mbblawfirmkc.karlacalixtro.com/ZGhhbGRlcm1hbkBtYmJsYXdmaXJta2MuY29t
128 B URL mbblawfirmkc.karlacalixtro.com/ZGhhbGRlcm1hbkBtYmJsYXdmaXJta2MuY29t
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text
Hash 80409a79fc1e584750cb824021210bce
2b08b19c8e52bf2f3021bdd15b28b3a055008d88
ce2d0bd0704f6cbe454c74544ff44a6c62b9782da9a5b8afa4d43e89a5e3ec41
Analyzer Verdict Alert OpenPhish phishing Office365
GET /ZGhhbGRlcm1hbkBtYmJsYXdmaXJta2MuY29t HTTP/1.1
Host: mbblawfirmkc.karlacalixtro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=a85ef288c27cd0ea8d0c0eb950fc3cdf; path=/
vary: Accept-Encoding
content-encoding: gzip
content-length: 128
content-type: text/html; charset=UTF-8
date: Fri, 10 Nov 2023 13:47:59 GMT
server: Apache
X-Firefox-Spdy: h2
mbblawfirmkc.karlacalixtro.com/
109 B URL mbblawfirmkc.karlacalixtro.com/
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text
Hash ea4da9a32ed23b8c0e4f4a609fef49c1
bdbf6dc0112a322b21399ca767d35e169a362cfa
9c761a9192d8996094b8b59388c99ff02860a6cee374c85eb978a9aa8c669018
Analyzer Verdict Alert OpenPhish phishing Office365
GET / HTTP/1.1
Host: mbblawfirmkc.karlacalixtro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 Nov 2023 13:47:59 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=e71f2485800af69fece7e4d44eae8e1a; path=/
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 109
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8
code.jquery.com/jquery-3.6.0.min.js
200 OK 31 kB URL GET HTTP/2 code.jquery.com/jquery-3.6.0.min.js
IP
Requested by https://emuzkjtabb.eorgesca.ru/pkttju/#dhalderman@mbblawfirmkc.com
Certificate IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (65447)
Hash 8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://emuzkjtabb.eorgesca.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d9d"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 10 Nov 2023 13:48:00 GMT
age: 4385980
x-served-by: cache-lga21931-LGA, cache-bma1647-BMA
x-cache: HIT, HIT
x-cache-hits: 30, 92335
x-timer: S1699624081.719584,VS0,VE0
vary: Accept-Encoding
content-length: 30875
X-Firefox-Spdy: h2
emuzkjtabb.eorgesca.ru/web2/assets/fonts/GDSherpa-bold.woff2
200 OK 28 kB URL GET HTTP/3 emuzkjtabb.eorgesca.ru/web2/assets/fonts/GDSherpa-bold.woff2
IP
Requested by https://emuzkjtabb.eorgesca.ru/pkttju/#dhalderman@mbblawfirmkc.com
Certificate IssuerGoogle Trust Services LLC
Subjecteorgesca.ru
Fingerprint3F:72:2A:54:74:C2:7A:6F:62:C8:FC:29:B5:2B:F3:4B:61:70:3D:3F
ValidityWed, 01 Nov 2023 16:30:38 GMT - Tue, 30 Jan 2024 16:30:37 GMT
File type Web Open Font Format (Version 2), TrueType, length 28000, version 1.66\012- data
Hash a4bca6c95fed0d0c5cc46cf07710dcec
73b56e33b82b42921db8702a33efd0f2b2ec9794
5a51d246af54d903f67f07f2bd820ce77736f8d08c5f1602db07469d96dbf77f
GET /web2/assets/fonts/GDSherpa-bold.woff2 HTTP/1.1
Host: emuzkjtabb.eorgesca.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://emuzkjtabb.eorgesca.ru/pkttju/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 Nov 2023 13:48:02 GMT
content-type: font/woff2
content-length: 28000
last-modified: Fri, 25 Aug 2023 04:00:16 GMT
etag: "6d60-603b761e42cdb"
access-control-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
content-security-policy: frame-ancestors 'none'
cache-control: max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QbPxkHIGMM9RXIf2HD9XTlYiSZMtBFKlqqamh1O2nDb61KMz%2F3cjglcuxoiDY0Bo92VOn2mtHCj1jz8pRnT3jRlcFH3bJcENs4DJz277oC7MXf6DGkjO3DTZ0xOhh%2FAn5NHVFJGnfodqFxU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 6066
accept-ranges: bytes
server: cloudflare
cf-ray: 823ec033ce145695-OSL
emuzkjtabb.eorgesca.ru/web2/assets/fonts/GDSherpa-bold.woff
200 OK 36 kB URL GET HTTP/3 emuzkjtabb.eorgesca.ru/web2/assets/fonts/GDSherpa-bold.woff
IP
Requested by https://emuzkjtabb.eorgesca.ru/pkttju/#dhalderman@mbblawfirmkc.com
Certificate IssuerGoogle Trust Services LLC
Subjecteorgesca.ru
Fingerprint3F:72:2A:54:74:C2:7A:6F:62:C8:FC:29:B5:2B:F3:4B:61:70:3D:3F
ValidityWed, 01 Nov 2023 16:30:38 GMT - Tue, 30 Jan 2024 16:30:37 GMT
File type Web Open Font Format, TrueType, length 35970, version 1.0\012- data
Hash 496b7bbde91c7dc7cf9bbabbb3921da8
2bd3c406a715ab52dad84c803c55bf4a6e66a924
ae40a04f95df12b0c364f26ab691dc0c391d394a28bcdb4aeacfaca325d0a798
GET /web2/assets/fonts/GDSherpa-bold.woff HTTP/1.1
Host: emuzkjtabb.eorgesca.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://emuzkjtabb.eorgesca.ru/pkttju/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 Nov 2023 13:48:02 GMT
content-type: font/woff
content-length: 35970
last-modified: Fri, 25 Aug 2023 04:00:22 GMT
etag: "8c82-603b7623b006b"
access-control-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
content-security-policy: frame-ancestors 'none'
cache-control: max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uBTBMO1L87FNpgrxp7SzObDYTxSW0qrajOYOXBPVq6Crr8IIjLhM8Zl1UTXCZ36zhNhgDy0QrIii44cDYmuKDBPe8jjIucr%2Beofg4lEfFpTyAa94xevh6idZ2Af6qV59b7%2B8ZHFFKKQSNdA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 6066
accept-ranges: bytes
server: cloudflare
cf-ray: 823ec033ce155695-OSL
emuzkjtabb.eorgesca.ru/web2/assets/fonts/GDSherpa-regular.woff2
200 OK 29 kB URL GET HTTP/3 emuzkjtabb.eorgesca.ru/web2/assets/fonts/GDSherpa-regular.woff2
IP
Requested by https://emuzkjtabb.eorgesca.ru/pkttju/#dhalderman@mbblawfirmkc.com
Certificate IssuerGoogle Trust Services LLC
Subjecteorgesca.ru
Fingerprint3F:72:2A:54:74:C2:7A:6F:62:C8:FC:29:B5:2B:F3:4B:61:70:3D:3F
ValidityWed, 01 Nov 2023 16:30:38 GMT - Tue, 30 Jan 2024 16:30:37 GMT
File type Web Open Font Format (Version 2), TrueType, length 28584, version 1.66\012- data
Hash 17081510f3a6f2f619ec8c6f244523c7
87f34b2a1532c50f2a424c345d03fe028db35635
2c7292014e2ef00374aeb63691d9f23159a010455784ee0b274ba7db2bcca956
GET /web2/assets/fonts/GDSherpa-regular.woff2 HTTP/1.1
Host: emuzkjtabb.eorgesca.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://emuzkjtabb.eorgesca.ru/pkttju/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 Nov 2023 13:48:02 GMT
content-type: font/woff2
content-length: 28584
last-modified: Fri, 25 Aug 2023 04:00:25 GMT
etag: "6fa8-603b76269b664"
access-control-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
content-security-policy: frame-ancestors 'none'
cache-control: max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sPfrAiwNfWEdMv5V0kTrpOvZM5ZiJa5OJrWDZQ0RGRsWCcaBUpKiIZ8p208mUJJIrlGgwnf8xUucaO%2FDZRESdsvw%2B1UIBUD%2BJPnvFOsgpDN4SughtX2aHEe63IfuUP8PesmPxB9YLG38b2s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 6066
accept-ranges: bytes
server: cloudflare
cf-ray: 823ec033de1d5695-OSL
emuzkjtabb.eorgesca.ru/web2/assets/fonts/GDSherpa-regular.woff
200 OK 37 kB URL GET HTTP/3 emuzkjtabb.eorgesca.ru/web2/assets/fonts/GDSherpa-regular.woff
IP
Requested by https://emuzkjtabb.eorgesca.ru/pkttju/#dhalderman@mbblawfirmkc.com
Certificate IssuerGoogle Trust Services LLC
Subjecteorgesca.ru
