Report - lcci.lacci.shoes/Si7/shdss@slurpmail.net

Report Overview

Visitedpublic

2025-02-14 23:16:30

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
pub-c725b9306af6448a91588027bec58565.r2.dev	unknown	2022-08-23	2025-02-14	2025-02-14	1.2 kB	107 kB	162.159.140.237
cdnjs.cloudflare.com	235	2009-02-17	2012-05-23	2025-02-12	537 B	7.2 kB	104.17.24.14
ajax.googleapis.com	12905	2005-01-25	2012-05-22	2025-02-12	470 B	31 kB	142.250.178.106
code.jquery.com	634	2005-12-10	2012-05-21	2025-02-12	965 B	158 kB	151.101.2.137
stackpath.bootstrapcdn.com	2467	2012-05-25	2018-04-05	2025-02-12	478 B	52 kB	104.18.11.207
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20	2025-02-12	3.5 kB	146 kB	104.18.95.41
mail.ipg.su	unknown	2005-03-08	2014-08-13	2024-02-17	1.5 kB	18 kB	188.34.148.117
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18	2025-02-12	531 B	45 kB	104.18.10.207
lcci.lacci.shoes	unknown	2016-04-01	2024-10-24	2024-10-24	1.8 kB	69 kB	172.67.153.154

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (34)

	URL	From	Size	First Seen	Last Seen
	code.jquery.com/jquery-3.1.1.min.js	ScriptElement	87 kB	2023-03-07	2025-08-02
URL code.jquery.com/jquery-3.1.1.min.js IP / ASN 151.101.2.137 #54113 FASTLY Introduced by ScriptElement Embedded false Resource Info First Seen 2023-03-07 Last Seen 2025-08-02 Times Seen 119810 Size 87 kB (86709 bytes) MD5 e071abda8fe61194711cfc2ab99fe104 SHA1 f647a6d37dc4ca055ced3cf64bbc1f490070acba SHA256 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf Format Code Loading...

	unknown	ScriptElement	6.3 kB	2025-02-14	2025-07-12
URL IP / ASN 0.0.0.0 #0 Introduced by ScriptElement Embedded false Resource Info First Seen 2025-02-14 Last Seen 2025-07-12 Times Seen 285 Size 6.3 kB (6315 bytes) MD5 b37cbf317b991cbdead44f9d5e660b15 SHA1 925419b559d2018cb48790d9d872752fc29bd23c SHA256 72f2f8e717ff31aba489b95c086a09aceac28629da8f197e6beb37418614efb9 Format Code Loading...

	ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js	ScriptElement	86 kB	2023-03-07	2025-08-02
URL ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js IP / ASN 142.250.178.106 #15169 GOOGLE Introduced by ScriptElement Embedded false Resource Info First Seen 2023-03-07 Last Seen 2025-08-02 Times Seen 192122 Size 86 kB (85578 bytes) MD5 2f6b11a7e914718e0290410e85366fe9 SHA1 69bb69e25ca7d5ef0935317584e6153f3fd9a88c SHA256 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Format Code Loading...

	maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js	ScriptElement	49 kB	2023-03-07	2025-08-02
URL maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js IP / ASN 104.18.10.207 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded false Resource Info First Seen 2023-03-07 Last Seen 2025-08-02 Times Seen 85294 Size 49 kB (48944 bytes) MD5 14d449eb8876fa55e1ef3c2cc52b0c17 SHA1 a9545831803b1359cfeed47e3b4d6bae68e40e99 SHA256 e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b Format Code Loading...

	code.jquery.com/jquery-3.2.1.slim.min.js	ScriptElement	70 kB	2023-03-07	2025-08-02
URL code.jquery.com/jquery-3.2.1.slim.min.js IP / ASN 151.101.2.137 #54113 FASTLY Introduced by ScriptElement Embedded false Resource Info First Seen 2023-03-07 Last Seen 2025-08-02 Times Seen 65865 Size 70 kB (69597 bytes) MD5 5f48fc77cac90c4778fa24ec9c57f37d SHA1 9e89d1515bc4c371b86f4cb1002fd8e377c1829f SHA256 9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398 Format Code Loading...

	pub-c725b9306af6448a91588027bec58565.r2.dev/Quote%2030832345962.htm#shdss@slurpmail.net	ScriptElement	53 kB	2025-02-14	2025-02-15
URL pub-c725b9306af6448a91588027bec58565.r2.dev/Quote%2030832345962.htm#shdss@slurpmail.net IP / ASN 0.0.0.0 #0 Introduced by ScriptElement Embedded true Resource Info First Seen 2025-02-14 Last Seen 2025-02-15 Times Seen 224 Size 53 kB (53287 bytes) MD5 2f40683af7f073975ff19d652ebfe6fe SHA1 3ed7d59ac7b034b5a3fb41ef5add30bf2b9daad4 SHA256 3d1f6cdc7b62c1e9c4edcd7477bacec2f051071ca92b1e8f4828fa9dfeb184b9 Format Code Loading...

	unknown	ScriptElement	4.1 kB	2025-02-14	2025-02-15
URL IP / ASN 0.0.0.0 #0 Introduced by ScriptElement Embedded false Resource Info First Seen 2025-02-14 Last Seen 2025-02-15 Times Seen 224 Size 4.1 kB (4068 bytes) MD5 ffe523220ace1fcaff09c02f2be0f156 SHA1 cf5c1d0a4f4cbaf9cdba32aa4c5626e687ee97e1 SHA256 723c805dc330dcbc7ba34bc56d70d585b90853435819e20102e75df663f2d1fe Format Code Loading...

