bsrworks.net/bsrw/cgib/%7Bcount%7D/a2RvZGRzQGpqbWF1Z2V0LmNvbQ==
200 OK 0 B URL User Request GET HTTP/1.1 bsrworks.net/bsrw/cgib/%7Bcount%7D/a2RvZGRzQGpqbWF1Z2V0LmNvbQ==
IP
Certificate IssuerLet's Encrypt
Subjectwebdisk.bsrworks.net
Fingerprint43:CA:F6:6C:7D:07:4F:C0:DA:FC:61:E2:72:15:B7:35:7D:66:DB:AB
ValidityTue, 07 Nov 2023 19:56:38 GMT - Mon, 05 Feb 2024 19:56:37 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft Outlook
GET /bsrw/cgib/%7Bcount%7D/a2RvZGRzQGpqbWF1Z2V0LmNvbQ== HTTP/1.1
Host: bsrworks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 16 Nov 2023 14:40:59 GMT
Server: Apache/2.4.52 (cPanel) OpenSSL/1.1.1m mod_bwlimited/1.4
X-Powered-By: PHP/5.5.38
refresh: 0;url=https://refreshingcomplete.com/Mkdodds@jjmauget.com
Keep-Alive: timeout=30, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
refreshingcomplete.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=82707cd2798e5684
200 OK 173 kB URL GET HTTP/3 refreshingcomplete.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=82707cd2798e5684
IP
Requested by https://refreshingcomplete.com/Mkdodds@jjmauget.com
Certificate IssuerLet's Encrypt
Subjectrefreshingcomplete.com
Fingerprint33:EF:EA:04:87:01:7E:F7:C5:67:E3:64:FF:39:94:C3:F0:72:3B:65
ValidityWed, 15 Nov 2023 18:26:58 GMT - Tue, 13 Feb 2024 18:26:57 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 173 kB (172823 bytes)
Hash b0ce97c3e76f1add3c5b92651d343ded
5619443f036e245d5e6c378130a90d9a940f2e84
8296da47718b653019923f30f4a5a20927103cfbbe24c9df45f67734edbdbc24
GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=82707cd2798e5684 HTTP/1.1
Host: refreshingcomplete.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://refreshingcomplete.com/Mkdodds@jjmauget.com?__cf_chl_rt_tk=0f8BIftrGSagNmF18K5eFcX5tAQ_Pa3w9qU7MSjk.m8-1700145610-0-gaNycGzNDaU
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 16 Nov 2023 14:40:10 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bhw7pt%2BMfdngjzFzE26tAXH676jhDxPvR%2FGhNqMpZhzWdr%2BD%2Fwqwvc6kLabVZjMAeu6DyX%2BGYxwt09uqMMC34DnLJ8pju2W3MupzAlRUDqqtsc2kbrf%2B1Ao84tKmPJfoWLPR7Ptyl2hc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82707cd3789c7127-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
refreshingcomplete.com/favicon.ico
403 Forbidden 5.7 kB URL GET HTTP/3 refreshingcomplete.com/favicon.ico
IP
Requested by https://refreshingcomplete.com/Mkdodds@jjmauget.com
Certificate IssuerLet's Encrypt
Subjectrefreshingcomplete.com
Fingerprint33:EF:EA:04:87:01:7E:F7:C5:67:E3:64:FF:39:94:C3:F0:72:3B:65
ValidityWed, 15 Nov 2023 18:26:58 GMT - Tue, 13 Feb 2024 18:26:57 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5771), with no line terminators
Hash 46e528153fc159a23d2a09c8760f8063
edb535ccea40663d8a42779543edeb58e7bf5529
a351bf51e11aa631a924b794eb4b6db7fa199e271ac869018c89110bcbe3b648
GET /favicon.ico HTTP/1.1
Host: refreshingcomplete.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://refreshingcomplete.com/Mkdodds@jjmauget.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
date: Thu, 16 Nov 2023 14:40:10 GMT
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BkT4ut%2BlIO7TLNQZLO3el45Pk6EQaXJySLejNjW70UJ%2BPxAtKPeJVtYwBInQqy2hoR98SkUuVl7yi1WVhcPYoAS6o4x5TDqZ1F7kYy6uyHsVQqKstykRiflvexZS37JvJ5H5X5RpX0s7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82707cd3a8d47127-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
