| hr.economictimes.indiatimes.com/etl.php?url=https://hr.economictimes.indiatimes.com/etl.php?url=https://landvape.com//linkedin.com/linkedin.com/linkedin.com/linkedin.com/linkedin.com/Supdepus/YXN0ZXBoZW5zQHByaW1lZmluYW5jZS5jb20= | 23.36.79.16 | 302 Found | 0 B |
URL User Request GET HTTP/2hr.economictimes.indiatimes.com/etl.php?url=https://hr.economictimes.indiatimes.com/etl.php?url=https://landvape.com//linkedin.com/linkedin.com/linkedin.com/linkedin.com/linkedin.com/Supdepus/YXN0ZXBoZW5zQHByaW1lZmluYW5jZS5jb20= IP23.36.79.16:443 ASN#20940 Akamai International B.V.
CertificateIssuerLet's Encrypt Subjectlangdev.indiatimes.com Fingerprint66:C2:55:F6:27:C5:28:FF:79:25:88:6E:48:88:48:32:E0:C2:40:F2 ValidityMon, 08 Apr 2024 15:13:35 GMT - Sun, 07 Jul 2024 15:13:34 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /etl.php?url=https://hr.economictimes.indiatimes.com/etl.php?url=https://landvape.com//linkedin.com/linkedin.com/linkedin.com/linkedin.com/linkedin.com/Supdepus/YXN0ZXBoZW5zQHByaW1lZmluYW5jZS5jb20= HTTP/1.1
Host: hr.economictimes.indiatimes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: optout=1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: Bhoot
content-type: text/html; charset=UTF-8
content-length: 0
access-control-allow-origin: *
pragma: no-cache
location: ./etlr.php?url=https://hr.economictimes.indiatimes.com/etl.php?url=https://landvape.com//linkedin.com/linkedin.com/linkedin.com/linkedin.com/linkedin.com/Supdepus/YXN0ZXBoZW5zQHByaW1lZmluYW5jZS5jb20=
x-cool: 22.59
content-language: en
access-control-allow-credentials: true
strict-transport-security: max-age=25920000; includeSubdomains
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: no-cache, no-store, must-revalidate
expires: Wed, 08 May 2024 14:52:37 GMT
date: Wed, 08 May 2024 14:52:37 GMT
set-cookie: PHPSESSID=3a0f7e118d80af0ea003a3e0e6da033a; expires=Wed, 15-May-2024 14:52:37 GMT; Max-Age=604800; path=/; secure; HttpOnly
pmUsr=1715179957; expires=Thu, 08-May-2025 15:59:17 GMT; Max-Age=31540000; path=/; secure; HttpOnly; SameSite=None
x-frame-options: sameorigin, SAMEORIGIN
X-Firefox-Spdy: h2
|
|
| hr.economictimes.indiatimes.com/etlr.php?url=https://hr.economictimes.indiatimes.com/etl.php?url=https://landvape.com//linkedin.com/linkedin.com/linkedin.com/linkedin.com/linkedin.com/Supdepus/YXN0ZXBoZW5zQHByaW1lZmluYW5jZS5jb20= | 23.36.79.16 | 302 Found | 0 B |
URL User Request GET HTTP/2hr.economictimes.indiatimes.com/etlr.php?url=https://hr.economictimes.indiatimes.com/etl.php?url=https://landvape.com//linkedin.com/linkedin.com/linkedin.com/linkedin.com/linkedin.com/Supdepus/YXN0ZXBoZW5zQHByaW1lZmluYW5jZS5jb20= IP23.36.79.16:443 ASN#20940 Akamai International B.V.
CertificateIssuerLet's Encrypt Subjectlangdev.indiatimes.com Fingerprint66:C2:55:F6:27:C5:28:FF:79:25:88:6E:48:88:48:32:E0:C2:40:F2 ValidityMon, 08 Apr 2024 15:13:35 GMT - Sun, 07 Jul 2024 15:13:34 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /etlr.php?url=https://hr.economictimes.indiatimes.com/etl.php?url=https://landvape.com//linkedin.com/linkedin.com/linkedin.com/linkedin.com/linkedin.com/Supdepus/YXN0ZXBoZW5zQHByaW1lZmluYW5jZS5jb20= HTTP/1.1
Host: hr.economictimes.indiatimes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: optout=1; PHPSESSID=3a0f7e118d80af0ea003a3e0e6da033a; pmUsr=1715179957
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: Bhoot
content-type: text/html; charset=UTF-8
content-length: 0
access-control-allow-origin: *
pragma: no-cache
location: https://hr.economictimes.indiatimes.com/etl.php?url=https://landvape.com//linkedin.com/linkedin.com/linkedin.com/linkedin.com/linkedin.com/Supdepus/YXN0ZXBoZW5zQHByaW1lZmluYW5jZS5jb20=&utm_source=promotions&utm_medium=email&utm_campaign=
x-cool: 22.58
content-language: en
access-control-allow-credentials: true
strict-transport-security: max-age=25920000; includeSubdomains
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: no-cache, no-store, must-revalidate
expires: Wed, 08 May 2024 14:52:38 GMT
date: Wed, 08 May 2024 14:52:38 GMT
set-cookie: hr_subscription_source=email; expires=Wed, 15-May-2024 14:52:38 GMT; Max-Age=604800; path=/
hr_pop_user_sub=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
x-frame-options: sameorigin, SAMEORIGIN
X-Firefox-Spdy: h2
|
|
| hr.economictimes.indiatimes.com/etl.php?url=https://landvape.com//linkedin.com/linkedin.com/linkedin.com/linkedin.com/linkedin.com/Supdepus/YXN0ZXBoZW5zQHByaW1lZmluYW5jZS5jb20=&utm_source=promotions&utm_medium=email&utm_campaign= | 23.36.79.16 | 302 Found | 0 B |
URL User Request GET HTTP/2hr.economictimes.indiatimes.com/etl.php?url=https://landvape.com//linkedin.com/linkedin.com/linkedin.com/linkedin.com/linkedin.com/Supdepus/YXN0ZXBoZW5zQHByaW1lZmluYW5jZS5jb20=&utm_source=promotions&utm_medium=email&utm_campaign= IP23.36.79.16:443 ASN#20940 Akamai International B.V.
