoSTSBH5W2C5f97VO0rRKBzjFFx8zVQDspdtV8OuY/dfs8JA6POYZIGhKEptsngQd3CFm9P4e5c0nKIfEN8HIivdfmDQDclifdG4eVn9JX4Xye5CRr0KA8qiK8+ghmJRx1KOKBuY4Gjc3ZMYUteO/747HSlhHWnH6eva1CwrjpEbHXtmYdTbpJveH2o4nEFSL7XubehOLoyCZPSFvFXLAHW4MpZjyJGprYZefzEzvI0IdYkNhXjOYRSmyUCggAkRt2gCD+xTkNUbT/sRT/eOBuGMir8bPE3iIjUorAG9zTnjzrebi7C3mjo8X0utTyLozlqjj/HqbHkAYOTYArtvCke1dWmw/swVdIAKCZE+1dbjAphkV0bzAkX+/H1z4bVg7fYOZb+4mVf6hnQka2ot12ywGf+feDZkuGb7pJg7HCgxywdjrnmU8i5nFM3if9/IZgDAmOf6QtGZHlyJjFUXf9Njv/82ULKPPKBbXaVdPIHjygnrlUOGf6FxJ+LdDJpqrCSOlgdkd25YuPcSraYbJXTnCRpPKhI4pZF2IUN0rQMQTj9XB+k8FdXO009vgNP3M/bTdKtE6AP3g44er4mXUptljbdh5TyHl2Jr6+fF76Ql5ReMhtPin/Kw40C2mkcCfggaSnlroZ3Z9ij3WQMlBqANq4cxWfj6rdtUzo2GNh6x7z9ypxtl+koWvNGQE1SlXHP2eCNjPJokoFElgTGILmbN1KAsoiTExQlhnDdsrJvwNAzSc8YVtzloEnwE3KUCdXtOsm/Tmlilbc0+3ClaoJyWVER5sfc3gO5OkZAb0iCOWmkGHe/uO/RXEJ2DwbLo1zBn5SFU2iteWvIGiInNafyDvL6VhSMmJBbdRx9SAYnRHNqsodYTmS2Bp8IdIaeckwCbvMMoDjNSK8KpYopP4Inh+YVA8sZO/4MB9p9wvPRFSM7Ma2UTWQt/wZhZUVFtCOJmgmfdhsnw7kvFd1Ii+w5zJ3DaGEhwnjtCK4pU4Tsryi/7Kjm4be4Z+zYL17zi1Ze9JLNHNfryKYuaYTCAh1MO7qoRrtn6cTP4j6WiyvJR3h95bxuMiQidXCcW7vI9ju8ijOu6E4inuDcCbYxOchn5NF8CvFaHF3e6f8Cw9dsXrxsLJ4PFphPeyPvkGQQlHr6Nx2piVrxz6anjE1aWDpZW6rHlUPX5Vh5sLO/WDnHF4/ToMFumpfMNzY2Cv/3UkaXZmZca1ucMTHH11602S24DCGlsZ8gO2UMoXdM=$KXZdM5PaY/9Yl4AClvYLkg==
cf-chl-out: 4idtt+lXNZOkI8mtfh87UeId9jWjUJTHP5x0GD0UR8zj7EcO48Hh46uuFVPSWe+51jRkGmDg1P23LMO4o5bB+g==$kCxEiBdIJnH9UT/ewrM0xw==
priority: u=3,i=?0
server: cloudflare
cf-ray: 946f8903aa7256b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET otpurn.com/mail/?login_hint=dave.burkard%40slurpmail.net

196.251.85.17

200 OK

13 kB

URL User Request GET
otpurn.com/mail/?login_hint=dave.burkard%40slurpmail.net
IP
196.251.85.17:443
ASN
#0

Certificate
IssuerLet's Encrypt
Subjectotpurn.com
FingerprintAA:E0:18:6C:98:5D:05:5F:10:BD:C3:2C:02:3A:64:FB:44:9A:B8:FD
ValidityTue, 27 May 2025 16:04:04 GMT - Mon, 25 Aug 2025 16:04:03 GMT

File type
HTML document, ASCII text, with very long lines (11913)
Size
13 kB (12877 bytes)
Hash
f52130248569efe0bfe7ca2b7266c92e
a18ff54b416625239485a98e00fe84af6844e45f
b7cf6ee55558744fc898b0de8dc6d1d6eb9aec20d8c4accd9c3fd85ced01a6a8

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - NakedPages Phishing Kit

HTTP Headers

GET /mail/?login_hint=dave.burkard%40slurpmail.net HTTP/1.1
Host: otpurn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://5f3050f6.1a90ef4bd33032bbd4554830.workers.dev/
DNT: 1
Connection: keep-alive
Cookie: qPdM=yMLpZGZjxKjk; qPdM.sig=_4n5O7rm5XfthN-T76v9WJYDhew
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Sec-Fetch-User: ?1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Transfer-Encoding: chunked
Content-Type: text/html
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
request-id: 4cbe2638-16cb-471e-63e7-f3994852a70f
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-PreferredRoutingKeyDiagnostics: 0
X-CalculatedFETarget: GVYP280CU019.internal.outlook.com
X-BackEndHttpStatus: 200, 200
Set-Cookie: ClientId=; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/
ClientId=D23440C2239F4EFBABDEEEC89654B94E; expires=Thu, 28 May 2026 17:40:07 GMT; path=/; secure; samesite=none
X-CalculatedBETarget: GV2PPF0D7E1E584.EURP251.PROD.OUTLOOK.COM
x-web-server-version: 25.5.16.3
X-Clique: CLEURP251GVX00
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; trusted-types owaTrustedTypesPolicy owa#webpack cdn-url#oneshell safe-xml#oneshell workerScriptTrustedTypesPolicy augloopTrustedTypesPolicy 1DSScriptURL dompurify adaptivecards#deprecatedExportedFunctionPolicy adaptivecards#deprecatedExportedFunctionPolicy highcharts owaAdsTrustedTypesPolicy @msteams/embed-client @fluidx/loop workerPolicy MeControlScriptURL adaptivecards#markdownPassthroughPolicy fast-html adaptivecards#restoreContentsPolicy @1js/midgard-trusted-types @1js/lpc-common-web#webpack @centro/hvc-loader html2canvas osfRuntimeScriptPolicy yammer-outlook-trusted-types-policy#webpack @azure/ms-rest-js#xml.browser react-virtualized-auto-sizer lit-html officebrowserfeedback#domUtils troubleshootPolicy consolePolicy ori_importmap TrustedTypePolicyFactory workerScriptPolicy iFrameDocumentTrustedTypesPolicy nativePdfPreviewTrustedTypesPolicy workerLoaderTrustedTypesPolicy @1js/search-converged-hostapp-owa-bundle#webpack suiteuxShellTrustedTypesPolicy @azure/core-xml#xml.browser @1js/midgard-bootstrapper#webpack trustedInnerHTMLPolicy domUtilsTrustedTypePolicy dangerouslySetInnerHTMLPolicy overlayScrollbarsTrustedTypesPolicy @msteams/services-io-browser-web-client-update#register-service-worker @fluidx/loop#loop-page-container @fluidx/loop#odsp-driver @fluidx/loop#office-fluid-container @fluidx/loop#sourceless-iframe webpack-dev-server#overlay placesMapWorkerPolicy @fluidx/loop-app-worker-template ori-worker-policy default owaLoopTrustedTypesPolicy 'allow-duplicates'; report-uri https://csp.microsoft.com/report/OutlookWeb-Mail-PROD;
Content-Security-Policy: default-src *  data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval';  script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
x-app-name: Mail
Referrer-Policy: no-referrer
Origin-Trial: AgxVPru/jRUesV9k7Pn5/osZuJ4g/2sL76bPZejtrjsFofGlatTE4sbavhadrkBNum06aL1ghYYaKcX04fiRdAIAAABveyJvcmlnaW4iOiJodHRwczovL29mZmljZS5jb206NDQzIiwiZmVhdHVyZSI6IkxvbmdBbmltYXRpb25GcmFtZVRpbWluZyIsImV4cGlyeSI6MTcxNjk0MDc5OSwiaXNTdWJkb21haW4iOnRydWV9
Link: <https://res.public.onecdn.static.microsoft/>; rel="preconnect"
X-Client-Version: 20250516009.14
x-besku: UNKNOWN
X-RUM-Validated: 1
X-RUM-NotUpdateQueriedPath: 1
X-RUM-NotUpdateQueriedDbCopy: 1
X-Proxy-RoutingCorrectness: 1
X-Proxy-BackendServerStatus: 200
X-BEPartition: Clique/CLEURP251GVX00
X-FEEFZInfo: AMS
MS-CV: OCa+TMsWHkdj5/OZSFKnDw.1.1
X-FEServer: GV3PEPF00007A80, AS4P251CA0019
Alt-Svc: ":443";ma=2592000,h3-29=":443";ma=2592000
X-FirstHopCafeEFZ: AMS
X-FEProxyInfo: AS4P251CA0019.EURP251.PROD.OUTLOOK.COM
X-Powered-By: ASP.NET
Date: Wed, 28 May 2025 17:40:06 GMT
Connection: close

GET res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.mail.runtime.ca7dc427.js

23.36.76.179

200 OK

228 kB

URL GET
res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.mail.runtime.ca7dc427.js
IP
23.36.76.179:443
ASN
#20940 Akamai International B.V.