refreshingcomplete.com/favicon.ico
403 Forbidden 5.7 kB URL GET HTTP/3 refreshingcomplete.com/favicon.ico
IP
Requested by https://refreshingcomplete.com/Mkdodds@jjmauget.com
Certificate IssuerLet's Encrypt
Subjectrefreshingcomplete.com
Fingerprint33:EF:EA:04:87:01:7E:F7:C5:67:E3:64:FF:39:94:C3:F0:72:3B:65
ValidityWed, 15 Nov 2023 18:26:58 GMT - Tue, 13 Feb 2024 18:26:57 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5749), with no line terminators
Hash d3e7e4b9793e8793b169f25e1bb3aabd
cd0838f39d96a3ff39b47f78aeb58f01b59ac85f
c724e1c7d69a55b1f219e8f51e1027449a2c6b7a353e14862ad352e963917015
GET /favicon.ico HTTP/1.1
Host: refreshingcomplete.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://refreshingcomplete.com/Mkdodds@jjmauget.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
date: Thu, 16 Nov 2023 14:40:10 GMT
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p0FH2ri2pO5IWgtXZ5m%2B%2F%2FZwsa8oKYn2usyW9gbmthSmPCnMeIzpKhAQ%2BjgX0uOMTiXjxXDMo54WPX1FCWI2XON5lYrS44eUciU8r8JvYJvWB%2FrdzK9V8h0cHkM1C%2B0V9edZpv43aOMz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82707cd419527127-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/5hq5k/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
0 B URL GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/5hq5k/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
IP
Requested by https://refreshingcomplete.com/Mkdodds@jjmauget.com
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/5hq5k/0x4AAAAAAADnPIDROrmt1Wwj/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
refreshingcomplete.com/Mkdodds@jjmauget.com
403 Forbidden 6.8 kB URL User Request GET HTTP/2 refreshingcomplete.com/Mkdodds@jjmauget.com
IP
Certificate IssuerLet's Encrypt
Subjectrefreshingcomplete.com
Fingerprint33:EF:EA:04:87:01:7E:F7:C5:67:E3:64:FF:39:94:C3:F0:72:3B:65
ValidityWed, 15 Nov 2023 18:26:58 GMT - Tue, 13 Feb 2024 18:26:57 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (6812), with no line terminators
Hash a95aa6da22db140141e51cb537192026
65166d807652760303137cc2726857286c195c6c
32bd8f4ed80d716efd1a4925a247551102af2c21d6036976beff5f7d2539f986
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft Outlook
GET /Mkdodds@jjmauget.com HTTP/1.1
Host: refreshingcomplete.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Thu, 16 Nov 2023 14:40:10 GMT
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8vPoAh9pGr0Ih64pReHotzWrNWhBNtczK9WTzx7jIDbCSEbypZglABFwS2jc4MFlAnBTHjzwEJ0qDS1SP2VjCWJl2DZRSXyDAr3OiJktjsSL0Ji8y1Enc1k2j3mU%2FkpgUJCv0Kfw24r1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82707cd2798e5684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
refreshingcomplete.com/cdn-cgi/styles/challenges.css
200 OK 6.6 kB URL GET HTTP/3 refreshingcomplete.com/cdn-cgi/styles/challenges.css
IP
Requested by https://refreshingcomplete.com/Mkdodds@jjmauget.com
Certificate IssuerLet's Encrypt
Subjectrefreshingcomplete.com
Fingerprint33:EF:EA:04:87:01:7E:F7:C5:67:E3:64:FF:39:94:C3:F0:72:3B:65
ValidityWed, 15 Nov 2023 18:26:58 GMT - Tue, 13 Feb 2024 18:26:57 GMT
File type ASCII text, with very long lines (6608), with no line terminators
Hash f0fd80732479959c893cfd7380f594bd
04111102f46bc02c195561743b3f41b4d5a349ca