	unknown	ScriptElement	199 B	2025-02-14	2025-07-12
URL IP / ASN 0.0.0.0 #0 Introduced by ScriptElement Embedded false Resource Info First Seen 2025-02-14 Last Seen 2025-07-12 Times Seen 285 Size 199 B (199 bytes) MD5 ca440424007bff374ee0af871275956b SHA1 beb8d0f65c1a7c7fa04ece37f0ca4b8fd0089e38 SHA256 635ca0d4f91deaed5d8ce6161898a8fd4892ed9dac052e42314696f463da7af5 Format Code Loading...

	cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js	ScriptElement	19 kB	2023-03-07	2025-08-02
URL cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js IP / ASN 104.17.24.14 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded false Resource Info First Seen 2023-03-07 Last Seen 2025-08-02 Times Seen 84669 Size 19 kB (19188 bytes) MD5 70d3fda195602fe8b75e0097eed74dde SHA1 c3b977aa4b8dfb69d651e07015031d385ded964b SHA256 a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66 Format Code Loading...

	stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js	ScriptElement	51 kB	2023-03-07	2025-08-02
URL stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js IP / ASN 104.18.11.207 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded false Resource Info First Seen 2023-03-07 Last Seen 2025-08-02 Times Seen 107560 Size 51 kB (51039 bytes) MD5 67176c242e1bdc20603c878dee836df3 SHA1 27a71b00383d61ef3c489326b3564d698fc1227c SHA256 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4 Format Code Loading...

	unknown	EventHandler	9 B	2023-04-11	2025-08-02
URL IP / ASN 0.0.0.0 #0 Introduced by EventHandler Embedded false Resource Info First Seen 2023-04-11 Last Seen 2025-08-02 Times Seen 2622 Size 9 B (9 bytes) MD5 8330d67045d053b17fa969ef2bdb5e54 SHA1 041174325b27a7b4d2d1b1a0e353fa82d1cb6431 SHA256 ceecf99c8bd1f6e5f89a26d3b40e009d48860d674231297254ff75d817b9a883 Format Code Loading...

	HASH	FROM	Size	First Seen	Last Seen
	57dbc1bfb590f5f0e226d57c98e6cb20	DocumentWrite	18 kB	2025-02-12	2025-02-15
Introduced by DocumentWrite First Seen 2025-02-12 Last Seen 2025-02-15 Times Seen 309 Size 18 kB (17752 bytes) MD5 57dbc1bfb590f5f0e226d57c98e6cb20 SHA1 b39c755cca098ba9b37e389ba7fba9274cb96ab7 SHA256 7031479a3433537bc8583df9c4f1d86a01772522de48089cd0cb58092ddb2aff Format Code Loading...

	02832432d2c41b3b54935c6c8517aeb2	DocumentWrite	81 B	2023-03-07	2025-08-01
Introduced by DocumentWrite First Seen 2023-03-07 Last Seen 2025-08-01 Times Seen 595 Size 81 B (81 bytes) MD5 02832432d2c41b3b54935c6c8517aeb2 SHA1 88ee7006e448c0efa034d68f4a992ca22ab9ec4a SHA256 5ee5af17cb478a5fe5a8075109f67d37f9ae5c9b830cc1658b3e02b7ff296f0a Format Code Loading...

HTTP Transactions (19)

URL IP Response Size

challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback

104.18.95.41

302 Found

0 B

URL

challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback

IP / ASN

104.18.95.41

#13335 CLOUDFLARENET

Requested byN/A

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-02

Times Seen5606738

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lcci.lacci.shoes/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Fri, 14 Feb 2025 23:15:58 GMT
content-length: 0
access-control-allow-origin: *
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=300, public
cross-origin-resource-policy: cross-origin
location: /turnstile/v0/b/324d0dcf743c/api.js
vary: Accept-Encoding
server: cloudflare
cf-ray: 9120c3621968712b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1

104.18.95.41

200 OK

61 B

URL

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1

IP / ASN

104.18.95.41

#13335 CLOUDFLARENET

Requested byN/A

Resource Info

File typePNG image data, 2 x 2, 8-bit/color RGB, non-interlaced

First Seen2023-08-25

Last Seen2025-05-14

Times Seen189286

Size61 B (61 bytes)

MD59246cca8fc3c00f50035f28e9f6b7f7d

SHA13aa538440f70873b574f40cd793060f53ec17a5d

SHA256c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/cmg/1 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/7i0rm/0x4AAAAAAA8x78GeN6R-4yQs/auto/fbE/new/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 14 Feb 2025 23:15:58 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
priority: u=4,i=?0
server: cloudflare
cf-ray: 9120c363c96cb4eb-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/714716526:1739571851:NSWFB685tBreTUMhyzXnvb6U52B7kAmQrjkENeboVSM/9120c362d86fb4eb/afPu7XAesjl66UdFj8AIvSQjhbME16FETMoiDUNrM_A-1739574958-1.1.1.1-4YEh8RPbbv1T3jOySkgozRCjjOUvzzQSZRmZhtOTOUmHtqmN5ZxjSI3y0rGXvBfa