CertificateIssuerLet's Encrypt Subjectlangdev.indiatimes.com Fingerprint66:C2:55:F6:27:C5:28:FF:79:25:88:6E:48:88:48:32:E0:C2:40:F2 ValidityMon, 08 Apr 2024 15:13:35 GMT - Sun, 07 Jul 2024 15:13:34 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /etl.php?url=https://landvape.com//linkedin.com/linkedin.com/linkedin.com/linkedin.com/linkedin.com/Supdepus/YXN0ZXBoZW5zQHByaW1lZmluYW5jZS5jb20=&utm_source=promotions&utm_medium=email&utm_campaign= HTTP/1.1
Host: hr.economictimes.indiatimes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: optout=1; PHPSESSID=3a0f7e118d80af0ea003a3e0e6da033a; pmUsr=1715179957; hr_subscription_source=email
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: Bhoot
content-type: text/html; charset=UTF-8
content-length: 0
access-control-allow-origin: *
pragma: no-cache
location: ./etlr.php?url=https://landvape.com//linkedin.com/linkedin.com/linkedin.com/linkedin.com/linkedin.com/Supdepus/YXN0ZXBoZW5zQHByaW1lZmluYW5jZS5jb20=&utm_source=promotions&utm_medium=email&utm_campaign=
x-cool: 55.26
content-language: en
access-control-allow-credentials: true
strict-transport-security: max-age=25920000; includeSubdomains
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: no-cache, no-store, must-revalidate
expires: Wed, 08 May 2024 14:52:38 GMT
date: Wed, 08 May 2024 14:52:38 GMT
set-cookie: pmUsr=1715179958; expires=Thu, 08-May-2025 15:59:18 GMT; Max-Age=31540000; path=/; secure; HttpOnly; SameSite=None
x-frame-options: sameorigin, SAMEORIGIN
X-Firefox-Spdy: h2
|
|
| hr.economictimes.indiatimes.com/etlr.php?url=https://landvape.com//linkedin.com/linkedin.com/linkedin.com/linkedin.com/linkedin.com/Supdepus/YXN0ZXBoZW5zQHByaW1lZmluYW5jZS5jb20=&utm_source=promotions&utm_medium=email&utm_campaign= | 23.36.79.16 | 302 Found | 0 B |
URL User Request GET HTTP/2hr.economictimes.indiatimes.com/etlr.php?url=https://landvape.com//linkedin.com/linkedin.com/linkedin.com/linkedin.com/linkedin.com/Supdepus/YXN0ZXBoZW5zQHByaW1lZmluYW5jZS5jb20=&utm_source=promotions&utm_medium=email&utm_campaign= IP23.36.79.16:443 ASN#20940 Akamai International B.V.
CertificateIssuerLet's Encrypt Subjectlangdev.indiatimes.com Fingerprint66:C2:55:F6:27:C5:28:FF:79:25:88:6E:48:88:48:32:E0:C2:40:F2 ValidityMon, 08 Apr 2024 15:13:35 GMT - Sun, 07 Jul 2024 15:13:34 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /etlr.php?url=https://landvape.com//linkedin.com/linkedin.com/linkedin.com/linkedin.com/linkedin.com/Supdepus/YXN0ZXBoZW5zQHByaW1lZmluYW5jZS5jb20=&utm_source=promotions&utm_medium=email&utm_campaign= HTTP/1.1
Host: hr.economictimes.indiatimes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: optout=1; PHPSESSID=3a0f7e118d80af0ea003a3e0e6da033a; pmUsr=1715179958; hr_subscription_source=email
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: Bhoot
content-type: text/html; charset=UTF-8
content-length: 0
access-control-allow-origin: *
pragma: no-cache
location: https://landvape.com//linkedin.com/linkedin.com/linkedin.com/linkedin.com/linkedin.com/Supdepus/YXN0ZXBoZW5zQHByaW1lZmluYW5jZS5jb20=?utm_source=promotions&utm_medium=email&utm_campaign=
x-cool: 22.55
content-language: en
access-control-allow-credentials: true
strict-transport-security: max-age=25920000; includeSubdomains
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: no-cache, no-store, must-revalidate
expires: Wed, 08 May 2024 14:52:38 GMT
date: Wed, 08 May 2024 14:52:38 GMT
set-cookie: hr_subscription_source=email; expires=Wed, 15-May-2024 14:52:38 GMT; Max-Age=604800; path=/
hr_pop_user_sub=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
x-frame-options: sameorigin, SAMEORIGIN
X-Firefox-Spdy: h2
|
|
| landvape.com//linkedin.com/linkedin.com/linkedin.com/linkedin.com/linkedin.com/Supdepus/YXN0ZXBoZW5zQHByaW1lZmluYW5jZS5jb20=?utm_source=promotions&utm_medium=email&utm_campaign= | 192.185.84.87 | 200 OK | 149 B |
URL User Request GET HTTP/2landvape.com//linkedin.com/linkedin.com/linkedin.com/linkedin.com/linkedin.com/Supdepus/YXN0ZXBoZW5zQHByaW1lZmluYW5jZS5jb20=?utm_source=promotions&utm_medium=email&utm_campaign= IP192.185.84.87:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
CertificateIssuerLet's Encrypt Subject*.landvape.com Fingerprint48:AE:A3:DE:14:8A:7A:BC:2B:C3:83:C9:82:8E:32:47:D3:BC:8A:BE ValiditySun, 05 May 2024 01:24:22 GMT - Sat, 03 Aug 2024 01:24:21 GMT
File typeHTML document, ASCII text Hash9a34969d0dd06c7400c02a90e47f804f f1e160abf1a6c71511bbc4a2cedf2b55c3e3b52e 94d66bcacfe6a34116f8534c191d3c04173036bee8a39be5782bbd6f246de5dc
GET //linkedin.com/linkedin.com/linkedin.com/linkedin.com/linkedin.com/Supdepus/YXN0ZXBoZW5zQHByaW1lZmluYW5jZS5jb20=?utm_source=promotions&utm_medium=email&utm_campaign= HTTP/1.1
Host: landvape.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=0216d2ce7d748ddd6bb76501454ef6a9; path=/
vary: Accept-Encoding
content-encoding: gzip
content-length: 149
content-type: text/html; charset=UTF-8
date: Wed, 08 May 2024 14:52:39 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D | 104.17.3.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D IP104.17.3.184:0
File typePNG image data, 2 x 2, 8-bit/color RGB, non-interlaced Hash9246cca8fc3c00f50035f28e9f6b7f7d 3aa538440f70873b574f40cd793060f53ec17a5d c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84
