Report - tukix.net/qp9sKz1A43Pt/news/9558afea3c46dee996399ff0985f4428/Y3JhaW53YXRlckBzb3V0aHBvaW50LmJhbms=?pid=TransactionalEmails&af_adset=ConfirmationEmail&af_ad=ConfirmationEmail_ICE_ICE3171_A_PRIME_KEEP1792_A&is

Report Overview

Submitted URL
tukix.net/qp9sKz1A43Pt/news/9558afea3c46dee996399ff0985f4428/Y3JhaW53YXRlckBzb3V0aHBvaW50LmJhbms=?pid=TransactionalEmails&af_adset=ConfirmationEmail&af_ad=ConfirmationEmail_ICE_ICE3171_A_PRIME_KEEP1792_A&is_retargeting=true
IP
183.181.83.141
ASN
#131965 Xserver Inc.
Submitted
2024-04-16 14:34:24
Access
public
Website Title
Sign in to your account
Final URL
k3ed.icu/main/main.php#ba8T1rBuBL4dPWaHJaFI3xCgWeJ2kxiwIqpJR0etLiHBeRjY1ZG4xiltx4vSCOokeN46OizzBgbP8uN9tue0NzukE0cgOBB2pF9dYJNz0Yp8tchXHwYu5sPKt20hDCk3htgfc3Pd2elwrDt89sDfVsZov0F9C0cUtsaGwZTzdf5ESzN21qhWThloi0yU0KPudZbJY5jbkpQdYDf03xWXPim7jU2jERORQ0BO5U0pkQDitSixpfvexRmQLoapgZh6ZSV5NWu7M8qg0JOqYjFwa1nVqylGyCMxvICjE7rrfSIgBxGAQl71nuXN3jtBWg9sYMLDUd596OqHl6icspePUcCXv5zrlITkvFYpT4zZTZHe6ZryoGojS0hn6QOszIN4oMthQ2hJ1YY8XqGm65FZ5WmcNbEmUsqieUz4WQOYPN6MdN8kSOjYLGbyRPULhl4wfDAcupajdh6q5fLY35XPL8nDYipgDtMS7n4CMfWZx2qCicBmhyb3HyHFQ6WuAInI5rkSHgRfjiSCvtYN29QJIxpzEl3f3qX9Sh1AyTPScHuHbsudCkXlSmUxIYMMoJVh1XRAQHs2oXJzqeN3yKor7jZQhLCGvyXwvO7lvzoUx8uXmi1U3pmaIl107DGCbD9Gsg2YQqTnynlUFmPJLcTuxUuFybhKOqqhGtfwT9UsxfmdBcWnoPSWKnBjyT3njuE0XUxR3sjBHGOjSKHhAAekXPEwIHT2cy39tB1x3k8K1W4TGMbgmpBjefPXXJ0ah3kLEliHFqsHmxA2jMjFbUZqaPo8yoiQsCB6XTODkhkGOVJ7I2NTXMk7BIg96y0zbCG9vuNQM8wA4gIMjvFghZoSIE2Pd2opE4yazm0luxVyOEl790nq0MjJrlyFoX431DeAZfVtNR2BvnIFo65pTp8kLHZaE3dGHsgGHcau4c5AAOfZUloNKx8wf7GUbTASlRz34Jx8WDJwrYvmjUa4siAIqgCCadvv44z8N6hJK0gcZMyjHJna2YStev5oIAUNFtWsAdclesxde5xVPU5RSYk7tqwb0rZFVV8w8kRnMoB1u8Xj32bW0w3uWAGX1FDXALtJ6k7TIIUcRRwUUIRVeVpav58xLLulxX5Dicw0VrdMiKHdsz8GuxRZDZxoK1KhZPVh2riXSvKbgroI0wpv4hvIh2713Rj2HfkJHCHz8rLoTa7UHxpLOUu5WB70sr3aHnUoZBY82JxVTEPAcfm19Q76sf6VH95oxZMxAKFDtcznRoY3El4NcbUEr0A8aFwHFieg2UTw6sUXRT1we5jrhe6IeGRpmn71GliJfcgmFajx4l3jqnKIBRrQxifTGmVmIe5Yqlk5wECBZFUq3F9EwAu3TKXz7TVP71Oxn9DUNfvNVpeY4nDBY7ERSCqZvmPCoDaLMNGA3boZBCYF0BhYJVQCyhB4EqH24ROQFurJGPJhsHXsjer3ahFIzgMdHtgLl5C0z3KgStxlbvNuJfxUxdC6upkbTAXeFzffC0vvt3QEyE9iTHcrUPxofRA8rxn77DmJDSf6V5LuKUMEBZ5wOCU3uvcW2z39cqTQi8WeeIIZCvDevIKjlFnPaAMc9Pmmggdyp9NDSvCu1gJwYtQj8e9iOVvYLRl18yAxInaATN5U4Or2hhmqwvIkrdjc5EedcOKUbVv5JA0NprQGJc6fIPA93Tm9xAmKp7FB3aGNLGBa7rRREY6nNGxRAT08unSTvxuzIbmuRXEZpwQ4uXriEY9eS9mnxfg2NLBvWY0NWENlaEpFBRXfQ6uIgR5N7mQU7sq4qqRm5FIfj7UUZSaPYFxfxD3EZUy7mZbMp39uIRK2ZFXYx8NwNlLlYPZYJy65xhSXl2r3Tc6TR3RobFUZ1Gk0vjYfS5lpmemHgOLa0R3SVVg6Bb5CSqCoKBDCGZ13doKudwEdoI6jDnqfywRrWtPG5tiLtkOGJzaW5PauxgObDeqcLhEHLuoQXHCr2q7LZiI57TAE9oPNDf0oxE6j8ua6bMxdcFZcXHi4ATJKhyyVOyjmdpFmUPs5C0jPFj1D1kICdrmv0VqPuKbHaR34Hwajxu8dNaQOuyqI0Ne0IFPcp1UASYFzvPT2j1g7c6WHFmpFaDFSjv5Iw0joYYYuORw8TNf5UbMzycfIQVB9qHSWHblGajaYbH65umboxYY6adO18qby73vPfQvpaGomnurSQCgoBevMsjNAKY9S2EIhvdHFU51hAt9r5qQHFlt7FhIpfSiiw0z1ehH8mJpXczoi0eZFAsNfJwEZoXhUXRWb8EjvnJtzjRRj6RYGjMW3iA2GykBvbyGkc0QAKj93b1miSlYc7Vfqwi64DHzPfg9shZ21jc4udqM6MLiUGykcRqgv8Qko6uQntToN5thjU3pGPIAvgVH8mYDuOYTVsKjWDIJJb0264rMT9noqj6zF5d9Ub2PDM9AqRj93kb9oDWiNkHeDOOiT1sNdvDQiMrIEKSH44RtHNLu7sJLgx4aywYM2BDko432OWJT0BnHo8cwBVhStl22S0OVCrf0vj2kfMegnBXMJail6AezWhCOiqJUSZVojYIzKXP8yNViXdD4OSEK9gzrHjlzjhXCfGc0D28cP4uNi8R60vQ9MqBtJX22e0FtHRtlUCxJG2xYap4bUVkGlW95Tc77dMAUE4gyGNimQPl0eqb9lwQHs0MmdUtqG4ll8BUPpdcf3xgiXrrjYi1rjNNwHgWolhKuTFjiSvxV2Nd0fFkeYlFh9sNRJKg520zVGSdynLuqzIrOoL2m6IDfar6UbmZdny93rmBP86fHOGwcszyyhcOsEUmQhm3FVcImzkbHqrpf8VrAu09MdXeRSBH9YLOTYxfxRrfiTFx2AZD5ZMScK74CILMGxBAv9Q30hjjbYRdzQREQDx2nE70mTN3qoDWytZzLjSXhJbQA2vqF2t3GA43tR7TgLPOfPn08gYpZ9gAbM0QOtUv3ZywQFq7qgWF5jGeAEEANUaZGaQvDK0HJzeAeE?cfg=crainwater@southpoint.bank
Tags
phishing microsoft outlook suspicious
urlquery detections
Phishing - Microsoft Outlook
Suspicious - Anti-debugging code

Detections

urlquery
4
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
k3ed.icu	unknown	2024-04-12	2024-04-12	2024-04-16	2.8 kB	30 kB	194.5.212.157
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20	2024-04-16	1.7 kB	26 kB	104.17.3.184
outlook.office.com	77	1999-04-20	2018-12-21	2019-01-03	423 B	8.7 kB	52.98.149.162
bc1q40c2emxhhsumh59zjrhxrhp.com	unknown	2024-02-24	2024-02-24	2024-03-28	1.0 kB	16 kB	193.222.96.132
aadcdn.msftauthimages.net	4622	2018-11-12	2019-08-14	2024-04-16	535 B	8.2 kB	13.107.246.53
tukix.net	unknown	2008-09-09	2015-06-19	2024-04-16	677 B	248 B	183.181.83.141
aadcdn.msftauth.net	1455	2018-10-25	2018-11-19	2024-04-16	1.5 kB	40 kB	152.199.23.37
aadcdn.msauth.net	1421	2018-10-25	2018-11-19	2024-04-16	993 B	22 kB	13.107.246.53
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-04-16	862 B	58 kB	104.17.25.14

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (19)