Fingerprint3F:72:2A:54:74:C2:7A:6F:62:C8:FC:29:B5:2B:F3:4B:61:70:3D:3F
ValidityWed, 01 Nov 2023 16:30:38 GMT - Tue, 30 Jan 2024 16:30:37 GMT
File type Web Open Font Format, TrueType, length 36696, version 1.0\012- data
Hash a69e9ab8afdd7486ec0749c551051ff2
c34e6aa327b536fb48d1fe03577a47c7ee2231b8
fd78a1913db912221b8ead1e62fad47d1ff0a9fa6cd88d3b128a721ad91d2faf
GET /web2/assets/fonts/GDSherpa-regular.woff HTTP/1.1
Host: emuzkjtabb.eorgesca.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://emuzkjtabb.eorgesca.ru/pkttju/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 Nov 2023 13:48:02 GMT
content-type: font/woff
content-length: 36696
last-modified: Fri, 25 Aug 2023 04:00:28 GMT
etag: "8f58-603b762947b93"
access-control-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
content-security-policy: frame-ancestors 'none'
cache-control: max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PS9X%2FLo6i1pcerAaQQjKJibpUY59VW3xoD%2FDD3V%2BcWZzM%2FdEV8g4KHKk1qpjfMRi3Y1mQUKA%2BmNzYLaLG%2BtLBaS6iolVlOajlsy0u5ggWeNwx99s4tOFlyBQBQfRM%2BwHlX%2B%2F2bIFH0EBoXk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 6066
accept-ranges: bytes
server: cloudflare
cf-ray: 823ec033de215695-OSL
emuzkjtabb.eorgesca.ru/web2/assets/fonts/GDSherpa-vf.woff2
200 OK 44 kB URL GET HTTP/3 emuzkjtabb.eorgesca.ru/web2/assets/fonts/GDSherpa-vf.woff2
IP
Requested by https://emuzkjtabb.eorgesca.ru/pkttju/#dhalderman@mbblawfirmkc.com
Certificate IssuerGoogle Trust Services LLC
Subjecteorgesca.ru
Fingerprint3F:72:2A:54:74:C2:7A:6F:62:C8:FC:29:B5:2B:F3:4B:61:70:3D:3F
ValidityWed, 01 Nov 2023 16:30:38 GMT - Tue, 30 Jan 2024 16:30:37 GMT
File type Web Open Font Format (Version 2), TrueType, length 43596, version 1.0\012- data
Hash 2a05e9e5572abc320b2b7ea38a70dcc1
d5fa2a856d5632c2469e42436159375117ef3c35
3efcb941aaddaf4aea08dab3fb97d3e904aa1b83264e64b4d5bda53bc7c798ec
GET /web2/assets/fonts/GDSherpa-vf.woff2 HTTP/1.1
Host: emuzkjtabb.eorgesca.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://emuzkjtabb.eorgesca.ru/pkttju/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 Nov 2023 13:48:02 GMT
content-type: font/woff2
content-length: 43596
last-modified: Fri, 25 Aug 2023 04:00:36 GMT
etag: "aa4c-603b7631474f7"
access-control-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
content-security-policy: frame-ancestors 'none'
cache-control: max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ty6aHsRyLpzC67TuBhQ57rKTw3iSyAYBZ8%2F4InDr01txyJC5Bb9%2Bu82LNd90GAckR42AB3lv8z1nGeqLKJ1AS8tKYhzm%2F37Ag2ATFU9i9lf8v5OiT2cMc%2FHXCZVCcuGkxIcvWKIm9PweDTo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 6066
accept-ranges: bytes
server: cloudflare
cf-ray: 823ec033de225695-OSL
emuzkjtabb.eorgesca.ru/web2/assets/fonts/GDSherpa-vf2.woff2
200 OK 93 kB URL GET HTTP/3 emuzkjtabb.eorgesca.ru/web2/assets/fonts/GDSherpa-vf2.woff2
IP
Requested by https://emuzkjtabb.eorgesca.ru/pkttju/#dhalderman@mbblawfirmkc.com
Certificate IssuerGoogle Trust Services LLC
Subjecteorgesca.ru
Fingerprint3F:72:2A:54:74:C2:7A:6F:62:C8:FC:29:B5:2B:F3:4B:61:70:3D:3F
ValidityWed, 01 Nov 2023 16:30:38 GMT - Tue, 30 Jan 2024 16:30:37 GMT
File type Web Open Font Format (Version 2), TrueType, length 93276, version 1.0\012- data
Hash bcd7983ea5aa57c55f6758b4977983cb
ef3a009e205229e07fb0ec8569e669b11c378ef1
6528a0bf9a836a53dfd8536e1786ba6831c9d1faa74967126fddf5b2081b858c
GET /web2/assets/fonts/GDSherpa-vf2.woff2 HTTP/1.1
Host: emuzkjtabb.eorgesca.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://emuzkjtabb.eorgesca.ru/pkttju/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 Nov 2023 13:48:02 GMT
content-type: font/woff2
content-length: 93276
last-modified: Fri, 25 Aug 2023 04:00:32 GMT
etag: "16c5c-603b762dd727e"
access-control-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
content-security-policy: frame-ancestors 'none'
cache-control: max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dFNKkba3r16Ckreew4QpSlbqJPFONdCEKNnXg7hdpCQjY0TSWHBKTUtW0cjqpo%2BzbOuF5SwQ9a1YZ%2FKiaxcj0BANBi21GO3xY708GdLh7rQOeitd5VtM8pILHnLStlMAUCazkAiMHOcmj3U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 6066
accept-ranges: bytes
server: cloudflare
cf-ray: 823ec033ee275695-OSL
emuzkjtabb.eorgesca.ru/web2/assets/css/pages-okta.css?cb=1699624082472
200 OK 0 B URL GET HTTP/3 emuzkjtabb.eorgesca.ru/web2/assets/css/pages-okta.css?cb=1699624082472
IP
Requested by https://emuzkjtabb.eorgesca.ru/pkttju/#dhalderman@mbblawfirmkc.com
Certificate IssuerGoogle Trust Services LLC
Subjecteorgesca.ru
Fingerprint3F:72:2A:54:74:C2:7A:6F:62:C8:FC:29:B5:2B:F3:4B:61:70:3D:3F
ValidityWed, 01 Nov 2023 16:30:38 GMT - Tue, 30 Jan 2024 16:30:37 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /web2/assets/css/pages-okta.css?cb=1699624082472 HTTP/1.1
Host: emuzkjtabb.eorgesca.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://emuzkjtabb.eorgesca.ru/pkttju/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 Nov 2023 13:48:03 GMT
content-type: text/css
content-length: 0
last-modified: Thu, 24 Aug 2023 12:07:13 GMT
etag: "0-603aa11867866"
access-control-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
content-security-policy: frame-ancestors 'none'
cache-control: max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OW3PqNO%2BAW0qGPywMc95eBkNW8CQUZ3GDmTDROEzSxkOaYcdKC9PS%2FyKvPKJ6yMIMqcj6cSfMzp4LhaQbNhJe6s5CZ0y8fK4hbqw8ZcdNmTmXMnCv720mLMA9OcF4UA%2BukdbCpnT1%2Bbxs1w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 823ec033ce065695-OSL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/78721992:1699621869:azCVQQe_sEMOlzBd-JRiasF4WG7YYLV7uBQ1NK60W_4/823ec039fcfab523/76bf54b2dd6bc4b
200 OK 9.0 kB URL POST HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/78721992:1699621869:azCVQQe_sEMOlzBd-JRiasF4WG7YYLV7uBQ1NK60W_4/823ec039fcfab523/76bf54b2dd6bc4b
IP
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/34qbu/0x4AAAAAAAMhkGlXpUVzzdsY/auto/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File type ASCII text, with very long lines (3436), with no line terminators
Hash a061bcea557082cc6fc54d1fb0bc25bc
6ad06b0c86ddc9e5ab811cb32be11d79deabda02
b8782002d7b6334dcf2db1e2ad93f086df3713ef6a92dd1d64a526fc79cb1030
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/78721992:1699621869:azCVQQe_sEMOlzBd-JRiasF4WG7YYLV7uBQ1NK60W_4/823ec039fcfab523/76bf54b2dd6bc4b HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/34qbu/0x4AAAAAAAMhkGlXpUVzzdsY/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 76bf54b2dd6bc4b
Content-Length: 24767
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 Nov 2023 13:48:08 GMT
content-type: text/html; charset=UTF-8
cf-chl-out: idfQin7kAheK8j09iBY4NfcrxXszOeKGS7xzkzxop8kLY0mynxKiuFHfqSPuuB0fjPG/H+C0YgLB9pIE066dh/yMqVqSRl/sT3Dd6B6S37R1TJiJV5JxqwillaWck3/o$ET55+tVe8iWmbNWiGZ0J9A==