Requested by
https://otpurn.com/mail/?login_hint=dave.burkard%40slurpmail.net
Certificate
IssuerMicrosoft Corporation
Subject*.public.onecdn.static.microsoft
FingerprintDA:6B:54:51:45:33:19:15:88:0A:52:3C:DB:68:FC:AD:F9:44:BE:4A
ValidityMon, 16 Dec 2024 20:47:14 GMT - Thu, 11 Dec 2025 20:47:14 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
228 kB (228356 bytes)
Hash
26fe850ae0ccce63b6b7a7a3a21e9625
7ab9f47f5b2910a26bb83e4262d8219a5fd593fe
349d329a531d351332f6d1e6b28753e4cd0523c8d9ac79d82434913953383fa3

HTTP Headers

GET /owamail/hashed-v1/scripts/owa.mail.runtime.ca7dc427.js HTTP/1.1
Host: res.public.onecdn.static.microsoft
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-length: 127702
last-modified: Sun, 25 May 2025 03:01:00 GMT
x-ms-request-id: d3f59b44-b01e-0009-6526-cdba44000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 28 May 2025 17:40:08 GMT
akamai-request-bc: [a=23.36.76.116,b=845611884,c=g,n=NO__OSLO,o=20940]
ak-network: FF
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=OSLO&ASN=20940&Country=NO&Region=&RequestIdentifier=0.744c2417.1748454008.3267036c&TotalRTCDNTime=1&CompressionType=br&FileSize=127702"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server-timing: clientrtt; dur=1, clienttt; dur=, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2

GET otpurn.com/mail/favicon.ico

0.0.0.0

0 B

URL GET
otpurn.com/mail/favicon.ico
IP
0.0.0.0:0
ASN
#0

Requested by
https://otpurn.com/mail/?login_hint=dave.burkard%40slurpmail.net

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - NakedPages Phishing Kit

HTTP Headers

GET /mail/favicon.ico HTTP/1.1
Host: otpurn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: qPdM=yMLpZGZjxKjk; qPdM.sig=_4n5O7rm5XfthN-T76v9WJYDhew; ClientId=D23440C2239F4EFBABDEEEC89654B94E
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

GET res.public.onecdn.static.microsoft/assets/mail/pwa/v1/pngs/apple-touch-icon.png

23.36.76.179

200 OK

11 kB

URL GET
res.public.onecdn.static.microsoft/assets/mail/pwa/v1/pngs/apple-touch-icon.png
IP
23.36.76.179:443
ASN
#20940 Akamai International B.V.

Requested by
https://otpurn.com/mail/?login_hint=dave.burkard%40slurpmail.net
Certificate
IssuerMicrosoft Corporation
Subject*.public.onecdn.static.microsoft
FingerprintDA:6B:54:51:45:33:19:15:88:0A:52:3C:DB:68:FC:AD:F9:44:BE:4A
ValidityMon, 16 Dec 2024 20:47:14 GMT - Thu, 11 Dec 2025 20:47:14 GMT

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced
Size
11 kB (11231 bytes)
Hash
0801b8712fb56f193b0a8ce9ef5a29b8
7d70aa738fe6a7769162a7655a895b40e35685ff
2344bf99eba344e5340c3a4ffca47a65ca036e7d5764e4f1fbcb8179d0fc11d4

HTTP Headers

GET /assets/mail/pwa/v1/pngs/apple-touch-icon.png HTTP/1.1
Host: res.public.onecdn.static.microsoft
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-length: 11231
content-type: image/png
last-modified: Tue, 19 Oct 2021 00:48:18 GMT
x-ms-request-id: 8148ab3c-a01e-0005-2c1f-5b2d4c000000
cache-control: max-age=630720000
date: Wed, 28 May 2025 17:40:09 GMT
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,quic=":443"; ma=93600; v="43"
akamai-request-bc: [a=23.36.76.175,b=12320615,c=g,n=NO__OSLO,o=20940]
quic-version: 0x00000001
ak-network: FF
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=OSLO&ASN=20940&Country=NO&Region=&RequestIdentifier=0.af4c2417.1748454009.bbff67&TotalRTCDNTime=32&CompressionType=&FileSize=11231"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server-timing: clientrtt; dur=32, clienttt; dur=, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn-provider: Akamai

GET login.microsoftonline.com/common/discovery/instance?api-version=1.1&authorization_endpoint=https://otpurn.com/organizations/oauth2/v2.0/authorize

20.190.181.6

400 Bad Request

452 B

URL GET
login.microsoftonline.com/common/discovery/instance?api-version=1.1&authorization_endpoint=https://otpurn.com/organizations/oauth2/v2.0/authorize
IP
20.190.181.6:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://otpurn.com/mail/?login_hint=dave.burkard%40slurpmail.net
Certificate
IssuerMicrosoft Corporation
Subjectstamp2.login.microsoftonline.com
Fingerprint8C:66:91:AB:FB:11:0C:48:23:F3:9F:5C:3C:70:93:14:CC:29:1B:A3
ValidityFri, 23 May 2025 05:26:40 GMT - Wed, 19 Nov 2025 05:26:40 GMT

File type
JSON text data
Size
452 B (452 bytes)
Hash
f2f39f6eee8cc8675508ce0c9fd7c618
78bbf211287f1c6c7354f948808ce3949f8dc79f
2bfb192b7e0e5959830e00596fd2e51c3ccb4cbd7d86472289c0cf5ccafb76ef

HTTP Headers

GET /common/discovery/instance?api-version=1.1&authorization_endpoint=https://otpurn.com/organizations/oauth2/v2.0/authorize HTTP/1.1
Host: login.microsoftonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://otpurn.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 400 Bad Request
cache-control: private
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
p3p: CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id: 6a27797a-5743-4ff7-bdff-1fbdf2a80c00
x-ms-ests-server: 2.1.20824.5 - NEULR1 ProdSlices
access-control-expose-headers: x-ms-srs
x-ms-srs: 1.P
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: object-src 'none'; base-uri 'self'; script-src 'self' 'nonce-tuqeQafUXDb6oIfYVXKcDQ' 'unsafe-inline' 'unsafe-eval' https://*.msauth.net https://*.msftauth.net https://*.msftauthimages.net https://*.msauthimages.net https://*.msidentity.com https://*.microsoftonline-p.com https://*.microsoftazuread-sso.com https://*.azureedge.net https://*.outlook.com https://*.office.com https://*.office365.com https://*.microsoft.com https://*.bing.com 'report-sample'; report-uri https://csp.microsoft.com/report/ESTS-UX-All
x-xss-protection: 0
set-cookie: fpc=AuPFrxBb-XJKt6MHB2e_2cI; expires=Fri, 27-Jun-2025 17:40:10 GMT; path=/; secure; HttpOnly; SameSite=None
esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQExL3OKI_xXEUYFZwXLJYmlahrcWGxTeEtBuvEGsw-0av_wgzNrblf6B3abZfaryulq9pgZ-K-msy21RTTyL-mKzJDCj8RfgnYM83739Sf4cYErkL1Us51rdUKEwYc5E538saEnUU7HzUU3vvXcn9_z0jIsFVWdrtILLwrh-fWTKYgAA; domain=.login.microsoftonline.com; path=/; secure; HttpOnly; SameSite=None
x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly
stsservicecookie=estsfd; path=/; secure; samesite=none; httponly
date: Wed, 28 May 2025 17:40:09 GMT
content-length: 452
X-Firefox-Spdy: h2

GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/d/946f88a70d9d56b1/1748453992160/bxA1jEs8xsO_5YV

104.18.95.41

200 OK

147 B

URL GET
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/d/946f88a70d9d56b1/1748453992160/bxA1jEs8xsO_5YV
IP
104.18.95.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint66:48:DF:B4:8B:9D:6A:8C:3A:B7:0F:CF:92:C7:AF:56:B9:3D:A2:1C
ValidityTue, 29 Apr 2025 17:49:00 GMT - Mon, 28 Jul 2025 18:48:58 GMT

File type
PNG image data, 34 x 9, 8-bit/color RGBA, non-interlaced
Size
147 B (147 bytes)
Hash
945277720bbb812a13387cf0199d5d85
43a2f97a098deb765156b5a3eafd37a45522b2b5
64f571c6c154df13da8349c2c6ff18ec399b6158833f9fffe51a3d4c1f23eb95

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/d/946f88a70d9d56b1/1748453992160/bxA1jEs8xsO_5YV HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 28 May 2025 17:39:55 GMT
content-type: image/png
content-length: 147
priority: u=4,i=?0
server: cloudflare
cf-ray: 946f88c0aa0c56b1-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.36078.m.e76f2ec9.js

23.36.76.179

200 OK

2.8 MB

URL GET
res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.36078.m.e76f2ec9.js
IP
23.36.76.179:443
ASN
#20940 Akamai International B.V.

Requested by
https://otpurn.com/mail/?login_hint=dave.burkard%40slurpmail.net
Certificate
IssuerMicrosoft Corporation
Subject*.public.onecdn.static.microsoft
FingerprintDA:6B:54:51:45:33:19:15:88:0A:52:3C:DB:68:FC:AD:F9:44:BE:4A
ValidityMon, 16 Dec 2024 20:47:14 GMT - Thu, 11 Dec 2025 20:47:14 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
2.8 MB (2834334 bytes)
Hash
52d6a027aa667c30e83d1a717607564c
0f824c023ae837c13415db42ef74f0783823f03e
9ddfa12bedf1da4d75b2e08c5c64a5ae0b50e74a37bc7d927a0a7d09854e8a78

HTTP Headers

GET /owamail/hashed-v1/scripts/owa.36078.m.e76f2ec9.js HTTP/1.1
Host: res.public.onecdn.static.microsoft
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-length: 690429
last-modified: Fri, 16 May 2025 13:44:41 GMT
x-ms-request-id: aa58387f-e01e-0004-32d7-c87290000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 28 May 2025 17:40:08 GMT
akamai-request-bc: [a=23.36.76.116,b=845611893,c=g,n=NO__OSLO,o=20940]
ak-network: FF
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=OSLO&ASN=20940&Country=NO&Region=&RequestIdentifier=0.744c2417.1748454008.32670375&TotalRTCDNTime=1&CompressionType=br&FileSize=690429"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server-timing: clientrtt; dur=1, clienttt; dur=, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2

GET res.public.onecdn.static.microsoft/assets/mail/fonts/v1/fonts/segoeui-light.woff

23.36.76.179

200 OK

25 kB

URL GET
res.public.onecdn.static.microsoft/assets/mail/fonts/v1/fonts/segoeui-light.woff
IP
23.36.76.179:443
ASN
#20940 Akamai International B.V.