GET /cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/0lw9h/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 14:52:40 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 880a4661cf8c56aa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/880a46614ef156aa/1715179960931/c681417302e85fba49fefe16dbef2eb1328713e087b9aa076d70b1a5478b909e/9ieDxWAOjm7vZdO | 104.17.3.184 | | 1 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/880a46614ef156aa/1715179960931/c681417302e85fba49fefe16dbef2eb1328713e087b9aa076d70b1a5478b909e/9ieDxWAOjm7vZdO IP104.17.3.184:0
File typevery short file (no magic) Hashff44570aca8241914870afbc310cdb85 58668e7669fd564d99db5d581fcdb6a5618440b5 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
GET /cdn-cgi/challenge-platform/h/b/pat/880a46614ef156aa/1715179960931/c681417302e85fba49fefe16dbef2eb1328713e087b9aa076d70b1a5478b909e/9ieDxWAOjm7vZdO HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/0lw9h/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 401 Unauthorized
date: Wed, 08 May 2024 14:52:42 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gxoFBcwLoX7pJ_v4W2-8usTKHE-CHuaoHbXCxpUeLkJ4AGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAwJNLx-F--HQ4G6w81Lqhm55Wqle9iE4E64E37YL7QkK_ylJ-Dsmf1v3knq_MpBi8JncpUaWMssdL2Aha6xVtTuit-n3zEDZCW0VR_73N-Mc6DxdptQ_jsmIxis7apwux2f5L0gN0Z4K9C36tRcIL-chm-gijHvxrbhcCYusNwrgAlFaiqNWBqxKTiuPduHX4CNzNb7BAiNPz7ppY7Xn1WjmxSB-BaqSVLCYtDy-Mw41UBzE3QEcVUcRH9er-MksFvohzvhlnTTonFaMyAUYx3d_uCdDannmVQhRsm-aJs_P_GGe1TX3e9g5Sy-NmhGrro0kncbPlfTwFxa8SwJ5-8QIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIMaBQXMC6F-6Sf7-FtvvLrEyhxPgh7mqB21wsaVHi5CeABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAi_Bv1vvWWnyuOfVJgRV-AQLxEJECUUmMRrMnYz-gJA-oMd79ajvP3atoTZqB_EsZIq7SMmpbCRFhPolqzIrtXh7AF1Q-ZWY2RoRVRgKr7d6iJMZ49iZUmbz837eqBZJrEMuXftZmY35str5sb0GjzklF8z_hcQJC9vancYXncsYoiMDaROW0tLwSQA9BGfbmA6GlbVj4XH8DH19cKifxmO6RlIPPKlL1KmZbrRakkpuqvJO2-x1Zc2S5GCpponuvQTqJQH8Ud9loZLI75e-Xa9KAUNtBTM0t9WSEsv8cSJLV1BPBVTy1lOnwghofw4fqmlYv6CXClzAUqWouSTJ7uwIDAQAB", max-age=20
server: cloudflare
cf-ray: 880a466d0ece56aa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/880a46614ef156aa/1715179960937/WbMOjD23mxygyqo | 104.17.3.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/880a46614ef156aa/1715179960937/WbMOjD23mxygyqo IP104.17.3.184:0
File typePNG image data, 3 x 98, 8-bit/color RGB, non-interlaced Hashea60cf086a76b05999f4773720c42b0c aa092d7e1423e5da58b3787719f45ff36bb08ae5 4a43e4ab827b0e0cfcee099548b56048415fe32eff7b133908f87d1b70715090
GET /cdn-cgi/challenge-platform/h/b/i/880a46614ef156aa/1715179960937/WbMOjD23mxygyqo HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/0lw9h/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 14:52:42 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 880a466e992c56aa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1532707461:1715178763:CyDPusLpbWkGX9v_MTvZlNP2t78QnwKMcTqI0pH-Pqo/880a46614ef156aa/b5c78c632ab7361 | 104.17.3.184 | | 25 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1532707461:1715178763:CyDPusLpbWkGX9v_MTvZlNP2t78QnwKMcTqI0pH-Pqo/880a46614ef156aa/b5c78c632ab7361 IP104.17.3.184:0
File typeASCII text, with very long lines (22280), with no line terminators Hash2ca4807bc35abb05c1af6b45f1482bd9 11bb05ccb72e414e805d39d4623b86d1243866a2 3c74ade48db9cf8f2a78168d0cd9f4d261658a5b954fd9eaad5a6e1127f4e74c
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1532707461:1715178763:CyDPusLpbWkGX9v_MTvZlNP2t78QnwKMcTqI0pH-Pqo/880a46614ef156aa/b5c78c632ab7361 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/0lw9h/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: b5c78c632ab7361
Content-Length: 28924
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 14:52:43 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: 1T9qebi2zmNsFxgVspOfkIWlEJXvRKsTruycIXQQhBNKgwGHCvpefFYz5El+6zlj$/X9xiJYxuDhLAAH+6JvQaw==
vary: accept-encoding
server: cloudflare
cf-ray: 880a46731fba56aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com/jq/8d0888907e9f4ad176ac4ceca3abfcb5663b91c2c4625 | 104.21.44.43 | 200 OK | 42 kB |
URL GET HTTP/3kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com/jq/8d0888907e9f4ad176ac4ceca3abfcb5663b91c2c4625 IP104.21.44.43:443
Requested byhttps://kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com/beebb091955c06fa68b3eb8afc0bae51663b91c2b3087PASbeebb091955c06fa68b3eb8afc0bae51663b91c2b3089 CertificateIssuerLet's Encrypt Subjectintermediaselections.com Fingerprint4A:C7:E9:02:83:23:1D:7C:E2:55:F2:11:13:39:98:BD:CA:AB:0C:3E ValidityMon, 06 May 2024 10:19:46 GMT - Sun, 04 Aug 2024 10:19:45 GMT
File typeJavaScript source, ASCII text, with very long lines (32065) Hash2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
GET /jq/8d0888907e9f4ad176ac4ceca3abfcb5663b91c2c4625 HTTP/1.1
Host: kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com/beebb091955c06fa68b3eb8afc0bae51663b91c2b3087PASbeebb091955c06fa68b3eb8afc0bae51663b91c2b3089
Cookie: cf_clearance=VqQrorQoYojMzERmFAFz7rFkM8vZ1La5BES7xSaYI_w-1715179959-1.0.1.1-TH24oFeTUUrbtiAfyPJCFX.iBsvFqxJ3RqmCdJPHnGqwmgerqnQSl5fWj4x4.AWyPE5CCTlpm8OywBCAVQzZXw; PHPSESSID=fd5f5660d5b90fc1c615d54c5464bb89
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 14:52:50 GMT
content-type: text/javascript
last-modified: Mon, 06 May 2024 11:39:52 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MNFq7IF970ZvoL6zNZzwJyx%2BugNWrqKBpuuvmWF2FcUmkKsZhbMriEzVLKy1CtUKnM4ossWCHRKcc79FuTo8eQDPXw0TpzNI1jNSa1YjQdzNlIbEyNXm5l5%2B2mRvZTFh6xjwZuMfYCmrOG7T8dAPvopnaJ1rI29Dgi53rC73IOjoebZKDwMnaq6ffdsU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880a46a239c0568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com/boot/8d0888907e9f4ad176ac4ceca3abfcb5663b91c2c4628 | 104.21.44.43 | 200 OK | 24 kB |