104.18.95.41

200 OK

142 kB

URL

IP / ASN

104.18.95.41

#13335 CLOUDFLARENET

Requested byN/A

Resource Info

File typeASCII text, with very long lines (65536), with no line terminators

First Seen2025-02-14

Last Seen2025-02-14

Times Seen1

Size142 kB (142459 bytes)

MD59c06f209828d0071d359317a390f6ef2

SHA106d3589c92b3130764fcb1ae0ead0febe6422f65

SHA256e5b88db18c8ef8b9b89ee4facdd9b78a1f10ddb9bc42790a52bf95ab3da1f5e7

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/714716526:1739571851:NSWFB685tBreTUMhyzXnvb6U52B7kAmQrjkENeboVSM/9120c362d86fb4eb/afPu7XAesjl66UdFj8AIvSQjhbME16FETMoiDUNrM_A-1739574958-1.1.1.1-4YEh8RPbbv1T3jOySkgozRCjjOUvzzQSZRmZhtOTOUmHtqmN5ZxjSI3y0rGXvBfa HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/7i0rm/0x4AAAAAAA8x78GeN6R-4yQs/auto/fbE/new/normal/auto/
cf-chl: afPu7XAesjl66UdFj8AIvSQjhbME16FETMoiDUNrM_A-1739574958-1.1.1.1-4YEh8RPbbv1T3jOySkgozRCjjOUvzzQSZRmZhtOTOUmHtqmN5ZxjSI3y0rGXvBfa
cf-chl-ra: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 2847
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 14 Feb 2025 23:15:59 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: Iqc5JV3+E83Sz4aigXd5Zq+jLU9+CiAkHEy8XUZaCeUVkow/eCW2GaSiVYqen0OZaxoET2KGeqvf8Rt1QvhMj39HgJry8hSNEKH1k1BGSAm27sup07gldjW6OFHl/lSckGcw2M/4GlgCaPoZ89PQ0opnHfqV5mWzKY5U/XHrXcUlIktQq2AxyurUjXFFJEqZsvmR/hbHbv8tjVktku9YZ9pSlUQVasyx46FPwjUaAB6+hWIoEUqUkuIvNRNElT9jzOP5ow0iWMtR/VhTnLqebj9SlzOeu/t3tI8L2tFj0pKfrNB++54YgLEwXnHyKm2g0fTCxXU8weUwr9/XJQ8isQiyYwY6enImaI3tTIxG1jmgmYAq4UbeIs45mrIjcE2dJuqeXX16QJ3en+NiZpKfqsvI4YGnbP9y4dF0i9Jaj0JSOlZRI/xF4qDgnPB3kHftc99EDaQ1plK89HJ7NnZUfm+tOYByUU3aRiANMmYJNARPZnA4MP3+HPlLNeKlrHE/sbpfXN6xTa9Xk/mzTUB2gQ==$jT3EBwZNRDzcUIJ8I78gDA==
priority: u=3,i=?0
server: cloudflare
cf-ray: 9120c365bb8cb4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/9120c362d86fb4eb/1739574959010/462bbd58f38b4c4e72c668b3469e0c82137852e11ae98d5a35ebf5515dd407d4/DC32uzB8MR89Da0

104.18.95.41

401 Unauthorized

1 B

URL

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/9120c362d86fb4eb/1739574959010/462bbd58f38b4c4e72c668b3469e0c82137852e11ae98d5a35ebf5515dd407d4/DC32uzB8MR89Da0

IP / ASN

104.18.95.41

#13335 CLOUDFLARENET

Requested byN/A

Resource Info

File typevery short file (no magic)

First Seen0001-01-01

Last Seen2025-08-02

Times Seen228391

Size1 B (1 bytes)