Requested by
https://otpurn.com/mail/?login_hint=dave.burkard%40slurpmail.net
Certificate
IssuerMicrosoft Corporation
Subject*.public.onecdn.static.microsoft
FingerprintDA:6B:54:51:45:33:19:15:88:0A:52:3C:DB:68:FC:AD:F9:44:BE:4A
ValidityMon, 16 Dec 2024 20:47:14 GMT - Thu, 11 Dec 2025 20:47:14 GMT

File type
Web Open Font Format, TrueType, length 24741, version 0.-12452
Size
25 kB (24741 bytes)
Hash
aca944af2bc632bfec1fbaafff11e777
5791bbc9a9faa31b289f6a3c7cd51885bc1baef5
d1ba065fe841593a501a70496d94029b0cc6e46be7d6ff44c4014ebd93300d0a

HTTP Headers

GET /assets/mail/fonts/v1/fonts/segoeui-light.woff HTTP/1.1
Host: res.public.onecdn.static.microsoft
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://otpurn.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-length: 24741
last-modified: Tue, 19 Oct 2021 00:48:24 GMT
x-ms-request-id: e20cc26d-101e-004d-1d1f-5b307b000000
cache-control: max-age=630720000
date: Wed, 28 May 2025 17:40:11 GMT
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,quic=":443"; ma=93600; v="43"
akamai-request-bc: [a=23.36.76.175,b=12322478,c=g,n=NO__OSLO,o=20940]
quic-version: 0x00000001
ak-network: FF
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=OSLO&ASN=20940&Country=NO&Region=&RequestIdentifier=0.af4c2417.1748454011.bc06ae&TotalRTCDNTime=11&CompressionType=&FileSize=24741"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server-timing: clientrtt; dur=11, clienttt; dur=, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/font-woff
x-cdn-provider: Akamai

GET res.public.onecdn.static.microsoft/assets/mail/fonts/v1/fonts/segoeui-regular.woff

23.36.76.179

200 OK

35 kB

URL GET
res.public.onecdn.static.microsoft/assets/mail/fonts/v1/fonts/segoeui-regular.woff
IP
23.36.76.179:443
ASN
#20940 Akamai International B.V.

Requested by
https://otpurn.com/mail/?login_hint=dave.burkard%40slurpmail.net
Certificate
IssuerMicrosoft Corporation
Subject*.public.onecdn.static.microsoft
FingerprintDA:6B:54:51:45:33:19:15:88:0A:52:3C:DB:68:FC:AD:F9:44:BE:4A
ValidityMon, 16 Dec 2024 20:47:14 GMT - Thu, 11 Dec 2025 20:47:14 GMT

File type
Web Open Font Format, TrueType, length 34924, version 1.0
Size
35 kB (34924 bytes)
Hash
46749bbaebfe8f28b80df5381dd55aa4
ec0c969053ec70db78b2067955330b6d50df6300
07ec698b1036cdfbb8892f02d9510f5f671284fca9fa003b883996da040a444b

HTTP Headers

GET /assets/mail/fonts/v1/fonts/segoeui-regular.woff HTTP/1.1
Host: res.public.onecdn.static.microsoft
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://otpurn.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-length: 34924
last-modified: Tue, 19 Oct 2021 00:48:15 GMT
x-ms-request-id: edc149e3-701e-0029-701f-5bc1e3000000
cache-control: max-age=630720000
date: Wed, 28 May 2025 17:40:11 GMT
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,quic=":443"; ma=93600; v="43"
akamai-request-bc: [a=23.36.76.175,b=12322480,c=g,n=NO__OSLO,o=20940]
quic-version: 0x00000001
ak-network: FF
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=OSLO&ASN=20940&Country=NO&Region=&RequestIdentifier=0.af4c2417.1748454011.bc06b0&TotalRTCDNTime=11&CompressionType=&FileSize=34924"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server-timing: clientrtt; dur=11, clienttt; dur=, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/font-woff
x-cdn-provider: Akamai

GET res.public.onecdn.static.microsoft/assets/mail/fonts/v1/fonts/segoeui-semibold.woff

23.36.76.179

200 OK

32 kB

URL GET
res.public.onecdn.static.microsoft/assets/mail/fonts/v1/fonts/segoeui-semibold.woff
IP
23.36.76.179:443
ASN
#20940 Akamai International B.V.

Requested by
https://otpurn.com/mail/?login_hint=dave.burkard%40slurpmail.net
Certificate
IssuerMicrosoft Corporation
Subject*.public.onecdn.static.microsoft
FingerprintDA:6B:54:51:45:33:19:15:88:0A:52:3C:DB:68:FC:AD:F9:44:BE:4A
ValidityMon, 16 Dec 2024 20:47:14 GMT - Thu, 11 Dec 2025 20:47:14 GMT

File type
Web Open Font Format, TrueType, length 31712, version 1.0
Size
32 kB (31712 bytes)
Hash
f9ec3999394b8cce87da4f77e45a5a6a
abb546981566494ea71c7e294caa59bd60906887
3711ba98ca34a5bc5ce6b79de62a1a2eee453f413d2123e912d1ae6b0b0c8b33

HTTP Headers

GET /assets/mail/fonts/v1/fonts/segoeui-semibold.woff HTTP/1.1
Host: res.public.onecdn.static.microsoft
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://otpurn.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-length: 31712
last-modified: Tue, 19 Oct 2021 00:48:22 GMT
x-ms-request-id: 132f28fa-501e-004c-161f-5b6fa7000000
cache-control: max-age=630720000
date: Wed, 28 May 2025 17:40:11 GMT
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,quic=":443"; ma=93600; v="43"
akamai-request-bc: [a=23.36.76.175,b=12322481,c=g,n=NO__OSLO,o=20940]
quic-version: 0x00000001
ak-network: FF
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=OSLO&ASN=20940&Country=NO&Region=&RequestIdentifier=0.af4c2417.1748454011.bc06b1&TotalRTCDNTime=11&CompressionType=&FileSize=31712"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server-timing: clientrtt; dur=11, clienttt; dur=, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/font-woff
x-cdn-provider: Akamai

GET redirect.viglink.com/?format=go&jsonp=vglnk_1528334718170259&key=172579b97fa4d5e8c1a3c2918a03e499&libId=ji37348e01012xfz000DA40uyjt16&loc=jamestowndeals.com/rq3dv?q=Blumenau&btnG=Pesquisar&v=1&out=jannanddl.com/aadmin/860387255806435580421707015687330a07771e19894b0a8aea2ea73c17f929/ZGF2ZS5idXJrYXJkQHNsdXJwbWFpbC5uZXQ=

52.16.229.40

302

0 B

URL User Request GET
redirect.viglink.com/?format=go&jsonp=vglnk_1528334718170259&key=172579b97fa4d5e8c1a3c2918a03e499&libId=ji37348e01012xfz000DA40uyjt16&loc=jamestowndeals.com/rq3dv?q=Blumenau&btnG=Pesquisar&v=1&out=jannanddl.com/aadmin/860387255806435580421707015687330a07771e19894b0a8aea2ea73c17f929/ZGF2ZS5idXJrYXJkQHNsdXJwbWFpbC5uZXQ=
IP
52.16.229.40:443
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subjectviglink.com
FingerprintEA:F6:FD:43:24:5C:29:D3:A0:2B:63:BB:51:44:77:3C:63:93:38:42
ValiditySun, 11 Aug 2024 00:00:00 GMT - Mon, 08 Sep 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?format=go&jsonp=vglnk_1528334718170259&key=172579b97fa4d5e8c1a3c2918a03e499&libId=ji37348e01012xfz000DA40uyjt16&loc=jamestowndeals.com/rq3dv?q=Blumenau&btnG=Pesquisar&v=1&out=jannanddl.com/aadmin/860387255806435580421707015687330a07771e19894b0a8aea2ea73c17f929/ZGF2ZS5idXJrYXJkQHNsdXJwbWFpbC5uZXQ= HTTP/1.1
Host: redirect.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 
Cache-Control: no-cache, no-store
Date: Wed, 28 May 2025 17:39:48 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: http://jannanddl.com/aadmin/860387255806435580421707015687330a07771e19894b0a8aea2ea73c17f929/ZGF2ZS5idXJrYXJkQHNsdXJwbWFpbC5uZXQ=
Pragma: no-cache
Content-Length: 0
Connection: keep-alive

GET jannanddl.com/aadmin/860387255806435580421707015687330a07771e19894b0a8aea2ea73c17f929/ZGF2ZS5idXJrYXJkQHNsdXJwbWFpbC5uZXQ=

51.79.72.226

200 OK

0 B

URL User Request GET
jannanddl.com/aadmin/860387255806435580421707015687330a07771e19894b0a8aea2ea73c17f929/ZGF2ZS5idXJrYXJkQHNsdXJwbWFpbC5uZXQ=
IP
51.79.72.226:80
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /aadmin/860387255806435580421707015687330a07771e19894b0a8aea2ea73c17f929/ZGF2ZS5idXJrYXJkQHNsdXJwbWFpbC5uZXQ= HTTP/1.1
Host: jannanddl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
refresh: 0;url=https://5f3050f6.1a90ef4bd33032bbd4554830.workers.dev?email=dave.burkard@slurpmail.net
content-type: text/html; charset=UTF-8
content-length: 0
date: Wed, 28 May 2025 17:39:50 GMT
server: LiteSpeed

GET res.public.onecdn.static.microsoft/owamail/20250516009.14/resources/suiteux-shell/js/suiteux.shell.plus.js

23.36.76.179

200 OK

283 kB

URL GET
res.public.onecdn.static.microsoft/owamail/20250516009.14/resources/suiteux-shell/js/suiteux.shell.plus.js
IP
23.36.76.179:443
ASN
#20940 Akamai International B.V.