URL GET HTTP/3kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com/boot/8d0888907e9f4ad176ac4ceca3abfcb5663b91c2c4628 IP104.21.44.43:443
Requested byhttps://kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com/beebb091955c06fa68b3eb8afc0bae51663b91c2b3087PASbeebb091955c06fa68b3eb8afc0bae51663b91c2b3089 CertificateIssuerLet's Encrypt Subjectintermediaselections.com Fingerprint4A:C7:E9:02:83:23:1D:7C:E2:55:F2:11:13:39:98:BD:CA:AB:0C:3E ValidityMon, 06 May 2024 10:19:46 GMT - Sun, 04 Aug 2024 10:19:45 GMT
File typeJavaScript source, ASCII text, with very long lines (50758) Hash67176c242e1bdc20603c878dee836df3 27a71b00383d61ef3c489326b3564d698fc1227c 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
GET /boot/8d0888907e9f4ad176ac4ceca3abfcb5663b91c2c4628 HTTP/1.1
Host: kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com/beebb091955c06fa68b3eb8afc0bae51663b91c2b3087PASbeebb091955c06fa68b3eb8afc0bae51663b91c2b3089
Cookie: cf_clearance=VqQrorQoYojMzERmFAFz7rFkM8vZ1La5BES7xSaYI_w-1715179959-1.0.1.1-TH24oFeTUUrbtiAfyPJCFX.iBsvFqxJ3RqmCdJPHnGqwmgerqnQSl5fWj4x4.AWyPE5CCTlpm8OywBCAVQzZXw; PHPSESSID=fd5f5660d5b90fc1c615d54c5464bb89
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 14:52:51 GMT
content-type: text/javascript
last-modified: Mon, 06 May 2024 11:39:52 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=92BDEDHy8uY7ygPz7kKBdfsZzDjJ0ljR2pjPa%2BNQ03OZNyVmq04adluIDHuRHnuLEQHxBZzJWoUFVjT0Dp0hmHueaPht3j8dcvsglMFDnQKfNdFvoSPsRJTePQoRs%2Bc6FIpsgknODu1aXRgvQ5L%2B1qHADR6nt7XzBCogR4FTmExsC1g%2FyrI0ME46aR8W"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880a46a239c3568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| aadcdn.msauthimages.net/dbd5a2dd-kwkxi3xopc43mcv5ir2c5eulq1kolksfdmm5fc04agu/logintenantbranding/0/illustration?ts=637230921794590331 | 152.199.21.175 | 200 OK | 262 kB |
URL GET HTTP/2aadcdn.msauthimages.net/dbd5a2dd-kwkxi3xopc43mcv5ir2c5eulq1kolksfdmm5fc04agu/logintenantbranding/0/illustration?ts=637230921794590331 IP152.199.21.175:443
Requested byhttps://kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com/beebb091955c06fa68b3eb8afc0bae51663b91c2b3087PASbeebb091955c06fa68b3eb8afc0bae51663b91c2b3089 CertificateIssuerMicrosoft Corporation Subjectaadcdn.msauthimages.net Fingerprint3B:14:C7:84:64:65:A8:46:3C:B4:7E:B7:F2:A1:AF:6B:8F:EF:17:E5 ValidityThu, 11 Jan 2024 12:14:02 GMT - Sun, 05 Jan 2025 12:14:02 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2], progressive, precision 8, 1920x1081, components 3 Size262 kB (262493 bytes) Hash4731b2cd4aa6dd1ca94d10c8c3eedd80 d328359718363fe8ec4a12fd2d17be504577f4f8 6f9115f27d860da0887e6d532cce9841575dad1a4cc1adfe80b680d5b3e1b8ef
GET /dbd5a2dd-kwkxi3xopc43mcv5ir2c5eulq1kolksfdmm5fc04agu/logintenantbranding/0/illustration?ts=637230921794590331 HTTP/1.1
Host: aadcdn.msauthimages.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
content-md5: RzGyzUqm3RypTRDIw+7dgA==
content-type: image/*
date: Wed, 08 May 2024 14:52:53 GMT
etag: 0x8D7E625AE30C0D8
last-modified: Tue, 21 Apr 2020 18:56:20 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 8d580b0d-d01e-001f-6a57-a1f0e6000000
x-ms-version: 2009-09-19
content-length: 262493
X-Firefox-Spdy: h2
|
|
| kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com/favicon.ico | 104.21.44.43 | 404 Not Found | 315 B |
URL GET HTTP/3kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com/favicon.ico IP104.21.44.43:443
Requested byhttps://kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com/beebb091955c06fa68b3eb8afc0bae51663b91c2b3087PASbeebb091955c06fa68b3eb8afc0bae51663b91c2b3089 CertificateIssuerLet's Encrypt Subjectintermediaselections.com Fingerprint4A:C7:E9:02:83:23:1D:7C:E2:55:F2:11:13:39:98:BD:CA:AB:0C:3E ValidityMon, 06 May 2024 10:19:46 GMT - Sun, 04 Aug 2024 10:19:45 GMT
File typeHTML document, ASCII text, with very long lines (326), with no line terminators Hash97ef40509b73c101d6815511c3adf98d a4242322497ea630ea72e26ba297a95a2bbe5ccd 322c1f60d9d454c801f7cff3173ef16b61cf9963a64e09a4d9e21d36218b56be
GET /favicon.ico HTTP/1.1
Host: kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com/beebb091955c06fa68b3eb8afc0bae51663b91c2b3087PASbeebb091955c06fa68b3eb8afc0bae51663b91c2b3089
Cookie: cf_clearance=VqQrorQoYojMzERmFAFz7rFkM8vZ1La5BES7xSaYI_w-1715179959-1.0.1.1-TH24oFeTUUrbtiAfyPJCFX.iBsvFqxJ3RqmCdJPHnGqwmgerqnQSl5fWj4x4.AWyPE5CCTlpm8OywBCAVQzZXw; PHPSESSID=fd5f5660d5b90fc1c615d54c5464bb89
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Wed, 08 May 2024 14:52:51 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: HIT
age: 117
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IUNKESCzTZtJ4sAUqkW%2BsM4KwJFKV42LVTn0%2BgHum%2BqtCnz3j39qh77GuMXCReXTKILuAhZrphD1AqykYzUNkwHqVUz4g5bh1rB3WtKW6jGgJnLvymq63wA5ZiynwOb0rHVBXzmgeuXuZvIh60uuWxc7qKDtZovpMNxLoJfPU6yFguPfkC33DV87xswZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880a46a7a881568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com/e/8d0888907e9f4ad176ac4ceca3abfcb5663b91c3b53f2 | 104.21.44.43 | 200 OK | 513 B |
URL GET HTTP/3kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com/e/8d0888907e9f4ad176ac4ceca3abfcb5663b91c3b53f2 IP104.21.44.43:443
Requested byhttps://kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com/beebb091955c06fa68b3eb8afc0bae51663b91c2b3087PASbeebb091955c06fa68b3eb8afc0bae51663b91c2b3089 CertificateIssuerLet's Encrypt Subjectintermediaselections.com Fingerprint4A:C7:E9:02:83:23:1D:7C:E2:55:F2:11:13:39:98:BD:CA:AB:0C:3E ValidityMon, 06 May 2024 10:19:46 GMT - Sun, 04 Aug 2024 10:19:45 GMT