MD5ff44570aca8241914870afbc310cdb85

SHA158668e7669fd564d99db5d581fcdb6a5618440b5

SHA2566da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/pat/9120c362d86fb4eb/1739574959010/462bbd58f38b4c4e72c668b3469e0c82137852e11ae98d5a35ebf5515dd407d4/DC32uzB8MR89Da0 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/7i0rm/0x4AAAAAAA8x78GeN6R-4yQs/auto/fbE/new/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 401 Unauthorized
date: Fri, 14 Feb 2025 23:16:00 GMT
content-type: text/plain; charset=utf-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gRiu9WPOLTE5yxmizRp4MghN4UuEa6Y1aNev1UV3UB9QAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAscjm_UO_k901rNdCKgLw5bvI4i6M_jDNCIXpfs2LRbtxwLOrUyplqVvML_hVlB5tIDMuj0ihhaOFHose-Y0_UjQnNUGE_vol46VvGgscTMtTjU4xINriap8AMTIygvljEBt6my-nBwkUGhY3U9v5iKC-eWR5bTfvrqFsuIVxafkSfhHqDXB4KLGNjvOOV71GGJ9x4yxA-C2OcULZ1uDDKuvAaMhuiWdF6OzSTXruP9yPg1vmuteavOW1re0YDbCbtK16PhHdSzWym7v_FrvId-2zf26j50FlTd_vl_DcKNDVCgWDoU0uX3cU6V3rSQoVXREEqPr-2ywSGru8ZuXRoQIDAQAB", max-age=20, PrivateToken challenge="AAIAHXNhdC5wYXQtaXNzdWVyLmNsb3VkZmxhcmUuY29tIEYrvVjzi0xOcsZos0aeDIITeFLhGumNWjXr9VFd1AfUABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAsLS4HBnLGydwK-bLQGRCaoyMsrXBRrDgQVmxS06j3UF0nYSd6GdTGCKIu1WV60eg-tJtTttfEVq7wHVQf4vzjYBidmCh88ebzxKv2GB6PESSodf5MsEup9xd5dxpkYScgL1CCJq89kRrOQ_CS61bvkL_oGyZf4ffqG5THgaOsopqj8dFLH6_SMy9yf8EgMYqpyjxfKsD-1_qb1m1DRjJEKPWKIGwmHXIKQJUqsxZFm4_Inwkxx7QMpVP4GyqlTxFVz7stWwJRSkMLHjEM_IWLUYfPhuwIUVqmRjGsY1n8flA1bRfxaWHNDxoi25-M2BKTP9NkNNJBbTKErhrZ9LGywIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIEYrvVjzi0xOcsZos0aeDIITeFLhGumNWjXr9VFd1AfUABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAhyjrDP7zQ5ZzlMLlYQtQX3vhc-vT9nQ7vrqtgRKParT8Oth2rSDPTnsgZg0iIcHgtncvEYs0_AFSmWkTKaRR8Iz7b_fzAUi-ich_EvH2TqI1NNthkX9p1zMPjtsHF8NVHXodhKq5aA9XbyvYPzVrAAUN9o0pMmtujcCqS8YOBRudNJO0XwRK_wNP1hwo6DhxBLbEyRHXijqqhJ9tbnLXbevGkAZfTjcQMUyxlWFkqXxUtXoQl0eZGisKDTzujFuVC78iaFPaBtRicxYv7qyQYt2OPyy3ktlVVzlRWHIpb8TBpBGh2nwqDW0pwcsemsrEuZZ6gFpGH7Sg8fFX28x3bwIDAQAB", max-age=20
priority: u=4,i=?0
server: cloudflare
cf-ray: 9120c371a9d8b4eb-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/d/9120c362d86fb4eb/1739574959014/hise_BNHsdc7XuM

104.18.95.41

200 OK

61 B

URL

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/d/9120c362d86fb4eb/1739574959014/hise_BNHsdc7XuM

IP / ASN

104.18.95.41

#13335 CLOUDFLARENET

Requested byN/A

Resource Info

File typePNG image data, 38 x 45, 8-bit/color RGB, non-interlaced

First Seen2023-05-10

Last Seen2025-03-15

Times Seen69

Size61 B (61 bytes)

MD55d22265d1fd0adf1282863e5816fd6bb

SHA15fad966b5273935645530b6824477b9b05d9fcbb

SHA256828fd02a7d485c5779c11c3234a003312cb3ecb8c1bc0d3d759e0f8e8e00d409

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/d/9120c362d86fb4eb/1739574959014/hise_BNHsdc7XuM HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/7i0rm/0x4AAAAAAA8x78GeN6R-4yQs/auto/fbE/new/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 14 Feb 2025 23:16:02 GMT
content-type: image/png
content-length: 61
priority: u=4,i=?0
server: cloudflare
cf-ray: 9120c3793a92b4eb-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

pub-c725b9306af6448a91588027bec58565.r2.dev/Quote%2030832345962.htm

162.159.140.237

200 OK

53 kB

URL

pub-c725b9306af6448a91588027bec58565.r2.dev/Quote%2030832345962.htm

IP / ASN

162.159.140.237

#13335 CLOUDFLARENET

Requested byN/A

Resource Info

File typeHTML document, ASCII text, with very long lines (53285), with CRLF line terminators

First Seen2025-02-14

Last Seen2025-02-15

Times Seen223

Size53 kB (53306 bytes)

MD548f2b16ac469fdc48821343e32f2d97a

SHA1a0332a2aba5b64be778730bb7b53580130fbf174

SHA256f14f306839a61d1a8a3b39bc8ce97eb2a50b23d9b35ebdf19d41ed98843b0e5e

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Zimbra Web Client

HTTP Headers

GET /Quote%2030832345962.htm HTTP/1.1
Host: pub-c725b9306af6448a91588027bec58565.r2.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lcci.lacci.shoes/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Sec-Fetch-User: ?1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 14 Feb 2025 23:16:07 GMT
Content-Type: text/html
Content-Length: 53306
Connection: keep-alive
Accept-Ranges: bytes
ETag: "48f2b16ac469fdc48821343e32f2d97a"
Last-Modified: Fri, 14 Feb 2025 07:06:11 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 9120c3997c57569a-OSL

lcci.lacci.shoes/favicon.ico

172.67.153.154

404 Not Found

7.9 kB

URL

lcci.lacci.shoes/favicon.ico

IP / ASN

172.67.153.154

#13335 CLOUDFLARENET

Requested byN/A

Resource Info

File typeHTML document, ASCII text

First Seen2023-03-07

Last Seen2025-08-02

Times Seen95582

Size7.9 kB (7879 bytes)