Requested by
https://otpurn.com/mail/?login_hint=dave.burkard%40slurpmail.net
Certificate
IssuerMicrosoft Corporation
Subject*.public.onecdn.static.microsoft
FingerprintDA:6B:54:51:45:33:19:15:88:0A:52:3C:DB:68:FC:AD:F9:44:BE:4A
ValidityMon, 16 Dec 2024 20:47:14 GMT - Thu, 11 Dec 2025 20:47:14 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
283 kB (283307 bytes)
Hash
5cfd375d75abe80bf67db41e0d5d59ee
da6b4139233a313a86c58e1655f8ef810d0b5197
a251b5fd1080bb1ad5467aada8ed39c0f0483228cde52d06b18fd4d281bb8cb0

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	Detect files is `SliverFox` malware

HTTP Headers

GET /owamail/20250516009.14/resources/suiteux-shell/js/suiteux.shell.plus.js HTTP/1.1
Host: res.public.onecdn.static.microsoft
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://otpurn.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-length: 67799
last-modified: Sun, 25 May 2025 02:57:17 GMT
x-ms-request-id: ebf69e63-601e-0047-5a26-cd94cc000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 28 May 2025 17:40:11 GMT
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,quic=":443"; ma=93600; v="43"
akamai-request-bc: [a=23.36.76.175,b=12322602,c=g,n=NO__OSLO,o=20940]
quic-version: 0x00000001
ak-network: FF
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=OSLO&ASN=20940&Country=NO&Region=&RequestIdentifier=0.af4c2417.1748454011.bc072a&TotalRTCDNTime=11&CompressionType=br&FileSize=67799"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server-timing: clientrtt; dur=11, clienttt; dur=, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai

GET res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.MsalAuth.m.4006ac62.js

23.36.76.179

200 OK

23 kB

URL GET
res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.MsalAuth.m.4006ac62.js
IP
23.36.76.179:443
ASN
#20940 Akamai International B.V.

Requested by
https://otpurn.com/mail/?login_hint=dave.burkard%40slurpmail.net
Certificate
IssuerMicrosoft Corporation
Subject*.public.onecdn.static.microsoft
FingerprintDA:6B:54:51:45:33:19:15:88:0A:52:3C:DB:68:FC:AD:F9:44:BE:4A
ValidityMon, 16 Dec 2024 20:47:14 GMT - Thu, 11 Dec 2025 20:47:14 GMT

File type
JavaScript source, ASCII text, with very long lines (22732), with no line terminators
Size
23 kB (22732 bytes)
Hash
b641973a3a369d7ba27ecf23d5f6ddad
170127cd6848adf9d62e5f74c4a71f1019c0651b
48c91ea308b0bd1851ce17bb8f1df433a787c2ccc8a4a5db20d96724cccbc5b9

HTTP Headers

GET /owamail/hashed-v1/scripts/owa.MsalAuth.m.4006ac62.js HTTP/1.1
Host: res.public.onecdn.static.microsoft
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://otpurn.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-length: 8236
last-modified: Fri, 23 May 2025 02:08:06 GMT
x-ms-request-id: 180c7884-301e-0028-43f9-cb9e3f000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 28 May 2025 17:40:09 GMT
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,quic=":443"; ma=93600; v="43"
akamai-request-bc: [a=23.36.76.175,b=12320513,c=g,n=NO__OSLO,o=20940]
quic-version: 0x00000001
ak-network: FF
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=OSLO&ASN=20940&Country=NO&Region=&RequestIdentifier=0.af4c2417.1748454009.bbff01&TotalRTCDNTime=11&CompressionType=br&FileSize=8236"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server-timing: clientrtt; dur=11, clienttt; dur=, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai

GET res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.27755.m.d33f0608.js

23.36.76.179

200 OK

19 kB

URL GET
res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.27755.m.d33f0608.js
IP
23.36.76.179:443
ASN
#20940 Akamai International B.V.

Requested by
https://otpurn.com/mail/?login_hint=dave.burkard%40slurpmail.net
Certificate
IssuerMicrosoft Corporation
Subject*.public.onecdn.static.microsoft
FingerprintDA:6B:54:51:45:33:19:15:88:0A:52:3C:DB:68:FC:AD:F9:44:BE:4A
ValidityMon, 16 Dec 2024 20:47:14 GMT - Thu, 11 Dec 2025 20:47:14 GMT

File type
JavaScript source, ASCII text, with very long lines (18737), with no line terminators
Size
19 kB (18737 bytes)
Hash
109a568b4158d80c9b82b9c0a785e17b
2d48a8676b1a4b0c2289fc3d3ab4c7b393a54404
3dc80f180de52faec5d92263c8085e9e63fb7fde2bef00ee3990a85ffb2979d7

HTTP Headers

GET /owamail/hashed-v1/scripts/owa.27755.m.d33f0608.js HTTP/1.1
Host: res.public.onecdn.static.microsoft
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-length: 6634
last-modified: Wed, 14 May 2025 13:36:40 GMT
x-ms-request-id: c1be6b58-701e-0006-66ac-c8cc28000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 28 May 2025 17:40:08 GMT
akamai-request-bc: [a=23.36.76.116,b=845612052,c=g,n=NO__OSLO,o=20940]
ak-network: FF
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=OSLO&ASN=20940&Country=NO&Region=&RequestIdentifier=0.744c2417.1748454008.32670414&TotalRTCDNTime=2&CompressionType=br&FileSize=6634"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server-timing: clientrtt; dur=2, clienttt; dur=, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2

GET res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.AppBoot.m.2deeea90.css

23.36.76.179

200 OK

107 kB

URL GET
res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.AppBoot.m.2deeea90.css
IP
23.36.76.179:443
ASN
#20940 Akamai International B.V.

Requested by
https://otpurn.com/mail/?login_hint=dave.burkard%40slurpmail.net
Certificate
IssuerMicrosoft Corporation
Subject*.public.onecdn.static.microsoft
FingerprintDA:6B:54:51:45:33:19:15:88:0A:52:3C:DB:68:FC:AD:F9:44:BE:4A
ValidityMon, 16 Dec 2024 20:47:14 GMT - Thu, 11 Dec 2025 20:47:14 GMT

File type
Unicode text, UTF-8 text, with very long lines (65194), with no line terminators
Size
107 kB (106824 bytes)
Hash
04f7ddc7833c0f1b153ff2a5da6e7179
7fd0b1a8026be17a740989b885de9dd57b018899
162d372689492201a71477a0d2e105a8b9fa8047fcb4919461c314729a8ff4fd

HTTP Headers

GET /owamail/hashed-v1/scripts/owa.AppBoot.m.2deeea90.css HTTP/1.1
Host: res.public.onecdn.static.microsoft
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-length: 18864
content-type: text/css
last-modified: Wed, 14 May 2025 13:37:55 GMT
x-ms-request-id: 973d639f-701e-0064-3dee-c40e0f000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 28 May 2025 17:40:08 GMT
akamai-request-bc: [a=23.36.76.116,b=845611891,c=g,n=NO__OSLO,o=20940]
ak-network: FF
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=OSLO&ASN=20940&Country=NO&Region=&RequestIdentifier=0.744c2417.1748454008.32670373&TotalRTCDNTime=1&CompressionType=br&FileSize=18864"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server-timing: clientrtt; dur=1, clienttt; dur=, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn-provider: Akamai
X-Firefox-Spdy: h2

GET res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.36255.m.85592bef.js

23.36.76.179

200 OK

18 kB

URL GET
res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.36255.m.85592bef.js
IP
23.36.76.179:443
ASN
#20940 Akamai International B.V.

Requested by
https://otpurn.com/mail/?login_hint=dave.burkard%40slurpmail.net
Certificate
IssuerMicrosoft Corporation
Subject*.public.onecdn.static.microsoft
FingerprintDA:6B:54:51:45:33:19:15:88:0A:52:3C:DB:68:FC:AD:F9:44:BE:4A
ValidityMon, 16 Dec 2024 20:47:14 GMT - Thu, 11 Dec 2025 20:47:14 GMT

File type
JavaScript source, ASCII text, with very long lines (17789), with no line terminators
Size
18 kB (17789 bytes)
Hash
07fbf5b4834cc35cd83b3f8fad1abd58
997308e5c5b2f8ef8bc663e9a70e6dc9479d5f9d
2a04686df1e38c21b160bfc6a40a11db7dd35e3208a69679cfb1dc4813ccb3de

HTTP Headers

GET /owamail/hashed-v1/scripts/owa.36255.m.85592bef.js HTTP/1.1
Host: res.public.onecdn.static.microsoft
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-length: 6599
last-modified: Tue, 13 May 2025 13:39:13 GMT
x-ms-request-id: 76d2655b-501e-003e-7114-c468e8000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 28 May 2025 17:40:08 GMT
akamai-request-bc: [a=23.36.76.116,b=845611786,c=g,n=NO__OSLO,o=20940]
ak-network: FF
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=OSLO&ASN=20940&Country=NO&Region=&RequestIdentifier=0.744c2417.1748454008.3267030a&TotalRTCDNTime=0&CompressionType=br&FileSize=6599"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server-timing: clientrtt; dur=0, clienttt; dur=, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2

GET res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.MsalAuth.m.4006ac62.js

23.36.76.179

200 OK

23 kB

URL GET
res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.MsalAuth.m.4006ac62.js
IP
23.36.76.179:443
ASN
#20940 Akamai International B.V.