File typeSVG Scalable Vector Graphics image Hashadc405f5fd089662209870ca5d2106f7 3a8b776df84bf251afc6ddd802cc5bbeddfb0e36 e7bacc97751689afaae192e103fe9851664365c57c7d783560860ad456db7e49
GET /e/8d0888907e9f4ad176ac4ceca3abfcb5663b91c3b53f2 HTTP/1.1
Host: kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com/beebb091955c06fa68b3eb8afc0bae51663b91c2b3087PASbeebb091955c06fa68b3eb8afc0bae51663b91c2b3089
Cookie: cf_clearance=VqQrorQoYojMzERmFAFz7rFkM8vZ1La5BES7xSaYI_w-1715179959-1.0.1.1-TH24oFeTUUrbtiAfyPJCFX.iBsvFqxJ3RqmCdJPHnGqwmgerqnQSl5fWj4x4.AWyPE5CCTlpm8OywBCAVQzZXw; PHPSESSID=fd5f5660d5b90fc1c615d54c5464bb89
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 14:52:51 GMT
content-type: image/svg+xml
last-modified: Mon, 06 May 2024 11:39:52 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=00zpoinoLdH1SmxvnyqUny5oJW35JTO9mVcP%2F6CgqqasOv2QarOOydphE7BGj4aZvj5LaTpggJYA9Rb6z6L3nVnGwh91PJJzYw2OtGst5gdXkgAJwijLJfCByl1N2KORqHcumL851dvbbHlz%2FFRXHMKYcfFm7pGv3%2F2PHYIlW0%2FdI%2FSKhIfSapHsN6ri"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880a46a7b898568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| aadcdn.msauthimages.net/dbd5a2dd-kwkxi3xopc43mcv5ir2c5eulq1kolksfdmm5fc04agu/logintenantbranding/0/bannerlogo?ts=637230217693165944 | 152.199.21.175 | 200 OK | 5.1 kB |
URL GET HTTP/2aadcdn.msauthimages.net/dbd5a2dd-kwkxi3xopc43mcv5ir2c5eulq1kolksfdmm5fc04agu/logintenantbranding/0/bannerlogo?ts=637230217693165944 IP152.199.21.175:443
Requested byhttps://kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com/beebb091955c06fa68b3eb8afc0bae51663b91c2b3087PASbeebb091955c06fa68b3eb8afc0bae51663b91c2b3089 CertificateIssuerMicrosoft Corporation Subjectaadcdn.msauthimages.net Fingerprint3B:14:C7:84:64:65:A8:46:3C:B4:7E:B7:F2:A1:AF:6B:8F:EF:17:E5 ValidityThu, 11 Jan 2024 12:14:02 GMT - Sun, 05 Jan 2025 12:14:02 GMT
File typePNG image data, 231 x 60, 8-bit/color RGBA, non-interlaced Hash8789120774c31f112ebba31db24f80e5 5c7456809a3cc09926c36aaa432dce19f6c08e20 b268b70cbd02413aa5b110f64ea3989f334032b1ccedafd108bdf6ead249a8ec
GET /dbd5a2dd-kwkxi3xopc43mcv5ir2c5eulq1kolksfdmm5fc04agu/logintenantbranding/0/bannerlogo?ts=637230217693165944 HTTP/1.1
Host: aadcdn.msauthimages.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 117
cache-control: public, max-age=86400
content-md5: h4kSB3TDHxEuu6Mdsk+A5Q==
content-type: image/*
date: Wed, 08 May 2024 14:52:52 GMT
etag: 0x8D7E581BE4D3796
last-modified: Mon, 20 Apr 2020 23:22:50 GMT
server: ECAcc (ska/F6D1)
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 7d085efc-501e-004c-0557-a1d3d2000000
x-ms-version: 2009-09-19
content-length: 5141
X-Firefox-Spdy: h2
|
|
| kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com/o/8d0888907e9f4ad176ac4ceca3abfcb5663b91c3b53eb | 104.21.44.43 | 200 OK | 3.7 kB |
URL GET HTTP/3kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com/o/8d0888907e9f4ad176ac4ceca3abfcb5663b91c3b53eb IP104.21.44.43:443
Requested byhttps://kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com/beebb091955c06fa68b3eb8afc0bae51663b91c2b3087PASbeebb091955c06fa68b3eb8afc0bae51663b91c2b3089 CertificateIssuerLet's Encrypt Subjectintermediaselections.com Fingerprint4A:C7:E9:02:83:23:1D:7C:E2:55:F2:11:13:39:98:BD:CA:AB:0C:3E ValidityMon, 06 May 2024 10:19:46 GMT - Sun, 04 Aug 2024 10:19:45 GMT
File typeSVG Scalable Vector Graphics image Hashd633a913e6f3b1f45774b9874dfc85e0 5ba1344048578062c93cfddfdf8458477eaca476 c1fbfbd9a81fc4d9c9539a65bdfb4c6738926b8d4681b0346706196413e92714
GET /o/8d0888907e9f4ad176ac4ceca3abfcb5663b91c3b53eb HTTP/1.1
Host: kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com/beebb091955c06fa68b3eb8afc0bae51663b91c2b3087PASbeebb091955c06fa68b3eb8afc0bae51663b91c2b3089
Cookie: cf_clearance=VqQrorQoYojMzERmFAFz7rFkM8vZ1La5BES7xSaYI_w-1715179959-1.0.1.1-TH24oFeTUUrbtiAfyPJCFX.iBsvFqxJ3RqmCdJPHnGqwmgerqnQSl5fWj4x4.AWyPE5CCTlpm8OywBCAVQzZXw; PHPSESSID=fd5f5660d5b90fc1c615d54c5464bb89
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 14:52:51 GMT
content-type: image/svg+xml
last-modified: Mon, 06 May 2024 11:39:52 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w58U7disosz61fmoV7z1ZKR1ukHguohviGf7RaVid%2BmOoOrBeV%2BF288c9BKtoOu2xxgxB4aLSFcj54RX%2BgzZwEiMywiabcyX8Idt%2FPBjyolss%2Fibfbsmy7kumzjURg828qXZiULUIqZHc1HyX5V8HTAfN%2FCyce2QLyO0iYu%2Bb7fA3I3qPJwMnauxXhIm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880a46a7b88e568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com/2 | 104.21.44.43 | 200 OK | 37 kB |
URL GET HTTP/3kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com/2 IP104.21.44.43:443
Requested byhttps://kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com/beebb091955c06fa68b3eb8afc0bae51663b91c2b3087PASbeebb091955c06fa68b3eb8afc0bae51663b91c2b3089 CertificateIssuerLet's Encrypt Subjectintermediaselections.com Fingerprint4A:C7:E9:02:83:23:1D:7C:E2:55:F2:11:13:39:98:BD:CA:AB:0C:3E ValidityMon, 06 May 2024 10:19:46 GMT - Sun, 04 Aug 2024 10:19:45 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /2 HTTP/1.1
Host: kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com/beebb091955c06fa68b3eb8afc0bae51663b91c2b3087PASbeebb091955c06fa68b3eb8afc0bae51663b91c2b3089
Cookie: cf_clearance=VqQrorQoYojMzERmFAFz7rFkM8vZ1La5BES7xSaYI_w-1715179959-1.0.1.1-TH24oFeTUUrbtiAfyPJCFX.iBsvFqxJ3RqmCdJPHnGqwmgerqnQSl5fWj4x4.AWyPE5CCTlpm8OywBCAVQzZXw; PHPSESSID=fd5f5660d5b90fc1c615d54c5464bb89