	URL	Size	First Seen	Last Seen
	cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js	90 kB	2023-03-07	2024-04-30
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-04-30 00:47:02 Times Seen263312 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	k3ed.icu/main/main.php#ba8T1rBuBL4dPWaHJaFI3xCgWeJ2kxiwIqpJR0etLiHBeRjY1ZG4xiltx4vSCOokeN46OizzBgbP8uN9tue0NzukE0cgOBB2pF9dYJNz0Yp8tchXHwYu5sPKt20hDCk3htgfc3Pd2elwrDt89sDfVsZov0F9C0cUtsaGwZTzdf5ESzN21qhWThloi0yU0KPudZbJY5jbkpQdYDf03xWXPim7jU2jERORQ0BO5U0pkQDitSixpfvexRmQLoapgZh6ZSV5NWu7M8qg0JOqYjFwa1nVqylGyCMxvICjE7rrfSIgBxGAQl71nuXN3jtBWg9sYMLDUd596OqHl6icspePUcCXv5zrlITkvFYpT4zZTZHe6ZryoGojS0hn6QOszIN4oMthQ2hJ1YY8XqGm65FZ5WmcNbEmUsqieUz4WQOYPN6MdN8kSOjYLGbyRPULhl4wfDAcupajdh6q5fLY35XPL8nDYipgDtMS7n4CMfWZx2qCicBmhyb3HyHFQ6WuAInI5rkSHgRfjiSCvtYN29QJIxpzEl3f3qX9Sh1AyTPScHuHbsudCkXlSmUxIYMMoJVh1XRAQHs2oXJzqeN3yKor7jZQhLCGvyXwvO7lvzoUx8uXmi1U3pmaIl107DGCbD9Gsg2YQqTnynlUFmPJLcTuxUuFybhKOqqhGtfwT9UsxfmdBcWnoPSWKnBjyT3njuE0XUxR3sjBHGOjSKHhAAekXPEwIHT2cy39tB1x3k8K1W4TGMbgmpBjefPXXJ0ah3kLEliHFqsHmxA2jMjFbUZqaPo8yoiQsCB6XTODkhkGOVJ7I2NTXMk7BIg96y0zbCG9vuNQM8wA4gIMjvFghZoSIE2Pd2opE4yazm0luxVyOEl790nq0MjJrlyFoX431DeAZfVtNR2BvnIFo65pTp8kLHZaE3dGHsgGHcau4c5AAOfZUloNKx8wf7GUbTASlRz34Jx8WDJwrYvmjUa4siAIqgCCadvv44z8N6hJK0gcZMyjHJna2YStev5oIAUNFtWsAdclesxde5xVPU5RSYk7tqwb0rZFVV8w8kRnMoB1u8Xj32bW0w3uWAGX1FDXALtJ6k7TIIUcRRwUUIRVeVpav58xLLulxX5Dicw0VrdMiKHdsz8GuxRZDZxoK1KhZPVh2riXSvKbgroI0wpv4hvIh2713Rj2HfkJHCHz8rLoTa7UHxpLOUu5WB70sr3aHnUoZBY82JxVTEPAcfm19Q76sf6VH95oxZMxAKFDtcznRoY3El4NcbUEr0A8aFwHFieg2UTw6sUXRT1we5jrhe6IeGRpmn71GliJfcgmFajx4l3jqnKIBRrQxifTGmVmIe5Yqlk5wECBZFUq3F9EwAu3TKXz7TVP71Oxn9DUNfvNVpeY4nDBY7ERSCqZvmPCoDaLMNGA3boZBCYF0BhYJVQCyhB4EqH24ROQFurJGPJhsHXsjer3ahFIzgMdHtgLl5C0z3KgStxlbvNuJfxUxdC6upkbTAXeFzffC0vvt3QEyE9iTHcrUPxofRA8rxn77DmJDSf6V5LuKUMEBZ5wOCU3uvcW2z39cqTQi8WeeIIZCvDevIKjlFnPaAMc9Pmmggdyp9NDSvCu1gJwYtQj8e9iOVvYLRl18yAxInaATN5U4Or2hhmqwvIkrdjc5EedcOKUbVv5JA0NprQGJc6fIPA93Tm9xAmKp7FB3aGNLGBa7rRREY6nNGxRAT08unSTvxuzIbmuRXEZpwQ4uXriEY9eS9mnxfg2NLBvWY0NWENlaEpFBRXfQ6uIgR5N7mQU7sq4qqRm5FIfj7UUZSaPYFxfxD3EZUy7mZbMp39uIRK2ZFXYx8NwNlLlYPZYJy65xhSXl2r3Tc6TR3RobFUZ1Gk0vjYfS5lpmemHgOLa0R3SVVg6Bb5CSqCoKBDCGZ13doKudwEdoI6jDnqfywRrWtPG5tiLtkOGJzaW5PauxgObDeqcLhEHLuoQXHCr2q7LZiI57TAE9oPNDf0oxE6j8ua6bMxdcFZcXHi4ATJKhyyVOyjmdpFmUPs5C0jPFj1D1kICdrmv0VqPuKbHaR34Hwajxu8dNaQOuyqI0Ne0IFPcp1UASYFzvPT2j1g7c6WHFmpFaDFSjv5Iw0joYYYuORw8TNf5UbMzycfIQVB9qHSWHblGajaYbH65umboxYY6adO18qby73vPfQvpaGomnurSQCgoBevMsjNAKY9S2EIhvdHFU51hAt9r5qQHFlt7FhIpfSiiw0z1ehH8mJpXczoi0eZFAsNfJwEZoXhUXRWb8EjvnJtzjRRj6RYGjMW3iA2GykBvbyGkc0QAKj93b1miSlYc7Vfqwi64DHzPfg9shZ21jc4udqM6MLiUGykcRqgv8Qko6uQntToN5thjU3pGPIAvgVH8mYDuOYTVsKjWDIJJb0264rMT9noqj6zF5d9Ub2PDM9AqRj93kb9oDWiNkHeDOOiT1sNdvDQiMrIEKSH44RtHNLu7sJLgx4aywYM2BDko432OWJT0BnHo8cwBVhStl22S0OVCrf0vj2kfMegnBXMJail6AezWhCOiqJUSZVojYIzKXP8yNViXdD4OSEK9gzrHjlzjhXCfGc0D28cP4uNi8R60vQ9MqBtJX22e0FtHRtlUCxJG2xYap4bUVkGlW95Tc77dMAUE4gyGNimQPl0eqb9lwQHs0MmdUtqG4ll8BUPpdcf3xgiXrrjYi1rjNNwHgWolhKuTFjiSvxV2Nd0fFkeYlFh9sNRJKg520zVGSdynLuqzIrOoL2m6IDfar6UbmZdny93rmBP86fHOGwcszyyhcOsEUmQhm3FVcImzkbHqrpf8VrAu09MdXeRSBH9YLOTYxfxRrfiTFx2AZD5ZMScK74CILMGxBAv9Q30hjjbYRdzQREQDx2nE70mTN3qoDWytZzLjSXhJbQA2vqF2t3GA43tR7TgLPOfPn08gYpZ9gAbM0QOtUv3ZywQFq7qgWF5jGeAEEANUaZGaQvDK0HJzeAeE?cfg=crainwater@southpoint.bank	4.2 kB	2024-04-16	2024-04-19
Pretty URL k3ed.icu/main/main.php#ba8T1rBuBL4dPWaHJaFI3xCgWeJ2kxiwIqpJR0etLiHBeRjY1ZG4xiltx4vSCOokeN46OizzBgbP8uN9tue0NzukE0cgOBB2pF9dYJNz0Yp8tchXHwYu5sPKt20hDCk3htgfc3Pd2elwrDt89sDfVsZov0F9C0cUtsaGwZTzdf5ESzN21qhWThloi0yU0KPudZbJY5jbkpQdYDf03xWXPim7jU2jERORQ0BO5U0pkQDitSixpfvexRmQLoapgZh6ZSV5NWu7M8qg0JOqYjFwa1nVqylGyCMxvICjE7rrfSIgBxGAQl71nuXN3jtBWg9sYMLDUd596OqHl6icspePUcCXv5zrlITkvFYpT4zZTZHe6ZryoGojS0hn6QOszIN4oMthQ2hJ1YY8XqGm65FZ5WmcNbEmUsqieUz4WQOYPN6MdN8kSOjYLGbyRPULhl4wfDAcupajdh6q5fLY35XPL8nDYipgDtMS7n4CMfWZx2qCicBmhyb3HyHFQ6WuAInI5rkSHgRfjiSCvtYN29QJIxpzEl3f3qX9Sh1AyTPScHuHbsudCkXlSmUxIYMMoJVh1XRAQHs2oXJzqeN3yKor7jZQhLCGvyXwvO7lvzoUx8uXmi1U3pmaIl107DGCbD9Gsg2YQqTnynlUFmPJLcTuxUuFybhKOqqhGtfwT9UsxfmdBcWnoPSWKnBjyT3njuE0XUxR3sjBHGOjSKHhAAekXPEwIHT2cy39tB1x3k8K1W4TGMbgmpBjefPXXJ0ah3kLEliHFqsHmxA2jMjFbUZqaPo8yoiQsCB6XTODkhkGOVJ7I2NTXMk7BIg96y0zbCG9vuNQM8wA4gIMjvFghZoSIE2Pd2opE4yazm0luxVyOEl790nq0MjJrlyFoX431DeAZfVtNR2BvnIFo65pTp8kLHZaE3dGHsgGHcau4c5AAOfZUloNKx8wf7GUbTASlRz34Jx8WDJwrYvmjUa4siAIqgCCadvv44z8N6hJK0gcZMyjHJna2YStev5oIAUNFtWsAdclesxde5xVPU5RSYk7tqwb0rZFVV8w8kRnMoB1u8Xj32bW0w3uWAGX1FDXALtJ6k7TIIUcRRwUUIRVeVpav58xLLulxX5Dicw0VrdMiKHdsz8GuxRZDZxoK1KhZPVh2riXSvKbgroI0wpv4hvIh2713Rj2HfkJHCHz8rLoTa7UHxpLOUu5WB70sr3aHnUoZBY82JxVTEPAcfm19Q76sf6VH95oxZMxAKFDtcznRoY3El4NcbUEr0A8aFwHFieg2UTw6sUXRT1we5jrhe6IeGRpmn71GliJfcgmFajx4l3jqnKIBRrQxifTGmVmIe5Yqlk5wECBZFUq3F9EwAu3TKXz7TVP71Oxn9DUNfvNVpeY4nDBY7ERSCqZvmPCoDaLMNGA3boZBCYF0BhYJVQCyhB4EqH24ROQFurJGPJhsHXsjer3ahFIzgMdHtgLl5C0z3KgStxlbvNuJfxUxdC6upkbTAXeFzffC0vvt3QEyE9iTHcrUPxofRA8rxn77DmJDSf6V5LuKUMEBZ5wOCU3uvcW2z39cqTQi8WeeIIZCvDevIKjlFnPaAMc9Pmmggdyp9NDSvCu1gJwYtQj8e9iOVvYLRl18yAxInaATN5U4Or2hhmqwvIkrdjc5EedcOKUbVv5JA0NprQGJc6fIPA93Tm9xAmKp7FB3aGNLGBa7rRREY6nNGxRAT08unSTvxuzIbmuRXEZpwQ4uXriEY9eS9mnxfg2NLBvWY0NWENlaEpFBRXfQ6uIgR5N7mQU7sq4qqRm5FIfj7UUZSaPYFxfxD3EZUy7mZbMp39uIRK2ZFXYx8NwNlLlYPZYJy65xhSXl2r3Tc6TR3RobFUZ1Gk0vjYfS5lpmemHgOLa0R3SVVg6Bb5CSqCoKBDCGZ13doKudwEdoI6jDnqfywRrWtPG5tiLtkOGJzaW5PauxgObDeqcLhEHLuoQXHCr2q7LZiI57TAE9oPNDf0oxE6j8ua6bMxdcFZcXHi4ATJKhyyVOyjmdpFmUPs5C0jPFj1D1kICdrmv0VqPuKbHaR34Hwajxu8dNaQOuyqI0Ne0IFPcp1UASYFzvPT2j1g7c6WHFmpFaDFSjv5Iw0joYYYuORw8TNf5UbMzycfIQVB9qHSWHblGajaYbH65umboxYY6adO18qby73vPfQvpaGomnurSQCgoBevMsjNAKY9S2EIhvdHFU51hAt9r5qQHFlt7FhIpfSiiw0z1ehH8mJpXczoi0eZFAsNfJwEZoXhUXRWb8EjvnJtzjRRj6RYGjMW3iA2GykBvbyGkc0QAKj93b1miSlYc7Vfqwi64DHzPfg9shZ21jc4udqM6MLiUGykcRqgv8Qko6uQntToN5thjU3pGPIAvgVH8mYDuOYTVsKjWDIJJb0264rMT9noqj6zF5d9Ub2PDM9AqRj93kb9oDWiNkHeDOOiT1sNdvDQiMrIEKSH44RtHNLu7sJLgx4aywYM2BDko432OWJT0BnHo8cwBVhStl22S0OVCrf0vj2kfMegnBXMJail6AezWhCOiqJUSZVojYIzKXP8yNViXdD4OSEK9gzrHjlzjhXCfGc0D28cP4uNi8R60vQ9MqBtJX22e0FtHRtlUCxJG2xYap4bUVkGlW95Tc77dMAUE4gyGNimQPl0eqb9lwQHs0MmdUtqG4ll8BUPpdcf3xgiXrrjYi1rjNNwHgWolhKuTFjiSvxV2Nd0fFkeYlFh9sNRJKg520zVGSdynLuqzIrOoL2m6IDfar6UbmZdny93rmBP86fHOGwcszyyhcOsEUmQhm3FVcImzkbHqrpf8VrAu09MdXeRSBH9YLOTYxfxRrfiTFx2AZD5ZMScK74CILMGxBAv9Q30hjjbYRdzQREQDx2nE70mTN3qoDWytZzLjSXhJbQA2vqF2t3GA43tR7TgLPOfPn08gYpZ9gAbM0QOtUv3ZywQFq7qgWF5jGeAEEANUaZGaQvDK0HJzeAeE?cfg=crainwater@southpoint.bank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-16 00:32:16 Last Seen2024-04-19 09:41:43 Times Seen190 Hash bcbf3815f7d4f8975dfc3d5e823eafa6 6fb38099b6f82307e8b0022aac08673936f5aab1 cddbd0745a0e364f4945147af5c68aaa5026ab44c7869381780ca483eb0fe290 Loading...