Requested by
https://otpurn.com/mail/?login_hint=dave.burkard%40slurpmail.net
Certificate
IssuerMicrosoft Corporation
Subject*.public.onecdn.static.microsoft
FingerprintDA:6B:54:51:45:33:19:15:88:0A:52:3C:DB:68:FC:AD:F9:44:BE:4A
ValidityMon, 16 Dec 2024 20:47:14 GMT - Thu, 11 Dec 2025 20:47:14 GMT

File type
JavaScript source, ASCII text, with very long lines (22732), with no line terminators
Size
23 kB (22732 bytes)
Hash
b641973a3a369d7ba27ecf23d5f6ddad
170127cd6848adf9d62e5f74c4a71f1019c0651b
48c91ea308b0bd1851ce17bb8f1df433a787c2ccc8a4a5db20d96724cccbc5b9

HTTP Headers

GET /owamail/hashed-v1/scripts/owa.MsalAuth.m.4006ac62.js HTTP/1.1
Host: res.public.onecdn.static.microsoft
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-length: 8236
last-modified: Fri, 23 May 2025 02:08:06 GMT
x-ms-request-id: 180c7884-301e-0028-43f9-cb9e3f000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 28 May 2025 17:40:08 GMT
akamai-request-bc: [a=23.36.76.116,b=845611789,c=g,n=NO__OSLO,o=20940]
ak-network: FF
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=OSLO&ASN=20940&Country=NO&Region=&RequestIdentifier=0.744c2417.1748454008.3267030d&TotalRTCDNTime=0&CompressionType=br&FileSize=8236"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server-timing: clientrtt; dur=0, clienttt; dur=, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2

GET res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.36255.m.85592bef.js

23.36.76.179

200 OK

18 kB

URL GET
res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.36255.m.85592bef.js
IP
23.36.76.179:443
ASN
#20940 Akamai International B.V.

Requested by
https://otpurn.com/mail/?login_hint=dave.burkard%40slurpmail.net
Certificate
IssuerMicrosoft Corporation
Subject*.public.onecdn.static.microsoft
FingerprintDA:6B:54:51:45:33:19:15:88:0A:52:3C:DB:68:FC:AD:F9:44:BE:4A
ValidityMon, 16 Dec 2024 20:47:14 GMT - Thu, 11 Dec 2025 20:47:14 GMT

File type
JavaScript source, ASCII text, with very long lines (17789), with no line terminators
Size
18 kB (17789 bytes)
Hash
07fbf5b4834cc35cd83b3f8fad1abd58
997308e5c5b2f8ef8bc663e9a70e6dc9479d5f9d
2a04686df1e38c21b160bfc6a40a11db7dd35e3208a69679cfb1dc4813ccb3de

HTTP Headers

GET /owamail/hashed-v1/scripts/owa.36255.m.85592bef.js HTTP/1.1
Host: res.public.onecdn.static.microsoft
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://otpurn.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-length: 6599
last-modified: Tue, 13 May 2025 13:39:13 GMT
x-ms-request-id: 76d2655b-501e-003e-7114-c468e8000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 28 May 2025 17:40:09 GMT
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,quic=":443"; ma=93600; v="43"
akamai-request-bc: [a=23.36.76.175,b=12320510,c=g,n=NO__OSLO,o=20940]
quic-version: 0x00000001
ak-network: FF
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=OSLO&ASN=20940&Country=NO&Region=&RequestIdentifier=0.af4c2417.1748454009.bbfefe&TotalRTCDNTime=11&CompressionType=br&FileSize=6599"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server-timing: clientrtt; dur=11, clienttt; dur=, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai

GET res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.94868.m.95e1be97.js

23.36.76.179

200 OK

301 kB

URL GET
res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.94868.m.95e1be97.js
IP
23.36.76.179:443
ASN
#20940 Akamai International B.V.

Requested by
https://otpurn.com/mail/?login_hint=dave.burkard%40slurpmail.net
Certificate
IssuerMicrosoft Corporation
Subject*.public.onecdn.static.microsoft
FingerprintDA:6B:54:51:45:33:19:15:88:0A:52:3C:DB:68:FC:AD:F9:44:BE:4A
ValidityMon, 16 Dec 2024 20:47:14 GMT - Thu, 11 Dec 2025 20:47:14 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
301 kB (301396 bytes)
Hash
594603948c8deae5eb49e47227625875
b8d251ac9faeb52637ee3e47362de05e44cdfc3f
085d1d2151db80b2fee87697b9fac5366d3002a0bc807afd507c683c547f5801

HTTP Headers

GET /owamail/hashed-v1/scripts/owa.94868.m.95e1be97.js HTTP/1.1
Host: res.public.onecdn.static.microsoft
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://otpurn.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-length: 68424
last-modified: Thu, 15 May 2025 13:39:26 GMT
x-ms-request-id: 59a940d5-d01e-0020-79b1-c58430000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 28 May 2025 17:40:09 GMT
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,quic=":443"; ma=93600; v="43"
akamai-request-bc: [a=23.36.76.175,b=12320511,c=g,n=NO__OSLO,o=20940]
quic-version: 0x00000001
ak-network: FF
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=OSLO&ASN=20940&Country=NO&Region=&RequestIdentifier=0.af4c2417.1748454009.bbfeff&TotalRTCDNTime=11&CompressionType=br&FileSize=68424"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server-timing: clientrtt; dur=11, clienttt; dur=, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai

GET res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.27755.m.d33f0608.js

23.36.76.179

200 OK

19 kB

URL GET
res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.27755.m.d33f0608.js
IP
23.36.76.179:443
ASN
#20940 Akamai International B.V.

Requested by
https://otpurn.com/mail/?login_hint=dave.burkard%40slurpmail.net
Certificate
IssuerMicrosoft Corporation
Subject*.public.onecdn.static.microsoft
FingerprintDA:6B:54:51:45:33:19:15:88:0A:52:3C:DB:68:FC:AD:F9:44:BE:4A
ValidityMon, 16 Dec 2024 20:47:14 GMT - Thu, 11 Dec 2025 20:47:14 GMT

File type
JavaScript source, ASCII text, with very long lines (18737), with no line terminators
Size
19 kB (18737 bytes)
Hash
109a568b4158d80c9b82b9c0a785e17b
2d48a8676b1a4b0c2289fc3d3ab4c7b393a54404
3dc80f180de52faec5d92263c8085e9e63fb7fde2bef00ee3990a85ffb2979d7

HTTP Headers

GET /owamail/hashed-v1/scripts/owa.27755.m.d33f0608.js HTTP/1.1
Host: res.public.onecdn.static.microsoft
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://otpurn.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-length: 6634
last-modified: Wed, 14 May 2025 13:36:40 GMT
x-ms-request-id: c1be6b58-701e-0006-66ac-c8cc28000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 28 May 2025 17:40:09 GMT
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,quic=":443"; ma=93600; v="43"
akamai-request-bc: [a=23.36.76.175,b=12320512,c=g,n=NO__OSLO,o=20940]
quic-version: 0x00000001
ak-network: FF
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=OSLO&ASN=20940&Country=NO&Region=&RequestIdentifier=0.af4c2417.1748454009.bbff00&TotalRTCDNTime=11&CompressionType=br&FileSize=6634"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server-timing: clientrtt; dur=11, clienttt; dur=, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai

GET res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.worker.data.62998d7f.js

23.36.76.179

200 OK

286 kB

URL GET
res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.worker.data.62998d7f.js
IP
23.36.76.179:443
ASN
#20940 Akamai International B.V.

Requested by
https://otpurn.com/mail/?login_hint=dave.burkard%40slurpmail.net
Certificate
IssuerMicrosoft Corporation
Subject*.public.onecdn.static.microsoft
FingerprintDA:6B:54:51:45:33:19:15:88:0A:52:3C:DB:68:FC:AD:F9:44:BE:4A
ValidityMon, 16 Dec 2024 20:47:14 GMT - Thu, 11 Dec 2025 20:47:14 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (60176)
Size
286 kB (285486 bytes)
Hash
60e20d024d15b46275fdf8f9b9e61955
9631b981737bb86fc46200e42bed298a01570260
577badbdcc0cd31363d80cd0041655fab265a28d42bdd9a1dc2f7fd1ead65bc8

HTTP Headers

GET /owamail/hashed-v1/scripts/owa.worker.data.62998d7f.js HTTP/1.1
Host: res.public.onecdn.static.microsoft
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://otpurn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-length: 94415
last-modified: Thu, 22 May 2025 03:59:03 GMT
x-ms-request-id: 7d4d0875-e01e-0059-21e1-ca7814000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 28 May 2025 17:40:09 GMT
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,quic=":443"; ma=93600; v="43"
akamai-request-bc: [a=23.36.76.175,b=12320518,c=g,n=NO__OSLO,o=20940]
quic-version: 0x00000001
ak-network: FF
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=OSLO&ASN=20940&Country=NO&Region=&RequestIdentifier=0.af4c2417.1748454009.bbff06&TotalRTCDNTime=32&CompressionType=br&FileSize=94415"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server-timing: clientrtt; dur=32, clienttt; dur=, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai

GET login.microsoftonline.com/common/discovery/instance?api-version=1.1&authorization_endpoint=https://otpurn.com/common/oauth2/v2.0/authorize

20.190.181.6

400 Bad Request

452 B

URL GET
login.microsoftonline.com/common/discovery/instance?api-version=1.1&authorization_endpoint=https://otpurn.com/common/oauth2/v2.0/authorize
IP
20.190.181.6:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://otpurn.com/mail/?login_hint=dave.burkard%40slurpmail.net
Certificate
IssuerMicrosoft Corporation
Subjectstamp2.login.microsoftonline.com
Fingerprint8C:66:91:AB:FB:11:0C:48:23:F3:9F:5C:3C:70:93:14:CC:29:1B:A3
ValidityFri, 23 May 2025 05:26:40 GMT - Wed, 19 Nov 2025 05:26:40 GMT

File type
JSON text data
Size
452 B (452 bytes)
Hash
eceef10e647aab0a6489c28913c5572e
cbc8366a71cd6e2f2cb2c488b5967e60b62b0a56
ca103b6eb8f69ce008e323c0c37c68aa8b1855d32c094fc6e9cdeeef7c905472