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 14:52:51 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ozz5YIMnhlw%2F7lB8IFjSWhEWdP2yoF3pauhvgDQDlo4%2BCddlVOGNRrOLAPdl9v6pCP4Ux3cQIcghSc2Vgfm7tx0akl89XujK6ynBs7c6gU0UJvmAjETDvl%2FTy%2Bo%2FNvIEE1WHvdl2dQWtE02bkU8PlBf3hwasyaetD8CpLL0tKNOMqfZe0D6cVHy%2Biurr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880a46a72fed568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com/APP-L5IRXW/8d0888907e9f4ad176ac4ceca3abfcb5663b91c3b53b2 | 104.21.44.43 | 200 OK | 105 kB |
URL GET HTTP/3kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com/APP-L5IRXW/8d0888907e9f4ad176ac4ceca3abfcb5663b91c3b53b2 IP104.21.44.43:443
Requested byhttps://kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com/beebb091955c06fa68b3eb8afc0bae51663b91c2b3087PASbeebb091955c06fa68b3eb8afc0bae51663b91c2b3089 CertificateIssuerLet's Encrypt Subjectintermediaselections.com Fingerprint4A:C7:E9:02:83:23:1D:7C:E2:55:F2:11:13:39:98:BD:CA:AB:0C:3E ValidityMon, 06 May 2024 10:19:46 GMT - Sun, 04 Aug 2024 10:19:45 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size105 kB (105369 bytes) Hash8e6b0f88563f9c33f78bce65cf287df7 ef7765cd2a7d64ed27dd7344702597aff6f8c397 a7057bebfff43e7281ca31da00d40bd88c8d02d1576b9c45891dd56a3853269a
GET /APP-L5IRXW/8d0888907e9f4ad176ac4ceca3abfcb5663b91c3b53b2 HTTP/1.1
Host: kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com/beebb091955c06fa68b3eb8afc0bae51663b91c2b3087PASbeebb091955c06fa68b3eb8afc0bae51663b91c2b3089
Cookie: cf_clearance=VqQrorQoYojMzERmFAFz7rFkM8vZ1La5BES7xSaYI_w-1715179959-1.0.1.1-TH24oFeTUUrbtiAfyPJCFX.iBsvFqxJ3RqmCdJPHnGqwmgerqnQSl5fWj4x4.AWyPE5CCTlpm8OywBCAVQzZXw; PHPSESSID=fd5f5660d5b90fc1c615d54c5464bb89
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 14:52:52 GMT
content-type: text/css
last-modified: Mon, 06 May 2024 11:39:52 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mJjgefoN2fZMJayYmUD5j%2FUgZAoFHwxH0qJGUXCsRTVY%2B4xmt7OkceDFrjPwZlc42KL1A9CWDI1ig2azTUwVnig5qb7hzLK%2FDhXJNhCRCfkpU24YyV1R9nxCXdL7IGgAVF%2FZs1dQzVpVFnuJpdHY3PPgoZHUD3WBtnushN%2FBh6bp8KCikHPoSWu7Snjn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880a46a7d8e0568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com/Tastephens@primefinance.com | 104.21.44.43 | 302 Found | 5.5 kB |
URL User Request POST HTTP/3kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com/Tastephens@primefinance.com IP104.21.44.43:443
CertificateIssuerLet's Encrypt Subjectintermediaselections.com Fingerprint4A:C7:E9:02:83:23:1D:7C:E2:55:F2:11:13:39:98:BD:CA:AB:0C:3E ValidityMon, 06 May 2024 10:19:46 GMT - Sun, 04 Aug 2024 10:19:45 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /Tastephens@primefinance.com HTTP/1.1
Host: kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com/Tastephens@primefinance.com?__cf_chl_tk=e1ekBss0gzKnpKQPIaUdOH6v6FlLn3PXzHKGaOwu29A-1715179959-0.0.1.1-1685
Content-Type: application/x-www-form-urlencoded
Content-Length: 5201
Origin: https://kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Sec-Fetch-User: ?1
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Wed, 08 May 2024 14:52:50 GMT
content-type: text/html; charset=UTF-8
location: ./beebb091955c06fa68b3eb8afc0bae51663b91c2b3087PASbeebb091955c06fa68b3eb8afc0bae51663b91c2b3089
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: cf_clearance=VqQrorQoYojMzERmFAFz7rFkM8vZ1La5BES7xSaYI_w-1715179959-1.0.1.1-TH24oFeTUUrbtiAfyPJCFX.iBsvFqxJ3RqmCdJPHnGqwmgerqnQSl5fWj4x4.AWyPE5CCTlpm8OywBCAVQzZXw; Path=/; Expires=Thu, 08-May-25 14:52:49 GMT; Domain=.intermediaselections.com; HttpOnly; Secure; SameSite=None; Partitioned
PHPSESSID=fd5f5660d5b90fc1c615d54c5464bb89; path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TyX1VcMCvxZCanLiOkugl6sfQYHAHmhicCHkdkzsPuLuqY4U4caBcWQIwtOVMCwMhHj1SodAetUpZwBuf%2FJ2YSNItbcrED58b1OHekQxfFCrAo%2BPB075BsPjWjrziAiNJM9xWYEYDHpGAe%2B3pTQQtl3x8YigkxtOX6xcV0rtR0QLDLDKSCr1Wu2%2B8t%2Fe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880a469c395b568d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com/beebb091955c06fa68b3eb8afc0bae51663b91c2b3087PASbeebb091955c06fa68b3eb8afc0bae51663b91c2b3089 | 104.21.44.43 | 200 OK | 5.5 kB |
URL User Request GET HTTP/3kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com/beebb091955c06fa68b3eb8afc0bae51663b91c2b3087PASbeebb091955c06fa68b3eb8afc0bae51663b91c2b3089 IP104.21.44.43:443
CertificateIssuerLet's Encrypt Subjectintermediaselections.com Fingerprint4A:C7:E9:02:83:23:1D:7C:E2:55:F2:11:13:39:98:BD:CA:AB:0C:3E ValidityMon, 06 May 2024 10:19:46 GMT - Sun, 04 Aug 2024 10:19:45 GMT
File typeHTML document, ASCII text, with very long lines (5541), with no line terminators Hash257e2dc5d79636d3f946f7df1e6af8e1 54513aacf508542fab90f144f4b42185c9efd5da 9ed46ad8e113f1f204bb675e8a2210a870c3f04fd94d1df58dd182d680a180b3
GET /beebb091955c06fa68b3eb8afc0bae51663b91c2b3087PASbeebb091955c06fa68b3eb8afc0bae51663b91c2b3089 HTTP/1.1
Host: kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com/Tastephens@primefinance.com?__cf_chl_tk=e1ekBss0gzKnpKQPIaUdOH6v6FlLn3PXzHKGaOwu29A-1715179959-0.0.1.1-1685
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=VqQrorQoYojMzERmFAFz7rFkM8vZ1La5BES7xSaYI_w-1715179959-1.0.1.1-TH24oFeTUUrbtiAfyPJCFX.iBsvFqxJ3RqmCdJPHnGqwmgerqnQSl5fWj4x4.AWyPE5CCTlpm8OywBCAVQzZXw; PHPSESSID=fd5f5660d5b90fc1c615d54c5464bb89
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Sec-Fetch-User: ?1