MD5a34ac19f4afae63adc5d2f7bc970c07f

SHA1a82190fc530c265aa40a045c21770d967f4767b8

SHA256d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: lcci.lacci.shoes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lcci.lacci.shoes/Si7/shdss@slurpmail.net
Cookie: PHPSESSID=56f355a3818a466f29d1fc5d61f8affe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Fri, 14 Feb 2025 23:15:58 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: HIT
age: 170
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C3jbHtOYUCRs2Bp7BdEbZH0IFhuLhgZjn4B%2B6%2FE1gI1pN8NufMb%2FRXhsmiAL9iUTB4XUeAlO7e7UmDQu0qvYZiI4y5d%2BvdOehmpA2zARMJv%2BDct6t0%2F%2FuT9Tz1yoHPtbMQOI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 9120c362be3256c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4542&min_rtt=2499&rtt_var=2396&sent=13&recv=8&lost=0&retrans=0&sent_bytes=4157&recv_bytes=1263&delivery_rate=237647&cwnd=12000&unsent_bytes=0&cid=e0cbfc532351430a&ts=392&x=1", cfExtPri, cfHdrFlush;dur=0

GET cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js

104.17.24.14

200 OK

6.2 kB

URL

cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js

IP / ASN

104.17.24.14

#13335 CLOUDFLARENET

Requested byhttps://pub-c725b9306af6448a91588027bec58565.r2.dev/Quote%2030832345962.htm#shdss@slurpmail.net

Resource Info

File typeJavaScript source, ASCII text, with very long lines (19015)

First Seen2023-03-07

Last Seen2025-08-02

Times Seen84669

Size6.2 kB (6157 bytes)

MD570d3fda195602fe8b75e0097eed74dde

SHA1c3b977aa4b8dfb69d651e07015031d385ded964b

SHA256a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

Certificate Info

IssuerGoogle Trust Services

Subjectcdnjs.cloudflare.com

Fingerprint00:0E:39:59:53:CF:68:07:90:75:EB:68:26:B9:04:22:44:7D:9A:32

ValidityFri, 24 Jan 2025 09:16:22 GMT - Thu, 24 Apr 2025 10:16:21 GMT

HTTP Headers

GET /ajax/libs/popper.js/1.12.9/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pub-c725b9306af6448a91588027bec58565.r2.dev
DNT: 1
Connection: keep-alive
Referer: https://pub-c725b9306af6448a91588027bec58565.r2.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 14 Feb 2025 23:16:07 GMT
content-type: application/javascript; charset=utf-8
content-length: 6157
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-4af4"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2496889
expires: Wed, 04 Feb 2026 23:16:07 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9HytCuJMc2YbLsvFYEHfxRf4J3nUIlGNn4H1fUWb1iahKFZNGH%2F6ekwapoQ3l%2FMhyqtFYN8lIpSjY3m8VPkOYesepVHKVy2qJLkT1AI9u0zuqt6F5D46a639Q4GJ4q8uw8dFo60p"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 9120c39d1ae91c0e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

POST lcci.lacci.shoes/Si7/shdss@slurpmail.net

172.67.153.154

200 OK

25 kB

URL

lcci.lacci.shoes/Si7/shdss@slurpmail.net

IP / ASN

172.67.153.154

#13335 CLOUDFLARENET

Requested byN/A

Resource Info

File typeHTML document, ASCII text, with very long lines (3255), with no line terminators

First Seen2025-02-14

Last Seen2025-02-15

Times Seen66

Size25 kB (25202 bytes)

MD56ec273ea8cc8cba4190d52a2f8c6b475

SHA1c9aa8af174a09970b1e2931c5892689590224949

SHA2565089387050db5256df8536925e65cf09d34f28aa78bf664db22b68ac7cc7ee81

Certificate Info

IssuerGoogle Trust Services

Subjectlacci.shoes

FingerprintBE:6C:09:60:75:56:AA:3F:80:DE:2F:CD:34:74:37:A3:BD:A3:5B:79

ValiditySat, 04 Jan 2025 17:11:37 GMT - Fri, 04 Apr 2025 18:10:19 GMT

HTTP Headers

GET /Si7/shdss@slurpmail.net HTTP/1.1
Host: lcci.lacci.shoes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 14 Feb 2025 23:15:58 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=56f355a3818a466f29d1fc5d61f8affe; path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ox3ult9vtlnOGi8vG4adeNdNa6FjiCZIKBESDmWFT8kD83j9Sx8U5WMe8D4GRzf79TQs0fwB1Q0FVXqjKYYn1R5NFO38KOLHuCIQgSc%2Bd76EZovXwA9z%2FBPo%2B1likl1L9qBN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 9120c35ebe1e5689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6087&min_rtt=595&rtt_var=10663&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3199&recv_bytes=1142&delivery_rate=2305732&cwnd=244&unsent_bytes=0&cid=ceb5d780b02d0305&ts=280&x=0"
X-Firefox-Spdy: h2

POST lcci.lacci.shoes/Si7/shdss@slurpmail.net

172.67.153.154

302 Found

33 kB

URL

lcci.lacci.shoes/Si7/shdss@slurpmail.net

IP / ASN

172.67.153.154

#13335 CLOUDFLARENET

Requested byN/A

Resource Info

File typedata

First Seen2025-02-14

Last Seen2025-02-15

Times Seen15

Size33 kB (33325 bytes)