	unknown	6.6 kB	2024-04-16	2024-04-16
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 16:34:25 Last Seen2024-04-16 16:34:25 Times Seen1 Hash 3554de8193990e2de9b3a8fb23671681 a6e91d145acfcdd6498e470e110a83202798f26f 57c779deaf1540e3f3de2bb630454f4a8d46e8a481a57a49b10a542680e84c78 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 0e2f883348f3b64d96110716a0834366	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 16:34:25 Last Seen2024-04-16 16:34:25 Times Seen1 Hash 0e2f883348f3b64d96110716a0834366 f4bd92da80d4f0c40479eb263ded50b140ee956d 431519b1b7e4eea652dd1ddf9ea0d4b004801fd680bd481ea34067710ed12d6c Loading...

	#2 Eval - 5d9cc337ceb65aaa2159abc86a193245	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 16:34:25 Last Seen2024-04-16 16:34:25 Times Seen1 Hash 5d9cc337ceb65aaa2159abc86a193245 18fab8cb341254542ed01458dba27e0f0aec7a7f 6cb01921eb38d04826766a3eab888e32ea3aa3a2653a3721718654a1d37af57c Loading...

	#3 Eval - 5784c43e295333551ca6a4868036d59a	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 16:34:25 Last Seen2024-04-16 16:34:25 Times Seen1 Hash 5784c43e295333551ca6a4868036d59a 4f05cdc16f08f36be5579449fcf5a5c695a333b8 f5ce4b3ef6d068f9f30b17e6a150b8c35b0ef3428a6eb469c433f98d30c420f7 Loading...

	#4 Eval - 5c64df515f251d5ce58e1b4281b651bf	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 16:34:25 Last Seen2024-04-16 16:34:25 Times Seen1 Hash 5c64df515f251d5ce58e1b4281b651bf 1633e60b2493897a0a18c097996d16aa7466383e edecbc8e45d5534eb621e487829b6c1040e00148d83ce78825a2167492414cf2 Loading...

	#5 Eval - 1349154dccbed60f4a048f4868aed4a1	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 16:34:25 Last Seen2024-04-16 16:34:25 Times Seen1 Hash 1349154dccbed60f4a048f4868aed4a1 6c88bf45532d48018b13f8c8de3663a39e7cc159 4cd236cd77bd6946414b28f9b53ed634b18abbc63d3a13ae07efee6ae8bf560d Loading...

	#6 Eval - ac6d43b49aec2f87daf340337b6a7882	60 B	2024-04-04	2024-04-17
Pretty Observations First Seen2024-04-04 12:28:09 Last Seen2024-04-17 16:04:31 Times Seen3428 Hash ac6d43b49aec2f87daf340337b6a7882 d3874a31a6b7fe11121edc3ed80fdc8b66f6589a 1af55b64e0b39e0f5f760a8050b284a66fe404ddff945697590f8240798311b2 Loading...

	#7 Eval - 2a335e792f273d91840346ce45f0cd4f	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 16:34:25 Last Seen2024-04-16 16:34:25 Times Seen1 Hash 2a335e792f273d91840346ce45f0cd4f e7d6bb1f25c458d03a39e91e37fb1abf86ce6cdd 638ca14a881759a916f75a89e0f8c5bdfd7c4106ba5d5babedee4b8d5686242e Loading...

	#8 Eval - d4d96fd39f292c9926ddf102a420d5ae	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 16:34:25 Last Seen2024-04-16 16:34:25 Times Seen1 Hash d4d96fd39f292c9926ddf102a420d5ae 95003e013498bcff7f9e6f63172a4b4991c193ec 1aeb4cff07372c8fb6b5639ca793548bab46e670185b86a3c91a90b51108d8b8 Loading...

	#9 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07	2024-04-30
Pretty Observations First Seen2023-03-07 01:03:43 Last Seen2024-04-30 00:17:15 Times Seen350665 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	#10 Eval - 52b94e17c09cb43e1910d568ee386569	1.1 kB	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 16:31:37 Last Seen2024-04-16 16:34:25 Times Seen2 Hash 52b94e17c09cb43e1910d568ee386569 0d701490f756994b98ddfcbbd5fbad82da03a71c 1782fbb3ff41fb2c901fffe36585d6cbf135af2560c84c7cea569bbc4ca736e3 Loading...

	#11 Eval - 185cf73b853e3e3af70141c5c4cb8e52	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 16:34:25 Last Seen2024-04-16 16:34:25 Times Seen1 Hash 185cf73b853e3e3af70141c5c4cb8e52 ed59bc39676e5cc458ebd3435db53e34a84d4b9e f2a0bbc8daaf3089d72531f77194a1412a2a602e2f293288960ad9d5e445d57c Loading...

	#12 Eval - 97b0e7ca4a9e53cc880e0d9a67e55146	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 16:34:25 Last Seen2024-04-16 16:34:25 Times Seen1 Hash 97b0e7ca4a9e53cc880e0d9a67e55146 cb1aa8513de51ba630e385629f9ef4f2dd24b13f 73dde53effdfa8a6a88e46e907176fb6956af13a2681a161234c7020c7a73d54 Loading...

	#13 Eval - d890109b7ffaaac2bca48c50eeaf8e1b	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 16:34:25 Last Seen2024-04-16 16:34:25 Times Seen1 Hash d890109b7ffaaac2bca48c50eeaf8e1b 6c67724ea3c6cab631a17f7a3a71cb26e17040b4 ee4ac7642e8341d5a6150588670688a6c51a223ba392c0a0d34ca26e4d3463ec Loading...

	#14 Eval - d66c2a3ec9471ac41eb636dd35e68740	162 B	2024-04-04	2024-04-17
Pretty Observations First Seen2024-04-04 13:51:49 Last Seen2024-04-17 16:04:30 Times Seen745 Hash d66c2a3ec9471ac41eb636dd35e68740 0a0df48399a54f5e9e1cc314afb47809429fabe0 06da1a9d19030d0ef1321621c16fd90ef543821b71b017219501fe046a536973 Loading...

		Size	First Seen	Last Seen
	#1 Write - 8a0bed010a9fd21a560b90da24f37189	795 B	2023-03-07	2024-04-19
Pretty Observations First Seen2023-03-07 12:57:45 Last Seen2024-04-19 15:49:12 Times Seen3733 Hash 8a0bed010a9fd21a560b90da24f37189 38972fe20940c05edb4139a266dffe2e8e627b1a bc30534b563e7ba1a059a806e101b42c69104b5aacb6afe2293b575e9935dfde Loading...

	#2 Write - 02d66b25dbfe5f73fda2bf44ab2236ce	15 kB	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 16:34:25 Last Seen2024-04-16 16:34:25 Times Seen1 Hash 02d66b25dbfe5f73fda2bf44ab2236ce fb49320def5af4ff8ebe40c232f08b113d1e99b3 75d1940a2d0b0f89dff236e4265f6897b7c5aa6747f0d11dc4222239828004ea Loading...

HTTP Transactions (20)

	URL	IP	Response	Size
	tukix.net/qp9sKz1A43Pt/news/9558afea3c46dee996399ff0985f4428/Y3JhaW53YXRlckBzb3V0aHBvaW50LmJhbms=?pid=TransactionalEmails&af_adset=ConfirmationEmail&af_ad=ConfirmationEmail_ICE_ICE3171_A_PRIME_KEEP1792_A&is_retargeting=true	183.181.83.141		0 B
URL tukix.net/qp9sKz1A43Pt/news/9558afea3c46dee996399ff0985f4428/Y3JhaW53YXRlckBzb3V0aHBvaW50LmJhbms=?pid=TransactionalEmails&af_adset=ConfirmationEmail&af_ad=ConfirmationEmail_ICE_ICE3171_A_PRIME_KEEP1792_A&is_retargeting=true IP 183.181.83.141:0 ASN #131965 Xserver Inc. File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /qp9sKz1A43Pt/news/9558afea3c46dee996399ff0985f4428/Y3JhaW53YXRlckBzb3V0aHBvaW50LmJhbms=?pid=TransactionalEmails&af_adset=ConfirmationEmail&af_ad=ConfirmationEmail_ICE_ICE3171_A_PRIME_KEEP1792_A&is_retargeting=true HTTP/1.1 Host: tukix.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK server: nginx date: Tue, 16 Apr 2024 14:33:58 GMT content-type: text/html; charset=UTF-8 content-length: 0 refresh: 0;url=https://k3ed.icu?e=crainwater@southpoint.bank vary: User-Agent accept-ranges: bytes X-Firefox-Spdy: h2`

	k3ed.icu/?e=crainwater@southpoint.bank	194.5.212.157		0 B
URL k3ed.icu/?e=crainwater@southpoint.bank IP 194.5.212.157:0 ASN #9009 M247 Europe SRL File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /?e=crainwater@southpoint.bank HTTP/1.1 Host: k3ed.icu User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 302 Found Server: nginx Date: Tue, 16 Apr 2024 14:33:58 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive Keep-Alive: timeout=60 X-Powered-By: PHP/5.4.16 Set-Cookie: PHPSESSID=nrq2gvt7mcstd5j2mmfgpsmim2; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache location: main/`

	k3ed.icu/main/	194.5.212.157		3.5 kB
URL k3ed.icu/main/ IP 194.5.212.157:0 ASN #9009 M247 Europe SRL File type JavaScript source, ASCII text, with very long lines (3090) Size 3.5 kB (3541 bytes) Hash 08a009ed82f73c12b77d69bdad4cbefe 0844de14ab3fa4baf6d34a93f80f909f6046ee16 eee031d8c2c2afb501fa8081edd477b3bfea364a6cc1ca35849937d57b126297 HTTP Headers `GET /main/ HTTP/1.1 Host: k3ed.icu User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: PHPSESSID=nrq2gvt7mcstd5j2mmfgpsmim2 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Date: Tue, 16 Apr 2024 14:33:58 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=60 Vary: Accept-Encoding X-Powered-By: PHP/5.4.16 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Encoding: gzip`

	challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback	104.17.3.184		0 B
URL challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback IP 104.17.3.184:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP/1.1 Host: challenges.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://k3ed.icu/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 302 Found date: Tue, 16 Apr 2024 14:33:59 GMT content-length: 0 location: /turnstile/v0/b/bcc5fb0a8815/api.js?onload=onloadTurnstileCallback cross-origin-resource-policy: cross-origin cache-control: max-age=300, public access-control-allow-origin: * vary: Accept-Encoding server: cloudflare cf-ray: 8754e4c089420afa-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2`

	k3ed.icu/favicon.ico	194.5.212.157		135 B
URL k3ed.icu/favicon.ico IP 194.5.212.157:0 ASN #9009 M247 Europe SRL File type HTML document, ASCII text Size 135 B (135 bytes) Hash 83b862bead2d480026254fb2a6eb9969 26bad9e6c1579172b0e3b6bc1c18918164ff6478 fb258cb538ca92d61c8cd4eb08cc23da70c278b8766eaa731ce11e9b2f1da4d4 HTTP Headers `GET /favicon.ico HTTP/1.1 Host: k3ed.icu User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://k3ed.icu/main/ Cookie: PHPSESSID=nrq2gvt7mcstd5j2mmfgpsmim2 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Date: Tue, 16 Apr 2024 14:33:59 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 135 Connection: keep-alive Keep-Alive: timeout=60 Last-Modified: Mon, 15 Apr 2024 19:23:05 GMT ETag: "87-616278cfe1d53" Accept-Ranges: bytes`