cf-chl-out-s: iUfZYNAThsfYexk9WpgKO+sSNM+52SgQ9yrPb5i2k8SdqO1tswzKJb6OVY3z1l8jLeecanjWuXmn46cKDFXjF90s3lEmkhoP0gECCu4BqNBJab+bqxd8+2QaTQxSthHEJYWl+8v80we/DNj+ObiWIcft7U2X0kl3hCsuV6b1+L7KD6vBhIqcKSVmfX6+mj6PtMPPrO/o5WnLDu+nI+HFAx43fglQA+rekdaDBWiZ7s5QiIcr4nml6kFJBRV+9ZXLv5cybvcuoMk0XFKhaT3+MQ==$iWwZLDL3KUtRKc8YdmRlFg==
server: cloudflare
cf-ray: 823ec056ef36b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
emuzkjtabb.eorgesca.ru/web2/assets/key.png
727 B URL emuzkjtabb.eorgesca.ru/web2/assets/key.png
IP
Certificate IssuerGoogle Trust Services LLC
Subjecteorgesca.ru
Fingerprint3F:72:2A:54:74:C2:7A:6F:62:C8:FC:29:B5:2B:F3:4B:61:70:3D:3F
ValidityWed, 01 Nov 2023 16:30:38 GMT - Tue, 30 Jan 2024 16:30:37 GMT
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 839cb0f55c3d2d5c2f740bda95cb2878
93f6fa3a2da8b7184d4b5c5f2065872793370c2e
40ecb8832f6a9a8aaa0cc6e1287e867a4fca38433d091d86c6cab1f28fbab652
GET /web2/assets/key.png HTTP/1.1
Host: emuzkjtabb.eorgesca.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://emuzkjtabb.eorgesca.ru/pkttju/
Cookie: XSRF-TOKEN=eyJpdiI6IkV4OGpSZk9uUm4yVzlMM2V3NWRsT0E9PSIsInZhbHVlIjoiQkx6cWx4clRKODVDa1BhVDBLekdEanRMYVV3OUFNL3ltenR6bjQvWFMxRzZaSHJXcTJ5b2ZjWnZEZkVNRER4VWY5L0lTMC8zaWFqd2NuUnJIaXpnQlkwYUZ6QWNabHlUNHR5VFdvelhPMmU5V2FGUzQ5MllwaXZBVmNRekdTMGkiLCJtYWMiOiIxZTExMDA0M2ZjNDk4ZGNkOThiMjhmMDlmYjBhYTkxMzlmMTQ0NDY1NmUzMDdiOGZkZDI4MTY0Njg1M2QyMzQwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImZaL2JtK2E5cWxKRnJQaE9nUEhEdWc9PSIsInZhbHVlIjoiYWF0ZzJxdktYcVBBb2xTYzBPUzZHQTZpYnVtZkwvdFpVb3I0R3I5bE85Y1JiZUFDaFh1VUovNW5aOGZEay9KdUtISmFxMHF0cHJBYzhsOCtIZ1lMVUM2c015VlZoUnpKUys2Vk1yOUsyc2NzcTBmSWlkUytzb3ZEcWxULzA2dEYiLCJtYWMiOiIyYzc4Y2YxYWJhYWQ0YTAwYzA1MDYzNDE1MzdlMzczMTQzOTk4YjdhMThmZjg2ZjQxOWU1OTQ1ZGY3N2FjYmVhIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 Nov 2023 13:48:11 GMT
content-type: image/png
content-length: 727
last-modified: Sun, 19 Mar 2023 15:20:17 GMT
etag: "2d7-5f7425905ae40"
access-control-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
content-security-policy: frame-ancestors 'none'
cache-control: max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZpiykUnQ7VKCR2dNF%2FxN5JsCM6sGLxZhFrJOX71cDtnfae%2F%2BIzVplI4aGIeqZykfeSndG8jQJ7HsTDy4AuuI2Sffm1lrNpF2dfE7FU4xq1fWTI4zAdlCIiZdjDfRNuZHXJR3p5IjMtS6BnU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 6068
accept-ranges: bytes
server: cloudflare
cf-ray: 823ec06a8a825695-OSL
emuzkjtabb.eorgesca.ru/web2/assets/godaddy-left.png
30 kB URL emuzkjtabb.eorgesca.ru/web2/assets/godaddy-left.png
IP
Certificate IssuerGoogle Trust Services LLC
Subjecteorgesca.ru
Fingerprint3F:72:2A:54:74:C2:7A:6F:62:C8:FC:29:B5:2B:F3:4B:61:70:3D:3F
ValidityWed, 01 Nov 2023 16:30:38 GMT - Tue, 30 Jan 2024 16:30:37 GMT
File type PNG image data, 506 x 303, 8-bit/color RGBA, non-interlaced\012- data
Hash 210433a8774859368f3a7b86d125a2a7
408bacddc39f12cad285579c102fe4a629862d88
9c6addfc339ce1c1d262290ab4cc2de8d38d4b54b11a8e85afd44fbb0acc2561
GET /web2/assets/godaddy-left.png HTTP/1.1
Host: emuzkjtabb.eorgesca.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://emuzkjtabb.eorgesca.ru/pkttju/
Cookie: XSRF-TOKEN=eyJpdiI6IkV4OGpSZk9uUm4yVzlMM2V3NWRsT0E9PSIsInZhbHVlIjoiQkx6cWx4clRKODVDa1BhVDBLekdEanRMYVV3OUFNL3ltenR6bjQvWFMxRzZaSHJXcTJ5b2ZjWnZEZkVNRER4VWY5L0lTMC8zaWFqd2NuUnJIaXpnQlkwYUZ6QWNabHlUNHR5VFdvelhPMmU5V2FGUzQ5MllwaXZBVmNRekdTMGkiLCJtYWMiOiIxZTExMDA0M2ZjNDk4ZGNkOThiMjhmMDlmYjBhYTkxMzlmMTQ0NDY1NmUzMDdiOGZkZDI4MTY0Njg1M2QyMzQwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImZaL2JtK2E5cWxKRnJQaE9nUEhEdWc9PSIsInZhbHVlIjoiYWF0ZzJxdktYcVBBb2xTYzBPUzZHQTZpYnVtZkwvdFpVb3I0R3I5bE85Y1JiZUFDaFh1VUovNW5aOGZEay9KdUtISmFxMHF0cHJBYzhsOCtIZ1lMVUM2c015VlZoUnpKUys2Vk1yOUsyc2NzcTBmSWlkUytzb3ZEcWxULzA2dEYiLCJtYWMiOiIyYzc4Y2YxYWJhYWQ0YTAwYzA1MDYzNDE1MzdlMzczMTQzOTk4YjdhMThmZjg2ZjQxOWU1OTQ1ZGY3N2FjYmVhIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 Nov 2023 13:48:11 GMT
content-type: image/png
content-length: 29796
last-modified: Thu, 24 Aug 2023 14:10:07 GMT
etag: "7464-603abc9079d32"
access-control-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
content-security-policy: frame-ancestors 'none'
cache-control: max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RQHKRWg%2Fx6x%2FQ34v37YQeylfy4I25oSBK3SMD158THPa62H1h6i7hPt8XIuh%2FqCictJ04X1w%2BlpDdGOhXwNGtgPwISZsj1eLpu6PlU6cxxJoKXE538yL%2FH2nvDrsF6C6rvyfksasFzHSEtM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 6067
accept-ranges: bytes
server: cloudflare
cf-ray: 823ec06aaa9c5695-OSL
emuzkjtabb.eorgesca.ru/web2/assets/css/pages-godaddy.css?cb=1699624082472
200 OK 55 kB URL GET HTTP/3 emuzkjtabb.eorgesca.ru/web2/assets/css/pages-godaddy.css?cb=1699624082472
IP
Requested by https://emuzkjtabb.eorgesca.ru/pkttju/#dhalderman@mbblawfirmkc.com
Certificate IssuerGoogle Trust Services LLC
Subjecteorgesca.ru
Fingerprint3F:72:2A:54:74:C2:7A:6F:62:C8:FC:29:B5:2B:F3:4B:61:70:3D:3F
ValidityWed, 01 Nov 2023 16:30:38 GMT - Tue, 30 Jan 2024 16:30:37 GMT
File type ASCII text, with very long lines (1437), with CRLF line terminators
Hash d7c87990c89310fcf5a9d4deb542a902
3ed17c7eaf31bb310798ec719b8d93db8a7316f8
709724756ac73892ac3709ec162d48f0aa2a94399d3d86a5df0cf5600be58513
GET /web2/assets/css/pages-godaddy.css?cb=1699624082472 HTTP/1.1
Host: emuzkjtabb.eorgesca.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://emuzkjtabb.eorgesca.ru/pkttju/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 Nov 2023 13:48:03 GMT
content-type: text/css
last-modified: Mon, 09 Oct 2023 21:26:59 GMT
etag: W/"954d-6074f4019072e"
access-control-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
content-security-policy: frame-ancestors 'none'
cache-control: max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mr47t60%2BtnfbX%2BQO4e%2F9%2BRiLnGQ2ohA9uy%2BOIcPLq5QHalJEi0QtxlvBk%2Fe05PmEHX7LZKTpfSNUG8vhqyRgcnY40XAoppf%2F3GOzGXzHGMMtrdDEJcCvCWPX7Fh1nGQaN0WLkAwJ77YzEz4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: MISS
server: cloudflare
cf-ray: 823ec033bdfd5695-OSL
content-encoding: br
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/78721992:1699621869:azCVQQe_sEMOlzBd-JRiasF4WG7YYLV7uBQ1NK60W_4/823ec039fcfab523/76bf54b2dd6bc4b
200 OK 137 kB URL POST HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/78721992:1699621869:azCVQQe_sEMOlzBd-JRiasF4WG7YYLV7uBQ1NK60W_4/823ec039fcfab523/76bf54b2dd6bc4b
IP
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/34qbu/0x4AAAAAAAMhkGlXpUVzzdsY/auto/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 137 kB (136588 bytes)
Hash c1d686d4995f2b0e64ab8ec9c67fb9fd
1b569a25dd33805b15a905cc97f6b9676b16ec9e
b702d231594cdb5b909dd9a4c9fb57fc506a9600ca2fe93e09b293032632353e
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/78721992:1699621869:azCVQQe_sEMOlzBd-JRiasF4WG7YYLV7uBQ1NK60W_4/823ec039fcfab523/76bf54b2dd6bc4b HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/34qbu/0x4AAAAAAAMhkGlXpUVzzdsY/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 76bf54b2dd6bc4b
Content-Length: 2358