HTTP Headers

GET /common/discovery/instance?api-version=1.1&authorization_endpoint=https://otpurn.com/common/oauth2/v2.0/authorize HTTP/1.1
Host: login.microsoftonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://otpurn.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 400 Bad Request
cache-control: private
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
p3p: CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id: a7f75dd0-3b07-4115-86e4-707d2f1acc01
x-ms-ests-server: 2.1.20824.5 - FRC ProdSlices
access-control-expose-headers: x-ms-srs
x-ms-srs: 1.P
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: object-src 'none'; base-uri 'self'; script-src 'self' 'nonce-U6Jo2tN9hXH0YYrGUlsmVw' 'unsafe-inline' 'unsafe-eval' https://*.msauth.net https://*.msftauth.net https://*.msftauthimages.net https://*.msauthimages.net https://*.msidentity.com https://*.microsoftonline-p.com https://*.microsoftazuread-sso.com https://*.azureedge.net https://*.outlook.com https://*.office.com https://*.office365.com https://*.microsoft.com https://*.bing.com 'report-sample'; report-uri https://csp.microsoft.com/report/ESTS-UX-All
x-xss-protection: 0
set-cookie: fpc=AmOE7jiRSOhFuXyOFqElUJA; expires=Fri, 27-Jun-2025 17:40:10 GMT; path=/; secure; HttpOnly; SameSite=None
esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEKSX68SqGZ6hHfjQUWyQR-5buq80HCxlKoxolt1vEEg3y5IhAX_To-5ueKrZT_BVq8fbnIRfUovIMJKcKPZQxMeNk_UTsKp9xmQ95vGBmqqh4BEu_z3KA2oVhnYHlAzZPIeFtY_pf70v9AydtdOAIjtGIfeeoyk-3u1hci7XMr1AgAA; domain=.login.microsoftonline.com; path=/; secure; HttpOnly; SameSite=None
x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly
stsservicecookie=estsfd; path=/; secure; samesite=none; httponly
date: Wed, 28 May 2025 17:40:10 GMT
content-length: 452
X-Firefox-Spdy: h2

GET res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.AppBoot.m.41f7c64e.js

23.36.76.179

200 OK

1.9 MB

URL GET
res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.AppBoot.m.41f7c64e.js
IP
23.36.76.179:443
ASN
#20940 Akamai International B.V.

Requested by
https://otpurn.com/mail/?login_hint=dave.burkard%40slurpmail.net
Certificate
IssuerMicrosoft Corporation
Subject*.public.onecdn.static.microsoft
FingerprintDA:6B:54:51:45:33:19:15:88:0A:52:3C:DB:68:FC:AD:F9:44:BE:4A
ValidityMon, 16 Dec 2024 20:47:14 GMT - Thu, 11 Dec 2025 20:47:14 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
1.9 MB (1887700 bytes)
Hash
96c0fd2b17d4db73154832168d3f7d48
01df63e4770efca8eae11b2a10ba9c2a61840c96
03767db2b2f9cdcce4152d7782a7f2bebb47a392f6db39c4e8c5e19a0b59ff30

HTTP Headers

GET /owamail/hashed-v1/scripts/owa.AppBoot.m.41f7c64e.js HTTP/1.1
Host: res.public.onecdn.static.microsoft
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://otpurn.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-length: 516238
last-modified: Wed, 21 May 2025 04:04:26 GMT
x-ms-request-id: 7176178d-201e-000b-6d09-ca04fc000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 28 May 2025 17:40:11 GMT
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,quic=":443"; ma=93600; v="43"
akamai-request-bc: [a=23.36.76.175,b=12322438,c=g,n=NO__OSLO,o=20940]
quic-version: 0x00000001
ak-network: FF
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=OSLO&ASN=20940&Country=NO&Region=&RequestIdentifier=0.af4c2417.1748454011.bc0686&TotalRTCDNTime=11&CompressionType=br&FileSize=516238"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server-timing: clientrtt; dur=11, clienttt; dur=, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai

GET res.public.onecdn.static.microsoft/owamail/20250516009.14/resources/suiteux-shell/js/suiteux.shell.core.js

23.36.76.179

200 OK

207 kB

URL GET
res.public.onecdn.static.microsoft/owamail/20250516009.14/resources/suiteux-shell/js/suiteux.shell.core.js
IP
23.36.76.179:443
ASN
#20940 Akamai International B.V.

Requested by
https://otpurn.com/mail/?login_hint=dave.burkard%40slurpmail.net
Certificate
IssuerMicrosoft Corporation
Subject*.public.onecdn.static.microsoft
FingerprintDA:6B:54:51:45:33:19:15:88:0A:52:3C:DB:68:FC:AD:F9:44:BE:4A
ValidityMon, 16 Dec 2024 20:47:14 GMT - Thu, 11 Dec 2025 20:47:14 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (56202)
Size
207 kB (206829 bytes)
Hash
0647d21bc23cf3a206b57a22bbcc9e9d
31dd9f462c3fea9af9097e2021faccdd51320ac2
8e494280b0419db8c5669d7221f49bd348ce721bee43503d070b2a64180fde8e

HTTP Headers

GET /owamail/20250516009.14/resources/suiteux-shell/js/suiteux.shell.core.js HTTP/1.1
Host: res.public.onecdn.static.microsoft
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://otpurn.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-length: 67604
last-modified: Sun, 25 May 2025 02:57:14 GMT
x-ms-request-id: 0b26fba2-b01e-0019-5326-cd7f2c000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 28 May 2025 17:40:11 GMT
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,quic=":443"; ma=93600; v="43"
akamai-request-bc: [a=23.36.76.175,b=12322488,c=g,n=NO__OSLO,o=20940]
quic-version: 0x00000001
ak-network: FF
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=OSLO&ASN=20940&Country=NO&Region=&RequestIdentifier=0.af4c2417.1748454011.bc06b8&TotalRTCDNTime=11&CompressionType=br&FileSize=67604"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server-timing: clientrtt; dur=11, clienttt; dur=, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai

GET 5f3050f6.1a90ef4bd33032bbd4554830.workers.dev/?email=dave.burkard@slurpmail.net

172.67.154.102

200 OK

6.8 kB

URL User Request GET
5f3050f6.1a90ef4bd33032bbd4554830.workers.dev/?email=dave.burkard@slurpmail.net
IP
172.67.154.102:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subject1a90ef4bd33032bbd4554830.workers.dev
Fingerprint3F:18:AD:9F:99:B7:0D:E3:DB:71:26:26:78:31:E0:25:FC:F7:32:79
ValidityThu, 22 May 2025 12:49:28 GMT - Wed, 20 Aug 2025 13:48:00 GMT

File type
HTML document, ASCII text
Size
6.8 kB (6838 bytes)
Hash
20b33e096de45b7b5d91ddab9ee8e15a
7126e534b6d2b21453d797b352c32442668e37d1
86db0f4440b14db210fc274c1f687a49f8f0f6bd723d29208c0f6e8139ee0baf

HTTP Headers

GET /?email=dave.burkard@slurpmail.net HTTP/1.1
Host: 5f3050f6.1a90ef4bd33032bbd4554830.workers.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 28 May 2025 17:39:51 GMT
content-type: text/html
cf-ray: 946f88a429ecf011-PRG
server: cloudflare
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HT9izVWnHXNhjBTDRrsnA3RCAI05A3Qd3FmOudt7ncebUNz4Q2V0e5ZbfnMR2036VILXId80%2F3x%2BjmcqCY461PNUNE9rPPEcQk3%2BluYxIk63g5dQZWE6GzthMiOa6RZfE045dmqWtaT%2BXHNnTLUouU2B75%2FsbZwSItNSU3QUVM8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=29491&min_rtt=23948&rtt_var=13896&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3274&recv_bytes=1172&delivery_rate=180548&cwnd=255&unsent_bytes=0&cid=be3f354ea09056c4&ts=123&x=0"
X-Firefox-Spdy: h2

GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1

104.18.95.41

200 OK

86 B

URL GET
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1
IP
104.18.95.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint66:48:DF:B4:8B:9D:6A:8C:3A:B7:0F:CF:92:C7:AF:56:B9:3D:A2:1C
ValidityTue, 29 Apr 2025 17:49:00 GMT - Mon, 28 Jul 2025 18:48:58 GMT

File type
PNG image data, 2 x 2, 8-bit/color RGBA, non-interlaced
Size
86 B (86 bytes)
Hash
70c202196187ab3c11b4e094c20c6de1
9c52b959e74aee9d79cbc9f35d1f9f65a3b8c863
6255b9231d09ebe6aa1ac19ba46bdd81f3df58989c9ef2e11d6cd6e2e7b21643

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/cmg/1 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 28 May 2025 17:39:51 GMT
content-type: image/png
content-length: 86
priority: u=4,i=?0
server: cloudflare
cf-ray: 946f88a82f8e56b1-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

104.18.95.41

200 OK

227 kB

URL POST
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1970388246:1748453621:ABdzdO3DuHZ_-pCFSMGHde5bY6gm8S49a785nUEvDTQ/946f88a70d9d56b1/axdg1A6w71fOvQfAOuYBaLBMzyOYmpoS10.cuF7Yh_4-1748453991-1.2.1.1-LzdlZqYUE7sDF.dwou8p3_el1sEfXNFx59L_Ko4YUg66OejTQXAmozq8qhkewPt2
IP
104.18.95.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint66:48:DF:B4:8B:9D:6A:8C:3A:B7:0F:CF:92:C7:AF:56:B9:3D:A2:1C
ValidityTue, 29 Apr 2025 17:49:00 GMT - Mon, 28 Jul 2025 18:48:58 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
227 kB (226856 bytes)
Hash
ec500277146e2d737e8233fa76e5270e
6da0ac2ea476a7ad3c528f841901f65f79e09b65
075d63592274b5fc33aa93ad0e5ca9b96f32bbfcaad1e03d98fede41c9777399