704e70fc0fd54cb83a1100d48093680b73e0d3c45a32dc326c38355185aaf37f
GET /cdn-cgi/styles/challenges.css HTTP/1.1
Host: refreshingcomplete.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://refreshingcomplete.com/Mkdodds@jjmauget.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 16 Nov 2023 14:40:10 GMT
content-type: text/css
last-modified: Wed, 15 Nov 2023 11:15:36 GMT
etag: W/"6554a858-19c8"
server: cloudflare
cf-ray: 82707cd348547127-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Thu, 16 Nov 2023 16:40:10 GMT
cache-control: max-age=7200, public
content-encoding: gzip
challenges.cloudflare.com/turnstile/v0/g/9914b343/api.js?onload=FAIg1&render=explicit
200 OK 34 kB URL GET HTTP/2 challenges.cloudflare.com/turnstile/v0/g/9914b343/api.js?onload=FAIg1&render=explicit
IP
Requested by https://refreshingcomplete.com/Mkdodds@jjmauget.com
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File type ASCII text, with very long lines (34253)
Hash 6142a5f5c66e2c1be52ee9506a565962
c3b39e8352efd1e0619b6dd62af8b2a917622868
51cd12da61a7401c73472b2ac77067adfa30e9fc0545b4b7c240e9154e011fc7
GET /turnstile/v0/g/9914b343/api.js?onload=FAIg1&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://refreshingcomplete.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 16 Nov 2023 14:40:10 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 82707cd46dbfb4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
refreshingcomplete.com/cdn-cgi/challenge-platform/h/g/flow/ov1/2096816687:1700141191:3m2Jvf_-hmdMFZEXx-MvC9QdJcVT_cXjELUNoTmXvlY/82707cd2798e5684/1fe11a00f26ba21
200 OK 13 kB URL POST HTTP/3 refreshingcomplete.com/cdn-cgi/challenge-platform/h/g/flow/ov1/2096816687:1700141191:3m2Jvf_-hmdMFZEXx-MvC9QdJcVT_cXjELUNoTmXvlY/82707cd2798e5684/1fe11a00f26ba21
IP
Requested by https://refreshingcomplete.com/Mkdodds@jjmauget.com
Certificate IssuerLet's Encrypt
Subjectrefreshingcomplete.com
Fingerprint33:EF:EA:04:87:01:7E:F7:C5:67:E3:64:FF:39:94:C3:F0:72:3B:65
ValidityWed, 15 Nov 2023 18:26:58 GMT - Tue, 13 Feb 2024 18:26:57 GMT
File type ASCII text, with very long lines (12704), with no line terminators
Hash 85b08ad82b1b379e6da67ce536c96205
976849b87d44f03cc3187e9ec906c0e1b80d6d0b
f0903b762da8d0d98ad87d1cbfce4d1cc592798b9fd311e91141e51c5869de28
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/2096816687:1700141191:3m2Jvf_-hmdMFZEXx-MvC9QdJcVT_cXjELUNoTmXvlY/82707cd2798e5684/1fe11a00f26ba21 HTTP/1.1
Host: refreshingcomplete.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://refreshingcomplete.com/Mkdodds@jjmauget.com
Content-type: application/x-www-form-urlencoded
CF-Challenge: 1fe11a00f26ba21
Content-Length: 1850
Origin: https://refreshingcomplete.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 16 Nov 2023 14:40:11 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: cqoXX6CSPVzAY3KES03SidNwNPD9Dj0E61cNKmCosFANDNpXEYlGOAd3wRvyAhLF$VSvga9IUH4TjKAO04W/gLw==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M9TtG54vy74mBoKd70Hb9X7969Tilg%2B9YBVZf421j81a0weNhBXqhc0ysojYCLG79s1K26WojrNNld6lkfJgO7petVvYN9q2bHn4iFtmOjUjCWz03Zr92L1cuuPNdZvxFv76cQElHYhM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82707cd4ea717127-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
199.204.248.120
188.114.96.1
0.0.0.0