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 Nov 2023 13:48:03 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: sziGGQ5OfMmRQ1JZnPEUYJZVrClRTA2Hh56rdzYZ3L3SoszndgtO2y0aUG/H0FOG8mvbH54AJ/szHL7lPgZ09CiApXCy4iNkJDgp7BYPWMotmq4Nz+Lk64xzG+mZDL7fi+kb/ap1UL0fZb1N637Ui0ptW/iUEgduQboXwEIjC2GW/3AgP9/XcitBD7LNmy9BkZ2K9LJ5I04tfFalYkIzEZ6nu/vNp0SjHbMxZ+2Uf06XjYHJ5cDSzXAoUyNZ+J6KazQNWDFDWuWQ27YCks2PL0zOnMCw9gpXfNGJnVRomOo0oujSdIHDdWDPoalOIGjQoDRtAm632Umr80rHMsrtCQfvC9fbh+JOT8F16CaDOj57vS8xZkT0B8ZtUiy+Oaiw$Oa3mYLQtDnOnyShdqswcAA==
server: cloudflare
cf-ray: 823ec03c6f06b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
emuzkjtabb.eorgesca.ru/web2/assets/officelogo.png
1.4 kB URL emuzkjtabb.eorgesca.ru/web2/assets/officelogo.png
IP
Certificate IssuerGoogle Trust Services LLC
Subjecteorgesca.ru
Fingerprint3F:72:2A:54:74:C2:7A:6F:62:C8:FC:29:B5:2B:F3:4B:61:70:3D:3F
ValidityWed, 01 Nov 2023 16:30:38 GMT - Tue, 30 Jan 2024 16:30:37 GMT
File type PNG image data, 108 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 333ee830e5ab72c41dd9126a27b4d878
12d8d66ebb3076f3d6069e133c3212f97c8774e1
8702292cbc365e9f0488143e2b309b85efe09c61fd2e0a2e21c53735a309313c
GET /web2/assets/officelogo.png HTTP/1.1
Host: emuzkjtabb.eorgesca.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://emuzkjtabb.eorgesca.ru/web2/assets/pages/h99271.css?cb=1699624082472
Cookie: XSRF-TOKEN=eyJpdiI6IkV4OGpSZk9uUm4yVzlMM2V3NWRsT0E9PSIsInZhbHVlIjoiQkx6cWx4clRKODVDa1BhVDBLekdEanRMYVV3OUFNL3ltenR6bjQvWFMxRzZaSHJXcTJ5b2ZjWnZEZkVNRER4VWY5L0lTMC8zaWFqd2NuUnJIaXpnQlkwYUZ6QWNabHlUNHR5VFdvelhPMmU5V2FGUzQ5MllwaXZBVmNRekdTMGkiLCJtYWMiOiIxZTExMDA0M2ZjNDk4ZGNkOThiMjhmMDlmYjBhYTkxMzlmMTQ0NDY1NmUzMDdiOGZkZDI4MTY0Njg1M2QyMzQwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImZaL2JtK2E5cWxKRnJQaE9nUEhEdWc9PSIsInZhbHVlIjoiYWF0ZzJxdktYcVBBb2xTYzBPUzZHQTZpYnVtZkwvdFpVb3I0R3I5bE85Y1JiZUFDaFh1VUovNW5aOGZEay9KdUtISmFxMHF0cHJBYzhsOCtIZ1lMVUM2c015VlZoUnpKUys2Vk1yOUsyc2NzcTBmSWlkUytzb3ZEcWxULzA2dEYiLCJtYWMiOiIyYzc4Y2YxYWJhYWQ0YTAwYzA1MDYzNDE1MzdlMzczMTQzOTk4YjdhMThmZjg2ZjQxOWU1OTQ1ZGY3N2FjYmVhIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 Nov 2023 13:48:11 GMT
content-type: image/png
content-length: 1400
last-modified: Sun, 19 Mar 2023 15:20:17 GMT
etag: "578-5f7425905ae40"
access-control-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
content-security-policy: frame-ancestors 'none'
cache-control: max-age=14400
age: 6068
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wddKkdgBsyP2Ja86Ko6kuxgBXOZUOwqH1rgdpF5NnVgJkxoViPaon06zBLRjfgL13MF1K5hwN0iUP4prcEaVVqyGbi5sYSJq%2BDzrzATyFGp8b5yUcCwSjJLRO0NOTsMfQENYYOhaIci%2BgOg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
accept-ranges: bytes
server: cloudflare
cf-ray: 823ec06afaf25695-OSL
aadcdn.msftauth.net/shared/1.0/content/images/picker_verify_call_c2616792e1950f83fdef6e72dab97293.svg
1.2 kB URL aadcdn.msftauth.net/shared/1.0/content/images/picker_verify_call_c2616792e1950f83fdef6e72dab97293.svg
IP
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (2905), with no line terminators
Hash fe87496cc7a44412f7893a72099c120a
a0c1458c08a815df63d3cb0406d60be6607ca699
55ce3b0ce5bc71339308107982cd7671f96014256ded0be36dc8062e64c847f1
GET /shared/1.0/content/images/picker_verify_call_c2616792e1950f83fdef6e72dab97293.svg HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://emuzkjtabb.eorgesca.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
age: 13455983
cache-control: public, max-age=31536000
content-md5: XHrPYKKsqlxUvysuxtSE2A==
content-type: image/svg+xml
date: Fri, 10 Nov 2023 13:48:11 GMT
etag: 0x8DB5C3F4A98E9BB
last-modified: Wed, 24 May 2023 10:11:50 GMT
server: ECAcc (ska/F6F3)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 3afb7c4b-e01e-0039-1e7a-99c6de000000
x-ms-version: 2009-09-19
content-length: 1173
X-Firefox-Spdy: h2
aadcdn.msftauth.net/shared/1.0/content/images/close_790189870c9543725dc3f5a15fb25e46.svg
190 B URL aadcdn.msftauth.net/shared/1.0/content/images/close_790189870c9543725dc3f5a15fb25e46.svg
IP
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with no line terminators
Hash 40eb39126300b56bf66c20ee75b54093
83678d94097257eb474713dec49e8094f49d2e2a
765709425a5b9209e875dccf2217d3161429d2d48159fc1df7b253b77c1574f4
GET /shared/1.0/content/images/close_790189870c9543725dc3f5a15fb25e46.svg HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://emuzkjtabb.eorgesca.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
age: 14018324
cache-control: public, max-age=31536000
content-md5: rp+/fadJKxLUo+jgFmYTeQ==
content-type: image/svg+xml
date: Fri, 10 Nov 2023 13:48:11 GMT
etag: 0x8DB5C3F4721247A
last-modified: Wed, 24 May 2023 10:11:44 GMT
server: ECAcc (ska/F697)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: cf4cbdca-101e-0042-0c5d-942f4a000000
x-ms-version: 2009-09-19
content-length: 190
X-Firefox-Spdy: h2
aadcdn.msftauth.net/shared/1.0/content/images/picker_verify_fluent_authenticator_59892f1e05e3adf9fd2f71b42d92a27f.svg
2.4 kB URL aadcdn.msftauth.net/shared/1.0/content/images/picker_verify_fluent_authenticator_59892f1e05e3adf9fd2f71b42d92a27f.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (4714), with CRLF line terminators
Hash b59c16ca9bf156438a8a96d45e33db64
4e51b7d3477414b220f688adabd76d3ae6472ee3
a7ee799dd5b6f6dbb70b043b766362a6724e71458f9839306c995f06b218c2f8
GET /shared/1.0/content/images/picker_verify_fluent_authenticator_59892f1e05e3adf9fd2f71b42d92a27f.svg HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://emuzkjtabb.eorgesca.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
age: 14024788
cache-control: public, max-age=31536000
content-md5: nTculR1Fom7eLci0F6rk+A==
content-type: image/svg+xml
date: Fri, 10 Nov 2023 13:48:11 GMT
etag: 0x8DB5C3F4ADC079A
last-modified: Wed, 24 May 2023 10:11:51 GMT
server: ECAcc (ska/F7B6)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 9d35d246-701e-009b-604e-944da7000000
x-ms-version: 2009-09-19
content-length: 2407
X-Firefox-Spdy: h2
aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg
673 B URL aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1864), with no line terminators
Hash bc3d32a696895f78c19df6c717586a5d
9191cb156a30a3ed79c44c0a16c95159e8ff689d
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
GET /shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://emuzkjtabb.eorgesca.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: public, max-age=31536000
content-length: 673
content-type: image/svg+xml
content-encoding: gzip
content-md5: DhdidjYrlCeaRJJRG/y9mA==
last-modified: Wed, 24 May 2023 10:11:46 GMT
etag: 0x8DB5C3F47E260FD
x-cache: TCP_HIT
x-ms-request-id: ee5225fd-a01e-0009-35e6-114460000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0tUlLZQAAAACdcK/mu1h3TL1eetsEATepQU1TMDRFREdFMTgxMgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
x-azure-ref: 0mzROZQAAAACqXiHX5Yc/QLoupeXghW+gU1ZHMjBFREdFMDYxOAAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY=
date: Fri, 10 Nov 2023 13:48:11 GMT
