| m.exactag.com/ai.aspx?tc=d9178686bc40b07205bbd26a23a8d2e6b6b4f9&url=http:nolongerdreaming.net/luli/19052//bmF0ZS5zdGVwaGVuc0B1c3UuZWR1 | 213.202.235.10 | | 0 B |
URL m.exactag.com/ai.aspx?tc=d9178686bc40b07205bbd26a23a8d2e6b6b4f9&url=http:nolongerdreaming.net/luli/19052//bmF0ZS5zdGVwaGVuc0B1c3UuZWR1 IP213.202.235.10:0 ASN#24961 myLoc managed IT AG
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ai.aspx?tc=d9178686bc40b07205bbd26a23a8d2e6b6b4f9&url=http:nolongerdreaming.net/luli/19052//bmF0ZS5zdGVwaGVuc0B1c3UuZWR1 HTTP/1.1
Host: m.exactag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Cache-Control: max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html; charset=iso-8859-1
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Di, 30 Apr 2024 03:32:16 GMT
Location: http:nolongerdreaming.net/luli/19052//bmF0ZS5zdGVwaGVuc0B1c3UuZWR1
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Max-Age: 1000
Access-Control-Allow-Headers: *
X-ET-Code: 20
X-ET-Camp: 0
X-ET-Monitoring: 1
Accept-CH: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Strict-Transport-Security: max-age=31536000
Date: Tue, 30 Apr 2024 15:32:15 GMT
Connection: close
Content-Length: 0
cross-origin-resource-policy: cross-origin
X-Xss-Protection: 0
X-Content-Type-Options: nosniff
|
|
| nolongerdreaming.net/luli/19052//bmF0ZS5zdGVwaGVuc0B1c3UuZWR1 | 69.49.245.172 | | 0 B |
URL nolongerdreaming.net/luli/19052//bmF0ZS5zdGVwaGVuc0B1c3UuZWR1 IP69.49.245.172:0 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft Outlook |
GET /luli/19052//bmF0ZS5zdGVwaGVuc0B1c3UuZWR1 HTTP/1.1
Host: nolongerdreaming.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 30 Apr 2024 15:32:16 GMT
Server: Apache
refresh: 0;url=https://c1e00dd7.fc0515091dac5f370ac4c65d.workers.dev/?qrc=nate.stephens@usu.edu
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
|
|
| challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback | 104.17.3.184 | 302 Found | 0 B |
URL GET HTTP/2challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback IP104.17.3.184:443
Requested byhttps://c1e00dd7.fc0515091dac5f370ac4c65d.workers.dev/?qrc=nate.stephens@usu.edu CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c1e00dd7.fc0515091dac5f370ac4c65d.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Tue, 30 Apr 2024 15:32:17 GMT
content-length: 0
cache-control: max-age=300, public
cross-origin-resource-policy: cross-origin
location: /turnstile/v0/g/d0ff3ebede6b/api.js
access-control-allow-origin: *
vary: Accept-Encoding
server: cloudflare
cf-ray: 87c8956afc525694-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D | 104.17.3.184 | 200 OK | 61 B |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D IP104.17.3.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv1/42BoqtBW7FWf6hi/e508v/0x4AAAAAAAYrxK8EeotcS1Vq/auto/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typePNG image data, 2 x 2, 8-bit/color RGB, non-interlaced Hash9246cca8fc3c00f50035f28e9f6b7f7d 3aa538440f70873b574f40cd793060f53ec17a5d c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84
GET /cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/e508v/0x4AAAAAAAYrxK8EeotcS1Vq/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 30 Apr 2024 15:32:18 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 87c8956d7dc4b500-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/turnstile/v0/g/d0ff3ebede6b/api.js | 104.17.3.184 | 200 OK | 22 kB |
URL GET HTTP/2challenges.cloudflare.com/turnstile/v0/g/d0ff3ebede6b/api.js IP104.17.3.184:443
Requested byhttps://c1e00dd7.fc0515091dac5f370ac4c65d.workers.dev/?qrc=nate.stephens@usu.edu CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (42565) Hash65b0a652c40c95d12c4ddb3b4567c1ea c654efa19d01d6553ed4e0f500d350011e023ad1 c6b5cd0b65ebbb519dd845ba2979b40e58b056ca2c90f67a8bfea871d39615a7