MD549e434339b2b968f1d70f4f3be92b466

SHA133de69a1a2f9246bb4c3e74706f3840a0c8d6cec

SHA256249811d930b30cecd0970ca3c352c06163da73a1234a6fa2a310d320177d130c

Certificate Info

IssuerGoogle Trust Services

Subjectlacci.shoes

FingerprintBE:6C:09:60:75:56:AA:3F:80:DE:2F:CD:34:74:37:A3:BD:A3:5B:79

ValiditySat, 04 Jan 2025 17:11:37 GMT - Fri, 04 Apr 2025 18:10:19 GMT

HTTP Headers

POST /Si7/shdss@slurpmail.net HTTP/1.1
Host: lcci.lacci.shoes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 923
Origin: https://lcci.lacci.shoes
DNT: 1
Connection: keep-alive
Referer: https://lcci.lacci.shoes/Si7/shdss@slurpmail.net
Cookie: PHPSESSID=56f355a3818a466f29d1fc5d61f8affe
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Sec-Fetch-User: ?1
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Fri, 14 Feb 2025 23:16:07 GMT
content-type: text/html; charset=UTF-8
location: https://pub-c725b9306af6448a91588027bec58565.r2.dev/Quote%2030832345962.htm#shdss@slurpmail.net
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
priority: u=1,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xKuMN1JYtMAC%2F0%2Fd4ni45nVFtXH5tq3jjNQpTu3KRg%2FOt4aLHhTEycqBGH9VXFK%2F%2FEqdRSFa5R8TB9UdSeTA9r5jMXDD%2Bj%2FdFlqmTWabTHaFvMQydSuQwtjRCDdj4Rn%2F2rOH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 9120c3971b1956c3-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6783&min_rtt=2499&rtt_var=6279&sent=15&recv=10&lost=0&retrans=0&sent_bytes=5118&recv_bytes=2662&delivery_rate=2383&cwnd=12000&unsent_bytes=0&cid=e0cbfc532351430a&ts=9097&x=1", cfExtPri, cfHdrFlush;dur=0

GET ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

142.250.178.106

200 OK

30 kB

URL

ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

IP / ASN

142.250.178.106

#15169 GOOGLE

Requested byhttps://pub-c725b9306af6448a91588027bec58565.r2.dev/Quote%2030832345962.htm#shdss@slurpmail.net

Resource Info

File typeJavaScript source, ASCII text, with very long lines (32065)

First Seen2023-03-07

Last Seen2025-08-02

Times Seen192122

Size30 kB (30028 bytes)

MD52f6b11a7e914718e0290410e85366fe9

SHA169bb69e25ca7d5ef0935317584e6153f3fd9a88c

SHA25605b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Certificate Info

IssuerGoogle Trust Services

Subjectupload.video.google.com

Fingerprint22:27:21:F7:F6:B5:6A:DC:8B:A1:BD:9D:72:10:82:8E:48:5C:21:8C

ValidityMon, 27 Jan 2025 08:36:31 GMT - Mon, 21 Apr 2025 08:36:30 GMT

HTTP Headers

GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-c725b9306af6448a91588027bec58565.r2.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 13 Feb 2025 17:17:08 GMT
expires: Fri, 13 Feb 2026 17:17:08 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 107940
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET mail.ipg.su/skins/_base/logos/LoginBanner_white.png?v=240816021614

188.34.148.117

200 OK

3.3 kB

URL

mail.ipg.su/skins/_base/logos/LoginBanner_white.png?v=240816021614

IP / ASN

188.34.148.117

#24940 Hetzner Online GmbH

Requested byhttps://pub-c725b9306af6448a91588027bec58565.r2.dev/Quote%2030832345962.htm#shdss@slurpmail.net

Resource Info

File typePNG image data, 163 x 36, 8-bit/color RGBA, non-interlaced

First Seen2023-05-03

Last Seen2025-08-02

Times Seen1462

Size3.3 kB (3299 bytes)

MD5e04d149f1a5dec8a4b31e20e1f1413fb

SHA144e9355e76474683c0f9ebd8c8150fffd30f9e9b

SHA2568db258b55ceabeb5c9c8bf41f59a2743c579cfcee58c34cacc945ad9c01d6ef1

Certificate Info

IssuerGlobalSign nv-sa

Subjectmail.ipg.su

Fingerprint27:4A:58:9C:D2:EF:F4:A8:85:7A:DB:D2:75:C0:C5:32:9B:64:B6:85

ValidityFri, 16 Feb 2024 22:08:29 GMT - Wed, 19 Mar 2025 22:08:28 GMT

HTTP Headers

GET /skins/_base/logos/LoginBanner_white.png?v=240816021614 HTTP/1.1
Host: mail.ipg.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail.ipg.su/css/common,login,zhtml,skin.css?skin=harmony&v=221116085414
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 14 Feb 2025 23:16:08 GMT
content-type: image/png
content-length: 3299
x-frame-options: SAMEORIGIN
expires: Mon, 17 Mar 2025 00:16:08 GMT
cache-control: public, max-age=2595600
last-modified: Fri, 16 Aug 2024 01:48:38 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

104.18.10.207

200 OK

44 kB

URL

maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

IP / ASN

104.18.10.207

#13335 CLOUDFLARENET

Requested byhttps://pub-c725b9306af6448a91588027bec58565.r2.dev/Quote%2030832345962.htm#shdss@slurpmail.net

Resource Info

File typeJavaScript source, ASCII text, with very long lines (48664)