X-Firefox-Spdy: h2
logincdn.msauth.net/shared/1.0/content/images/picker_verify_email_958962caa7cf6b75cd412e9e3b687b22.svg
212 B URL logincdn.msauth.net/shared/1.0/content/images/picker_verify_email_958962caa7cf6b75cd412e9e3b687b22.svg
IP
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with no line terminators
Hash 59759b80e24a89c8cd029b14700e646d
651b1921c99e143d3c242de3faacfb9ad51dbb53
b02b5df3ecd59d6cd90c60878683477532cbfc24660028657f290bdc7bc774b5
GET /shared/1.0/content/images/picker_verify_email_958962caa7cf6b75cd412e9e3b687b22.svg HTTP/1.1
Host: logincdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://emuzkjtabb.eorgesca.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
age: 13459517
cache-control: public, max-age=31536000
content-md5: pFQUXilUkzYtIbvSwGgVBQ==
content-type: image/svg+xml
date: Fri, 10 Nov 2023 13:48:11 GMT
etag: 0x8DB5C409F549E50
last-modified: Wed, 24 May 2023 10:21:22 GMT
server: ECAcc (ska/F7AD)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: e6e3cc87-601e-0079-1c72-993a7c000000
x-ms-version: 2009-09-19
content-length: 212
X-Firefox-Spdy: h2
challenges.cloudflare.com/turnstile/v0/g/9914b343/api.js?render=explicit
200 OK 19 kB URL GET HTTP/3 challenges.cloudflare.com/turnstile/v0/g/9914b343/api.js?render=explicit
IP
Requested by https://emuzkjtabb.eorgesca.ru/pkttju/#dhalderman@mbblawfirmkc.com
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File type ASCII text, with very long lines (34253)
Hash 6142a5f5c66e2c1be52ee9506a565962
c3b39e8352efd1e0619b6dd62af8b2a917622868
51cd12da61a7401c73472b2ac77067adfa30e9fc0545b4b7c240e9154e011fc7
GET /turnstile/v0/g/9914b343/api.js?render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://emuzkjtabb.eorgesca.ru/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 Nov 2023 13:48:00 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 823ec0290e2ab523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
emuzkjtabb.eorgesca.ru/web2/assets/pages/h99271.css?cb=1699624082472
200 OK 1.1 kB URL GET HTTP/3 emuzkjtabb.eorgesca.ru/web2/assets/pages/h99271.css?cb=1699624082472
IP
Requested by https://emuzkjtabb.eorgesca.ru/pkttju/#dhalderman@mbblawfirmkc.com
Certificate IssuerGoogle Trust Services LLC
Subjecteorgesca.ru
Fingerprint3F:72:2A:54:74:C2:7A:6F:62:C8:FC:29:B5:2B:F3:4B:61:70:3D:3F
ValidityWed, 01 Nov 2023 16:30:38 GMT - Tue, 30 Jan 2024 16:30:37 GMT
File type ASCII text, with very long lines (1164), with no line terminators
Hash 7b4a0b437a860756a33291aba35994bf
5fd0d1bb49eac3fe26df6fa899833438afea0431
8f747b76b97df59f3038f84d1ef912552eebd7fa697a5972ae49ccb33a4830f2
GET /web2/assets/pages/h99271.css?cb=1699624082472 HTTP/1.1
Host: emuzkjtabb.eorgesca.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://emuzkjtabb.eorgesca.ru/pkttju/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 Nov 2023 13:48:03 GMT
content-type: text/css
last-modified: Wed, 01 Nov 2023 20:32:06 GMT
etag: W/"461-6091d2a315095"
access-control-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
content-security-policy: frame-ancestors 'none'
cache-control: max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ma%2FLrx8viYBl7L1ZszoVd%2Bmnd5NKpCWsrxjn9TF%2BAC2ivdC4EKyN7gM0beGkZuyCoH480%2B8FCwppSx6yXwtnKV%2BHJj28Wx2hHbjOwVJBn3wAvpb8y39VttIMCw8LNIu8K3zAbkxFd%2BG9u%2FI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: MISS
server: cloudflare
cf-ray: 823ec033bdf35695-OSL
content-encoding: br
emuzkjtabb.eorgesca.ru/web2/assets/js/pages-head-top-web.min.js?cb=1699624080877
200 OK 2.4 kB URL GET HTTP/3 emuzkjtabb.eorgesca.ru/web2/assets/js/pages-head-top-web.min.js?cb=1699624080877
IP
Requested by https://emuzkjtabb.eorgesca.ru/pkttju/#dhalderman@mbblawfirmkc.com
Certificate IssuerGoogle Trust Services LLC
Subjecteorgesca.ru
Fingerprint3F:72:2A:54:74:C2:7A:6F:62:C8:FC:29:B5:2B:F3:4B:61:70:3D:3F
ValidityWed, 01 Nov 2023 16:30:38 GMT - Tue, 30 Jan 2024 16:30:37 GMT
File type ASCII text, with very long lines (2572), with no line terminators
Hash e13706042f1e59dab7e641d16c581603
d37fab20d3479a2a0381df6f6108b86f0a79c81d
c0686c8b9937a55fac42dca83cbe8ecfe0ca707c37632a22f102803a73dbd58f
GET /web2/assets/js/pages-head-top-web.min.js?cb=1699624080877 HTTP/1.1
Host: emuzkjtabb.eorgesca.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://emuzkjtabb.eorgesca.ru/pkttju/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 Nov 2023 13:48:02 GMT
content-type: application/javascript
last-modified: Sat, 21 Oct 2023 21:36:17 GMT
etag: W/"95a-60840c77c1f76"
access-control-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
content-security-policy: frame-ancestors 'none'
cache-control: max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f0QMiM29p%2BUchNqrpcr%2FnnvS3iNfuPq%2BOg0B7hBo%2F2043usyTDJDoBY8fKBJbNfP%2Bb9oWZsTb6JYeIt2m7O8kP8RLPvRQVhlReU7F9mGIaNwhosQuSBBSBnABYpxIFgVJWxQd6ZN72VqWLY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: MISS
server: cloudflare
cf-ray: 823ec029ac975695-OSL
content-encoding: br
emuzkjtabb.eorgesca.ru/web2/assets/js/pages-head-web.min.js?cb=1699624082472
200 OK 14 kB URL GET HTTP/3 emuzkjtabb.eorgesca.ru/web2/assets/js/pages-head-web.min.js?cb=1699624082472
IP
Requested by https://emuzkjtabb.eorgesca.ru/pkttju/#dhalderman@mbblawfirmkc.com
Certificate IssuerGoogle Trust Services LLC
Subjecteorgesca.ru
Fingerprint3F:72:2A:54:74:C2:7A:6F:62:C8:FC:29:B5:2B:F3:4B:61:70:3D:3F
ValidityWed, 01 Nov 2023 16:30:38 GMT - Tue, 30 Jan 2024 16:30:37 GMT
File type ASCII text, with very long lines (13626), with no line terminators
Hash 701637cf7b3c9588cdf84dbb449ba48e
a3fd0695db073372cbb52345cb18cd4f8186edeb
fe2ea5cd48f2ca8001c5283ee74d2b41305644374b0c1e7b90b9cb6b5bb73a94
GET /web2/assets/js/pages-head-web.min.js?cb=1699624082472 HTTP/1.1
Host: emuzkjtabb.eorgesca.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://emuzkjtabb.eorgesca.ru/pkttju/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 Nov 2023 13:48:03 GMT
content-type: application/javascript
last-modified: Sun, 22 Oct 2023 12:15:47 GMT
etag: W/"353a-6084d10c51e3d"
access-control-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
content-security-policy: frame-ancestors 'none'
cache-control: max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IeUqyCCoGORovRSdkGG98CkSXJtWQUFduK2f8m9vthdq30GyoLpm%2Fv9sO9j9IKwOMx8jYaABi9r4RTSU%2FOA4o3501dmM3SPZCWaNuolniu8QqgCkR029Uo5Kfj2BwZFZurvR4tlXBUfI6cc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: MISS
server: cloudflare
cf-ray: 823ec033ce0a5695-OSL
content-encoding: br
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/34qbu/0x4AAAAAAAMhkGlXpUVzzdsY/auto/normal
200 OK 73 kB URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/34qbu/0x4AAAAAAAMhkGlXpUVzzdsY/auto/normal
IP
Requested by https://emuzkjtabb.eorgesca.ru/pkttju/#dhalderman@mbblawfirmkc.com
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (40091)
Hash c91a738686ee1984006e853f2c7427e2