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/67hq8/0x4AAAAAAAW0WK3FVyMLGCYF/auto/normal	104.17.3.184		19 kB
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/67hq8/0x4AAAAAAAW0WK3FVyMLGCYF/auto/normal IP 104.17.3.184:0 ASN #13335 CLOUDFLARENET File type HTML document, ASCII text, with very long lines (41919) Size 19 kB (18767 bytes) Hash 85678159bcda683312cff566682f1c20 b49482a81d2235fb3209355c4ce647dfc2b8d648 156e773c0cb81b9737e25b9cf45c85fa229ce3ffd178a53c0979a9185a7bcd39 HTTP Headers GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/67hq8/0x4AAAAAAAW0WK3FVyMLGCYF/auto/normal HTTP/1.1 Host: challenges.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://k3ed.icu/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Tue, 16 Apr 2024 14:33:59 GMT content-type: text/html; charset=UTF-8 accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self' critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA cross-origin-embedder-policy: require-corp cross-origin-opener-policy: same-origin cross-origin-resource-policy: cross-origin document-policy: js-profiling origin-agent-cluster: ?1 permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy: same-origin server: cloudflare cf-ray: 8754e4c15881712e-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D	104.17.3.184		5.6 kB
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D IP 104.17.3.184:0 ASN #13335 CLOUDFLARENET File type PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced Size 5.6 kB (5648 bytes) Hash 728c6b1110633c76154231356f904944 f6c10d57e9c088d9685881d2409a2f20e15879cc 7f03397859e29b3be33ca7882087dca452fdcd40b4600aa38f72b26d8c793254 HTTP Headers GET /cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1 Host: challenges.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/67hq8/0x4AAAAAAAW0WK3FVyMLGCYF/auto/normal DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/3 200 OK date: Tue, 16 Apr 2024 14:33:59 GMT content-type: image/png cache-control: max-age=2629800, public server: cloudflare cf-ray: 8754e4c1d931712e-OSL alt-svc: h3=":443"; ma=86400`

	k3ed.icu/main/main.php	194.5.212.157		5.7 kB
URL k3ed.icu/main/main.php IP 194.5.212.157:0 ASN #9009 M247 Europe SRL File type HTML document, ASCII text, with very long lines (4198) Size 5.7 kB (5655 bytes) Hash e11c2acf1ae86fc07f6c79e559a6075a 6b430e0023c111831bdd16e24f8039dd90c091bf 10c57b3e50bc1fc08d7e6de8562b40c1b0147b98e1ee09290edd2cfcb7375620 HTTP Headers POST /main/main.php HTTP/1.1 Host: k3ed.icu User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Content-Length: 539 Origin: https://k3ed.icu DNT: 1 Connection: keep-alive Referer: https://k3ed.icu/main/ Cookie: PHPSESSID=nrq2gvt7mcstd5j2mmfgpsmim2 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-origin Sec-Fetch-User: ?1 Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Server: nginx Date: Tue, 16 Apr 2024 14:34:04 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=60 Vary: Accept-Encoding X-Powered-By: PHP/5.4.16 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Encoding: gzip`

	cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js	104.17.25.14	200 OK	28 kB
URL GET HTTP/3 cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js IP 104.17.25.14:443 ASN #13335 CLOUDFLARENET Requested by https://k3ed.icu/main/main.php#ba8T1rBuBL4dPWaHJaFI3xCgWeJ2kxiwIqpJR0etLiHBeRjY1ZG4xiltx4vSCOokeN46OizzBgbP8uN9tue0NzukE0cgOBB2pF9dYJNz0Yp8tchXHwYu5sPKt20hDCk3htgfc3Pd2elwrDt89sDfVsZov0F9C0cUtsaGwZTzdf5ESzN21qhWThloi0yU0KPudZbJY5jbkpQdYDf03xWXPim7jU2jERORQ0BO5U0pkQDitSixpfvexRmQLoapgZh6ZSV5NWu7M8qg0JOqYjFwa1nVqylGyCMxvICjE7rrfSIgBxGAQl71nuXN3jtBWg9sYMLDUd596OqHl6icspePUcCXv5zrlITkvFYpT4zZTZHe6ZryoGojS0hn6QOszIN4oMthQ2hJ1YY8XqGm65FZ5WmcNbEmUsqieUz4WQOYPN6MdN8kSOjYLGbyRPULhl4wfDAcupajdh6q5fLY35XPL8nDYipgDtMS7n4CMfWZx2qCicBmhyb3HyHFQ6WuAInI5rkSHgRfjiSCvtYN29QJIxpzEl3f3qX9Sh1AyTPScHuHbsudCkXlSmUxIYMMoJVh1XRAQHs2oXJzqeN3yKor7jZQhLCGvyXwvO7lvzoUx8uXmi1U3pmaIl107DGCbD9Gsg2YQqTnynlUFmPJLcTuxUuFybhKOqqhGtfwT9UsxfmdBcWnoPSWKnBjyT3njuE0XUxR3sjBHGOjSKHhAAekXPEwIHT2cy39tB1x3k8K1W4TGMbgmpBjefPXXJ0ah3kLEliHFqsHmxA2jMjFbUZqaPo8yoiQsCB6XTODkhkGOVJ7I2NTXMk7BIg96y0zbCG9vuNQM8wA4gIMjvFghZoSIE2Pd2opE4yazm0luxVyOEl790nq0MjJrlyFoX431DeAZfVtNR2BvnIFo65pTp8kLHZaE3dGHsgGHcau4c5AAOfZUloNKx8wf7GUbTASlRz34Jx8WDJwrYvmjUa4siAIqgCCadvv44z8N6hJK0gcZMyjHJna2YStev5oIAUNFtWsAdclesxde5xVPU5RSYk7tqwb0rZFVV8w8kRnMoB1u8Xj32bW0w3uWAGX1FDXALtJ6k7TIIUcRRwUUIRVeVpav58xLLulxX5Dicw0VrdMiKHdsz8GuxRZDZxoK1KhZPVh2riXSvKbgroI0wpv4hvIh2713Rj2HfkJHCHz8rLoTa7UHxpLOUu5WB70sr3aHnUoZBY82JxVTEPAcfm19Q76sf6VH95oxZMxAKFDtcznRoY3El4NcbUEr0A8aFwHFieg2UTw6sUXRT1we5jrhe6IeGRpmn71GliJfcgmFajx4l3jqnKIBRrQxifTGmVmIe5Yqlk5wECBZFUq3F9EwAu3TKXz7TVP71Oxn9DUNfvNVpeY4nDBY7ERSCqZvmPCoDaLMNGA3boZBCYF0BhYJVQCyhB4EqH24ROQFurJGPJhsHXsjer3ahFIzgMdHtgLl5C0z3KgStxlbvNuJfxUxdC6upkbTAXeFzffC0vvt3QEyE9iTHcrUPxofRA8rxn77DmJDSf6V5LuKUMEBZ5wOCU3uvcW2z39cqTQi8WeeIIZCvDevIKjlFnPaAMc9Pmmggdyp9NDSvCu1gJwYtQj8e9iOVvYLRl18yAxInaATN5U4Or2hhmqwvIkrdjc5EedcOKUbVv5JA0NprQGJc6fIPA93Tm9xAmKp7FB3aGNLGBa7rRREY6nNGxRAT08unSTvxuzIbmuRXEZpwQ4uXriEY9eS9mnxfg2NLBvWY0NWENlaEpFBRXfQ6uIgR5N7mQU7sq4qqRm5FIfj7UUZSaPYFxfxD3EZUy7mZbMp39uIRK2ZFXYx8NwNlLlYPZYJy65xhSXl2r3Tc6TR3RobFUZ1Gk0vjYfS5lpmemHgOLa0R3SVVg6Bb5CSqCoKBDCGZ13doKudwEdoI6jDnqfywRrWtPG5tiLtkOGJzaW5PauxgObDeqcLhEHLuoQXHCr2q7LZiI57TAE9oPNDf0oxE6j8ua6bMxdcFZcXHi4ATJKhyyVOyjmdpFmUPs5C0jPFj1D1kICdrmv0VqPuKbHaR34Hwajxu8dNaQOuyqI0Ne0IFPcp1UASYFzvPT2j1g7c6WHFmpFaDFSjv5Iw0joYYYuORw8TNf5UbMzycfIQVB9qHSWHblGajaYbH65umboxYY6adO18qby73vPfQvpaGomnurSQCgoBevMsjNAKY9S2EIhvdHFU51hAt9r5qQHFlt7FhIpfSiiw0z1ehH8mJpXczoi0eZFAsNfJwEZoXhUXRWb8EjvnJtzjRRj6RYGjMW3iA2GykBvbyGkc0QAKj93b1miSlYc7Vfqwi64DHzPfg9shZ21jc4udqM6MLiUGykcRqgv8Qko6uQntToN5thjU3pGPIAvgVH8mYDuOYTVsKjWDIJJb0264rMT9noqj6zF5d9Ub2PDM9AqRj93kb9oDWiNkHeDOOiT1sNdvDQiMrIEKSH44RtHNLu7sJLgx4aywYM2BDko432OWJT0BnHo8cwBVhStl22S0OVCrf0vj2kfMegnBXMJail6AezWhCOiqJUSZVojYIzKXP8yNViXdD4OSEK9gzrHjlzjhXCfGc0D28cP4uNi8R60vQ9MqBtJX22e0FtHRtlUCxJG2xYap4bUVkGlW95Tc77dMAUE4gyGNimQPl0eqb9lwQHs0MmdUtqG4ll8BUPpdcf3xgiXrrjYi1rjNNwHgWolhKuTFjiSvxV2Nd0fFkeYlFh9sNRJKg520zVGSdynLuqzIrOoL2m6IDfar6UbmZdny93rmBP86fHOGwcszyyhcOsEUmQhm3FVcImzkbHqrpf8VrAu09MdXeRSBH9YLOTYxfxRrfiTFx2AZD5ZMScK74CILMGxBAv9Q30hjjbYRdzQREQDx2nE70mTN3qoDWytZzLjSXhJbQA2vqF2t3GA43tR7TgLPOfPn08gYpZ9gAbM0QOtUv3ZywQFq7qgWF5jGeAEEANUaZGaQvDK0HJzeAeE?cfg=crainwater@southpoint.bank Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (65447) Size 28 kB (27938 bytes) Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e HTTP Headers `GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1 Host: cdnjs.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://k3ed.icu/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 16 Apr 2024 14:34:04 GMT content-type: application/javascript; charset=utf-8 content-length: 27938 access-control-allow-origin: * cache-control: public, max-age=30672000 content-encoding: br etag: "603e8adc-15d9d" last-modified: Tue, 02 Mar 2021 18:58:36 GMT cf-cdnjs-via: cfworker/kv cross-origin-resource-policy: cross-origin timing-allow-origin: * x-content-type-options: nosniff vary: Accept-Encoding cf-cache-status: HIT age: 2803551 expires: Sun, 06 Apr 2025 14:34:04 GMT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PstnT5RxgtiSzNJj3%2FlUCqhVABj%2FaQ%2Fnig1vZp3eARqTjeW%2FuGCp8T1mAPeeUePFwO%2FK7LNF2UnDNb26LmjGJsh%2F%2Fn5sBYN7RzFdY1rtAEcPx2n1Zuonlkpilfx26SMGkRcHCKJE"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15780000 server: cloudflare cf-ray: 8754e4e48c3856b4-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	outlook.office.com/mail/favicon.ico	52.98.149.162	200 OK	7.9 kB
URL GET HTTP/2 outlook.office.com/mail/favicon.ico IP 52.98.149.162:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://k3ed.icu/main/main.php#ba8T1rBuBL4dPWaHJaFI3xCgWeJ2kxiwIqpJR0etLiHBeRjY1ZG4xiltx4vSCOokeN46OizzBgbP8uN9tue0NzukE0cgOBB2pF9dYJNz0Yp8tchXHwYu5sPKt20hDCk3htgfc3Pd2elwrDt89sDfVsZov0F9C0cUtsaGwZTzdf5ESzN21qhWThloi0yU0KPudZbJY5jbkpQdYDf03xWXPim7jU2jERORQ0BO5U0pkQDitSixpfvexRmQLoapgZh6ZSV5NWu7M8qg0JOqYjFwa1nVqylGyCMxvICjE7rrfSIgBxGAQl71nuXN3jtBWg9sYMLDUd596OqHl6icspePUcCXv5zrlITkvFYpT4zZTZHe6ZryoGojS0hn6QOszIN4oMthQ2hJ1YY8XqGm65FZ5WmcNbEmUsqieUz4WQOYPN6MdN8kSOjYLGbyRPULhl4wfDAcupajdh6q5fLY35XPL8nDYipgDtMS7n4CMfWZx2qCicBmhyb3HyHFQ6WuAInI5rkSHgRfjiSCvtYN29QJIxpzEl3f3qX9Sh1AyTPScHuHbsudCkXlSmUxIYMMoJVh1XRAQHs2oXJzqeN3yKor7jZQhLCGvyXwvO7lvzoUx8uXmi1U3pmaIl107DGCbD9Gsg2YQqTnynlUFmPJLcTuxUuFybhKOqqhGtfwT9UsxfmdBcWnoPSWKnBjyT3njuE0XUxR3sjBHGOjSKHhAAekXPEwIHT2cy39tB1x3k8K1W4TGMbgmpBjefPXXJ0ah3kLEliHFqsHmxA2jMjFbUZqaPo8yoiQsCB6XTODkhkGOVJ7I2NTXMk7BIg96y0zbCG9vuNQM8wA4gIMjvFghZoSIE2Pd2opE4yazm0luxVyOEl790nq0MjJrlyFoX431DeAZfVtNR2BvnIFo65pTp8kLHZaE3dGHsgGHcau4c5AAOfZUloNKx8wf7GUbTASlRz34Jx8WDJwrYvmjUa4siAIqgCCadvv44z8N6hJK0gcZMyjHJna2YStev5oIAUNFtWsAdclesxde5xVPU5RSYk7tqwb0rZFVV8w8kRnMoB1u8Xj32bW0w3uWAGX1FDXALtJ6k7TIIUcRRwUUIRVeVpav58xLLulxX5Dicw0VrdMiKHdsz8GuxRZDZxoK1KhZPVh2riXSvKbgroI0wpv4hvIh2713Rj2HfkJHCHz8rLoTa7UHxpLOUu5WB70sr3aHnUoZBY82JxVTEPAcfm19Q76sf6VH95oxZMxAKFDtcznRoY3El4NcbUEr0A8aFwHFieg2UTw6sUXRT1we5jrhe6IeGRpmn71GliJfcgmFajx4l3jqnKIBRrQxifTGmVmIe5Yqlk5wECBZFUq3F9EwAu3TKXz7TVP71Oxn9DUNfvNVpeY4nDBY7ERSCqZvmPCoDaLMNGA3boZBCYF0BhYJVQCyhB4EqH24ROQFurJGPJhsHXsjer3ahFIzgMdHtgLl5C0z3KgStxlbvNuJfxUxdC6upkbTAXeFzffC0vvt3QEyE9iTHcrUPxofRA8rxn77DmJDSf6V5LuKUMEBZ5wOCU3uvcW2z39cqTQi8WeeIIZCvDevIKjlFnPaAMc9Pmmggdyp9NDSvCu1gJwYtQj8e9iOVvYLRl18yAxInaATN5U4Or2hhmqwvIkrdjc5EedcOKUbVv5JA0NprQGJc6fIPA93Tm9xAmKp7FB3aGNLGBa7rRREY6nNGxRAT08unSTvxuzIbmuRXEZpwQ4uXriEY9eS9mnxfg2NLBvWY0NWENlaEpFBRXfQ6uIgR5N7mQU7sq4qqRm5FIfj7UUZSaPYFxfxD3EZUy7mZbMp39uIRK2ZFXYx8NwNlLlYPZYJy65xhSXl2r3Tc6TR3RobFUZ1Gk0vjYfS5lpmemHgOLa0R3SVVg6Bb5CSqCoKBDCGZ13doKudwEdoI6jDnqfywRrWtPG5tiLtkOGJzaW5PauxgObDeqcLhEHLuoQXHCr2q7LZiI57TAE9oPNDf0oxE6j8ua6bMxdcFZcXHi4ATJKhyyVOyjmdpFmUPs5C0jPFj1D1kICdrmv0VqPuKbHaR34Hwajxu8dNaQOuyqI0Ne0IFPcp1UASYFzvPT2j1g7c6WHFmpFaDFSjv5Iw0joYYYuORw8TNf5UbMzycfIQVB9qHSWHblGajaYbH65umboxYY6adO18qby73vPfQvpaGomnurSQCgoBevMsjNAKY9S2EIhvdHFU51hAt9r5qQHFlt7FhIpfSiiw0z1ehH8mJpXczoi0eZFAsNfJwEZoXhUXRWb8EjvnJtzjRRj6RYGjMW3iA2GykBvbyGkc0QAKj93b1miSlYc7Vfqwi64DHzPfg9shZ21jc4udqM6MLiUGykcRqgv8Qko6uQntToN5thjU3pGPIAvgVH8mYDuOYTVsKjWDIJJb0264rMT9noqj6zF5d9Ub2PDM9AqRj93kb9oDWiNkHeDOOiT1sNdvDQiMrIEKSH44RtHNLu7sJLgx4aywYM2BDko432OWJT0BnHo8cwBVhStl22S0OVCrf0vj2kfMegnBXMJail6AezWhCOiqJUSZVojYIzKXP8yNViXdD4OSEK9gzrHjlzjhXCfGc0D28cP4uNi8R60vQ9MqBtJX22e0FtHRtlUCxJG2xYap4bUVkGlW95Tc77dMAUE4gyGNimQPl0eqb9lwQHs0MmdUtqG4ll8BUPpdcf3xgiXrrjYi1rjNNwHgWolhKuTFjiSvxV2Nd0fFkeYlFh9sNRJKg520zVGSdynLuqzIrOoL2m6IDfar6UbmZdny93rmBP86fHOGwcszyyhcOsEUmQhm3FVcImzkbHqrpf8VrAu09MdXeRSBH9YLOTYxfxRrfiTFx2AZD5ZMScK74CILMGxBAv9Q30hjjbYRdzQREQDx2nE70mTN3qoDWytZzLjSXhJbQA2vqF2t3GA43tR7TgLPOfPn08gYpZ9gAbM0QOtUv3ZywQFq7qgWF5jGeAEEANUaZGaQvDK0HJzeAeE?cfg=crainwater@southpoint.bank Certificate IssuerDigiCert Inc Subjectoutlook.com Fingerprint2C:61:C5:26:BC:9A:1C:E6:BE:6B:92:00:FC:AF:29:2A:23:84:5E:5C ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 21 Jan 2025 23:59:59 GMT File type MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel Size 7.9 kB (7886 bytes) Hash ac16fa7fc862073b02acd1187fc6def4 f2b9a6255f6293000f30eee272abdd372a14e9d3 e35d94b76894d6eca96ff5b1a12d94dfe73485ef3c52cb5b4395be8ffac1cb45 HTTP Headers `GET /mail/favicon.ico HTTP/1.1 Host: outlook.office.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://k3ed.icu/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-length: 7886 content-type: image/x-icon last-modified: Mon, 15 Apr 2024 16:41:28 GMT accept-ranges: bytes etag: "1da8f53c326b2ce" server: Microsoft-IIS/10.0 request-id: 859bd197-3fa8-db53-7e54-a93a0ffb7af2 strict-transport-security: max-age=31536000; includeSubDomains; preload alt-svc: h3=":443";ma=2592000,h3-29=":443";ma=2592000 x-preferredroutingkeydiagnostics: 0 x-calculatedbetarget: GVX0PF01A05633F.SWEP280.PROD.OUTLOOK.COM x-backendhttpstatus: 200 x-besku: UNKNOWN x-proxy-routingcorrectness: 1 x-proxy-backendserverstatus: 200 x-firsthopcafeefz: GVX x-bepartition: Clique/CLSWEP280GVX01 x-feproxyinfo: GV3P280CA0002.SWEP280.PROD.OUTLOOK.COM x-feefzinfo: GVX ms-cv: l9Gbhag/U9t+VKk6D/t68g.1 x-powered-by: ASP.NET x-feserver: GV3P280CA0002 date: Tue, 16 Apr 2024 14:34:02 GMT X-Firefox-Spdy: h2