First Seen2023-03-07

Last Seen2025-08-02

Times Seen85294

Size44 kB (44454 bytes)

MD514d449eb8876fa55e1ef3c2cc52b0c17

SHA1a9545831803b1359cfeed47e3b4d6bae68e40e99

SHA256e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Certificate Info

IssuerGoogle Trust Services

Subjectbootstrapcdn.com

Fingerprint53:78:04:46:B4:48:0A:28:30:67:23:9B:D5:25:73:FE:FA:81:58:19

ValidityThu, 16 Jan 2025 00:27:53 GMT - Wed, 16 Apr 2025 01:27:34 GMT

HTTP Headers

GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pub-c725b9306af6448a91588027bec58565.r2.dev
DNT: 1
Connection: keep-alive
Referer: https://pub-c725b9306af6448a91588027bec58565.r2.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 14 Feb 2025 23:16:07 GMT
content-type: application/javascript; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 03/18/2024 12:46:36
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1048
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requesttime: 0
cdn-requestid: f7fb0dae400c39f851be3f8ddddc4f28
cdn-cache: HIT
cf-cache-status: HIT
age: 30558
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 9120c39d2e681c02-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET mail.ipg.su/css/common,login,zhtml,skin.css?skin=harmony&v=221116085414

188.34.148.117

200 OK

12 kB

URL

mail.ipg.su/css/common,login,zhtml,skin.css?skin=harmony&v=221116085414

IP / ASN

188.34.148.117

#24940 Hetzner Online GmbH

Requested byhttps://pub-c725b9306af6448a91588027bec58565.r2.dev/Quote%2030832345962.htm#shdss@slurpmail.net

Resource Info

File typegzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)

First Seen2025-02-14

Last Seen2025-02-15

Times Seen50

Size12 kB (12372 bytes)

MD5d0675dcca337d14f613d4a272ff213c6

SHA1ec404177dc0ecdabe2ee7d71cc0accae371c8a13

SHA256cedb621a8a09a874a812f5f326ba14886d471aacc3441a8cd23446a41721e5d2

Certificate Info

IssuerGlobalSign nv-sa

Subjectmail.ipg.su

Fingerprint27:4A:58:9C:D2:EF:F4:A8:85:7A:DB:D2:75:C0:C5:32:9B:64:B6:85

ValidityFri, 16 Feb 2024 22:08:29 GMT - Wed, 19 Mar 2025 22:08:28 GMT

HTTP Headers

GET /css/common,login,zhtml,skin.css?skin=harmony&v=221116085414 HTTP/1.1
Host: mail.ipg.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-c725b9306af6448a91588027bec58565.r2.dev/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 14 Feb 2025 23:16:08 GMT
content-type: text/css
x-frame-options: SAMEORIGIN
expires: Mon, 17 Mar 2025 00:16:08 GMT
cache-control: public, max-age=2595600
vary: User-Agent, Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

GET mail.ipg.su/img/logo/favicon.ico

188.34.148.117

200 OK

1.2 kB

URL

mail.ipg.su/img/logo/favicon.ico

IP / ASN

188.34.148.117

#24940 Hetzner Online GmbH

Requested byhttps://pub-c725b9306af6448a91588027bec58565.r2.dev/Quote%2030832345962.htm#shdss@slurpmail.net

Resource Info

File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel

First Seen2023-05-02

Last Seen2025-08-02

Times Seen2144

Size1.2 kB (1150 bytes)

MD58c7d1c14e4b9c42f07bd6b800d93b806

SHA187e49826ffb3bc1ddac38feebb6bb98eaef568b2

SHA2561afd891aacc433e75265e3ddc9cb4fc63b88259977811384426c535037711637

Certificate Info

IssuerGlobalSign nv-sa

Subjectmail.ipg.su

Fingerprint27:4A:58:9C:D2:EF:F4:A8:85:7A:DB:D2:75:C0:C5:32:9B:64:B6:85

ValidityFri, 16 Feb 2024 22:08:29 GMT - Wed, 19 Mar 2025 22:08:28 GMT

HTTP Headers

GET /img/logo/favicon.ico HTTP/1.1
Host: mail.ipg.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-c725b9306af6448a91588027bec58565.r2.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 14 Feb 2025 23:16:08 GMT
content-type: image/x-icon
content-length: 1150
x-frame-options: SAMEORIGIN
expires: Mon, 17 Mar 2025 00:16:08 GMT
cache-control: public, max-age=2595600
last-modified: Fri, 16 Aug 2024 01:48:38 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET code.jquery.com/jquery-3.1.1.min.js

151.101.2.137

200 OK

87 kB

URL

code.jquery.com/jquery-3.1.1.min.js

IP / ASN

151.101.2.137

#54113 FASTLY

Requested byhttps://pub-c725b9306af6448a91588027bec58565.r2.dev/Quote%2030832345962.htm#shdss@slurpmail.net

Resource Info

File typeJavaScript source, ASCII text, with very long lines (32030)

First Seen2023-03-07

Last Seen2025-08-02

Times Seen119810

Size87 kB (86709 bytes)