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1970388246:1748453621:ABdzdO3DuHZ_-pCFSMGHde5bY6gm8S49a785nUEvDTQ/946f88a70d9d56b1/axdg1A6w71fOvQfAOuYBaLBMzyOYmpoS10.cuF7Yh_4-1748453991-1.2.1.1-LzdlZqYUE7sDF.dwou8p3_el1sEfXNFx59L_Ko4YUg66OejTQXAmozq8qhkewPt2 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/
cf-chl: axdg1A6w71fOvQfAOuYBaLBMzyOYmpoS10.cuF7Yh_4-1748453991-1.2.1.1-LzdlZqYUE7sDF.dwou8p3_el1sEfXNFx59L_Ko4YUg66OejTQXAmozq8qhkewPt2
cf-chl-ra: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 3326
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 28 May 2025 17:39:52 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: fVHDFOuKBclLczeI/tZLQcUZ+Fm37XlFkicW7rlk5NhHidTHXW4yDq+wS7RDyQvRk0m3zMMc+ABNBmT1yBUTGxKc4t00J3R0ynlKWoKY3ZGayVVHTUhQjU70UWjL3zNX4QRvC+axlaqD3ZE333Fk21mwkaO+fc4/35y4zi1CVNKLP/5DL8WOAOFsxwFuYb6a8F/fFTzlvf/2bj9fH175C4q781Tt5Zg9yTyytMm7hD242NWMejqBgLY+TSY10egTIXYfbb7VRkWB8+kGUO1OSLXafMVVshjMdmEx+5G6TXoU11wBwEnNFaCZtT3a+fGzmExpd4YpwLXJixrx5tc3ZxpWjk+W7h6D7MmavWmhlIHdvT3clVXqelkqks+/LBrPw9V68cTePaj7TdL72bSf+5JobwLMGe2yW91KNbuOowG/g6dh8ymg96jRxR0HjNONqlJ9Ujfq6gf51lB/emwZKIpz+KNsGqNzToKaRn80TsEBEkwX1XXUdwKX2+D5e6r93kP606Aig+pIOhxvbITLqInt/lw1wEEXgidYGDQU0RqxWi+kzhvhRC8kxkaE1iLDObLw0uih5wywF4nrj3/iN4GkRXCes0v34LKQBsSDzus8NjYGaFZHk3tpBKbWUZLvdUSCHoPjd6ikomoew/4oC7nTm6QbA8UjiPMF9LrocbBVobSO4H3RQsDDw1706QAfhXml1SPch2zfwQdVSxkwcKK6RAD+oyq8fRFK8NxX25uYqhowMdR3dUTckmquAQsNdsdn59SOS7ReZmYa7dbf0A==$Aky4Z33IXlzwW//QxatV8w==
priority: u=3,i=?0
server: cloudflare
cf-ray: 946f88aa7b9456b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

OPTIONS praivosecurity.com/?ghrvvves&qrc=dave.burkard@slurpmail.net

196.251.85.17

200 OK

0 B

URL OPTIONS
praivosecurity.com/?ghrvvves&qrc=dave.burkard@slurpmail.net
IP
196.251.85.17:443
ASN
#0

Requested by
https://5f3050f6.1a90ef4bd33032bbd4554830.workers.dev/?email=dave.burkard@slurpmail.net
Certificate
IssuerLet's Encrypt
Subjectpraivosecurity.com
FingerprintBF:18:DC:48:05:7E:24:4E:2F:B5:96:EB:2C:90:BE:95:9F:39:AC:49
ValidityTue, 27 May 2025 16:05:36 GMT - Mon, 25 Aug 2025 16:05:35 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - NakedPages Phishing Kit

HTTP Headers

OPTIONS /?ghrvvves&qrc=dave.burkard@slurpmail.net HTTP/1.1
Host: praivosecurity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: qrc-auth
Referer: https://5f3050f6.1a90ef4bd33032bbd4554830.workers.dev/
Origin: https://5f3050f6.1a90ef4bd33032bbd4554830.workers.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Date: Wed, 28 May 2025 17:40:06 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Transfer-Encoding: chunked

GET praivosecurity.com/?ghrvvves&qrc=dave.burkard@slurpmail.net

196.251.85.17

200 OK

320 B

URL GET
praivosecurity.com/?ghrvvves&qrc=dave.burkard@slurpmail.net
IP
196.251.85.17:443
ASN
#0

Requested by
https://5f3050f6.1a90ef4bd33032bbd4554830.workers.dev/?email=dave.burkard@slurpmail.net
Certificate
IssuerLet's Encrypt
Subjectpraivosecurity.com
FingerprintBF:18:DC:48:05:7E:24:4E:2F:B5:96:EB:2C:90:BE:95:9F:39:AC:49
ValidityTue, 27 May 2025 16:05:36 GMT - Mon, 25 Aug 2025 16:05:35 GMT

File type
JSON text data
Size
320 B (320 bytes)
Hash
4cc476e24f200b3d69759e3c02e23dac
1e1d0bb8877e482635999c261acdd9c543163d81
5172555c1a3956d7caa4d660665feed0e4d14f490a9eea52ce39ec4427a97a36

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - NakedPages Phishing Kit

HTTP Headers

GET /?ghrvvves&qrc=dave.burkard@slurpmail.net HTTP/1.1
Host: praivosecurity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
qrc-auth: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Origin: https://5f3050f6.1a90ef4bd33032bbd4554830.workers.dev
DNT: 1
Connection: keep-alive
Referer: https://5f3050f6.1a90ef4bd33032bbd4554830.workers.dev/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Set-Cookie: qPdM=yMLpZGZjxKjk; path=/; samesite=none; secure; httponly
qPdM.sig=_4n5O7rm5XfthN-T76v9WJYDhew; path=/; samesite=none; secure; httponly
content-type: application/json
Access-Control-Allow-Origin: *
Date: Wed, 28 May 2025 17:40:06 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Transfer-Encoding: chunked

GET otpurn.com/?dataXX0=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL290cHVybi5jb20vIiwiZG9tYWluIjoib3RwdXJuLmNvbSIsImtleSI6InlNTHBaR1pqeEtqayIsInFyYyI6ImRhdmUuYnVya2FyZEBzbHVycG1haWwubmV0IiwiaWF0IjoxNzQ4NDU0MDA2LCJleHAiOjE3NDg0NTQxMjZ9.JQSl--c1WdyE8EG8Nl2vsVDxQQf5WURVfCvns4GjKO4

196.251.85.17

302 Found

13 kB

URL User Request GET
otpurn.com/?dataXX0=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL290cHVybi5jb20vIiwiZG9tYWluIjoib3RwdXJuLmNvbSIsImtleSI6InlNTHBaR1pqeEtqayIsInFyYyI6ImRhdmUuYnVya2FyZEBzbHVycG1haWwubmV0IiwiaWF0IjoxNzQ4NDU0MDA2LCJleHAiOjE3NDg0NTQxMjZ9.JQSl--c1WdyE8EG8Nl2vsVDxQQf5WURVfCvns4GjKO4
IP
196.251.85.17:443
ASN
#0

Certificate
IssuerLet's Encrypt
Subjectotpurn.com
FingerprintAA:E0:18:6C:98:5D:05:5F:10:BD:C3:2C:02:3A:64:FB:44:9A:B8:FD
ValidityTue, 27 May 2025 16:04:04 GMT - Mon, 25 Aug 2025 16:04:03 GMT

File type

Size
13 kB (12877 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - NakedPages Phishing Kit

HTTP Headers

GET /?dataXX0=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL290cHVybi5jb20vIiwiZG9tYWluIjoib3RwdXJuLmNvbSIsImtleSI6InlNTHBaR1pqeEtqayIsInFyYyI6ImRhdmUuYnVya2FyZEBzbHVycG1haWwubmV0IiwiaWF0IjoxNzQ4NDU0MDA2LCJleHAiOjE3NDg0NTQxMjZ9.JQSl--c1WdyE8EG8Nl2vsVDxQQf5WURVfCvns4GjKO4 HTTP/1.1
Host: otpurn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://5f3050f6.1a90ef4bd33032bbd4554830.workers.dev/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Sec-Fetch-User: ?1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Set-Cookie: qPdM=yMLpZGZjxKjk; path=/; samesite=none; secure; httponly
qPdM.sig=_4n5O7rm5XfthN-T76v9WJYDhew; path=/; samesite=none; secure; httponly
location: /?qrc=dave.burkard%40slurpmail.net
Date: Wed, 28 May 2025 17:40:06 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Transfer-Encoding: chunked

GET res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.mailindex.487dd620.js

23.36.76.179

200 OK

369 kB

URL GET
res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.mailindex.487dd620.js
IP
23.36.76.179:443
ASN
#20940 Akamai International B.V.

Requested by
https://otpurn.com/mail/?login_hint=dave.burkard%40slurpmail.net
Certificate
IssuerMicrosoft Corporation
Subject*.public.onecdn.static.microsoft
FingerprintDA:6B:54:51:45:33:19:15:88:0A:52:3C:DB:68:FC:AD:F9:44:BE:4A
ValidityMon, 16 Dec 2024 20:47:14 GMT - Thu, 11 Dec 2025 20:47:14 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
369 kB (369415 bytes)
Hash
7fb53aeaaa359f5305fb8722fa3b8c72
3b15cad3290099999da3e6e005841663dd303cdb
a106c906fe36bd13c2bbf8b7bef00ba9c3f39781a174c612cab03cb73a283c86

HTTP Headers

GET /owamail/hashed-v1/scripts/owa.mailindex.487dd620.js HTTP/1.1
Host: res.public.onecdn.static.microsoft
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-length: 120260
last-modified: Thu, 22 May 2025 03:58:27 GMT
x-ms-request-id: d80645bd-501e-003e-3ae1-ca68e8000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 28 May 2025 17:40:08 GMT
akamai-request-bc: [a=23.36.76.116,b=845611892,c=g,n=NO__OSLO,o=20940]
ak-network: FF
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=OSLO&ASN=20940&Country=NO&Region=&RequestIdentifier=0.744c2417.1748454008.32670374&TotalRTCDNTime=1&CompressionType=br&FileSize=120260"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server-timing: clientrtt; dur=1, clienttt; dur=, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2