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 14:52:50 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6nAxcOyWZwVkal5NlTle1JGP9yDiEV6ZUrvFPtQ6XOTcabok%2F7Qjjv1Ilu9yoEe8BUANLEjhlzK4rHUgUasl9yeB1bCBbAAJvx3CiBd8g29qitIQ%2B7J6sde6fyJQ%2FJu6PZrKmd5yVwJ2E3Np3KGSLjFEfFP39%2F%2FsEVA82AUS0HAAuaXup0TbTo9lw3B4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880a46a14893568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| unpkg.com/axios/dist/axios.min.js | 104.17.246.203 | 302 Found | 42 kB |
URL GET HTTP/2unpkg.com/axios/dist/axios.min.js IP104.17.246.203:443
Requested byhttps://kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com/beebb091955c06fa68b3eb8afc0bae51663b91c2b3087PASbeebb091955c06fa68b3eb8afc0bae51663b91c2b3089 CertificateIssuerGoogle Trust Services LLC Subjectunpkg.com Fingerprint2E:F1:F6:31:28:EC:29:20:41:F4:58:4B:B1:CF:51:16:77:7E:BF:E3 ValidityMon, 01 Apr 2024 02:40:24 GMT - Sun, 30 Jun 2024 02:40:23 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /axios/dist/axios.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Wed, 08 May 2024 14:52:50 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /axios@1.6.8/dist/axios.min.js
vary: Accept, Accept-Encoding
content-encoding: br
via: 1.1 fly.io
fly-request-id: 01HXCAN53VV5EYVTZ1KTW5W09S-arn
cf-cache-status: HIT
age: 445
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880a46a28ede56bb-OSL
X-Firefox-Spdy: h2
|
|
| unpkg.com/axios@1.6.8/dist/axios.min.js | 104.17.246.203 | 200 OK | 42 kB |
URL GET HTTP/2unpkg.com/axios@1.6.8/dist/axios.min.js IP104.17.246.203:443
Requested byhttps://kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com/beebb091955c06fa68b3eb8afc0bae51663b91c2b3087PASbeebb091955c06fa68b3eb8afc0bae51663b91c2b3089 CertificateIssuerGoogle Trust Services LLC Subjectunpkg.com Fingerprint2E:F1:F6:31:28:EC:29:20:41:F4:58:4B:B1:CF:51:16:77:7E:BF:E3 ValidityMon, 01 Apr 2024 02:40:24 GMT - Sun, 30 Jun 2024 02:40:23 GMT
File typeJavaScript source, ASCII text, with very long lines (41442) Hash3b5b3d36fde8ffe8ed76b1efbfc65410 d63107d0912fdb387530d5ce2d512c928d73d122 29d600462a30694efd15b9848b4ca42d178cd067009275c35a30580121114304
GET /axios@1.6.8/dist/axios.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 14:52:51 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
content-encoding: br
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "a209-1jEH0JEv2zh1MNXOLVEsko1z0SI"
via: 1.1 fly.io
fly-request-id: 01HWR4SQ10CZK3T39W1B2GFCAN-arn
cf-cache-status: HIT
age: 677676
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880a46a2af0c56bb-OSL
X-Firefox-Spdy: h2
|
|
| kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com/Tastephens@primefinance.com | 104.21.44.43 | 403 Forbidden | 17 kB |
URL User Request GET HTTP/2kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com/Tastephens@primefinance.com IP104.21.44.43:443
CertificateIssuerLet's Encrypt Subjectintermediaselections.com Fingerprint4A:C7:E9:02:83:23:1D:7C:E2:55:F2:11:13:39:98:BD:CA:AB:0C:3E ValidityMon, 06 May 2024 10:19:46 GMT - Sun, 04 Aug 2024 10:19:45 GMT
File typeHTML document, ASCII text, with very long lines (16927), with no line terminators Hasheeefc359862af22834d2101a923ccbb7 86b125bfc7aed1ccfea45a6e409752283000e92d 5b4bd9f2cf2216bbdc621d621bbc8b0f8183fbe4dd07f83d853646a2b6df0b00
GET /Tastephens@primefinance.com HTTP/1.1
Host: kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landvape.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Wed, 08 May 2024 14:52:39 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: bpMiIdqkBwPlvwAKMbszZmypC4zr8vSltvBg98VEqIDfezgTwy3p7l0m33ZLaXozc1bwF0iPtdZfvsBl2jmvBRwqCy/xpOWJggtsJIxWTWlt9NMvTlSmz5RxTVjY8DTpwELYTsmLl5Vt3TRVbFeeTg==$+xyGGlEzQlfIxvvlHaKeCg==
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pTrIlToI%2BnuP5xSbYwBDjAuO4VL1fbpGNFLtNsPjFi3lPl9MK1qqzZy5oXFLcy8XCkFBx78EqfsQeTU7JbNplSJFhj1tzsmU8NyF1zZNLBG9RsseK8Wnr702swhaUGtrIQ7akl5nQRTkZONfXHQmysUUkTwsm7JN0adQoqp6NEntJOnoHWW6fmTqsJv%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880a465d3ba0b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com/jm/8d0888907e9f4ad176ac4ceca3abfcb5663b91c2c462a | 104.21.44.43 | 200 OK | 6.4 kB |
URL GET HTTP/3kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com/jm/8d0888907e9f4ad176ac4ceca3abfcb5663b91c2c462a IP104.21.44.43:443
Requested byhttps://kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com/beebb091955c06fa68b3eb8afc0bae51663b91c2b3087PASbeebb091955c06fa68b3eb8afc0bae51663b91c2b3089 CertificateIssuerLet's Encrypt Subjectintermediaselections.com Fingerprint4A:C7:E9:02:83:23:1D:7C:E2:55:F2:11:13:39:98:BD:CA:AB:0C:3E ValidityMon, 06 May 2024 10:19:46 GMT - Sun, 04 Aug 2024 10:19:45 GMT
File typeJavaScript source, ASCII text, with very long lines (6376), with no line terminators Hash1e07a363eef4b40ab4a38d5e4371da5c 7351be2a378540a016aec380141927221a45f19b 01ba4de80540981fd34be681b5c1fce8b205e341ac6fa73a61817068ff566510
GET /jm/8d0888907e9f4ad176ac4ceca3abfcb5663b91c2c462a HTTP/1.1
Host: kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com/beebb091955c06fa68b3eb8afc0bae51663b91c2b3087PASbeebb091955c06fa68b3eb8afc0bae51663b91c2b3089
Cookie: cf_clearance=VqQrorQoYojMzERmFAFz7rFkM8vZ1La5BES7xSaYI_w-1715179959-1.0.1.1-TH24oFeTUUrbtiAfyPJCFX.iBsvFqxJ3RqmCdJPHnGqwmgerqnQSl5fWj4x4.AWyPE5CCTlpm8OywBCAVQzZXw; PHPSESSID=fd5f5660d5b90fc1c615d54c5464bb89
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 14:52:51 GMT
content-type: text/javascript