	bc1q40c2emxhhsumh59zjrhxrhp.com/api/v3/auth	193.222.96.132	200 OK	2 B
URL POST HTTP/1.1 bc1q40c2emxhhsumh59zjrhxrhp.com/api/v3/auth IP 193.222.96.132:443 ASN #203168 Constant MOULIN Requested by https://k3ed.icu/main/main.php#ba8T1rBuBL4dPWaHJaFI3xCgWeJ2kxiwIqpJR0etLiHBeRjY1ZG4xiltx4vSCOokeN46OizzBgbP8uN9tue0NzukE0cgOBB2pF9dYJNz0Yp8tchXHwYu5sPKt20hDCk3htgfc3Pd2elwrDt89sDfVsZov0F9C0cUtsaGwZTzdf5ESzN21qhWThloi0yU0KPudZbJY5jbkpQdYDf03xWXPim7jU2jERORQ0BO5U0pkQDitSixpfvexRmQLoapgZh6ZSV5NWu7M8qg0JOqYjFwa1nVqylGyCMxvICjE7rrfSIgBxGAQl71nuXN3jtBWg9sYMLDUd596OqHl6icspePUcCXv5zrlITkvFYpT4zZTZHe6ZryoGojS0hn6QOszIN4oMthQ2hJ1YY8XqGm65FZ5WmcNbEmUsqieUz4WQOYPN6MdN8kSOjYLGbyRPULhl4wfDAcupajdh6q5fLY35XPL8nDYipgDtMS7n4CMfWZx2qCicBmhyb3HyHFQ6WuAInI5rkSHgRfjiSCvtYN29QJIxpzEl3f3qX9Sh1AyTPScHuHbsudCkXlSmUxIYMMoJVh1XRAQHs2oXJzqeN3yKor7jZQhLCGvyXwvO7lvzoUx8uXmi1U3pmaIl107DGCbD9Gsg2YQqTnynlUFmPJLcTuxUuFybhKOqqhGtfwT9UsxfmdBcWnoPSWKnBjyT3njuE0XUxR3sjBHGOjSKHhAAekXPEwIHT2cy39tB1x3k8K1W4TGMbgmpBjefPXXJ0ah3kLEliHFqsHmxA2jMjFbUZqaPo8yoiQsCB6XTODkhkGOVJ7I2NTXMk7BIg96y0zbCG9vuNQM8wA4gIMjvFghZoSIE2Pd2opE4yazm0luxVyOEl790nq0MjJrlyFoX431DeAZfVtNR2BvnIFo65pTp8kLHZaE3dGHsgGHcau4c5AAOfZUloNKx8wf7GUbTASlRz34Jx8WDJwrYvmjUa4siAIqgCCadvv44z8N6hJK0gcZMyjHJna2YStev5oIAUNFtWsAdclesxde5xVPU5RSYk7tqwb0rZFVV8w8kRnMoB1u8Xj32bW0w3uWAGX1FDXALtJ6k7TIIUcRRwUUIRVeVpav58xLLulxX5Dicw0VrdMiKHdsz8GuxRZDZxoK1KhZPVh2riXSvKbgroI0wpv4hvIh2713Rj2HfkJHCHz8rLoTa7UHxpLOUu5WB70sr3aHnUoZBY82JxVTEPAcfm19Q76sf6VH95oxZMxAKFDtcznRoY3El4NcbUEr0A8aFwHFieg2UTw6sUXRT1we5jrhe6IeGRpmn71GliJfcgmFajx4l3jqnKIBRrQxifTGmVmIe5Yqlk5wECBZFUq3F9EwAu3TKXz7TVP71Oxn9DUNfvNVpeY4nDBY7ERSCqZvmPCoDaLMNGA3boZBCYF0BhYJVQCyhB4EqH24ROQFurJGPJhsHXsjer3ahFIzgMdHtgLl5C0z3KgStxlbvNuJfxUxdC6upkbTAXeFzffC0vvt3QEyE9iTHcrUPxofRA8rxn77DmJDSf6V5LuKUMEBZ5wOCU3uvcW2z39cqTQi8WeeIIZCvDevIKjlFnPaAMc9Pmmggdyp9NDSvCu1gJwYtQj8e9iOVvYLRl18yAxInaATN5U4Or2hhmqwvIkrdjc5EedcOKUbVv5JA0NprQGJc6fIPA93Tm9xAmKp7FB3aGNLGBa7rRREY6nNGxRAT08unSTvxuzIbmuRXEZpwQ4uXriEY9eS9mnxfg2NLBvWY0NWENlaEpFBRXfQ6uIgR5N7mQU7sq4qqRm5FIfj7UUZSaPYFxfxD3EZUy7mZbMp39uIRK2ZFXYx8NwNlLlYPZYJy65xhSXl2r3Tc6TR3RobFUZ1Gk0vjYfS5lpmemHgOLa0R3SVVg6Bb5CSqCoKBDCGZ13doKudwEdoI6jDnqfywRrWtPG5tiLtkOGJzaW5PauxgObDeqcLhEHLuoQXHCr2q7LZiI57TAE9oPNDf0oxE6j8ua6bMxdcFZcXHi4ATJKhyyVOyjmdpFmUPs5C0jPFj1D1kICdrmv0VqPuKbHaR34Hwajxu8dNaQOuyqI0Ne0IFPcp1UASYFzvPT2j1g7c6WHFmpFaDFSjv5Iw0joYYYuORw8TNf5UbMzycfIQVB9qHSWHblGajaYbH65umboxYY6adO18qby73vPfQvpaGomnurSQCgoBevMsjNAKY9S2EIhvdHFU51hAt9r5qQHFlt7FhIpfSiiw0z1ehH8mJpXczoi0eZFAsNfJwEZoXhUXRWb8EjvnJtzjRRj6RYGjMW3iA2GykBvbyGkc0QAKj93b1miSlYc7Vfqwi64DHzPfg9shZ21jc4udqM6MLiUGykcRqgv8Qko6uQntToN5thjU3pGPIAvgVH8mYDuOYTVsKjWDIJJb0264rMT9noqj6zF5d9Ub2PDM9AqRj93kb9oDWiNkHeDOOiT1sNdvDQiMrIEKSH44RtHNLu7sJLgx4aywYM2BDko432OWJT0BnHo8cwBVhStl22S0OVCrf0vj2kfMegnBXMJail6AezWhCOiqJUSZVojYIzKXP8yNViXdD4OSEK9gzrHjlzjhXCfGc0D28cP4uNi8R60vQ9MqBtJX22e0FtHRtlUCxJG2xYap4bUVkGlW95Tc77dMAUE4gyGNimQPl0eqb9lwQHs0MmdUtqG4ll8BUPpdcf3xgiXrrjYi1rjNNwHgWolhKuTFjiSvxV2Nd0fFkeYlFh9sNRJKg520zVGSdynLuqzIrOoL2m6IDfar6UbmZdny93rmBP86fHOGwcszyyhcOsEUmQhm3FVcImzkbHqrpf8VrAu09MdXeRSBH9YLOTYxfxRrfiTFx2AZD5ZMScK74CILMGxBAv9Q30hjjbYRdzQREQDx2nE70mTN3qoDWytZzLjSXhJbQA2vqF2t3GA43tR7TgLPOfPn08gYpZ9gAbM0QOtUv3ZywQFq7qgWF5jGeAEEANUaZGaQvDK0HJzeAeE?cfg=crainwater@southpoint.bank Certificate IssuerLet's Encrypt Subjectbc1q40c2emxhhsumh59zjrhxrhp.com Fingerprint48:9A:4F:1A:B8:FC:BD:69:69:82:D1:71:4A:E7:3A:E0:39:F2:04:DA ValiditySat, 24 Feb 2024 20:50:15 GMT - Fri, 24 May 2024 20:50:14 GMT File type ASCII text, with no line terminators Size 2 B (2 bytes) Hash e0aa021e21dddbd6d8cecec71e9cf564 9ce3bd4224c8c1780db56b4125ecf3f24bf748b7 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 HTTP Headers OPTIONS /api/v3/auth HTTP/1.1 Host: bc1q40c2emxhhsumh59zjrhxrhp.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://k3ed.icu/ Origin: https://k3ed.icu DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK date: Tue, 16 Apr 2024 14:34:06 GMT server: uvicorn vary: Origin access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT access-control-max-age: 600 access-control-allow-credentials: true access-control-allow-origin: https://k3ed.icu access-control-allow-headers: content-type content-length: 2 content-type: text/plain; charset=utf-8`