1f5f0036d15741d5691a4287743896632a13ee3c
6a5deb065ca4983e0715bff33894a259e159319a4b969226ee834fdd3b168c18
GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/34qbu/0x4AAAAAAAMhkGlXpUVzzdsY/auto/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://emuzkjtabb.eorgesca.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 Nov 2023 13:48:03 GMT
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
cf-ray: 823ec039fcfab523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=823ec039fcfab523
200 OK 177 kB URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=823ec039fcfab523
IP
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/34qbu/0x4AAAAAAAMhkGlXpUVzzdsY/auto/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 177 kB (176946 bytes)
Hash eec756162e70d2e9adf1c935044ab04b
add534d6bc0cbb8352740673ab326e1fe66d9338
bbadf5972707483ed4f30c89a9717174177e240ddd181e551bfbe9a81f137d8e
GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=823ec039fcfab523 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/34qbu/0x4AAAAAAAMhkGlXpUVzzdsY/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 Nov 2023 13:48:03 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: cloudflare
cf-ray: 823ec03aad7ab523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
emuzkjtabb.eorgesca.ru/pkttju/
200 OK 113 B URL User Request GET HTTP/2 emuzkjtabb.eorgesca.ru/pkttju/
IP
Certificate IssuerGoogle Trust Services LLC
Subjecteorgesca.ru
Fingerprint3F:72:2A:54:74:C2:7A:6F:62:C8:FC:29:B5:2B:F3:4B:61:70:3D:3F
ValidityWed, 01 Nov 2023 16:30:38 GMT - Tue, 30 Jan 2024 16:30:37 GMT
File type HTML document text\012- HTML document, ASCII text, with no line terminators
Hash a22d605918a73702101b199761720983
664241c06eeaabb34ea49d1a5f1f2258e10ead08
e227cf070b985bb1d74d922110bfc16303fd57f263f5557864548af2f09cffb5
Analyzer Verdict Alert OpenPhish phishing Office365
GET /pkttju/ HTTP/1.1
Host: emuzkjtabb.eorgesca.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mbblawfirmkc.karlacalixtro.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 Nov 2023 13:48:00 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6SPi3jZemcKOqz%2Bl7u76bp8OaaF7Jc3yn3IUrWiLyGKHQzD3qJdaFJlIssvG%2FFm%2FFYllMH3enjWn698zUkFjRAbioCz95z6vN3bJfAaOZIfEg%2FIrg9%2BWobEqEes16CpeZ8G13yYuOdT1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 823ec02418d656c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
emuzkjtabb.eorgesca.ru/web2/assets/cloudfavicon.ico
200 OK 34 kB URL GET HTTP/3 emuzkjtabb.eorgesca.ru/web2/assets/cloudfavicon.ico
IP
Requested by https://emuzkjtabb.eorgesca.ru/pkttju/#dhalderman@mbblawfirmkc.com
Certificate IssuerGoogle Trust Services LLC
Subjecteorgesca.ru
Fingerprint3F:72:2A:54:74:C2:7A:6F:62:C8:FC:29:B5:2B:F3:4B:61:70:3D:3F
ValidityWed, 01 Nov 2023 16:30:38 GMT - Tue, 30 Jan 2024 16:30:37 GMT
File type MS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel\012- data
Hash 88415acda09a4cbd9d87543c3ba78180
2dec4705e9ab399efdc6eef36e079aa31d1df8d9
20cccc47c1bac9d2ef36b6a1c58af58c5c169ad5ca084080f0392b86f949641c
GET /web2/assets/cloudfavicon.ico HTTP/1.1
Host: emuzkjtabb.eorgesca.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://emuzkjtabb.eorgesca.ru/pkttju/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 Nov 2023 13:48:01 GMT
content-type: image/x-icon
last-modified: Wed, 16 Aug 2023 15:22:46 GMT
etag: W/"86be-6030bde212b57"
access-control-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
content-security-policy: frame-ancestors 'none'
cache-control: max-age=14400
age: 6065
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XkMUYrQ4Wi8Kwb9UlIHK3bDsXQHLluMuM7nfX43IV92dKzWq82%2BklF9178HqAeSREeJZWmRYOvGMJbLnnBXpiQjT2YpmnlW68aYt0ipKtUK%2FxyYSkBucOB%2F2O%2FDVh%2BinqnKCOA1KO6pkLl0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
server: cloudflare
cf-ray: 823ec02aad835695-OSL
content-encoding: br
emuzkjtabb.eorgesca.ru/web2/assets/cloudfavicon.ico
200 OK 34 kB URL GET HTTP/3 emuzkjtabb.eorgesca.ru/web2/assets/cloudfavicon.ico
IP
Requested by https://emuzkjtabb.eorgesca.ru/pkttju/#dhalderman@mbblawfirmkc.com
Certificate IssuerGoogle Trust Services LLC
Subjecteorgesca.ru
Fingerprint3F:72:2A:54:74:C2:7A:6F:62:C8:FC:29:B5:2B:F3:4B:61:70:3D:3F
ValidityWed, 01 Nov 2023 16:30:38 GMT - Tue, 30 Jan 2024 16:30:37 GMT
File type MS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel\012- data
Hash 88415acda09a4cbd9d87543c3ba78180
2dec4705e9ab399efdc6eef36e079aa31d1df8d9
20cccc47c1bac9d2ef36b6a1c58af58c5c169ad5ca084080f0392b86f949641c
GET /web2/assets/cloudfavicon.ico HTTP/1.1
Host: emuzkjtabb.eorgesca.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://emuzkjtabb.eorgesca.ru/pkttju/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 Nov 2023 13:48:03 GMT
content-type: image/x-icon
last-modified: Wed, 16 Aug 2023 15:22:46 GMT
etag: W/"86be-6030bde212b57"
access-control-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
content-security-policy: frame-ancestors 'none'
cache-control: max-age=14400
age: 6067
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XkMUYrQ4Wi8Kwb9UlIHK3bDsXQHLluMuM7nfX43IV92dKzWq82%2BklF9178HqAeSREeJZWmRYOvGMJbLnnBXpiQjT2YpmnlW68aYt0ipKtUK%2FxyYSkBucOB%2F2O%2FDVh%2BinqnKCOA1KO6pkLl0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
server: cloudflare
cf-ray: 823ec037998d5695-OSL
content-encoding: br
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/823ec039fcfab523/1699624083916/kV2Ikm2L9CdHL4L
200 OK 61 B URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/823ec039fcfab523/1699624083916/kV2Ikm2L9CdHL4L
IP
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/34qbu/0x4AAAAAAAMhkGlXpUVzzdsY/auto/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File type PNG image data, 27 x 70, 8-bit/color RGB, non-interlaced\012- data
Hash 3e9d990a5a03f829712d9bec6e99c6fb
4a16fc940360b9aa50a7bd26d450c3956f40061e
6cef449524f4c595b0c67f86b1a8f00605ccc6108155b0237858ac5f4541d867
GET /cdn-cgi/challenge-platform/h/g/i/823ec039fcfab523/1699624083916/kV2Ikm2L9CdHL4L HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/34qbu/0x4AAAAAAAMhkGlXpUVzzdsY/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 Nov 2023 13:48:07 GMT
content-type: image/png
server: cloudflare
cf-ray: 823ec0550d78b523-OSL
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/turnstile/v0/api.js?render=explicit
302 Found 34 kB URL GET HTTP/2 challenges.cloudflare.com/turnstile/v0/api.js?render=explicit
IP
Requested by https://emuzkjtabb.eorgesca.ru/pkttju/#dhalderman@mbblawfirmkc.com
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /turnstile/v0/api.js?render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://emuzkjtabb.eorgesca.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 10 Nov 2023 13:48:00 GMT
cache-control: max-age=300, public
vary: accept-encoding
access-control-allow-origin: *
location: /turnstile/v0/g/9914b343/api.js?render=explicit
server: cloudflare
cf-ray: 823ec0286be756b9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/9DKbiDfWH6ZjHxgSNTG3KHa3ucVmP6rj9MHN3bQn2%2BU%3D
200 OK 61 B URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/9DKbiDfWH6ZjHxgSNTG3KHa3ucVmP6rj9MHN3bQn2%2BU%3D
IP
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/34qbu/0x4AAAAAAAMhkGlXpUVzzdsY/auto/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File type PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced\012- data
Hash 9246cca8fc3c00f50035f28e9f6b7f7d
3aa538440f70873b574f40cd793060f53ec17a5d
c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84
GET /cdn-cgi/challenge-platform/h/g/cmg/1/9DKbiDfWH6ZjHxgSNTG3KHa3ucVmP6rj9MHN3bQn2%2BU%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/34qbu/0x4AAAAAAAMhkGlXpUVzzdsY/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 Nov 2023 13:48:03 GMT
content-type: image/png
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 823ec03aad79b523-OSL
alt-svc: h3=":443"; ma=86400
emuzkjtabb.eorgesca.ru/pkttju/myscr890047.js
200 OK 28 kB URL GET HTTP/3 emuzkjtabb.eorgesca.ru/pkttju/myscr890047.js
IP
Requested by https://emuzkjtabb.eorgesca.ru/pkttju/#dhalderman@mbblawfirmkc.com
Certificate IssuerGoogle Trust Services LLC
Subjecteorgesca.ru
Fingerprint3F:72:2A:54:74:C2:7A:6F:62:C8:FC:29:B5:2B:F3:4B:61:70:3D:3F
ValidityWed, 01 Nov 2023 16:30:38 GMT - Tue, 30 Jan 2024 16:30:37 GMT
Hash e88dee6e3b98e0a97a158ca01ae4bc14
b20211fed4975a987eb39fabdd627137eeb07504
2d5ee1eefd82176369cce79273286a4593a4e5c52f6164bd8ef936c0e4c7e107
GET /pkttju/myscr890047.js HTTP/1.1
Host: emuzkjtabb.eorgesca.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://emuzkjtabb.eorgesca.ru/pkttju/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 Nov 2023 13:48:00 GMT
content-type: application/javascript
last-modified: Wed, 01 Nov 2023 20:33:35 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 6065
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FItgmZSGj6J%2FYe0gK6uPRFf%2Fd3JdlJtxtZ44%2BlxGl7WDFwK334zGZnRqQMfnOu0QX9WzmX56IHzEbytAsTbgr8rqFFzIzyzvT4o7UQul4lAJdZJ8TXww3JR4YXTsXxYNda11Cal%2FTjXA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 823ec0272a0e5695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
emuzkjtabb.eorgesca.ru/web2/info
0 B URL POST emuzkjtabb.eorgesca.ru/web2/info
IP
Requested by https://emuzkjtabb.eorgesca.ru/pkttju/#dhalderman@mbblawfirmkc.com
Certificate IssuerGoogle Trust Services LLC
Subjecteorgesca.ru
Fingerprint3F:72:2A:54:74:C2:7A:6F:62:C8:FC:29:B5:2B:F3:4B:61:70:3D:3F
ValidityWed, 01 Nov 2023 16:30:38 GMT - Tue, 30 Jan 2024 16:30:37 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /web2/info HTTP/1.1
Host: emuzkjtabb.eorgesca.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 23
Origin: https://emuzkjtabb.eorgesca.ru
DNT: 1
Connection: keep-alive
Referer: https://emuzkjtabb.eorgesca.ru/pkttju/
Cookie: XSRF-TOKEN=eyJpdiI6IkYwakM1Sm1COFM2UHBxQUUxZ1ZRUVE9PSIsInZhbHVlIjoidFEvVDJNcnVtUlAwODFXbTBWWUtpa0NSMXUvbjgyKzlhcFNKNFZyaFI0RlY4TE04VFFDYjlLa2N0cmpYdVJHUDFqRTAzWmpGRERUSG95TDBldEZwTlc3cDRUdkt4bGx1VDBaZUxBN0U1RkdnV2VBSy9MWDNBZjFFbmtPYWdiS20iLCJtYWMiOiIwODIxMmM0MDVlYjUyNDVjOGZhYzg2NTNmY2M5MmZiNGRiODE0NjM0OWUyOGU4MWEzYWRlNGQ1OWU2MDk2MzQxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ijl4YlVpYU1BQTVZazJETENPN3Mxc1E9PSIsInZhbHVlIjoiYTdCenIyYit1dDg1eUMyeUY0MWV4Qk5PTC81SXpuSms5RWI4bWlJWk9XMXNEMG55WmMzYml1aWUwRXY1N3FBVkJOOEVlQUVuQWlOdFhVRjRRRXVTOTVRTE5idlQzRStRQUt4VjhFWFhqdDdPZHE0NUg1S0dGZ3dzcHZWV01vaFYiLCJtYWMiOiIyNjY3NDYwNjRkYWYyYmI2OTJmMmQ2NDQxNGZhM2RjNjcxNTE5YzUwZmI3MTkwODRkN2QxNTNkYWU4MTc2NTk4IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
emuzkjtabb.eorgesca.ru/web2/assets/css/pages.min.css?cb=1699624082472
200 OK 17 kB URL GET HTTP/3 emuzkjtabb.eorgesca.ru/web2/assets/css/pages.min.css?cb=1699624082472
IP
Requested by https://emuzkjtabb.eorgesca.ru/pkttju/#dhalderman@mbblawfirmkc.com
Certificate IssuerGoogle Trust Services LLC
Subjecteorgesca.ru
Fingerprint3F:72:2A:54:74:C2:7A:6F:62:C8:FC:29:B5:2B:F3:4B:61:70:3D:3F
ValidityWed, 01 Nov 2023 16:30:38 GMT - Tue, 30 Jan 2024 16:30:37 GMT
File type ASCII text, with very long lines (17014), with no line terminators
Hash 4d38e2ffc538c11f0dca9cb2ad6ca08a
400ca5c484a88f9a91a1d1439e5f51a621ad3eaa
6b14e6f4239ef85c9180a099263a041df2b82bd65a245e72cca365cbd5e88fa8
GET /web2/assets/css/pages.min.css?cb=1699624082472 HTTP/1.1
Host: emuzkjtabb.eorgesca.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://emuzkjtabb.eorgesca.ru/pkttju/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 Nov 2023 13:48:03 GMT
content-type: text/css
last-modified: Wed, 01 Nov 2023 13:29:30 GMT
etag: W/"4276-6091742db8c68"
access-control-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
content-security-policy: frame-ancestors 'none'
cache-control: max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P1hVKTOsRzUzCnPg%2Bh9FcuxHUdKgjfWcl%2BmtZDfQ%2Bjisd0KPXR03IowPT01JNNjmHylq2CRAxA%2B30q5kO8zqyGStYx3pyOyg6hKxKou0WxiPsWJRZ%2FmsCpToH3wtPCdW3Joc9NmcbjYV2sc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: MISS
server: cloudflare
cf-ray: 823ec033bdfa5695-OSL
content-encoding: br
emuzkjtabb.eorgesca.ru/web2/info
91 B URL POST emuzkjtabb.eorgesca.ru/web2/info
IP
Requested by https://emuzkjtabb.eorgesca.ru/pkttju/#dhalderman@mbblawfirmkc.com
Certificate IssuerGoogle Trust Services LLC
Subjecteorgesca.ru
Fingerprint3F:72:2A:54:74:C2:7A:6F:62:C8:FC:29:B5:2B:F3:4B:61:70:3D:3F
ValidityWed, 01 Nov 2023 16:30:38 GMT - Tue, 30 Jan 2024 16:30:37 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 348478242d981ddc47795f90e6f89d2a
8f862536625baf2d0eb45d44acc9802c71df79e1
99691950fad5cb4b6df0bab904cc60d404840fe839c3614ffb841898ecdb3ddb
POST /web2/info HTTP/1.1
Host: emuzkjtabb.eorgesca.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 22
Origin: https://emuzkjtabb.eorgesca.ru
DNT: 1
Connection: keep-alive
Referer: https://emuzkjtabb.eorgesca.ru/pkttju/
Cookie: XSRF-TOKEN=eyJpdiI6IkYwakM1Sm1COFM2UHBxQUUxZ1ZRUVE9PSIsInZhbHVlIjoidFEvVDJNcnVtUlAwODFXbTBWWUtpa0NSMXUvbjgyKzlhcFNKNFZyaFI0RlY4TE04VFFDYjlLa2N0cmpYdVJHUDFqRTAzWmpGRERUSG95TDBldEZwTlc3cDRUdkt4bGx1VDBaZUxBN0U1RkdnV2VBSy9MWDNBZjFFbmtPYWdiS20iLCJtYWMiOiIwODIxMmM0MDVlYjUyNDVjOGZhYzg2NTNmY2M5MmZiNGRiODE0NjM0OWUyOGU4MWEzYWRlNGQ1OWU2MDk2MzQxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ijl4YlVpYU1BQTVZazJETENPN3Mxc1E9PSIsInZhbHVlIjoiYTdCenIyYit1dDg1eUMyeUY0MWV4Qk5PTC81SXpuSms5RWI4bWlJWk9XMXNEMG55WmMzYml1aWUwRXY1N3FBVkJOOEVlQUVuQWlOdFhVRjRRRXVTOTVRTE5idlQzRStRQUt4VjhFWFhqdDdPZHE0NUg1S0dGZ3dzcHZWV01vaFYiLCJtYWMiOiIyNjY3NDYwNjRkYWYyYmI2OTJmMmQ2NDQxNGZhM2RjNjcxNTE5YzUwZmI3MTkwODRkN2QxNTNkYWU4MTc2NTk4IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 Nov 2023 13:48:10 GMT
content-type: application/json
x-powered-by: PHP/8.1.10
cache-control: no-cache, private
access-control-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
content-security-policy: frame-ancestors 'none'