GET /turnstile/v0/g/d0ff3ebede6b/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://c1e00dd7.fc0515091dac5f370ac4c65d.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 30 Apr 2024 15:32:17 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 87c8956b2ca75694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/87c8956c3c16b500/1714491138531/AFwVI3Ba3i77rV9 | 104.17.3.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/87c8956c3c16b500/1714491138531/AFwVI3Ba3i77rV9 IP104.17.3.184:0
CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typePNG image data, 83 x 94, 8-bit/color RGB, non-interlaced Hash4d932eb71fd2fec7ce0c963e73af2694 993bb77b0e812b18d8d21252b69ff404cae02f2c e46767420811dcad54a9485e9a100566ad05c3309b2e58f9667a061e7bb44a97
GET /cdn-cgi/challenge-platform/h/g/i/87c8956c3c16b500/1714491138531/AFwVI3Ba3i77rV9 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/e508v/0x4AAAAAAAYrxK8EeotcS1Vq/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 30 Apr 2024 15:32:19 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 87c89577ab04b500-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1538632824:1714490224:cwk_P_dCNb7_BCMd4_RU20tWMzrW7XUWlf0pzLefINM/87c8956c3c16b500/1b980e911e61d20 | 104.17.3.184 | | 127 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1538632824:1714490224:cwk_P_dCNb7_BCMd4_RU20tWMzrW7XUWlf0pzLefINM/87c8956c3c16b500/1b980e911e61d20 IP104.17.3.184:0
CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size127 kB (126646 bytes) Hash52bce62940406b0d035345233096de80 2f2e1ca67e705e0a69f8dbcd91f443335a7e2f57 40ef2fac0c5800876c7176a3871ae76fb93b708c1b4f70d52f7b0b27fd785ce8
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1538632824:1714490224:cwk_P_dCNb7_BCMd4_RU20tWMzrW7XUWlf0pzLefINM/87c8956c3c16b500/1b980e911e61d20 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/e508v/0x4AAAAAAAYrxK8EeotcS1Vq/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 1b980e911e61d20
Content-Length: 2651
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 30 Apr 2024 15:32:18 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: 0N2/O5nB/0K6CNhuOC2z1K+SN7dEshk2+pQ5AU+O07Gm1OnZVOSf2QxTiP37pRpXPt6AgggJ9KOCMLTcAXgo6K7FQusPsRsMMUCT1qTWC7qDyz6Eb0iJQ3pOG4fcBG8JxqzS5gEitpS1KD+truP5walFuKEKcJ/1s+xCCvWEd7Dtj3o/W6onemCu4/ayhlRkg2Ipkp3KAQzPpuLF/oBdPDqqE3wN0883/z6zrni5lYKGsDn0Gh5fexD3fwdFmFxUPwnxlaSl5r47FiI+iJjDSvq4sX1gjoei+wome5OfzZjYwba92y5TT1dUWYFJi2+VsEBpyiMcgqJrcLN8cBUK6r+tDe7W3jnj0xGiAxdUvlZdJ1DWw1UD0XI/b2hNdc++dE/ODycHnQ4M0V7eHY87WZWuu927kTYiNERTsDLciNDeYJxL7Uk+yvCiZY9AFurHcH0ZGONiRktftOMUlHrtB7Co7VwY6jY93UAi8Fpp4+w=$oxu6QEv7VoU1c28Fg77WOQ==
vary: accept-encoding
server: cloudflare
cf-ray: 87c8956fb8d2b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/e508v/0x4AAAAAAAYrxK8EeotcS1Vq/auto/normal | 104.17.3.184 | 200 OK | 36 kB |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/e508v/0x4AAAAAAAYrxK8EeotcS1Vq/auto/normal IP104.17.3.184:443
Requested byhttps://c1e00dd7.fc0515091dac5f370ac4c65d.workers.dev/?qrc=nate.stephens@usu.edu CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (41702) Hashbfef5dd3dff55fa2c2b66c5109f0a9ae 361b665e3204fa24fc405f75990500ba625e42d6 a315ec8936eb04768ca32ba2fdcc24a0d24195dd939aef5b39f097325b833da6
GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/e508v/0x4AAAAAAAYrxK8EeotcS1Vq/auto/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c1e00dd7.fc0515091dac5f370ac4c65d.workers.dev/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 30 Apr 2024 15:32:17 GMT
content-type: text/html; charset=UTF-8
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cross-origin-embedder-policy: require-corp
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
document-policy: js-profiling
referrer-policy: same-origin
vary: accept-encoding
server: cloudflare
cf-ray: 87c8956c3c16b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv1/42BoqtBW7FWf6hi/e508v/0x4AAAAAAAYrxK8EeotcS1Vq/auto/normal | 104.17.3.184 | 200 OK | 26 kB |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv1/42BoqtBW7FWf6hi/e508v/0x4AAAAAAAYrxK8EeotcS1Vq/auto/normal IP104.17.3.184:443
Requested byhttps://c1e00dd7.fc0515091dac5f370ac4c65d.workers.dev/?qrc=nate.stephens@usu.edu CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (41702) Hash2091b7329ba4c59c3c2c9a4273849a46 c20c5863b3cf7893101f9bee6581c98f178bad1a d917292cdd8a6152db9d098ea035ef7992fff5198f14c5a2a467d7b2a422793d
GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv1/42BoqtBW7FWf6hi/e508v/0x4AAAAAAAYrxK8EeotcS1Vq/auto/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c1e00dd7.fc0515091dac5f370ac4c65d.workers.dev/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 30 Apr 2024 15:32:34 GMT
content-type: text/html; charset=UTF-8
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
origin-agent-cluster: ?1
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
document-policy: js-profiling
vary: accept-encoding
server: cloudflare
cf-ray: 87c895d1691cb500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=87c895d1691cb500 | 104.17.3.184 | 200 OK | 170 kB |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=87c895d1691cb500 IP104.17.3.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv1/42BoqtBW7FWf6hi/e508v/0x4AAAAAAAYrxK8EeotcS1Vq/auto/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size170 kB (169910 bytes) Hash137b98b4767e3bb8cfd8c00c7f122420 7e07ea1518e71e1c3f656055c86079d3b241ac92 583b5664a193d6eed985df0e64e24c2fff1b2b9f0a072fdf3fc05806a3a20cd4
GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=87c895d1691cb500 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv1/42BoqtBW7FWf6hi/e508v/0x4AAAAAAAYrxK8EeotcS1Vq/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 30 Apr 2024 15:32:34 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
server: cloudflare
cf-ray: 87c895d1b989b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/87c895d1691cb500/1714491154514/a08CkX9HQgst6bK | 104.17.3.184 | 200 OK | 61 B |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/87c895d1691cb500/1714491154514/a08CkX9HQgst6bK IP104.17.3.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv1/42BoqtBW7FWf6hi/e508v/0x4AAAAAAAYrxK8EeotcS1Vq/auto/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typePNG image data, 40 x 3, 8-bit/color RGB, non-interlaced Hash216f171f094b720ce78bfbbe8cc5e78d f06ae1845f1c1de073215917c6375544675ca2c5 ca04373b3ac09719551b6b9e0c9772e15a895057c8bbac0019517b2d1e1eb49f
GET /cdn-cgi/challenge-platform/h/g/i/87c895d1691cb500/1714491154514/a08CkX9HQgst6bK HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv1/42BoqtBW7FWf6hi/e508v/0x4AAAAAAAYrxK8EeotcS1Vq/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 30 Apr 2024 15:32:36 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 87c895dea800b500-OSL
alt-svc: h3=":443"; ma=86400
|
|
| c1e00dd7.fc0515091dac5f370ac4c65d.workers.dev/?qrc=nate.stephens@usu.edu | 104.21.89.237 | 200 OK | 3.3 kB |
URL User Request GET HTTP/2c1e00dd7.fc0515091dac5f370ac4c65d.workers.dev/?qrc=nate.stephens@usu.edu IP104.21.89.237:443
CertificateIssuerGoogle Trust Services LLC Subjectfc0515091dac5f370ac4c65d.workers.dev Fingerprint95:74:11:F2:78:3F:DC:E4:FF:70:C9:40:EA:AF:59:49:CA:5A:52:F5 ValidityMon, 29 Apr 2024 11:40:30 GMT - Sun, 28 Jul 2024 11:40:29 GMT