GET challenges.cloudflare.com/turnstile/v0/g/6fab0cec561d/api.js

104.18.95.41

200 OK

48 kB

URL GET
challenges.cloudflare.com/turnstile/v0/g/6fab0cec561d/api.js
IP
104.18.95.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://5f3050f6.1a90ef4bd33032bbd4554830.workers.dev/?email=dave.burkard@slurpmail.net
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint66:48:DF:B4:8B:9D:6A:8C:3A:B7:0F:CF:92:C7:AF:56:B9:3D:A2:1C
ValidityTue, 29 Apr 2025 17:49:00 GMT - Mon, 28 Jul 2025 18:48:58 GMT

File type
JavaScript source, ASCII text, with very long lines (48199)
Size
48 kB (48200 bytes)
Hash
3946a8b345d6020f3f424ae5f37e818f
27267dd319814b647f04bfe0ae09e1ca51ddc896
a7fdcf655a6349724c367f366c852b2e0309e9ad7a25b376df82a48e1dd98482

HTTP Headers

GET /turnstile/v0/g/6fab0cec561d/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://5f3050f6.1a90ef4bd33032bbd4554830.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 28 May 2025 17:39:51 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 12 May 2025 13:39:20 GMT
cache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 946f88a64efb5684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET 5f3050f6.1a90ef4bd33032bbd4554830.workers.dev/favicon.ico

172.67.154.102

200 OK

6.8 kB

URL GET
5f3050f6.1a90ef4bd33032bbd4554830.workers.dev/favicon.ico
IP
172.67.154.102:443
ASN
#13335 CLOUDFLARENET

Requested by
https://5f3050f6.1a90ef4bd33032bbd4554830.workers.dev/?email=dave.burkard@slurpmail.net
Certificate
IssuerGoogle Trust Services
Subject1a90ef4bd33032bbd4554830.workers.dev
Fingerprint3F:18:AD:9F:99:B7:0D:E3:DB:71:26:26:78:31:E0:25:FC:F7:32:79
ValidityThu, 22 May 2025 12:49:28 GMT - Wed, 20 Aug 2025 13:48:00 GMT

File type
HTML document, ASCII text
Size
6.8 kB (6807 bytes)
Hash
5ae64ff712069410b66e73eee83b55a5
6db316cdaf8f94d385e428dceabfbdc3dc272ae5
5466ca802682c9b91a2481a1a8f59533a046b79434746b66313745ef2491344e

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 5f3050f6.1a90ef4bd33032bbd4554830.workers.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://5f3050f6.1a90ef4bd33032bbd4554830.workers.dev/?email=dave.burkard@slurpmail.net
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 28 May 2025 17:39:51 GMT
content-type: text/html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8FQ2cXsLqeikK5jEYBk3qfmSOsdpFFxlpsCIhZkdOI6%2FbeE%2FBa6lTEsebsdRTGx9aLsJseDeGxBXD8suqgBPE7FhNWjQlt4oktNtgNBmUp2P2VESf17pyMS3tQc0AlEFDaiqP6ZUMqXLVmI4rXvAxwHJesj3Ay7IHkzYVF%2BsSIg%3D"}],"group":"cf-nel","max_age":604800}
content-encoding: br
cf-ray: 946f88a6ebf8417b-HAM
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18622&min_rtt=15923&rtt_var=6358&sent=19&recv=20&lost=0&retrans=0&sent_bytes=4196&recv_bytes=1882&delivery_rate=155451&cwnd=12000&unsent_bytes=0&cid=199cea811d42c149&ts=504&x=80"

GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=946f88a70d9d56b1&lang=auto

104.18.95.41

200 OK

114 kB

URL GET
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=946f88a70d9d56b1&lang=auto
IP
104.18.95.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint66:48:DF:B4:8B:9D:6A:8C:3A:B7:0F:CF:92:C7:AF:56:B9:3D:A2:1C
ValidityTue, 29 Apr 2025 17:49:00 GMT - Mon, 28 Jul 2025 18:48:58 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
114 kB (114338 bytes)
Hash
4d9ae33f9b981cadedd8883e538c789e
c9dd5f64535181c8f30c53288f16e855dd9c9ec9
1174d7310e1dd68a6134ceb3e993a077ff919f06975e6b18ef0c7deb1c10d663

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=946f88a70d9d56b1&lang=auto HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nydbz/0x4AAAAAABewge3pt3p2SHwo/auto/fbE/new/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 28 May 2025 17:39:51 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
priority: u=3,i=?0
server: cloudflare
cf-ray: 946f88a83fcd56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.AppBoot.m.41f7c64e.js

23.36.76.179

200 OK

1.9 MB

URL GET
res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.AppBoot.m.41f7c64e.js
IP
23.36.76.179:443
ASN
#20940 Akamai International B.V.

Requested by
https://otpurn.com/mail/?login_hint=dave.burkard%40slurpmail.net
Certificate
IssuerMicrosoft Corporation
Subject*.public.onecdn.static.microsoft
FingerprintDA:6B:54:51:45:33:19:15:88:0A:52:3C:DB:68:FC:AD:F9:44:BE:4A
ValidityMon, 16 Dec 2024 20:47:14 GMT - Thu, 11 Dec 2025 20:47:14 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
1.9 MB (1887700 bytes)
Hash
96c0fd2b17d4db73154832168d3f7d48
01df63e4770efca8eae11b2a10ba9c2a61840c96
03767db2b2f9cdcce4152d7782a7f2bebb47a392f6db39c4e8c5e19a0b59ff30

HTTP Headers

GET /owamail/hashed-v1/scripts/owa.AppBoot.m.41f7c64e.js HTTP/1.1
Host: res.public.onecdn.static.microsoft
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-length: 516238
last-modified: Wed, 21 May 2025 04:04:26 GMT
x-ms-request-id: 7176178d-201e-000b-6d09-ca04fc000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 28 May 2025 17:40:08 GMT
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,quic=":443"; ma=93600; v="43"
akamai-request-bc: [a=23.36.76.116,b=845611781,c=g,n=NO__OSLO,o=20940]
ak-network: FF
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=OSLO&ASN=20940&Country=NO&Region=&RequestIdentifier=0.744c2417.1748454008.32670305&TotalRTCDNTime=0&CompressionType=br&FileSize=516238"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server-timing: clientrtt; dur=0, clienttt; dur=, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2

GET res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.94868.m.95e1be97.js

23.36.76.179

200 OK

301 kB

URL GET
res.public.onecdn.static.microsoft/owamail/hashed-v1/scripts/owa.94868.m.95e1be97.js
IP
23.36.76.179:443
ASN
#20940 Akamai International B.V.

Requested by
https://otpurn.com/mail/?login_hint=dave.burkard%40slurpmail.net
Certificate
IssuerMicrosoft Corporation
Subject*.public.onecdn.static.microsoft
FingerprintDA:6B:54:51:45:33:19:15:88:0A:52:3C:DB:68:FC:AD:F9:44:BE:4A
ValidityMon, 16 Dec 2024 20:47:14 GMT - Thu, 11 Dec 2025 20:47:14 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
301 kB (301396 bytes)
Hash
594603948c8deae5eb49e47227625875
b8d251ac9faeb52637ee3e47362de05e44cdfc3f
085d1d2151db80b2fee87697b9fac5366d3002a0bc807afd507c683c547f5801

HTTP Headers

GET /owamail/hashed-v1/scripts/owa.94868.m.95e1be97.js HTTP/1.1
Host: res.public.onecdn.static.microsoft
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-length: 68424
last-modified: Thu, 15 May 2025 13:39:26 GMT
x-ms-request-id: 59a940d5-d01e-0020-79b1-c58430000000
content-encoding: br
cache-control: max-age=630720000
date: Wed, 28 May 2025 17:40:08 GMT
akamai-request-bc: [a=23.36.76.116,b=845611787,c=g,n=NO__OSLO,o=20940]
ak-network: FF
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=OSLO&ASN=20940&Country=NO&Region=&RequestIdentifier=0.744c2417.1748454008.3267030b&TotalRTCDNTime=0&CompressionType=br&FileSize=68424"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server-timing: clientrtt; dur=0, clienttt; dur=, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
X-Firefox-Spdy: h2

GET res-1.cdn.office.net/files/fabric-cdn-prod_20230815.002/assets/fonts/segoeui-westeuropean/segoeui-regular.woff2

23.36.76.120

200 OK

36 kB

URL GET
res-1.cdn.office.net/files/fabric-cdn-prod_20230815.002/assets/fonts/segoeui-westeuropean/segoeui-regular.woff2
IP
23.36.76.120:443
ASN
#20940 Akamai International B.V.

Requested by
https://otpurn.com/mail/?login_hint=dave.burkard%40slurpmail.net
Certificate
IssuerDigiCert Inc
Subject*.public.cdn.office.net
Fingerprint4D:76:68:BA:18:F2:E4:E0:DA:01:64:B6:85:9D:C5:C9:B0:82:95:E2
ValidityThu, 06 Feb 2025 00:00:00 GMT - Fri, 06 Feb 2026 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 36344, version 0.0
Size
36 kB (36344 bytes)
Hash
865f1db6545fc94a2f4444dd60e7bbc6
b00d806dd42101881ab94e1c96f8235b74f6ab7f
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49

HTTP Headers

GET /files/fabric-cdn-prod_20230815.002/assets/fonts/segoeui-westeuropean/segoeui-regular.woff2 HTTP/1.1
Host: res-1.cdn.office.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://otpurn.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-length: 36344
content-type: font/woff2
last-modified: Tue, 15 Aug 2023 21:20:29 GMT
x-ms-request-id: 5fa8d819-a01e-001b-5cf1-6cbe18000000
cache-control: public, max-age=630720000
date: Wed, 28 May 2025 17:40:12 GMT
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,quic=":443"; ma=93600; v="43"
akamai-request-bc: [a=23.36.76.116,b=845618140,c=g,n=NO__OSLO,o=20940]
ak-network: FF
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=OSLO&ASN=20940&Country=NO&Region=&RequestIdentifier=0.744c2417.1748454012.32671bdc&TotalRTCDNTime=0&CompressionType=&FileSize=36344"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server-timing: clientrtt; dur=0, clienttt; dur=, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn-provider: Akamai
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (61)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML