qsiapi.assistcard.com/landing/es/lp_es_v2.aspx?requestCode=89a510c9-92c8-4570-96fe-ffe4ef4d645d&nps=2&redirect=https://www.lsginconline.com/.well-known/acme-challenge/whoernetrrahhj/hilahnasarahlily/wpfile/89969/Lmcneil/bG1jbmVpbEBpaXJvYy5jYQ==
15 kB URL qsiapi.assistcard.com/landing/es/lp_es_v2.aspx?requestCode=89a510c9-92c8-4570-96fe-ffe4ef4d645d&nps=2&redirect=https://www.lsginconline.com/.well-known/acme-challenge/whoernetrrahhj/hilahnasarahlily/wpfile/89969/Lmcneil/bG1jbmVpbEBpaXJvYy5jYQ==
IP
ASN #7303 Telecom Argentina S.A.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1648), with CRLF, LF line terminators
Hash 17a1feb0d10da1c67f0cf522eba38979
1afd13da521e9f8efd200b20369686670f90c890
ceac01e55f9097bd2cf74b28ded060d7760d56179de9aea6ce8c50cff7799977
GET /landing/es/lp_es_v2.aspx?requestCode=89a510c9-92c8-4570-96fe-ffe4ef4d645d&nps=2&redirect=https://www.lsginconline.com/.well-known/acme-challenge/whoernetrrahhj/hilahnasarahlily/wpfile/89969/Lmcneil/bG1jbmVpbEBpaXJvYy5jYQ== HTTP/1.1
Host: qsiapi.assistcard.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Date: Wed, 29 Nov 2023 09:17:33 GMT
Content-Length: 15170
Set-Cookie: ASP.NET_SessionId=jmv5wus0aqep0ovphaj1bval; path=/; HttpOnly; SameSite=Lax
f5avraaaaaaaaaaaaaaaa_session_=BJDAFIOOHJEGEOOKIKDCNDLGENPKADJMIFPKDOIJILOOJPLOMDHNPODPAOJOPKHLNAADENJLCBGOFCCBCOGABJBFGAGBJKCHFFPIDHBLCPKMPFANNMOMLCMLBFKAACNK; HttpOnly; secure;
f5_cspm=1234;;
necolas.github.io/normalize.css/8.0.0/normalize.css
1.7 kB URL necolas.github.io/normalize.css/8.0.0/normalize.css
IP
Hash fda27b856c2e3cada6e0f6bfeccc2067
734a72e6c28d4a3a870404fb4abf72723c754296
ec602d0d0efdc1310e8e104a7fbd2e0501bb039cb26fef2b8a0bb4edab575836
GET /normalize.css/8.0.0/normalize.css HTTP/1.1
Host: necolas.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qsiapi.assistcard.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: GitHub.com
content-type: text/css; charset=utf-8
permissions-policy: interest-cohort=()
last-modified: Mon, 05 Nov 2018 02:35:30 GMT
access-control-allow-origin: *
etag: W/"5bdfac72-17a4"
expires: Sat, 25 Nov 2023 02:23:23 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 5C6A:5D45:21A680F:222A798:65615842
accept-ranges: bytes
date: Wed, 29 Nov 2023 09:17:33 GMT
via: 1.1 varnish
age: 98
x-served-by: cache-bma1630-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1701249454.813349,VS0,VE0
vary: Accept-Encoding
x-fastly-request-id: 5cac849355890e92e88add74941c593924b3c016
content-length: 1712
X-Firefox-Spdy: h2
qsiapi.assistcard.com/css/animate.css
78 kB URL qsiapi.assistcard.com/css/animate.css
IP
ASN #7303 Telecom Argentina S.A.
File type ASCII text, with CRLF line terminators
Hash e8f760ef9145795c4352cac3a8936207
1cd47b8a375bad6cbcdb166cf3a20c8f9315022e
77831dbe6b4cbe88beb576be1363a995c51d66b699e133cf56b23827378af670
GET /css/animate.css HTTP/1.1
Host: qsiapi.assistcard.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qsiapi.assistcard.com/landing/es/lp_es_v2.aspx?requestCode=89a510c9-92c8-4570-96fe-ffe4ef4d645d&nps=2&redirect=https://www.lsginconline.com/.well-known/acme-challenge/whoernetrrahhj/hilahnasarahlily/wpfile/89969/Lmcneil/bG1jbmVpbEBpaXJvYy5jYQ==
Cookie: ASP.NET_SessionId=jmv5wus0aqep0ovphaj1bval
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Tue, 12 Nov 2019 20:22:11 GMT
Accept-Ranges: bytes
ETag: "351e9bdd9699d51:0"
Date: Wed, 29 Nov 2023 09:17:33 GMT
Content-Length: 78544
Set-Cookie: f5avraaaaaaaaaaaaaaaa_session_=AEFLDJCECKBBCDHGGKGAKKEJFEBIIGCKJNNOLHNDNDGPOAIPMNBMFDPHMKNGKLCPGCKDFLKHCBONGCJMJGJAAEBFGALHFANDNMHIDFMAICPGDHLBNNCDBCKOMIEHDHKD; HttpOnly; secure;
qsiapi.assistcard.com/js/jquery-3.1.1.min.js
87 kB URL qsiapi.assistcard.com/js/jquery-3.1.1.min.js
IP
ASN #7303 Telecom Argentina S.A.
File type ASCII text, with very long lines (32030), with CRLF line terminators
Hash 5b5a269bd363e0886c17d855c2aab241
042dd055cd289215835a58507c9531f808e1648a
1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e
GET /js/jquery-3.1.1.min.js HTTP/1.1
Host: qsiapi.assistcard.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qsiapi.assistcard.com/landing/es/lp_es_v2.aspx?requestCode=89a510c9-92c8-4570-96fe-ffe4ef4d645d&nps=2&redirect=https://www.lsginconline.com/.well-known/acme-challenge/whoernetrrahhj/hilahnasarahlily/wpfile/89969/Lmcneil/bG1jbmVpbEBpaXJvYy5jYQ==
Cookie: ASP.NET_SessionId=jmv5wus0aqep0ovphaj1bval
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Tue, 12 Nov 2019 20:22:11 GMT
Accept-Ranges: bytes
ETag: "27cca1dd9699d51:0"
Date: Wed, 29 Nov 2023 09:17:34 GMT
Content-Length: 86713
Set-Cookie: f5avraaaaaaaaaaaaaaaa_session_=FMBCABMDABAGNNLABAEKCDOJHCFNCHBJGFGIOPGFLFJNBNPFPJBGGPNIOGFELDJEIJEDEEFEDBMGIEENGMJAANFHGACEPGNHLJAJIGOEMIBNFAJFPMIGMFOLLEAGIKEI; HttpOnly; secure;
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
16 kB URL fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://qsiapi.assistcard.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Nov 2023 21:52:12 GMT
expires: Thu, 21 Nov 2024 21:52:12 GMT
cache-control: public, max-age=31536000
age: 559524
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:100,400,700
16 kB URL fonts.googleapis.com/css?family=Roboto:100,400,700
IP
File type gzip compressed data, max compression\012- data
Hash ae674ec7776a0cbd4e11849d8c564b83
9660eb73101c5e78efbfea1cc8d7224b2a260b4c
17113d4dbd52bf6c97c3207bb0dba549284925aeadfdfb91c3f4639d434962b5
GET /css?family=Roboto:100,400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qsiapi.assistcard.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 29 Nov 2023 09:17:33 GMT
date: Wed, 29 Nov 2023 09:17:33 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
qsiapi.assistcard.com/img/logo.png
4.4 kB URL qsiapi.assistcard.com/img/logo.png
IP
ASN #7303 Telecom Argentina S.A.
File type PNG image data, 270 x 22, 8-bit/color RGBA, non-interlaced\012- data
Hash b47c51bb5ac86bd5d189efaffd422e31
d627f699618540c02e063c0f3db16eff0de85af7
10d20c2a6c60821ae723aa911d842356e65e02c0cc49fd5060ae8a448eb5d2ff
GET /img/logo.png HTTP/1.1
Host: qsiapi.assistcard.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qsiapi.assistcard.com/landing/es/lp_es_v2.aspx?requestCode=89a510c9-92c8-4570-96fe-ffe4ef4d645d&nps=2&redirect=https://www.lsginconline.com/.well-known/acme-challenge/whoernetrrahhj/hilahnasarahlily/wpfile/89969/Lmcneil/bG1jbmVpbEBpaXJvYy5jYQ==
Cookie: ASP.NET_SessionId=jmv5wus0aqep0ovphaj1bval
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 12 Nov 2019 20:22:11 GMT
Accept-Ranges: bytes
ETag: "b335a1dd9699d51:0"
Date: Wed, 29 Nov 2023 09:17:36 GMT
Content-Length: 4407
Set-Cookie: f5avraaaaaaaaaaaaaaaa_session_=EDJPOABFMDJCFIADHILIMJLLKIALCKFJGHNBKCALPFNMKGIMPMKNOLPGDNBHMBMFBAGDLLDHFBOGJLAOAACAJJHEGAJCPELHBENLGNGGDECNKKEKBIOPDNGHLIPHJLFA; HttpOnly; secure;
qsiapi.assistcard.com/favicon.ico
1.2 kB URL qsiapi.assistcard.com/favicon.ico
IP
ASN #7303 Telecom Argentina S.A.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 5343c1a8b203c162a3bf3870d9f50fd4
04b5b886c20d88b57eea6d8ff882624a4ac1e51d
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
GET /favicon.ico HTTP/1.1
Host: qsiapi.assistcard.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qsiapi.assistcard.com/landing/es/lp_es_v2.aspx?requestCode=89a510c9-92c8-4570-96fe-ffe4ef4d645d&nps=2&redirect=https://www.lsginconline.com/.well-known/acme-challenge/whoernetrrahhj/hilahnasarahlily/wpfile/89969/Lmcneil/bG1jbmVpbEBpaXJvYy5jYQ==
Cookie: ASP.NET_SessionId=jmv5wus0aqep0ovphaj1bval
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Content-Type: text/html
Date: Wed, 29 Nov 2023 09:17:36 GMT
Content-Length: 1245
Set-Cookie: f5avraaaaaaaaaaaaaaaa_session_=AFMJEACLMOEDHNGLHIOOIJDHIBBBMJLBDLHLIOJAOIMPHIGCBKPNGAHONIMDNOPPNBIDNMIJFBLEFBKJLGCAPAMIGAPJKFGOOEHHDBHBJDAAMHBBPAGGBOEPGBDEPCJE; HttpOnly; secure;
www.lsginconline.com/.well-known/acme-challenge/whoernetrrahhj/hilahnasarahlily/wpfile/89969/Lmcneil/bG1jbmVpbEBpaXJvYy5jYQ==
0 B URL www.lsginconline.com/.well-known/acme-challenge/whoernetrrahhj/hilahnasarahlily/wpfile/89969/Lmcneil/bG1jbmVpbEBpaXJvYy5jYQ==
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft Outlook
GET /.well-known/acme-challenge/whoernetrrahhj/hilahnasarahlily/wpfile/89969/Lmcneil/bG1jbmVpbEBpaXJvYy5jYQ== HTTP/1.1
Host: www.lsginconline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qsiapi.assistcard.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 29 Nov 2023 09:17:10 GMT
Server: Apache/2.4.51 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4
X-Powered-By: PHP/5.5.38
refresh: 0;url=https://flu67r7.rdaj8.ru/EUWst83#lmcneil@iiroc.ca
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
qsiapi.assistcard.com/img/bg-login.jpg
678 kB URL qsiapi.assistcard.com/img/bg-login.jpg
IP
ASN #7303 Telecom Argentina S.A.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 1440x602, components 3\012- data
Size 678 kB (677571 bytes)
Hash e6da1b012d2b0b9415f73f96cb1c3fed
51994599e54df229f11ad0778c3696afa4f5f60d
881a3a8533765a7acd989b19fead306ea80a49effe7581c4efd1dc5a90b26196
GET /img/bg-login.jpg HTTP/1.1
Host: qsiapi.assistcard.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qsiapi.assistcard.com/landing/es/lp_es_v2.aspx?requestCode=89a510c9-92c8-4570-96fe-ffe4ef4d645d&nps=2&redirect=https://www.lsginconline.com/.well-known/acme-challenge/whoernetrrahhj/hilahnasarahlily/wpfile/89969/Lmcneil/bG1jbmVpbEBpaXJvYy5jYQ==
Cookie: ASP.NET_SessionId=jmv5wus0aqep0ovphaj1bval
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Tue, 12 Nov 2019 20:22:11 GMT
Accept-Ranges: bytes
ETag: "95c69cdd9699d51:0"
Date: Wed, 29 Nov 2023 09:17:36 GMT
Content-Length: 720855
Set-Cookie: f5avraaaaaaaaaaaaaaaa_session_=NPBEGGIBACEOOLACCELNPNJKCBHGGELFLJBNMFJDMMPLHENOHIHBOGCEBFAGCOMAHAKDNMINFBMJLJJHDAMANHFPGAAJMBCPEPPBEJEAFDMMHJHPKLKJCNNEDOKFMHKI; HttpOnly; secure;
challenges.cloudflare.com/turnstile/v0/api.js?render=explicit
302 Found 40 kB URL GET HTTP/2 challenges.cloudflare.com/turnstile/v0/api.js?render=explicit
IP
Requested by https://flu67r7.rdaj8.ru/EUWst83#lmcneil@iiroc.ca
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
Hash d74235c8ea7e0bba7f34b1b81ab0eb1d
b51ab6507ab860e5584f3c18f36191386cec1255
ce28c231f0e51ada59c579a60e6a732fdb40e485a012ef82433a90d0479189d5
GET /turnstile/v0/api.js?render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flu67r7.rdaj8.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Wed, 29 Nov 2023 09:17:42 GMT
access-control-allow-origin: *
cache-control: max-age=300, public
vary: accept-encoding
location: /turnstile/v0/g/9914b343/api.js?render=explicit
server: cloudflare
cf-ray: 82d9c251be72b4f1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
flu67r7.rdaj8.ru/web2/assets/fonts/GDSherpa-bold.woff
200 OK 36 kB URL GET HTTP/3 flu67r7.rdaj8.ru/web2/assets/fonts/GDSherpa-bold.woff
IP
Requested by https://flu67r7.rdaj8.ru/EUWst83#lmcneil@iiroc.ca
Certificate IssuerGoogle Trust Services LLC
Subjectrdaj8.ru
Fingerprint42:07:C1:C9:CE:B0:7B:BB:AF:01:98:87:D3:D6:7C:D5:1C:49:DA:FD
ValidityWed, 11 Oct 2023 20:51:46 GMT - Tue, 09 Jan 2024 20:51:45 GMT
File type Web Open Font Format, TrueType, length 35970, version 1.0\012- data
Hash 496b7bbde91c7dc7cf9bbabbb3921da8
2bd3c406a715ab52dad84c803c55bf4a6e66a924
ae40a04f95df12b0c364f26ab691dc0c391d394a28bcdb4aeacfaca325d0a798
GET /web2/assets/fonts/GDSherpa-bold.woff HTTP/1.1
Host: flu67r7.rdaj8.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flu67r7.rdaj8.ru/EUWst83
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 29 Nov 2023 09:17:42 GMT
content-type: font/woff
content-length: 35970
last-modified: Fri, 25 Aug 2023 04:00:22 GMT
etag: "8c82-603b7623b006b"
access-control-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
content-security-policy: frame-ancestors 'none'
cache-control: max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FAeWAB%2BDiQDBOYqBUZJoCli51autwr6r1yEXdIt05ElEoP9VyfK06HTYVIQfhRo%2FtobSuhpfuwzsFY89o9U9omHPZatO4zF36cWjnaZ15oEWphzBCCaylciEwv13%2B88q7Dw1A%2FoL4HWn8RNswctHYwREYFB7%2B%2Bs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 82d9c2543d827129-OSL
flu67r7.rdaj8.ru/web2/assets/css/pages-okta.css?cb=1701249466575
200 OK 0 B URL GET HTTP/3 flu67r7.rdaj8.ru/web2/assets/css/pages-okta.css?cb=1701249466575
IP
Requested by https://flu67r7.rdaj8.ru/EUWst83#lmcneil@iiroc.ca
Certificate IssuerGoogle Trust Services LLC
Subjectrdaj8.ru
Fingerprint42:07:C1:C9:CE:B0:7B:BB:AF:01:98:87:D3:D6:7C:D5:1C:49:DA:FD
ValidityWed, 11 Oct 2023 20:51:46 GMT - Tue, 09 Jan 2024 20:51:45 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /web2/assets/css/pages-okta.css?cb=1701249466575 HTTP/1.1
Host: flu67r7.rdaj8.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flu67r7.rdaj8.ru/EUWst83
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 29 Nov 2023 09:17:42 GMT
content-type: text/css
content-length: 0
last-modified: Thu, 24 Aug 2023 12:07:13 GMT
etag: "0-603aa11867866"
access-control-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
content-security-policy: frame-ancestors 'none'
cache-control: max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xY4XdPdLrijbgJRsN1ZZ73pl4TgSGnkO1NW3eRfKxCwiXDy04Wr%2BwN2%2FID2ZHLytJkVhALgfJo5EP5nTayY75GucBrQxlr2UOBV24reL24np%2FRZuo0PIhLoPvZf0hh92H5LHA%2F5eZOshbqcAnQs1B1ScgeezyVs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 82d9c2543d6f7129-OSL
flu67r7.rdaj8.ru/web2/assets/fonts/GDSherpa-vf.woff2
200 OK 44 kB URL GET HTTP/3 flu67r7.rdaj8.ru/web2/assets/fonts/GDSherpa-vf.woff2
IP
Requested by https://flu67r7.rdaj8.ru/EUWst83#lmcneil@iiroc.ca
Certificate IssuerGoogle Trust Services LLC
Subjectrdaj8.ru
Fingerprint42:07:C1:C9:CE:B0:7B:BB:AF:01:98:87:D3:D6:7C:D5:1C:49:DA:FD
ValidityWed, 11 Oct 2023 20:51:46 GMT - Tue, 09 Jan 2024 20:51:45 GMT
File type Web Open Font Format (Version 2), TrueType, length 43596, version 1.0\012- data
Hash 2a05e9e5572abc320b2b7ea38a70dcc1
d5fa2a856d5632c2469e42436159375117ef3c35
3efcb941aaddaf4aea08dab3fb97d3e904aa1b83264e64b4d5bda53bc7c798ec
GET /web2/assets/fonts/GDSherpa-vf.woff2 HTTP/1.1
Host: flu67r7.rdaj8.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flu67r7.rdaj8.ru/EUWst83
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 29 Nov 2023 09:17:42 GMT
content-type: font/woff2
content-length: 43596
last-modified: Fri, 25 Aug 2023 04:00:36 GMT
etag: "aa4c-603b7631474f7"
access-control-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
content-security-policy: frame-ancestors 'none'
cache-control: max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eThW0G2ZIXspkOb9HTvNzdLPC2v5yRRHXadR2YKk6Sva3Mn%2B0bQJsI%2B12dzxYG3xsQmBM4Ci4Xp6WdycxS0qyMyfUwLOIupeg3sCtCemYmrPDFx0vWHGx9FganHMOMpu6PRlQ01mhQLYGIMXldLo9KpdS6uiHsA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 82d9c2546d997129-OSL
flu67r7.rdaj8.ru/web2/assets/fonts/GDSherpa-vf2.woff2
200 OK 93 kB URL GET HTTP/3 flu67r7.rdaj8.ru/web2/assets/fonts/GDSherpa-vf2.woff2
IP
Requested by https://flu67r7.rdaj8.ru/EUWst83#lmcneil@iiroc.ca
Certificate IssuerGoogle Trust Services LLC
Subjectrdaj8.ru
Fingerprint42:07:C1:C9:CE:B0:7B:BB:AF:01:98:87:D3:D6:7C:D5:1C:49:DA:FD
ValidityWed, 11 Oct 2023 20:51:46 GMT - Tue, 09 Jan 2024 20:51:45 GMT
File type Web Open Font Format (Version 2), TrueType, length 93276, version 1.0\012- data
Hash bcd7983ea5aa57c55f6758b4977983cb
ef3a009e205229e07fb0ec8569e669b11c378ef1
6528a0bf9a836a53dfd8536e1786ba6831c9d1faa74967126fddf5b2081b858c
GET /web2/assets/fonts/GDSherpa-vf2.woff2 HTTP/1.1
Host: flu67r7.rdaj8.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flu67r7.rdaj8.ru/EUWst83
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 29 Nov 2023 09:17:42 GMT
content-type: font/woff2
content-length: 93276
last-modified: Fri, 25 Aug 2023 04:00:32 GMT
etag: "16c5c-603b762dd727e"
access-control-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
content-security-policy: frame-ancestors 'none'
cache-control: max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GioYVxMN%2FfgjdhtVlVr0Sx%2FM%2B%2FuXBbsrCCVH%2BvO0EcLtHXI%2FWxLyZ3R8mv%2BpLSOUqSIMh3BEmjmTbJxsqIbDv0AktWJYZ0lEgdql8ABue6JF7kOgpMQ0xmz0u5sAYcL%2FqnOh7JqqYe8XzGqYdmUtsyR0ZJDC0mQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 82d9c2546d9b7129-OSL
flu67r7.rdaj8.ru/web2/assets/fonts/GDSherpa-regular.woff
200 OK 37 kB URL GET HTTP/3 flu67r7.rdaj8.ru/web2/assets/fonts/GDSherpa-regular.woff
IP
Requested by https://flu67r7.rdaj8.ru/EUWst83#lmcneil@iiroc.ca
Certificate IssuerGoogle Trust Services LLC
Subjectrdaj8.ru
Fingerprint42:07:C1:C9:CE:B0:7B:BB:AF:01:98:87:D3:D6:7C:D5:1C:49:DA:FD
ValidityWed, 11 Oct 2023 20:51:46 GMT - Tue, 09 Jan 2024 20:51:45 GMT
File type Web Open Font Format, TrueType, length 36696, version 1.0\012- data
Hash a69e9ab8afdd7486ec0749c551051ff2
c34e6aa327b536fb48d1fe03577a47c7ee2231b8
fd78a1913db912221b8ead1e62fad47d1ff0a9fa6cd88d3b128a721ad91d2faf
GET /web2/assets/fonts/GDSherpa-regular.woff HTTP/1.1
Host: flu67r7.rdaj8.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flu67r7.rdaj8.ru/EUWst83
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 29 Nov 2023 09:17:42 GMT
content-type: font/woff
content-length: 36696
last-modified: Fri, 25 Aug 2023 04:00:28 GMT
etag: "8f58-603b762947b93"
access-control-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
content-security-policy: frame-ancestors 'none'
cache-control: max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2mYh0q2U%2FafBaa3B6Ag3ZF1AhDMmRnvdh7zzm2B1h8%2BkWyk5ck1ABUX29tBwX57%2BPQWyE1WSMneRE4RQVMGXa8oOtvFlPczz6trrP0TAKOLQmNc7WZmPIV3pSUeuYZr%2BLxQ4Gfo6e4OI3zUCJejFTxD7t43xi78%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 82d9c2546d987129-OSL
flu67r7.rdaj8.ru/web2/assets/fonts/GDSherpa-regular.woff2
200 OK 29 kB URL GET HTTP/3 flu67r7.rdaj8.ru/web2/assets/fonts/GDSherpa-regular.woff2
IP
Requested by https://flu67r7.rdaj8.ru/EUWst83#lmcneil@iiroc.ca
Certificate IssuerGoogle Trust Services LLC
Subjectrdaj8.ru
Fingerprint42:07:C1:C9:CE:B0:7B:BB:AF:01:98:87:D3:D6:7C:D5:1C:49:DA:FD
ValidityWed, 11 Oct 2023 20:51:46 GMT - Tue, 09 Jan 2024 20:51:45 GMT
File type Web Open Font Format (Version 2), TrueType, length 28584, version 1.66\012- data
Hash 17081510f3a6f2f619ec8c6f244523c7
87f34b2a1532c50f2a424c345d03fe028db35635
2c7292014e2ef00374aeb63691d9f23159a010455784ee0b274ba7db2bcca956
GET /web2/assets/fonts/GDSherpa-regular.woff2 HTTP/1.1
Host: flu67r7.rdaj8.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flu67r7.rdaj8.ru/EUWst83
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 29 Nov 2023 09:17:42 GMT
content-type: font/woff2
content-length: 28584
last-modified: Fri, 25 Aug 2023 04:00:25 GMT
etag: "6fa8-603b76269b664"
access-control-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
content-security-policy: frame-ancestors 'none'
cache-control: max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FUwFYyqPiOo3VciXWpPKlMjwjZ8F8b1l%2BanTR2QfOnF7%2FuRaKKupt88ym8J7PLM6Gv2HpLoUYN7qcMYYPwlkqbEiNvFuy4YCV6lTwn23hSA6AGheUtz2KcECbwX6RqdHJg4PD7HqKLoJ2fwZ1WAP5A%2Fd2Tlcoyg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 82d9c2545d947129-OSL
code.jquery.com/jquery-3.6.0.min.js
200 OK 90 kB URL GET HTTP/2 code.jquery.com/jquery-3.6.0.min.js
IP
Requested by https://flu67r7.rdaj8.ru/EUWst83#lmcneil@iiroc.ca
Certificate IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (65447)
Hash 8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flu67r7.rdaj8.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d9d"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 29 Nov 2023 09:17:42 GMT
age: 646845
x-served-by: cache-lga21931-LGA, cache-bma1657-BMA
x-cache: HIT, HIT
x-cache-hits: 14, 196586
x-timer: S1701249462.045007,VS0,VE0
vary: Accept-Encoding
content-length: 30875
X-Firefox-Spdy: h2
flu67r7.rdaj8.ru/web2/assets/js/pages-head-top-web.min.js?cb=1701249466328
200 OK 2.4 kB URL GET HTTP/3 flu67r7.rdaj8.ru/web2/assets/js/pages-head-top-web.min.js?cb=1701249466328
IP
Requested by https://flu67r7.rdaj8.ru/EUWst83#lmcneil@iiroc.ca
Certificate IssuerGoogle Trust Services LLC
Subjectrdaj8.ru
Fingerprint42:07:C1:C9:CE:B0:7B:BB:AF:01:98:87:D3:D6:7C:D5:1C:49:DA:FD
ValidityWed, 11 Oct 2023 20:51:46 GMT - Tue, 09 Jan 2024 20:51:45 GMT
File type ASCII text, with very long lines (2572), with no line terminators
Hash e13706042f1e59dab7e641d16c581603
d37fab20d3479a2a0381df6f6108b86f0a79c81d
c0686c8b9937a55fac42dca83cbe8ecfe0ca707c37632a22f102803a73dbd58f
GET /web2/assets/js/pages-head-top-web.min.js?cb=1701249466328 HTTP/1.1
Host: flu67r7.rdaj8.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flu67r7.rdaj8.ru/EUWst83
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 29 Nov 2023 09:17:42 GMT
content-type: application/javascript
last-modified: Sat, 21 Oct 2023 21:36:17 GMT
etag: W/"95a-60840c77c1f76"
access-control-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
content-security-policy: frame-ancestors 'none'
cache-control: max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j4%2Be%2BjOPaEMqy0G1K0D8rTybGtmqhNZBPEZe6mIsi4%2B%2FRi6aQXIT%2FQ6eXw92VOZ%2FwDCSyD0%2Fqbf0f%2BlMfXWRQ2rvw0eNijFba5KgYk8bP4NsIMI2Nr26RorDHealN1q9WK2QnkaSBHkvfjRi4%2BakT%2BHypUYp40I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: MISS
server: cloudflare
cf-ray: 82d9c2527c157129-OSL
content-encoding: br
flu67r7.rdaj8.ru/web2/assets/fonts/GDSherpa-bold.woff2
200 OK 28 kB URL GET HTTP/3 flu67r7.rdaj8.ru/web2/assets/fonts/GDSherpa-bold.woff2
IP
Requested by https://flu67r7.rdaj8.ru/EUWst83#lmcneil@iiroc.ca
Certificate IssuerGoogle Trust Services LLC
Subjectrdaj8.ru
Fingerprint42:07:C1:C9:CE:B0:7B:BB:AF:01:98:87:D3:D6:7C:D5:1C:49:DA:FD
ValidityWed, 11 Oct 2023 20:51:46 GMT - Tue, 09 Jan 2024 20:51:45 GMT
File type Web Open Font Format (Version 2), TrueType, length 28000, version 1.66\012- data
Hash a4bca6c95fed0d0c5cc46cf07710dcec
73b56e33b82b42921db8702a33efd0f2b2ec9794
5a51d246af54d903f67f07f2bd820ce77736f8d08c5f1602db07469d96dbf77f
GET /web2/assets/fonts/GDSherpa-bold.woff2 HTTP/1.1
Host: flu67r7.rdaj8.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flu67r7.rdaj8.ru/EUWst83
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 29 Nov 2023 09:17:42 GMT
content-type: font/woff2
content-length: 28000
last-modified: Fri, 25 Aug 2023 04:00:16 GMT
etag: "6d60-603b761e42cdb"
access-control-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
content-security-policy: frame-ancestors 'none'
cache-control: max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p4GuaJX%2F7zjnJRaIciN2ho52ufYVh2sWW4IAEmo%2B5FkWzGqop%2BGvam%2FbsGlYY6N0LtbciwHH%2BXSu3dNGdt1QaSvVbMurg%2BFGWKi56yYztVr9acs0%2FlxUWoZfr1txI933PMGp0xc6geY%2FJFEQ4JWBronuzyzu1Fs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 82d9c2543d747129-OSL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/82d9c255fd3f568f/1701249463096/c55c20319f5fd886c93a0738622a67ba5a17aa1f2d547a990ee01423228d21dd/b8vj512AvbxfZxI
401 Unauthorized 1 B URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/82d9c255fd3f568f/1701249463096/c55c20319f5fd886c93a0738622a67ba5a17aa1f2d547a990ee01423228d21dd/b8vj512AvbxfZxI
IP
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/l9cf2/0x4AAAAAAAMmvgR_VQHWMACK/auto/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File type very short file (no magic)
Hash ff44570aca8241914870afbc310cdb85
58668e7669fd564d99db5d581fcdb6a5618440b5
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
GET /cdn-cgi/challenge-platform/h/g/pat/82d9c255fd3f568f/1701249463096/c55c20319f5fd886c93a0738622a67ba5a17aa1f2d547a990ee01423228d21dd/b8vj512AvbxfZxI HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/l9cf2/0x4AAAAAAAMmvgR_VQHWMACK/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 401 Unauthorized
date: Wed, 29 Nov 2023 09:17:43 GMT
content-type: text/plain; charset=UTF-8
www-authenticate: PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gxVwgMZ9f2IbJOgc4YipnuloXqh8tVHqZDuAUIyKNId0AGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEApsOXvs4inomvHEEJWeAmbewj10vTdOMUJh5YooYpzkcTFx8O1fGckZDmN__WSsDanz_dK-uZ_ETYKIumajyX7F3zXM4AXeZC2iYL_e3-Pi1TmaGIMJZdPWVVC9cf8AFwX7fRkcgCHxky-BRBi2T8ry--e2NK119BZC3f1t7LwQTVpP1LL3UYxZNFWJTGISYzuWNO5NvmWgGr2V4bint7BqWVsBG5VguykSCXBQX0WyMxge5W5z-tspRPjpXtc35sgdq737t6ATIZ2BVH0nyYaECjgMbN-BY6w9Y_jz03Ce0StP3YSZijpo1lfW2_lIX3SvsNX-SYCOkZ-9685ZUBSQIDAQAB, max-age=20, PrivateToken challenge=AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIMVcIDGfX9iGyToHOGIqZ7paF6ofLVR6mQ7gFCMijSHdABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAyAcIyqXWj0XAym0z5V844rFA0WOzLVwj0uCwmVj6zC4qOH40oBiGHrMNMBnDyk95jvnBAuHeEs855e7nA4l4DPJ4jUWKZbua8BxGAzjn74A1BV81a52F1zvBPUm-VEJXPAPXQehXphSv51uR7HKtfcM5oaS33TGDSy-6xv0r84xjMuTBvwPgXGehxpi1MCGGE5yWkzKN5Zzllk7m6Nkiv6learV-Uz7tzaoPbdZkBk1bFXxm2q07jWavoBZ-JEuEJyjQ00PSTz2Zjpbct6AlR3eCS9sbmXtb5XxSs7JMsvoa8uojD7a5m2SEJIwaf8xKL6wtxkaPonUfvsLj4JoJZQIDAQAB, max-age=20
server: cloudflare
cf-ray: 82d9c25c4b3f568f-OSL
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/676776778:1701246388:vK6n2Vc8sR_cnEaONSD8UEQtuPrzgD233XZFyVMZ72g/82d9c255fd3f568f/84cff0d39225c8c
200 OK 83 kB URL POST HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/676776778:1701246388:vK6n2Vc8sR_cnEaONSD8UEQtuPrzgD233XZFyVMZ72g/82d9c255fd3f568f/84cff0d39225c8c
IP
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/l9cf2/0x4AAAAAAAMmvgR_VQHWMACK/auto/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 62801052c8a3f616e05c855257451921
6493a71d38853c3b5e057f1e55d8ab0959b32dea
8a1836e3e95085ff163807b6379a005d5a2a07d6df1f1119684450d10be3a108
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/676776778:1701246388:vK6n2Vc8sR_cnEaONSD8UEQtuPrzgD233XZFyVMZ72g/82d9c255fd3f568f/84cff0d39225c8c HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/l9cf2/0x4AAAAAAAMmvgR_VQHWMACK/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 84cff0d39225c8c
Content-Length: 2373
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 29 Nov 2023 09:17:43 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: KIiB9IUQ4QI88RNqGY3DSmh6LXD75r75atM02/slpLyEPiMfmUG+OcoKj71JD1nwinQHyBcA2BFr41z3cbaRGyOK+BG29wPQyxYroqUyfeMUNQGpcrcXt3hDuiAjXoi6zzMfqGtfuQb5veoga3YyXaPaRScf1ZcFIkfrXY4u15aSkZwCaEIjblSRSxwIoFM4R2fRW4TvGJUoEMpgeqfnOONn1ZU4ysLgvGt3+gHNqAJvLslreb7qVO8ARDqfxURlUyA/LJN/ZsUQzmFyO2VVfB9RZDnbKpG9qvr3DfPVDaKL2wu93fZXqvxxKNyQzxy7vT5hsP1fnRYky5mDUrE5o2o2eo2lWoz8I8sH3x2//qU=$+r4ncZfeq6E4OC0gRtC0lw==
server: cloudflare
cf-ray: 82d9c2584f83568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/82d9c255fd3f568f/1701249463096/eWNycKICQr5_Rju
200 OK 61 B URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/82d9c255fd3f568f/1701249463096/eWNycKICQr5_Rju
IP
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/l9cf2/0x4AAAAAAAMmvgR_VQHWMACK/auto/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File type PNG image data, 94 x 53, 8-bit/color RGB, non-interlaced\012- data
Hash 2898daec89b60ad4135785c4c48015aa
8498913316122b21685dee2813f9b596d4bbc640
1a331bf1cd3aba4ac01debd72ebdf97dbb157ba27a159348ff3b582a5fa7562d
GET /cdn-cgi/challenge-platform/h/g/i/82d9c255fd3f568f/1701249463096/eWNycKICQr5_Rju HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/l9cf2/0x4AAAAAAAMmvgR_VQHWMACK/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 29 Nov 2023 09:17:43 GMT
content-type: image/png
server: cloudflare
cf-ray: 82d9c25beb03568f-OSL
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/turnstile/v0/g/9914b343/api.js?render=explicit
200 OK 34 kB URL GET HTTP/2 challenges.cloudflare.com/turnstile/v0/g/9914b343/api.js?render=explicit
IP
Requested by https://flu67r7.rdaj8.ru/EUWst83#lmcneil@iiroc.ca
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File type ASCII text, with very long lines (34253)
Hash 6142a5f5c66e2c1be52ee9506a565962
c3b39e8352efd1e0619b6dd62af8b2a917622868
51cd12da61a7401c73472b2ac77067adfa30e9fc0545b4b7c240e9154e011fc7
GET /turnstile/v0/g/9914b343/api.js?render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flu67r7.rdaj8.ru/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 29 Nov 2023 09:17:42 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d9c251ce80b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
flu67r7.rdaj8.ru/web2/assets/pages/281jc3b.css?cb=1701249466575
200 OK 1.1 kB URL GET HTTP/3 flu67r7.rdaj8.ru/web2/assets/pages/281jc3b.css?cb=1701249466575
IP
Requested by https://flu67r7.rdaj8.ru/EUWst83#lmcneil@iiroc.ca
Certificate IssuerGoogle Trust Services LLC
Subjectrdaj8.ru
Fingerprint42:07:C1:C9:CE:B0:7B:BB:AF:01:98:87:D3:D6:7C:D5:1C:49:DA:FD
ValidityWed, 11 Oct 2023 20:51:46 GMT - Tue, 09 Jan 2024 20:51:45 GMT
File type ASCII text, with very long lines (1164), with no line terminators
Hash 7b4a0b437a860756a33291aba35994bf
5fd0d1bb49eac3fe26df6fa899833438afea0431
8f747b76b97df59f3038f84d1ef912552eebd7fa697a5972ae49ccb33a4830f2
GET /web2/assets/pages/281jc3b.css?cb=1701249466575 HTTP/1.1
Host: flu67r7.rdaj8.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flu67r7.rdaj8.ru/EUWst83
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 29 Nov 2023 09:17:42 GMT
content-type: text/css
last-modified: Mon, 27 Nov 2023 08:13:08 GMT
etag: W/"461-60b1ddf513e45"
access-control-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
content-security-policy: frame-ancestors 'none'
cache-control: max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gMSp%2Fu26ceWZrBjp6m5ZHjW2LuqxjMKoeDYkJGsSIi4OI3LwQXMHRl6dSpxm7b2Vf81Aon6M%2BMmyYtxmphK5mh%2FLSHNeBNwN1IPSCzB0kLjwqni5TbLzzUeNrkGZQ47muCOxSC1C28W%2FCI2xB5nnj67B328uXT0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: MISS
server: cloudflare
cf-ray: 82d9c2541d5e7129-OSL
content-encoding: br
flu67r7.rdaj8.ru/web2/assets/cloudfavicon.ico
200 OK 34 kB URL GET HTTP/3 flu67r7.rdaj8.ru/web2/assets/cloudfavicon.ico
IP
Requested by https://flu67r7.rdaj8.ru/EUWst83#lmcneil@iiroc.ca
Certificate IssuerGoogle Trust Services LLC
Subjectrdaj8.ru
Fingerprint42:07:C1:C9:CE:B0:7B:BB:AF:01:98:87:D3:D6:7C:D5:1C:49:DA:FD
ValidityWed, 11 Oct 2023 20:51:46 GMT - Tue, 09 Jan 2024 20:51:45 GMT
File type MS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel\012- data
Hash 88415acda09a4cbd9d87543c3ba78180
2dec4705e9ab399efdc6eef36e079aa31d1df8d9
20cccc47c1bac9d2ef36b6a1c58af58c5c169ad5ca084080f0392b86f949641c
GET /web2/assets/cloudfavicon.ico HTTP/1.1
Host: flu67r7.rdaj8.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flu67r7.rdaj8.ru/EUWst83
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 29 Nov 2023 09:17:42 GMT
content-type: image/x-icon
last-modified: Wed, 16 Aug 2023 15:22:46 GMT
etag: W/"86be-6030bde212b57"
access-control-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
content-security-policy: frame-ancestors 'none'
cache-control: max-age=14400
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ALEMCcyNRhdgcFFKcBjZrdz%2Bk2ifrgMotuo7SfKRqLLbWZktpTSlt%2BN4o4QvxSCUI%2FxW%2FTHrjBXHpALhukazgFfuOA%2Bj2HJpr1RyZ5pXVbx1TfTdMwn2GoP2wyPqKzcM17WEN1rxvRsq9asUpwEDA8HIrEJyPLM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
server: cloudflare
cf-ray: 82d9c2562ed57129-OSL
content-encoding: br
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/ew4g0I%2FZYomJh1e75pupA0WLfHDXy%2FQKEyLTEDfnNN8%3D
200 OK 61 B URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/ew4g0I%2FZYomJh1e75pupA0WLfHDXy%2FQKEyLTEDfnNN8%3D
IP
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/l9cf2/0x4AAAAAAAMmvgR_VQHWMACK/auto/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File type PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced\012- data
Hash 9246cca8fc3c00f50035f28e9f6b7f7d
3aa538440f70873b574f40cd793060f53ec17a5d
c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84
GET /cdn-cgi/challenge-platform/h/g/cmg/1/ew4g0I%2FZYomJh1e75pupA0WLfHDXy%2FQKEyLTEDfnNN8%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/l9cf2/0x4AAAAAAAMmvgR_VQHWMACK/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 29 Nov 2023 09:17:42 GMT
content-type: image/png
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 82d9c256cdf5568f-OSL
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=82d9c255fd3f568f
200 OK 180 kB URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=82d9c255fd3f568f
IP
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/l9cf2/0x4AAAAAAAMmvgR_VQHWMACK/auto/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 180 kB (180266 bytes)
Hash 5c0ef6fcfaf0198ce9d9089dd5697f0b
7a70bc0a7357830d7345820356ccf54f1e567a92
013b2c62cd288af4b09a9354f52e447a2a1bd7056a6f26512511a5539fc0ab21
GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=82d9c255fd3f568f HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/l9cf2/0x4AAAAAAAMmvgR_VQHWMACK/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 29 Nov 2023 09:17:42 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: cloudflare