last-modified: Mon, 06 May 2024 11:39:52 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IDZ9fNk6V0D%2BVXl%2BXleKbPt79iNNgbeCJ7%2BpXkLIZe4%2B%2ByCFXPU%2FqOSmWtrMCpP%2BRTQHGhyaxYDWxs4gmW1Wyqnis64R0WodzmYF4fA8fw6Wz6UPogB41pvFKyI6TuyXRIJNuyfnRTvAYdxzGcNAiOWvrEVqX2z9Wv30F%2BSrOu5UsLCCZXeOrRmlgw2U"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880a46a249c5568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com/api-as1f?email=astephens@primefinance.com&data=logo | 104.21.44.43 | 200 OK | 168 B |
URL GET HTTP/3kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com/api-as1f?email=astephens@primefinance.com&data=logo IP104.21.44.43:443
Requested byhttps://kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com/beebb091955c06fa68b3eb8afc0bae51663b91c2b3087PASbeebb091955c06fa68b3eb8afc0bae51663b91c2b3089 CertificateIssuerLet's Encrypt Subjectintermediaselections.com Fingerprint4A:C7:E9:02:83:23:1D:7C:E2:55:F2:11:13:39:98:BD:CA:AB:0C:3E ValidityMon, 06 May 2024 10:19:46 GMT - Sun, 04 Aug 2024 10:19:45 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hashfea5826eec83580c484024b57c844c44 25c35f15e53e91d766ebcca9594395b0d086a517 15d292a35282c5200bbfe9335da3587cf6edfa84427408e4671b26203650edf4
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft Outlook |
GET /api-as1f?email=astephens@primefinance.com&data=logo HTTP/1.1
Host: kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com/beebb091955c06fa68b3eb8afc0bae51663b91c2b3087PASbeebb091955c06fa68b3eb8afc0bae51663b91c2b3089
Cookie: cf_clearance=VqQrorQoYojMzERmFAFz7rFkM8vZ1La5BES7xSaYI_w-1715179959-1.0.1.1-TH24oFeTUUrbtiAfyPJCFX.iBsvFqxJ3RqmCdJPHnGqwmgerqnQSl5fWj4x4.AWyPE5CCTlpm8OywBCAVQzZXw; PHPSESSID=fd5f5660d5b90fc1c615d54c5464bb89
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 14:52:52 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mkqeHW0ztzCFms7eJYyMwmd3Sg94qgpMQ4%2BdUlEqOXr0iJAdajvdnEmDghYoFr1qQmGRgo%2FAmC7lt0fBcWk16l3DoZtqThbGyltB5our%2F2Wf1TUbxWJ36olhOy3%2Fq1JXnFOF5wy6HUrWXVafiePLhqvuu2WcsUvECNybrg7qPS%2BvSzRCnQN0q0FoFiHL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880a46a7b8a4568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com/api-as1f?email=astephens@primefinance.com&data=background | 104.21.44.43 | 200 OK | 176 B |
URL GET HTTP/3kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com/api-as1f?email=astephens@primefinance.com&data=background IP104.21.44.43:443
Requested byhttps://kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com/beebb091955c06fa68b3eb8afc0bae51663b91c2b3087PASbeebb091955c06fa68b3eb8afc0bae51663b91c2b3089 CertificateIssuerLet's Encrypt Subjectintermediaselections.com Fingerprint4A:C7:E9:02:83:23:1D:7C:E2:55:F2:11:13:39:98:BD:CA:AB:0C:3E ValidityMon, 06 May 2024 10:19:46 GMT - Sun, 04 Aug 2024 10:19:45 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hashf05c377a9495f16830c3eaf955f13b56 374bddefb41565040c408eeb8b934b59dd303d51 94a278928204bcffd75b56a92cd400d0aeb72e13b3dae39499994b921f8c805d
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft Outlook |
GET /api-as1f?email=astephens@primefinance.com&data=background HTTP/1.1
Host: kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com/beebb091955c06fa68b3eb8afc0bae51663b91c2b3087PASbeebb091955c06fa68b3eb8afc0bae51663b91c2b3089
Cookie: cf_clearance=VqQrorQoYojMzERmFAFz7rFkM8vZ1La5BES7xSaYI_w-1715179959-1.0.1.1-TH24oFeTUUrbtiAfyPJCFX.iBsvFqxJ3RqmCdJPHnGqwmgerqnQSl5fWj4x4.AWyPE5CCTlpm8OywBCAVQzZXw; PHPSESSID=fd5f5660d5b90fc1c615d54c5464bb89
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 14:52:53 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s2JVW9YTldsdHDnx%2Bd3whabTTjvYYpe4M7R%2FTMHAJEoSyTaLc3YwPkl9fM3pwUp4xVoTk2SuRsOhCFtLrW%2BOiv2ef8BPZ515Ky12vP%2FkMty6o309cEvavHhNla31kVXlFOvwXFw1XRYeN1TqGC6JdgrwjLpWk%2FoABsTkSJDXMplkxtdTUSaUV0tp2MTg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880a46a7c8b3568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com/ic/8d0888907e9f4ad176ac4ceca3abfcb5663b91c3b53ac | 104.21.44.43 | 200 OK | 17 kB |
URL GET HTTP/3kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com/ic/8d0888907e9f4ad176ac4ceca3abfcb5663b91c3b53ac IP104.21.44.43:443
Requested byhttps://kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com/beebb091955c06fa68b3eb8afc0bae51663b91c2b3087PASbeebb091955c06fa68b3eb8afc0bae51663b91c2b3089 CertificateIssuerLet's Encrypt Subjectintermediaselections.com Fingerprint4A:C7:E9:02:83:23:1D:7C:E2:55:F2:11:13:39:98:BD:CA:AB:0C:3E ValidityMon, 06 May 2024 10:19:46 GMT - Sun, 04 Aug 2024 10:19:45 GMT
File typeMS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors Hash12e3dac858061d088023b2bd48e2fa96 e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5 90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
GET /ic/8d0888907e9f4ad176ac4ceca3abfcb5663b91c3b53ac HTTP/1.1
Host: kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kdiiakfwpaknfoowrpkjaldoqalo03u1j.intermediaselections.com/beebb091955c06fa68b3eb8afc0bae51663b91c2b3087PASbeebb091955c06fa68b3eb8afc0bae51663b91c2b3089
Cookie: cf_clearance=VqQrorQoYojMzERmFAFz7rFkM8vZ1La5BES7xSaYI_w-1715179959-1.0.1.1-TH24oFeTUUrbtiAfyPJCFX.iBsvFqxJ3RqmCdJPHnGqwmgerqnQSl5fWj4x4.AWyPE5CCTlpm8OywBCAVQzZXw; PHPSESSID=fd5f5660d5b90fc1c615d54c5464bb89
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 14:52:52 GMT
content-type: image/x-icon
last-modified: Mon, 06 May 2024 11:39:52 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AEzhGbMar92JVMn%2BTcXQxd0m9ZQP24QjRUi4PqmzhSv%2FvjAuD1Lu94YR8jjEoVJR06M%2FH7mrSIFr%2BcYnUwh1pqHvY%2FFVFZUqvt9z0rk%2BqWPE3HSnzryfn911u6nuHqDcTc42uCT1T7HtwQRwFo0%2Ba1KG71ZuuJeVaT3qjtPP8O2ny9sjHRZsDzBWU0WR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880a46aa6c4e568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|