File typeHTML document, ASCII text, with very long lines (3271), with no line terminators Hash17f1ca9e8199ed38781246c0b801ba63 ab3f4751212c94e47d1981452b971dad74c6c1d9 35cc5d6389343b7612f77553aa9598488cb062c5aac6d9ebb7620d565e2890d5
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft Outlook |
GET /?qrc=nate.stephens@usu.edu HTTP/1.1
Host: c1e00dd7.fc0515091dac5f370ac4c65d.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 30 Apr 2024 15:32:17 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bxt0LAIsCwmik7MPO88vKv5IwEFsavC1%2FbpjxhyZnNCwsRNrl8ajpL%2FaOFz3Fp8qsPhBT8f%2Fy37BmYeZC5EKBfzIetahW7vxpIO%2FjQFD0gXxSXYA3WlsVgMi%2FlffBAXv4CQX8ehfn72dtyYEtdHLmX4JFQ58sL4Q6S0Knyv7sBw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87c895693fec56b7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| c1e00dd7.fc0515091dac5f370ac4c65d.workers.dev/favicon.ico | 104.21.89.237 | 200 OK | 3.3 kB |
URL GET HTTP/3c1e00dd7.fc0515091dac5f370ac4c65d.workers.dev/favicon.ico IP104.21.89.237:443
Requested byhttps://c1e00dd7.fc0515091dac5f370ac4c65d.workers.dev/?qrc=nate.stephens@usu.edu CertificateIssuerGoogle Trust Services LLC Subjectfc0515091dac5f370ac4c65d.workers.dev Fingerprint95:74:11:F2:78:3F:DC:E4:FF:70:C9:40:EA:AF:59:49:CA:5A:52:F5 ValidityMon, 29 Apr 2024 11:40:30 GMT - Sun, 28 Jul 2024 11:40:29 GMT
File typeHTML document, ASCII text, with very long lines (3271), with no line terminators Hash17f1ca9e8199ed38781246c0b801ba63 ab3f4751212c94e47d1981452b971dad74c6c1d9 35cc5d6389343b7612f77553aa9598488cb062c5aac6d9ebb7620d565e2890d5
GET /favicon.ico HTTP/1.1
Host: c1e00dd7.fc0515091dac5f370ac4c65d.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://c1e00dd7.fc0515091dac5f370ac4c65d.workers.dev/?qrc=nate.stephens@usu.edu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 15:32:17 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8VxysaCEjXu7SPQGH%2F%2B702CSnB2IlyED5aga0JtamyaabU8Ae1%2FwucTYqSdPEb2EZIno9Ozb9zIDje1m4VbbaxtqSQWK6ckSttd%2F4glPbETRBcN1M3nsb8n%2Fd8bk4AoNn2PwuYOrOyOs9VYnkd%2BZHQIl6ST64uHorNktAay7Ono%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87c8956becd356ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/87c895d1691cb500/1714491154512/b813b29bbad7ca0d6b3bcfc159cf4371e8b86c9c05e89b8f8416b267695f2c65/0C03o-BJP0em-1m | 104.17.3.184 | 401 Unauthorized | 1 B |
URL GET HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/87c895d1691cb500/1714491154512/b813b29bbad7ca0d6b3bcfc159cf4371e8b86c9c05e89b8f8416b267695f2c65/0C03o-BJP0em-1m IP104.17.3.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv1/42BoqtBW7FWf6hi/e508v/0x4AAAAAAAYrxK8EeotcS1Vq/auto/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typevery short file (no magic) Hashff44570aca8241914870afbc310cdb85 58668e7669fd564d99db5d581fcdb6a5618440b5 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
GET /cdn-cgi/challenge-platform/h/g/pat/87c895d1691cb500/1714491154512/b813b29bbad7ca0d6b3bcfc159cf4371e8b86c9c05e89b8f8416b267695f2c65/0C03o-BJP0em-1m HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv1/42BoqtBW7FWf6hi/e508v/0x4AAAAAAAYrxK8EeotcS1Vq/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 401 Unauthorized
date: Tue, 30 Apr 2024 15:32:36 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20guBOym7rXyg1rO8_BWc9Dcei4bJwF6JuPhBayZ2lfLGUAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEApc5PUXcXSrXwpeNe3kT6EaAJPDsPBMfFZc7M608yW3JV6YSHiGBLoFiLtNHD3Yj8UsOtWbQeFa2uvS_dYz5MBsoSW4-RbOY-WCB2aGEB-eoRbXl4lJRl0UNGi00lNBgNTil_mTTSNV3ssSkmSY8kwM-5GqBNfJ2kmJPKo02MWiXn1pwc4YXbeATUrYDRvvXUXYZrgaarjDyvHFhnYpD3mqr5qOj_TS_1SCUZ0HIp8ywDX06Xc59cKjzFHEUzD3gWutoK4apMxNt9bWWxcH3D_UL1a1llCxh-knMwTxgvRXS-XHap_ymO2zCuAPNgo1SDCTl4lTQZbVX7VvpDZwMaiQIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tILgTspu618oNazvPwVnPQ3HouGycBeibj4QWsmdpXyxlABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA1FEYykHcK8H9rb_u0aFz3CmWgYloQw4YhedoEOAjJ0vy2Axa4f9UG9Dzs4uXS34_h8l6MDo2nRCvLI9lvebilMnTjCn-6D77bewqYxJKUFZW1z2jBIdu03TrETczfEg7kxgKtJE9NXGDjYJcF_iMgzgNA0PEAVM89tUYXXlFy4cUAGlqU2mPpIEOxm5ARsXC-zlLK60fkJ4cOsZRkZa6EExdhmgdwQ0fEJuSOHrBO_-zJn4hUP8q9g4yqkxW2UrfJgD07F4HaHGBEiei06sGDvH2NEPvswEl5dTGxutNrxlU7W24iYhNa2nhjlc53nNb0mKtszv-czVE9UhXyJ7-RQIDAQAB", max-age=20