cf-ray: 82d9c256de02568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/676776778:1701246388:vK6n2Vc8sR_cnEaONSD8UEQtuPrzgD233XZFyVMZ72g/82d9c255fd3f568f/84cff0d39225c8c
200 OK 18 kB URL POST HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/676776778:1701246388:vK6n2Vc8sR_cnEaONSD8UEQtuPrzgD233XZFyVMZ72g/82d9c255fd3f568f/84cff0d39225c8c
IP
Requested by https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/l9cf2/0x4AAAAAAAMmvgR_VQHWMACK/auto/normal
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File type ASCII text, with very long lines (17808), with no line terminators
Hash a7b450a4989990939b635e0478eabeca
c7657e866ec2a6fe90d3a7516e6cb776ee86c5df
8d031dd6324306fa13a3fa990bb8930d68acd52eb112fa1860bce501b74b76c0
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/676776778:1701246388:vK6n2Vc8sR_cnEaONSD8UEQtuPrzgD233XZFyVMZ72g/82d9c255fd3f568f/84cff0d39225c8c HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/l9cf2/0x4AAAAAAAMmvgR_VQHWMACK/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 84cff0d39225c8c
Content-Length: 24614
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 29 Nov 2023 09:17:44 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: iedarMHwKmZYWEvPFDrKmn92YowWEM6kIqage9cw7Qr7txMksd8lYfD1y6/sVqhu$sbd8aLqfANPdG5xCNKab6w==
server: cloudflare
cf-ray: 82d9c262a83f568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
flu67r7.rdaj8.ru/web2/assets/cloudfavicon.ico
0 B URL GET flu67r7.rdaj8.ru/web2/assets/cloudfavicon.ico
IP
Requested by https://flu67r7.rdaj8.ru/EUWst83#lmcneil@iiroc.ca
Certificate IssuerGoogle Trust Services LLC
Subjectrdaj8.ru
Fingerprint42:07:C1:C9:CE:B0:7B:BB:AF:01:98:87:D3:D6:7C:D5:1C:49:DA:FD
ValidityWed, 11 Oct 2023 20:51:46 GMT - Tue, 09 Jan 2024 20:51:45 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /web2/assets/cloudfavicon.ico HTTP/1.1
Host: flu67r7.rdaj8.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flu67r7.rdaj8.ru/EUWst83
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
200 OK 102 B URL User Request GET HTTP/2 IP
Certificate IssuerGoogle Trust Services LLC
Subjectrdaj8.ru
Fingerprint42:07:C1:C9:CE:B0:7B:BB:AF:01:98:87:D3:D6:7C:D5:1C:49:DA:FD
ValidityWed, 11 Oct 2023 20:51:46 GMT - Tue, 09 Jan 2024 20:51:45 GMT
File type HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 550fbb29f9625e357161e6f675e507c8
f308d745c7b228582cbd05056775db7bdec5e996
7948ab960b718155b1d3256ad99de0f59aadbfcc1535209ba9d8cbc66e7fe004
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft Outlook
GET /EUWst83 HTTP/1.1
Host: flu67r7.rdaj8.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 29 Nov 2023 09:17:41 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rm%2FauxktblP0q8J3zZ8ndgUmXvSK6VfU7akRhAnMLymTKXbDKsUoMC1O%2FgdsRzZpeNjYG6HZXabjdrx3J6kmvtAkRA9vzAjpzThHqNMaTQRoLMtt%2FCV2DknYMGrR6WKH6R0w"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d9c24f68e3b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
flu67r7.rdaj8.ru/myscr820424.js
200 OK 28 kB URL GET HTTP/3 flu67r7.rdaj8.ru/myscr820424.js
IP
Requested by https://flu67r7.rdaj8.ru/EUWst83#lmcneil@iiroc.ca
Certificate IssuerGoogle Trust Services LLC
Subjectrdaj8.ru
Fingerprint42:07:C1:C9:CE:B0:7B:BB:AF:01:98:87:D3:D6:7C:D5:1C:49:DA:FD
ValidityWed, 11 Oct 2023 20:51:46 GMT - Tue, 09 Jan 2024 20:51:45 GMT
Hash 85905febaacf3ac2d0a9ccb783b19bd7
9c5d63081009414e3497d559849c92e055b65f5f
28a4bafd974bdf544d1fe8c640b7de52f41623aed914ed3939fb69d468319b29
GET /myscr820424.js HTTP/1.1
Host: flu67r7.rdaj8.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flu67r7.rdaj8.ru/EUWst83
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 29 Nov 2023 09:17:41 GMT
content-type: application/javascript
last-modified: Mon, 20 Nov 2023 20:04:37 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sg5OWY3RA2cBxFsmNLC2crtcwL3TOML62CD5EiADsctg3laWlPX6IgMFVdQcaW66Zy%2FcIph8R6p751OQd0Wmf24h%2Bc%2FXUuOnsXf80160JgudW%2FmSkjVeVT7uu4gf6I%2FEmqbs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d9c250ead87129-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
flu67r7.rdaj8.ru/web2/assets/js/pages-head-web.min.js?cb=1701249466575
200 OK 14 kB URL GET HTTP/3 flu67r7.rdaj8.ru/web2/assets/js/pages-head-web.min.js?cb=1701249466575
IP
Requested by https://flu67r7.rdaj8.ru/EUWst83#lmcneil@iiroc.ca
Certificate IssuerGoogle Trust Services LLC
Subjectrdaj8.ru
Fingerprint42:07:C1:C9:CE:B0:7B:BB:AF:01:98:87:D3:D6:7C:D5:1C:49:DA:FD
ValidityWed, 11 Oct 2023 20:51:46 GMT - Tue, 09 Jan 2024 20:51:45 GMT
File type ASCII text, with very long lines (13626), with no line terminators
Hash 701637cf7b3c9588cdf84dbb449ba48e
a3fd0695db073372cbb52345cb18cd4f8186edeb
fe2ea5cd48f2ca8001c5283ee74d2b41305644374b0c1e7b90b9cb6b5bb73a94
GET /web2/assets/js/pages-head-web.min.js?cb=1701249466575 HTTP/1.1
Host: flu67r7.rdaj8.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flu67r7.rdaj8.ru/EUWst83
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 29 Nov 2023 09:17:42 GMT
content-type: application/javascript
last-modified: Sun, 22 Oct 2023 12:15:47 GMT
etag: W/"353a-6084d10c51e3d"
access-control-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
content-security-policy: frame-ancestors 'none'