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HR1bZBDWRa5mvQ%2F9flMMo0h5qBj7B37weEpTkQevt06bj%2BbFB72FrWSPhffiOCZjIeTRSHHj0K9T2w7KnAn6GLQj6XeZyUsWl6tKOggQcFyD2A51h3o1BW%2FlS%2BNmlMn%2ByDpVrvbbMBNYhSg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
set-cookie: XSRF-TOKEN=eyJpdiI6IkFBUXBwWnYxRVdLZ2xPaXROU1h1QkE9PSIsInZhbHVlIjoiSXhGVHV5U3BNRWs3dFY5ZEIxbmVCSkJyT2tVN2xjMU1XVkhvbzFJNDdQMlVSNlJoNlVFM09SYzVRdkw1djdpbXk2UUloNmVnL3BCNTZMaVVTQU5qQ2srQ0d4Z0hVV3lkWVpua01McndDMVNQZ1pwUVNTN3lRSnQ2VGdDZk1HMDEiLCJtYWMiOiIxZTA0MmYwNjFkYmNmZWZmNzIzMTk5YTczYTQ3YjgxNGY4ZWJmZGJkMjJjYWZjNGFkYWRhZmM2ODUxNWEwYTkwIiwidGFnIjoiIn0%3D; expires=Fri, 10-Nov-2023 15:48:10 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6IjNTS2NGN0hreENDbFRXY3JHU0NkdVE9PSIsInZhbHVlIjoiN04xclNpRkdjbVRuNmxkQlYxR2d0dHc0R09LRzVFWGplZitqNktwVGRHaW5HS2FsdmhOLzhESi84dHJoN3haSUZmZmwwaGt1RStsdFlZc3NIcVh4TE9xVkxGaDU1MDJ4VjNIVzJRRzVBSUorcHdOYzZ5VWRDamFBc2c4RzlVM00iLCJtYWMiOiI0ZmFmZmQxOTQyNjg3MWQzODdhMzFmMzk2MzQ4MGU3ZmQ4MmQ3Y2NiZGFiZGUyYTdiMWQ1ZDFhM2Y5ZTExNmU0IiwidGFnIjoiIn0%3D; expires=Fri, 10-Nov-2023 15:48:10 GMT; Max-Age=7200; path=/; httponly; samesite=lax
server: cloudflare
cf-ray: 823ec061da575695-OSL
content-encoding: br
cdn.socket.io/4.6.0/socket.io.min.js
200 OK 46 kB URL GET HTTP/2 cdn.socket.io/4.6.0/socket.io.min.js
IP
Requested by https://emuzkjtabb.eorgesca.ru/pkttju/#dhalderman@mbblawfirmkc.com
Certificate IssuerAmazon
Subjectcdn.socket.io
FingerprintBB:7D:4E:26:70:F6:06:2A:12:E9:92:A8:F1:9F:CD:82:0B:BF:48:ED
ValiditySun, 22 Oct 2023 00:00:00 GMT - Sun, 17 Nov 2024 23:59:59 GMT
File type ASCII text, with very long lines (45667)
Hash 80f5b8c6a9eeac15de93e5a112036a06
f7174635137d37581b11937fc90e9cb325077bce
0401de33701f1cad16ecf952899d23990b6437d0a5b7335524edf6bdfb932542
GET /4.6.0/socket.io.min.js HTTP/1.1
Host: cdn.socket.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://emuzkjtabb.eorgesca.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
content-disposition: inline; filename="socket.io.min.js"
content-encoding: gzip
date: Fri, 27 Oct 2023 10:49:06 GMT
etag: W/"80f5b8c6a9eeac15de93e5a112036a06"
server: Vercel
strict-transport-security: max-age=63072000
x-vercel-cache: HIT
x-vercel-id: fra1::bqgb5-1698403746025-0e8d119dc2bf
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: bUSGV3kXBmScYklXc5jdiDhNMOeKbqYV_q1IWuCHX47r_uCYwiYKag==
age: 1609804
X-Firefox-Spdy: h2
emuzkjtabb.eorgesca.ru/web2/validatecaptcha
200 OK 20 B URL POST HTTP/3 emuzkjtabb.eorgesca.ru/web2/validatecaptcha
IP
Requested by https://emuzkjtabb.eorgesca.ru/pkttju/#dhalderman@mbblawfirmkc.com
Certificate IssuerGoogle Trust Services LLC
Subjecteorgesca.ru
Fingerprint3F:72:2A:54:74:C2:7A:6F:62:C8:FC:29:B5:2B:F3:4B:61:70:3D:3F
ValidityWed, 01 Nov 2023 16:30:38 GMT - Tue, 30 Jan 2024 16:30:37 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 0b35866f4a3aa4d34ce5dda2d14c2cd8
d2b80911f09c3106fdf0df9920f983945d644083
493851374626d927bfe1c7d084fa977a0e636c03f163fda258ab6b638edc2f0d
POST /web2/validatecaptcha HTTP/1.1
Host: emuzkjtabb.eorgesca.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 562
Origin: https://emuzkjtabb.eorgesca.ru
DNT: 1
Connection: keep-alive
Referer: https://emuzkjtabb.eorgesca.ru/pkttju/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 Nov 2023 13:48:09 GMT
content-type: application/json
x-powered-by: PHP/8.1.10
cache-control: no-cache, private
access-control-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
content-security-policy: frame-ancestors 'none'
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xIcC6TYL11Wluq3V1DbUC6%2BEwFeP5mIV1QXYuM7mTA2rRm29dMyfZdMcGaXbvTHNyWwEvZSNNc0Zy9MUDvR8CL%2B41R6hHC5XgJS0Ap6WYoALJ6tpt85EQ3QTZ6mZUDfIgTgl4EeV8mFmbb8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
set-cookie: XSRF-TOKEN=eyJpdiI6IkYwakM1Sm1COFM2UHBxQUUxZ1ZRUVE9PSIsInZhbHVlIjoidFEvVDJNcnVtUlAwODFXbTBWWUtpa0NSMXUvbjgyKzlhcFNKNFZyaFI0RlY4TE04VFFDYjlLa2N0cmpYdVJHUDFqRTAzWmpGRERUSG95TDBldEZwTlc3cDRUdkt4bGx1VDBaZUxBN0U1RkdnV2VBSy9MWDNBZjFFbmtPYWdiS20iLCJtYWMiOiIwODIxMmM0MDVlYjUyNDVjOGZhYzg2NTNmY2M5MmZiNGRiODE0NjM0OWUyOGU4MWEzYWRlNGQ1OWU2MDk2MzQxIiwidGFnIjoiIn0%3D; expires=Fri, 10-Nov-2023 15:48:09 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6Ijl4YlVpYU1BQTVZazJETENPN3Mxc1E9PSIsInZhbHVlIjoiYTdCenIyYit1dDg1eUMyeUY0MWV4Qk5PTC81SXpuSms5RWI4bWlJWk9XMXNEMG55WmMzYml1aWUwRXY1N3FBVkJOOEVlQUVuQWlOdFhVRjRRRXVTOTVRTE5idlQzRStRQUt4VjhFWFhqdDdPZHE0NUg1S0dGZ3dzcHZWV01vaFYiLCJtYWMiOiIyNjY3NDYwNjRkYWYyYmI2OTJmMmQ2NDQxNGZhM2RjNjcxNTE5YzUwZmI3MTkwODRkN2QxNTNkYWU4MTc2NTk4IiwidGFnIjoiIn0%3D; expires=Fri, 10-Nov-2023 15:48:09 GMT; Max-Age=7200; path=/; httponly; samesite=lax
server: cloudflare
cf-ray: 823ec0574f6f5695-OSL
content-encoding: br
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/823ec039fcfab523/1699624083914/ca07a943432eb75ca68c1f3f972f068c0c9fe9e4d7fd6b4be937d33fca1c6481/DmXxfa5SubTfMyd
401 Unauthorized 1 B URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/823ec039fcfab523/1699624083914/ca07a943432eb75ca68c1f3f972f068c0c9fe9e4d7fd6b4be937d33fca1c6481/DmXxfa5SubTfMyd
IP
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/34qbu/0x4AAAAAAAMhkGlXpUVzzdsY/auto/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File type very short file (no magic)
Hash ff44570aca8241914870afbc310cdb85
58668e7669fd564d99db5d581fcdb6a5618440b5
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
GET /cdn-cgi/challenge-platform/h/g/pat/823ec039fcfab523/1699624083914/ca07a943432eb75ca68c1f3f972f068c0c9fe9e4d7fd6b4be937d33fca1c6481/DmXxfa5SubTfMyd HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/34qbu/0x4AAAAAAAMhkGlXpUVzzdsY/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 401 Unauthorized
date: Fri, 10 Nov 2023 13:48:07 GMT
content-type: text/plain; charset=UTF-8
www-authenticate: PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gygepQ0Mut1ymjB8_ly8GjAyf6eTX_WtL6TfTP8ocZIEAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAw3-G2azMDQz14MtEw9Yc4MTiu1DUnWsnsI8X04PL5SI1i6hYY_VhUXes642jWVNaNc9DvTk3VKiAwkv_2admYcGRqYwL4lLF-lyE4ia0s35wIzqyKBhy6kksXyNNhZHqdbX2dhXVviFzQcnIOAIm1lKN-L8jeweQ74ibV2j-YnBH88c3EBOtxW8uP5ZSK97pwBY5J9cWrKMTZgPoYVcXoPZOM2rhbpF39cQyzcSbR8xFe2wEDELzsImry1fNMcDXohGoiOBeBIXjCDNWREvYxvSMPvZV4um_Po47y8007qf2T2nTYvEh0R03Lr5tR0V6wrS214LvJ_ZiPmyzjTFdDQIDAQAB, max-age=20, PrivateToken challenge=AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIMoHqUNDLrdcpowfP5cvBowMn-nk1_1rS-k30z_KHGSBABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAyAcIyqXWj0XAym0z5V844rFA0WOzLVwj0uCwmVj6zC4qOH40oBiGHrMNMBnDyk95jvnBAuHeEs855e7nA4l4DPJ4jUWKZbua8BxGAzjn74A1BV81a52F1zvBPUm-VEJXPAPXQehXphSv51uR7HKtfcM5oaS33TGDSy-6xv0r84xjMuTBvwPgXGehxpi1MCGGE5yWkzKN5Zzllk7m6Nkiv6learV-Uz7tzaoPbdZkBk1bFXxm2q07jWavoBZ-JEuEJyjQ00PSTz2Zjpbct6AlR3eCS9sbmXtb5XxSs7JMsvoa8uojD7a5m2SEJIwaf8xKL6wtxkaPonUfvsLj4JoJZQIDAQAB, max-age=20
server: cloudflare
cf-ray: 823ec0548d06b523-OSL
alt-svc: h3=":443"; ma=86400
162.241.61.129
104.17.3.184