server: cloudflare
cf-ray: 87c895de4facb500-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1778455210:1714490040:unKosN4mODsJn8SRyzhPrBxF944QcpR0e6kBp7UMOTQ/87c895d1691cb500/0d3794c5c80e57f | 104.17.3.184 | 200 OK | 22 kB |
URL POST HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1778455210:1714490040:unKosN4mODsJn8SRyzhPrBxF944QcpR0e6kBp7UMOTQ/87c895d1691cb500/0d3794c5c80e57f IP104.17.3.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv1/42BoqtBW7FWf6hi/e508v/0x4AAAAAAAYrxK8EeotcS1Vq/auto/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeASCII text, with very long lines (22300), with no line terminators Hash1222f3c5d78361b4f132678c36f60ac3 2dbc4f20a5cbba8936b8c144c98f97e69e0af43a 930d4ac5d3b8bf527c33172e6cc4accc8ef085182f8d96c4b790f37ed4d44523
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1778455210:1714490040:unKosN4mODsJn8SRyzhPrBxF944QcpR0e6kBp7UMOTQ/87c895d1691cb500/0d3794c5c80e57f HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv1/42BoqtBW7FWf6hi/e508v/0x4AAAAAAAYrxK8EeotcS1Vq/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 0d3794c5c80e57f
Content-Length: 27561
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 15:32:36 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: oL9mdO2Mj2zOptm0l20HirYmDi9v3CFJcR1/R7PRHlbd4bq3wzMssmZRZtWKRWrs$wUaaLN/FkKhSVCCxU2x7DQ==
vary: accept-encoding
server: cloudflare
cf-ray: 87c895dfea26b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1778455210:1714490040:unKosN4mODsJn8SRyzhPrBxF944QcpR0e6kBp7UMOTQ/87c895d1691cb500/0d3794c5c80e57f | 104.17.3.184 | 200 OK | 125 kB |
URL POST HTTP/3challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1778455210:1714490040:unKosN4mODsJn8SRyzhPrBxF944QcpR0e6kBp7UMOTQ/87c895d1691cb500/0d3794c5c80e57f IP104.17.3.184:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv1/42BoqtBW7FWf6hi/e508v/0x4AAAAAAAYrxK8EeotcS1Vq/auto/normal CertificateIssuerCloudflare, Inc. Subjectchallenges.cloudflare.com Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size125 kB (124728 bytes) Hash11a7a7e0019528bf1133965fd0c9d5cc 9f037311258c728402cfdf60c6db67db82d1995e 5c4185ea66ddb9ce82df47641faca7516bbeb052f2b379241da0903c3c918cdf
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1778455210:1714490040:unKosN4mODsJn8SRyzhPrBxF944QcpR0e6kBp7UMOTQ/87c895d1691cb500/0d3794c5c80e57f HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv1/42BoqtBW7FWf6hi/e508v/0x4AAAAAAAYrxK8EeotcS1Vq/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 0d3794c5c80e57f
Content-Length: 2666
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 15:32:34 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: FUAE2rXCQegpQfqkIxA4dTwLkMDmGp0ex2gEc/+0Ur1yt6YZ1Enrz8TDmXV+rDfFaSySluPNKY2U5aWuzTHn1m48BSPnLViUL4Mf6k0O3X4P/OejHRRIlrAw7dLoUDklfQkA7ed/MH7tBEQhdNZRbZHEA0boRaPyMYfB3Ry/+BXGdSSQ6Wh+PRZmw/dVCHPoUu8WclKSuq7Tg9oLSFgOXsL5BgRBrsN8XCgyxqm3jPBEyEr/pe4cMmXLYQDEmwi8pfD73iaxSbzVCrN/JHiIYG2rhWzayZNIbLx/MycTDcHHFogKBAO/d9ZQns4Ft9uehLAOY36RzKzfbW+JmPLOwW7fLSMg5HNPCuCdErghPFOwT9P7oOb8jSlC27kSj6Dha/b66Y6i4eBDV9Qp3cY86GFgDcinP31iI6ZgSSUgxDwHMWQTh7RKTHnf23SW3Ac15P5xBkVtVjc9zr2Ttw3j636tkRyJD0tOmFXfdcof2Rk=$E3e5j3aVmj0LS3W3FrHUXA==
vary: accept-encoding
server: cloudflare
cf-ray: 87c895d39bebb500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|