MD5e071abda8fe61194711cfc2ab99fe104

SHA1f647a6d37dc4ca055ced3cf64bbc1f490070acba

SHA25685556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Certificate Info

IssuerSectigo Limited

Subject*.jquery.com

FingerprintCD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5

ValidityTue, 25 Jun 2024 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT

HTTP Headers

GET /jquery-3.1.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-c725b9306af6448a91588027bec58565.r2.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-152b5"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 14 Feb 2025 23:16:07 GMT
age: 3325276
x-served-by: cache-lga21947-LGA, cache-hel1410030-HEL
x-cache: HIT, HIT
x-cache-hits: 118, 80078
x-timer: S1739574968.907378,VS0,VE0
vary: Accept-Encoding
content-length: 30070
X-Firefox-Spdy: h2

GET stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js

104.18.11.207

200 OK

51 kB

URL

stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js

IP / ASN

104.18.11.207

#13335 CLOUDFLARENET

Requested byhttps://pub-c725b9306af6448a91588027bec58565.r2.dev/Quote%2030832345962.htm#shdss@slurpmail.net

Resource Info

File typeJavaScript source, ASCII text, with very long lines (50758)

First Seen2023-03-07

Last Seen2025-08-02

Times Seen107560

Size51 kB (51039 bytes)

MD567176c242e1bdc20603c878dee836df3

SHA127a71b00383d61ef3c489326b3564d698fc1227c

SHA25656c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Certificate Info

IssuerGoogle Trust Services

Subjectbootstrapcdn.com

Fingerprint53:78:04:46:B4:48:0A:28:30:67:23:9B:D5:25:73:FE:FA:81:58:19

ValidityThu, 16 Jan 2025 00:27:53 GMT - Wed, 16 Apr 2025 01:27:34 GMT

HTTP Headers

GET /bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-c725b9306af6448a91588027bec58565.r2.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 14 Feb 2025 23:16:07 GMT
content-type: application/javascript; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: US
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: "67176c242e1bdc20603c878dee836df3"
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 10/04/2024 02:53:43
cdn-edgestorageid: 1029
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requesttime: 1
cdn-requestid: c6c8a086d090f1d2baac8a7b0c894894
cdn-cache: HIT
cf-cache-status: HIT
age: 2582862
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 9120c39d3bff0b3d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET pub-c725b9306af6448a91588027bec58565.r2.dev/Quote%2030832345962.htm

162.159.140.237

200 OK

53 kB

URL

pub-c725b9306af6448a91588027bec58565.r2.dev/Quote%2030832345962.htm

IP / ASN

162.159.140.237

#13335 CLOUDFLARENET

Requested byN/A

Resource Info

File typeHTML document, ASCII text, with very long lines (53285), with CRLF line terminators

First Seen2025-02-14

Last Seen2025-02-15

Times Seen223

Size53 kB (53306 bytes)

MD548f2b16ac469fdc48821343e32f2d97a

SHA1a0332a2aba5b64be778730bb7b53580130fbf174

SHA256f14f306839a61d1a8a3b39bc8ce97eb2a50b23d9b35ebdf19d41ed98843b0e5e

Certificate Info

IssuerLet's Encrypt

Subject*.r2.dev

Fingerprint69:C8:8E:21:A3:C2:15:95:49:F4:A4:3C:C2:C8:D2:2F:2C:33:93:3A

ValiditySat, 25 Jan 2025 12:16:42 GMT - Fri, 25 Apr 2025 12:16:41 GMT

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Zimbra Web Client

HTTP Headers

GET /Quote%2030832345962.htm HTTP/1.1
Host: pub-c725b9306af6448a91588027bec58565.r2.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lcci.lacci.shoes/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Sec-Fetch-User: ?1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 14 Feb 2025 23:16:07 GMT
Content-Type: text/html
Content-Length: 53306
Connection: keep-alive
Accept-Ranges: bytes
ETag: "48f2b16ac469fdc48821343e32f2d97a"
Last-Modified: Fri, 14 Feb 2025 07:06:11 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 9120c3997c57569a-OSL

GET code.jquery.com/jquery-3.2.1.slim.min.js

151.101.2.137

200 OK

70 kB

URL

code.jquery.com/jquery-3.2.1.slim.min.js

IP / ASN

151.101.2.137

#54113 FASTLY

Requested byhttps://pub-c725b9306af6448a91588027bec58565.r2.dev/Quote%2030832345962.htm#shdss@slurpmail.net

Resource Info

File typeJavaScript source, ASCII text, with very long lines (32012)

First Seen2023-03-07

Last Seen2025-08-02

Times Seen65865

Size70 kB (69597 bytes)

MD55f48fc77cac90c4778fa24ec9c57f37d

SHA19e89d1515bc4c371b86f4cb1002fd8e377c1829f

SHA2569365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

Certificate Info

IssuerSectigo Limited

Subject*.jquery.com

FingerprintCD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5

ValidityTue, 25 Jun 2024 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT

HTTP Headers

GET /jquery-3.2.1.slim.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pub-c725b9306af6448a91588027bec58565.r2.dev
DNT: 1
Connection: keep-alive
Referer: https://pub-c725b9306af6448a91588027bec58565.r2.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-10fdd"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 14 Feb 2025 23:16:07 GMT
age: 2719784
x-served-by: cache-lga21963-LGA, cache-hel1410032-HEL
x-cache: HIT, HIT
x-cache-hits: 38, 18346
x-timer: S1739574968.880677,VS0,VE0
vary: Accept-Encoding
content-length: 23856
X-Firefox-Spdy: h2