cache-control: max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YIOm7KxBxRn5nrkhiZspQcRptmb2OA%2B2qQL33PG%2FNK8XOqqntUOfkzYRITFVYYhEgPFmaq70MRWV60OYF10d6B2CDZUM7AhVIQeAcduoI8TVVfPtxAcG9XdDFGlTeCXfmmyZQGTDXqJ3tkcCsmxKiAUSTFL7k1o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: MISS
server: cloudflare
cf-ray: 82d9c2543d717129-OSL
content-encoding: br
flu67r7.rdaj8.ru/web2/assets/css/pages.min.css?cb=1701249466575
200 OK 17 kB URL GET HTTP/3 flu67r7.rdaj8.ru/web2/assets/css/pages.min.css?cb=1701249466575
IP
Requested by https://flu67r7.rdaj8.ru/EUWst83#lmcneil@iiroc.ca
Certificate IssuerGoogle Trust Services LLC
Subjectrdaj8.ru
Fingerprint42:07:C1:C9:CE:B0:7B:BB:AF:01:98:87:D3:D6:7C:D5:1C:49:DA:FD
ValidityWed, 11 Oct 2023 20:51:46 GMT - Tue, 09 Jan 2024 20:51:45 GMT
File type ASCII text, with very long lines (17014), with no line terminators
Hash 4d38e2ffc538c11f0dca9cb2ad6ca08a
400ca5c484a88f9a91a1d1439e5f51a621ad3eaa
6b14e6f4239ef85c9180a099263a041df2b82bd65a245e72cca365cbd5e88fa8
GET /web2/assets/css/pages.min.css?cb=1701249466575 HTTP/1.1
Host: flu67r7.rdaj8.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flu67r7.rdaj8.ru/EUWst83
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 29 Nov 2023 09:17:42 GMT
content-type: text/css
last-modified: Wed, 01 Nov 2023 13:29:30 GMT
etag: W/"4276-6091742db8c68"
access-control-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
content-security-policy: frame-ancestors 'none'
cache-control: max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XuNF0MrnpGJcjZwUHXOlBqxM7NDY8gVMQhwQ1bhbqeBVbw9%2BQIPS1fO4fQQ3SVSd2PYjt7Sy71NaXvPn1Rzw%2Fh%2BMqAF76T8i3heMVzoAQB1ME%2FK2Do5pjc1b6Q%2BNsiLxzQo3HlI1uzdMm1qbcgxigM6JoGVyxLc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: MISS
server: cloudflare
cf-ray: 82d9c2543d6d7129-OSL
content-encoding: br
flu67r7.rdaj8.ru/web2/assets/css/pages-godaddy.css?cb=1701249466575
200 OK 38 kB URL GET HTTP/3 flu67r7.rdaj8.ru/web2/assets/css/pages-godaddy.css?cb=1701249466575
IP
Requested by https://flu67r7.rdaj8.ru/EUWst83#lmcneil@iiroc.ca
Certificate IssuerGoogle Trust Services LLC
Subjectrdaj8.ru
Fingerprint42:07:C1:C9:CE:B0:7B:BB:AF:01:98:87:D3:D6:7C:D5:1C:49:DA:FD
ValidityWed, 11 Oct 2023 20:51:46 GMT - Tue, 09 Jan 2024 20:51:45 GMT
File type ASCII text, with very long lines (1437), with CRLF line terminators
Hash d7c87990c89310fcf5a9d4deb542a902
3ed17c7eaf31bb310798ec719b8d93db8a7316f8
709724756ac73892ac3709ec162d48f0aa2a94399d3d86a5df0cf5600be58513
GET /web2/assets/css/pages-godaddy.css?cb=1701249466575 HTTP/1.1
Host: flu67r7.rdaj8.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flu67r7.rdaj8.ru/EUWst83
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 29 Nov 2023 09:17:42 GMT
content-type: text/css
last-modified: Mon, 09 Oct 2023 21:26:59 GMT
etag: W/"954d-6074f4019072e"
access-control-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
content-security-policy: frame-ancestors 'none'
cache-control: max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EXbCxCjUQD9qwAICHGGUbtgb1bXqW3Q4CsSts0ub%2FhC5p44w%2B33GwVaYWi1Sb2LOzbRlPwoK0DHlwPdmYaLLm%2Bw5MXSRWnZh%2FZraZZzasT%2FyXPjhzQMWK6hmSe%2BgxQ4Hy3k5iRlHKG9kYV8m0AuRRN71e8B8H5o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: MISS
server: cloudflare
cf-ray: 82d9c2543d6e7129-OSL
content-encoding: br
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/l9cf2/0x4AAAAAAAMmvgR_VQHWMACK/auto/normal
200 OK 73 kB URL GET HTTP/3 challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/l9cf2/0x4AAAAAAAMmvgR_VQHWMACK/auto/normal
IP
Requested by https://flu67r7.rdaj8.ru/EUWst83#lmcneil@iiroc.ca
Certificate IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (40091)
Hash 03534bd96d779192fea3ee8279fc5cc1
314c0955da258dc6cfdb27929925838dee72a367
b5b8ae9a3d7e1e6c1169c7bb7784653200e736e4d23f44a863cbcc489704eae1
GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/l9cf2/0x4AAAAAAAMmvgR_VQHWMACK/auto/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flu67r7.rdaj8.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 29 Nov 2023 09:17:42 GMT
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
cf-ray: 82d9c255fd3f568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
cdn.socket.io/4.6.0/socket.io.min.js
200 OK 46 kB URL GET HTTP/2 cdn.socket.io/4.6.0/socket.io.min.js
IP
Requested by https://flu67r7.rdaj8.ru/EUWst83#lmcneil@iiroc.ca
Certificate IssuerAmazon
Subjectcdn.socket.io
FingerprintBB:7D:4E:26:70:F6:06:2A:12:E9:92:A8:F1:9F:CD:82:0B:BF:48:ED
ValiditySun, 22 Oct 2023 00:00:00 GMT - Sun, 17 Nov 2024 23:59:59 GMT
File type ASCII text, with very long lines (45667)
Hash 80f5b8c6a9eeac15de93e5a112036a06
f7174635137d37581b11937fc90e9cb325077bce
0401de33701f1cad16ecf952899d23990b6437d0a5b7335524edf6bdfb932542
GET /4.6.0/socket.io.min.js HTTP/1.1
Host: cdn.socket.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flu67r7.rdaj8.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
content-disposition: inline; filename="socket.io.min.js"
content-encoding: gzip
date: Fri, 27 Oct 2023 10:49:06 GMT
etag: W/"80f5b8c6a9eeac15de93e5a112036a06"
server: Vercel
strict-transport-security: max-age=63072000
x-vercel-cache: HIT
x-vercel-id: fra1::bqgb5-1698403746025-0e8d119dc2bf
x-cache: Hit from cloudfront
via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: AQ2sWHtLIlW2Cmq80RdMNAOnyuCEwpiyFfeTg928_H2awmGgL2PA9A==
age: 3235184
X-Firefox-Spdy: h2
200.61.211.109
104.17.3.184
188.114.96.1
151.101.130.137