	bc1q40c2emxhhsumh59zjrhxrhp.com/api/v3/auth	193.222.96.132	200 OK	16 kB
URL POST HTTP/1.1 bc1q40c2emxhhsumh59zjrhxrhp.com/api/v3/auth IP 193.222.96.132:443 ASN #203168 Constant MOULIN Requested by https://k3ed.icu/main/main.php#ba8T1rBuBL4dPWaHJaFI3xCgWeJ2kxiwIqpJR0etLiHBeRjY1ZG4xiltx4vSCOokeN46OizzBgbP8uN9tue0NzukE0cgOBB2pF9dYJNz0Yp8tchXHwYu5sPKt20hDCk3htgfc3Pd2elwrDt89sDfVsZov0F9C0cUtsaGwZTzdf5ESzN21qhWThloi0yU0KPudZbJY5jbkpQdYDf03xWXPim7jU2jERORQ0BO5U0pkQDitSixpfvexRmQLoapgZh6ZSV5NWu7M8qg0JOqYjFwa1nVqylGyCMxvICjE7rrfSIgBxGAQl71nuXN3jtBWg9sYMLDUd596OqHl6icspePUcCXv5zrlITkvFYpT4zZTZHe6ZryoGojS0hn6QOszIN4oMthQ2hJ1YY8XqGm65FZ5WmcNbEmUsqieUz4WQOYPN6MdN8kSOjYLGbyRPULhl4wfDAcupajdh6q5fLY35XPL8nDYipgDtMS7n4CMfWZx2qCicBmhyb3HyHFQ6WuAInI5rkSHgRfjiSCvtYN29QJIxpzEl3f3qX9Sh1AyTPScHuHbsudCkXlSmUxIYMMoJVh1XRAQHs2oXJzqeN3yKor7jZQhLCGvyXwvO7lvzoUx8uXmi1U3pmaIl107DGCbD9Gsg2YQqTnynlUFmPJLcTuxUuFybhKOqqhGtfwT9UsxfmdBcWnoPSWKnBjyT3njuE0XUxR3sjBHGOjSKHhAAekXPEwIHT2cy39tB1x3k8K1W4TGMbgmpBjefPXXJ0ah3kLEliHFqsHmxA2jMjFbUZqaPo8yoiQsCB6XTODkhkGOVJ7I2NTXMk7BIg96y0zbCG9vuNQM8wA4gIMjvFghZoSIE2Pd2opE4yazm0luxVyOEl790nq0MjJrlyFoX431DeAZfVtNR2BvnIFo65pTp8kLHZaE3dGHsgGHcau4c5AAOfZUloNKx8wf7GUbTASlRz34Jx8WDJwrYvmjUa4siAIqgCCadvv44z8N6hJK0gcZMyjHJna2YStev5oIAUNFtWsAdclesxde5xVPU5RSYk7tqwb0rZFVV8w8kRnMoB1u8Xj32bW0w3uWAGX1FDXALtJ6k7TIIUcRRwUUIRVeVpav58xLLulxX5Dicw0VrdMiKHdsz8GuxRZDZxoK1KhZPVh2riXSvKbgroI0wpv4hvIh2713Rj2HfkJHCHz8rLoTa7UHxpLOUu5WB70sr3aHnUoZBY82JxVTEPAcfm19Q76sf6VH95oxZMxAKFDtcznRoY3El4NcbUEr0A8aFwHFieg2UTw6sUXRT1we5jrhe6IeGRpmn71GliJfcgmFajx4l3jqnKIBRrQxifTGmVmIe5Yqlk5wECBZFUq3F9EwAu3TKXz7TVP71Oxn9DUNfvNVpeY4nDBY7ERSCqZvmPCoDaLMNGA3boZBCYF0BhYJVQCyhB4EqH24ROQFurJGPJhsHXsjer3ahFIzgMdHtgLl5C0z3KgStxlbvNuJfxUxdC6upkbTAXeFzffC0vvt3QEyE9iTHcrUPxofRA8rxn77DmJDSf6V5LuKUMEBZ5wOCU3uvcW2z39cqTQi8WeeIIZCvDevIKjlFnPaAMc9Pmmggdyp9NDSvCu1gJwYtQj8e9iOVvYLRl18yAxInaATN5U4Or2hhmqwvIkrdjc5EedcOKUbVv5JA0NprQGJc6fIPA93Tm9xAmKp7FB3aGNLGBa7rRREY6nNGxRAT08unSTvxuzIbmuRXEZpwQ4uXriEY9eS9mnxfg2NLBvWY0NWENlaEpFBRXfQ6uIgR5N7mQU7sq4qqRm5FIfj7UUZSaPYFxfxD3EZUy7mZbMp39uIRK2ZFXYx8NwNlLlYPZYJy65xhSXl2r3Tc6TR3RobFUZ1Gk0vjYfS5lpmemHgOLa0R3SVVg6Bb5CSqCoKBDCGZ13doKudwEdoI6jDnqfywRrWtPG5tiLtkOGJzaW5PauxgObDeqcLhEHLuoQXHCr2q7LZiI57TAE9oPNDf0oxE6j8ua6bMxdcFZcXHi4ATJKhyyVOyjmdpFmUPs5C0jPFj1D1kICdrmv0VqPuKbHaR34Hwajxu8dNaQOuyqI0Ne0IFPcp1UASYFzvPT2j1g7c6WHFmpFaDFSjv5Iw0joYYYuORw8TNf5UbMzycfIQVB9qHSWHblGajaYbH65umboxYY6adO18qby73vPfQvpaGomnurSQCgoBevMsjNAKY9S2EIhvdHFU51hAt9r5qQHFlt7FhIpfSiiw0z1ehH8mJpXczoi0eZFAsNfJwEZoXhUXRWb8EjvnJtzjRRj6RYGjMW3iA2GykBvbyGkc0QAKj93b1miSlYc7Vfqwi64DHzPfg9shZ21jc4udqM6MLiUGykcRqgv8Qko6uQntToN5thjU3pGPIAvgVH8mYDuOYTVsKjWDIJJb0264rMT9noqj6zF5d9Ub2PDM9AqRj93kb9oDWiNkHeDOOiT1sNdvDQiMrIEKSH44RtHNLu7sJLgx4aywYM2BDko432OWJT0BnHo8cwBVhStl22S0OVCrf0vj2kfMegnBXMJail6AezWhCOiqJUSZVojYIzKXP8yNViXdD4OSEK9gzrHjlzjhXCfGc0D28cP4uNi8R60vQ9MqBtJX22e0FtHRtlUCxJG2xYap4bUVkGlW95Tc77dMAUE4gyGNimQPl0eqb9lwQHs0MmdUtqG4ll8BUPpdcf3xgiXrrjYi1rjNNwHgWolhKuTFjiSvxV2Nd0fFkeYlFh9sNRJKg520zVGSdynLuqzIrOoL2m6IDfar6UbmZdny93rmBP86fHOGwcszyyhcOsEUmQhm3FVcImzkbHqrpf8VrAu09MdXeRSBH9YLOTYxfxRrfiTFx2AZD5ZMScK74CILMGxBAv9Q30hjjbYRdzQREQDx2nE70mTN3qoDWytZzLjSXhJbQA2vqF2t3GA43tR7TgLPOfPn08gYpZ9gAbM0QOtUv3ZywQFq7qgWF5jGeAEEANUaZGaQvDK0HJzeAeE?cfg=crainwater@southpoint.bank Certificate IssuerLet's Encrypt Subjectbc1q40c2emxhhsumh59zjrhxrhp.com Fingerprint48:9A:4F:1A:B8:FC:BD:69:69:82:D1:71:4A:E7:3A:E0:39:F2:04:DA ValiditySat, 24 Feb 2024 20:50:15 GMT - Fri, 24 May 2024 20:50:14 GMT File type JSON text data Size 16 kB (15520 bytes) Hash 41efb42ec6b755fda89a1a720229b20f fe8a0cc8b28488f82629f9a963852793122eb9bf c03792e99bcae6449cea24bdc117f9ccd59f5d6f3a3e4f1a1f70b5f5bac7b355 HTTP Headers POST /api/v3/auth HTTP/1.1 Host: bc1q40c2emxhhsumh59zjrhxrhp.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json, text/javascript, /; q=0.01 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Content-Length: 178 Origin: https://k3ed.icu DNT: 1 Connection: keep-alive Referer: https://k3ed.icu/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK date: Tue, 16 Apr 2024 14:34:06 GMT server: uvicorn content-length: 15520 content-type: application/json access-control-allow-origin: * access-control-allow-credentials: true`

	cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js	104.17.25.14	200 OK	28 kB
URL GET HTTP/3 cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js IP 104.17.25.14:443 ASN #13335 CLOUDFLARENET Requested by https://k3ed.icu/main/main.php#ba8T1rBuBL4dPWaHJaFI3xCgWeJ2kxiwIqpJR0etLiHBeRjY1ZG4xiltx4vSCOokeN46OizzBgbP8uN9tue0NzukE0cgOBB2pF9dYJNz0Yp8tchXHwYu5sPKt20hDCk3htgfc3Pd2elwrDt89sDfVsZov0F9C0cUtsaGwZTzdf5ESzN21qhWThloi0yU0KPudZbJY5jbkpQdYDf03xWXPim7jU2jERORQ0BO5U0pkQDitSixpfvexRmQLoapgZh6ZSV5NWu7M8qg0JOqYjFwa1nVqylGyCMxvICjE7rrfSIgBxGAQl71nuXN3jtBWg9sYMLDUd596OqHl6icspePUcCXv5zrlITkvFYpT4zZTZHe6ZryoGojS0hn6QOszIN4oMthQ2hJ1YY8XqGm65FZ5WmcNbEmUsqieUz4WQOYPN6MdN8kSOjYLGbyRPULhl4wfDAcupajdh6q5fLY35XPL8nDYipgDtMS7n4CMfWZx2qCicBmhyb3HyHFQ6WuAInI5rkSHgRfjiSCvtYN29QJIxpzEl3f3qX9Sh1AyTPScHuHbsudCkXlSmUxIYMMoJVh1XRAQHs2oXJzqeN3yKor7jZQhLCGvyXwvO7lvzoUx8uXmi1U3pmaIl107DGCbD9Gsg2YQqTnynlUFmPJLcTuxUuFybhKOqqhGtfwT9UsxfmdBcWnoPSWKnBjyT3njuE0XUxR3sjBHGOjSKHhAAekXPEwIHT2cy39tB1x3k8K1W4TGMbgmpBjefPXXJ0ah3kLEliHFqsHmxA2jMjFbUZqaPo8yoiQsCB6XTODkhkGOVJ7I2NTXMk7BIg96y0zbCG9vuNQM8wA4gIMjvFghZoSIE2Pd2opE4yazm0luxVyOEl790nq0MjJrlyFoX431DeAZfVtNR2BvnIFo65pTp8kLHZaE3dGHsgGHcau4c5AAOfZUloNKx8wf7GUbTASlRz34Jx8WDJwrYvmjUa4siAIqgCCadvv44z8N6hJK0gcZMyjHJna2YStev5oIAUNFtWsAdclesxde5xVPU5RSYk7tqwb0rZFVV8w8kRnMoB1u8Xj32bW0w3uWAGX1FDXALtJ6k7TIIUcRRwUUIRVeVpav58xLLulxX5Dicw0VrdMiKHdsz8GuxRZDZxoK1KhZPVh2riXSvKbgroI0wpv4hvIh2713Rj2HfkJHCHz8rLoTa7UHxpLOUu5WB70sr3aHnUoZBY82JxVTEPAcfm19Q76sf6VH95oxZMxAKFDtcznRoY3El4NcbUEr0A8aFwHFieg2UTw6sUXRT1we5jrhe6IeGRpmn71GliJfcgmFajx4l3jqnKIBRrQxifTGmVmIe5Yqlk5wECBZFUq3F9EwAu3TKXz7TVP71Oxn9DUNfvNVpeY4nDBY7ERSCqZvmPCoDaLMNGA3boZBCYF0BhYJVQCyhB4EqH24ROQFurJGPJhsHXsjer3ahFIzgMdHtgLl5C0z3KgStxlbvNuJfxUxdC6upkbTAXeFzffC0vvt3QEyE9iTHcrUPxofRA8rxn77DmJDSf6V5LuKUMEBZ5wOCU3uvcW2z39cqTQi8WeeIIZCvDevIKjlFnPaAMc9Pmmggdyp9NDSvCu1gJwYtQj8e9iOVvYLRl18yAxInaATN5U4Or2hhmqwvIkrdjc5EedcOKUbVv5JA0NprQGJc6fIPA93Tm9xAmKp7FB3aGNLGBa7rRREY6nNGxRAT08unSTvxuzIbmuRXEZpwQ4uXriEY9eS9mnxfg2NLBvWY0NWENlaEpFBRXfQ6uIgR5N7mQU7sq4qqRm5FIfj7UUZSaPYFxfxD3EZUy7mZbMp39uIRK2ZFXYx8NwNlLlYPZYJy65xhSXl2r3Tc6TR3RobFUZ1Gk0vjYfS5lpmemHgOLa0R3SVVg6Bb5CSqCoKBDCGZ13doKudwEdoI6jDnqfywRrWtPG5tiLtkOGJzaW5PauxgObDeqcLhEHLuoQXHCr2q7LZiI57TAE9oPNDf0oxE6j8ua6bMxdcFZcXHi4ATJKhyyVOyjmdpFmUPs5C0jPFj1D1kICdrmv0VqPuKbHaR34Hwajxu8dNaQOuyqI0Ne0IFPcp1UASYFzvPT2j1g7c6WHFmpFaDFSjv5Iw0joYYYuORw8TNf5UbMzycfIQVB9qHSWHblGajaYbH65umboxYY6adO18qby73vPfQvpaGomnurSQCgoBevMsjNAKY9S2EIhvdHFU51hAt9r5qQHFlt7FhIpfSiiw0z1ehH8mJpXczoi0eZFAsNfJwEZoXhUXRWb8EjvnJtzjRRj6RYGjMW3iA2GykBvbyGkc0QAKj93b1miSlYc7Vfqwi64DHzPfg9shZ21jc4udqM6MLiUGykcRqgv8Qko6uQntToN5thjU3pGPIAvgVH8mYDuOYTVsKjWDIJJb0264rMT9noqj6zF5d9Ub2PDM9AqRj93kb9oDWiNkHeDOOiT1sNdvDQiMrIEKSH44RtHNLu7sJLgx4aywYM2BDko432OWJT0BnHo8cwBVhStl22S0OVCrf0vj2kfMegnBXMJail6AezWhCOiqJUSZVojYIzKXP8yNViXdD4OSEK9gzrHjlzjhXCfGc0D28cP4uNi8R60vQ9MqBtJX22e0FtHRtlUCxJG2xYap4bUVkGlW95Tc77dMAUE4gyGNimQPl0eqb9lwQHs0MmdUtqG4ll8BUPpdcf3xgiXrrjYi1rjNNwHgWolhKuTFjiSvxV2Nd0fFkeYlFh9sNRJKg520zVGSdynLuqzIrOoL2m6IDfar6UbmZdny93rmBP86fHOGwcszyyhcOsEUmQhm3FVcImzkbHqrpf8VrAu09MdXeRSBH9YLOTYxfxRrfiTFx2AZD5ZMScK74CILMGxBAv9Q30hjjbYRdzQREQDx2nE70mTN3qoDWytZzLjSXhJbQA2vqF2t3GA43tR7TgLPOfPn08gYpZ9gAbM0QOtUv3ZywQFq7qgWF5jGeAEEANUaZGaQvDK0HJzeAeE?cfg=crainwater@southpoint.bank Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (65447) Size 28 kB (27938 bytes) Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e HTTP Headers `GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1 Host: cdnjs.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://k3ed.icu/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Tue, 16 Apr 2024 14:34:11 GMT content-type: application/javascript; charset=utf-8 content-length: 27938 access-control-allow-origin: * cache-control: public, max-age=30672000 content-encoding: br etag: "603e8adc-15d9d" last-modified: Tue, 02 Mar 2021 18:58:36 GMT cf-cdnjs-via: cfworker/kv cross-origin-resource-policy: cross-origin timing-allow-origin: * x-content-type-options: nosniff vary: Accept-Encoding cf-cache-status: HIT age: 2803558 expires: Sun, 06 Apr 2025 14:34:11 GMT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4h44dHDs%2BHgjw5txYdFnQnqkd3EHiPckcO2ZEGRVZCkBoYqrCreGxJsn6YO6IHtGty%2F7gIzh7sGSo89xsM69QGQY86icmWE4OSSXNCbZ7sHhw3h8WueXI1UQVzvyooU%2FTFnDvcwA"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15780000 server: cloudflare cf-ray: 8754e50d6f74b4f3-OSL alt-svc: h3=":443"; ma=86400

	aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css	152.199.23.37	200 OK	20 kB
URL GET HTTP/2 aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css IP 152.199.23.37:443 ASN #15133 EDGECAST Requested by https://k3ed.icu/main/main.php#ba8T1rBuBL4dPWaHJaFI3xCgWeJ2kxiwIqpJR0etLiHBeRjY1ZG4xiltx4vSCOokeN46OizzBgbP8uN9tue0NzukE0cgOBB2pF9dYJNz0Yp8tchXHwYu5sPKt20hDCk3htgfc3Pd2elwrDt89sDfVsZov0F9C0cUtsaGwZTzdf5ESzN21qhWThloi0yU0KPudZbJY5jbkpQdYDf03xWXPim7jU2jERORQ0BO5U0pkQDitSixpfvexRmQLoapgZh6ZSV5NWu7M8qg0JOqYjFwa1nVqylGyCMxvICjE7rrfSIgBxGAQl71nuXN3jtBWg9sYMLDUd596OqHl6icspePUcCXv5zrlITkvFYpT4zZTZHe6ZryoGojS0hn6QOszIN4oMthQ2hJ1YY8XqGm65FZ5WmcNbEmUsqieUz4WQOYPN6MdN8kSOjYLGbyRPULhl4wfDAcupajdh6q5fLY35XPL8nDYipgDtMS7n4CMfWZx2qCicBmhyb3HyHFQ6WuAInI5rkSHgRfjiSCvtYN29QJIxpzEl3f3qX9Sh1AyTPScHuHbsudCkXlSmUxIYMMoJVh1XRAQHs2oXJzqeN3yKor7jZQhLCGvyXwvO7lvzoUx8uXmi1U3pmaIl107DGCbD9Gsg2YQqTnynlUFmPJLcTuxUuFybhKOqqhGtfwT9UsxfmdBcWnoPSWKnBjyT3njuE0XUxR3sjBHGOjSKHhAAekXPEwIHT2cy39tB1x3k8K1W4TGMbgmpBjefPXXJ0ah3kLEliHFqsHmxA2jMjFbUZqaPo8yoiQsCB6XTODkhkGOVJ7I2NTXMk7BIg96y0zbCG9vuNQM8wA4gIMjvFghZoSIE2Pd2opE4yazm0luxVyOEl790nq0MjJrlyFoX431DeAZfVtNR2BvnIFo65pTp8kLHZaE3dGHsgGHcau4c5AAOfZUloNKx8wf7GUbTASlRz34Jx8WDJwrYvmjUa4siAIqgCCadvv44z8N6hJK0gcZMyjHJna2YStev5oIAUNFtWsAdclesxde5xVPU5RSYk7tqwb0rZFVV8w8kRnMoB1u8Xj32bW0w3uWAGX1FDXALtJ6k7TIIUcRRwUUIRVeVpav58xLLulxX5Dicw0VrdMiKHdsz8GuxRZDZxoK1KhZPVh2riXSvKbgroI0wpv4hvIh2713Rj2HfkJHCHz8rLoTa7UHxpLOUu5WB70sr3aHnUoZBY82JxVTEPAcfm19Q76sf6VH95oxZMxAKFDtcznRoY3El4NcbUEr0A8aFwHFieg2UTw6sUXRT1we5jrhe6IeGRpmn71GliJfcgmFajx4l3jqnKIBRrQxifTGmVmIe5Yqlk5wECBZFUq3F9EwAu3TKXz7TVP71Oxn9DUNfvNVpeY4nDBY7ERSCqZvmPCoDaLMNGA3boZBCYF0BhYJVQCyhB4EqH24ROQFurJGPJhsHXsjer3ahFIzgMdHtgLl5C0z3KgStxlbvNuJfxUxdC6upkbTAXeFzffC0vvt3QEyE9iTHcrUPxofRA8rxn77DmJDSf6V5LuKUMEBZ5wOCU3uvcW2z39cqTQi8WeeIIZCvDevIKjlFnPaAMc9Pmmggdyp9NDSvCu1gJwYtQj8e9iOVvYLRl18yAxInaATN5U4Or2hhmqwvIkrdjc5EedcOKUbVv5JA0NprQGJc6fIPA93Tm9xAmKp7FB3aGNLGBa7rRREY6nNGxRAT08unSTvxuzIbmuRXEZpwQ4uXriEY9eS9mnxfg2NLBvWY0NWENlaEpFBRXfQ6uIgR5N7mQU7sq4qqRm5FIfj7UUZSaPYFxfxD3EZUy7mZbMp39uIRK2ZFXYx8NwNlLlYPZYJy65xhSXl2r3Tc6TR3RobFUZ1Gk0vjYfS5lpmemHgOLa0R3SVVg6Bb5CSqCoKBDCGZ13doKudwEdoI6jDnqfywRrWtPG5tiLtkOGJzaW5PauxgObDeqcLhEHLuoQXHCr2q7LZiI57TAE9oPNDf0oxE6j8ua6bMxdcFZcXHi4ATJKhyyVOyjmdpFmUPs5C0jPFj1D1kICdrmv0VqPuKbHaR34Hwajxu8dNaQOuyqI0Ne0IFPcp1UASYFzvPT2j1g7c6WHFmpFaDFSjv5Iw0joYYYuORw8TNf5UbMzycfIQVB9qHSWHblGajaYbH65umboxYY6adO18qby73vPfQvpaGomnurSQCgoBevMsjNAKY9S2EIhvdHFU51hAt9r5qQHFlt7FhIpfSiiw0z1ehH8mJpXczoi0eZFAsNfJwEZoXhUXRWb8EjvnJtzjRRj6RYGjMW3iA2GykBvbyGkc0QAKj93b1miSlYc7Vfqwi64DHzPfg9shZ21jc4udqM6MLiUGykcRqgv8Qko6uQntToN5thjU3pGPIAvgVH8mYDuOYTVsKjWDIJJb0264rMT9noqj6zF5d9Ub2PDM9AqRj93kb9oDWiNkHeDOOiT1sNdvDQiMrIEKSH44RtHNLu7sJLgx4aywYM2BDko432OWJT0BnHo8cwBVhStl22S0OVCrf0vj2kfMegnBXMJail6AezWhCOiqJUSZVojYIzKXP8yNViXdD4OSEK9gzrHjlzjhXCfGc0D28cP4uNi8R60vQ9MqBtJX22e0FtHRtlUCxJG2xYap4bUVkGlW95Tc77dMAUE4gyGNimQPl0eqb9lwQHs0MmdUtqG4ll8BUPpdcf3xgiXrrjYi1rjNNwHgWolhKuTFjiSvxV2Nd0fFkeYlFh9sNRJKg520zVGSdynLuqzIrOoL2m6IDfar6UbmZdny93rmBP86fHOGwcszyyhcOsEUmQhm3FVcImzkbHqrpf8VrAu09MdXeRSBH9YLOTYxfxRrfiTFx2AZD5ZMScK74CILMGxBAv9Q30hjjbYRdzQREQDx2nE70mTN3qoDWytZzLjSXhJbQA2vqF2t3GA43tR7TgLPOfPn08gYpZ9gAbM0QOtUv3ZywQFq7qgWF5jGeAEEANUaZGaQvDK0HJzeAeE?cfg=crainwater@southpoint.bank Certificate IssuerDigiCert Inc Subjectaadcdn.msftauth.net Fingerprint3C:9E:70:F5:B3:D1:80:80:8C:97:1C:7B:7E:A8:2C:D8:7B:94:95:0B ValidityFri, 01 Dec 2023 00:00:00 GMT - Sun, 01 Dec 2024 23:59:59 GMT File type ASCII text, with very long lines (61177) Size 20 kB (19970 bytes) Hash f0e5964f8bbedf73d2d3001623bb663b aadf3504d5e5a93e678487eeb4a63398f2699341 9537f00ca371747a97a2acca388f7b2379a7fa7c59bde18c3d2621c0de8de492 HTTP Headers `GET /ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css HTTP/1.1 Host: aadcdn.msftauth.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br X-Moz: prefetch DNT: 1 Connection: keep-alive Referer: https://k3ed.icu/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK content-encoding: gzip accept-ranges: bytes access-control-allow-origin: * access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding age: 1904789 cache-control: public, max-age=31536000 content-md5: 9K2/nGCj75WAmmAI9nZNCA== content-type: text/css date: Tue, 16 Apr 2024 14:34:11 GMT etag: 0x8DA7650B375AC9B last-modified: Thu, 04 Aug 2022 19:37:00 GMT server: ECAcc (ska/F7A0) vary: Accept-Encoding x-cache: HIT x-ms-blob-type: BlockBlob x-ms-lease-status: unlocked x-ms-request-id: 8887ee14-601e-0019-5fb8-7e9917000000 x-ms-version: 2009-09-19 content-length: 19970 X-Firefox-Spdy: h2

	aadcdn.msauth.net/shared/1.0/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg	13.107.246.53	200 OK	276 B
URL GET HTTP/2 aadcdn.msauth.net/shared/1.0/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg IP 13.107.246.53:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://k3ed.icu/main/main.php#ba8T1rBuBL4dPWaHJaFI3xCgWeJ2kxiwIqpJR0etLiHBeRjY1ZG4xiltx4vSCOokeN46OizzBgbP8uN9tue0NzukE0cgOBB2pF9dYJNz0Yp8tchXHwYu5sPKt20hDCk3htgfc3Pd2elwrDt89sDfVsZov0F9C0cUtsaGwZTzdf5ESzN21qhWThloi0yU0KPudZbJY5jbkpQdYDf03xWXPim7jU2jERORQ0BO5U0pkQDitSixpfvexRmQLoapgZh6ZSV5NWu7M8qg0JOqYjFwa1nVqylGyCMxvICjE7rrfSIgBxGAQl71nuXN3jtBWg9sYMLDUd596OqHl6icspePUcCXv5zrlITkvFYpT4zZTZHe6ZryoGojS0hn6QOszIN4oMthQ2hJ1YY8XqGm65FZ5WmcNbEmUsqieUz4WQOYPN6MdN8kSOjYLGbyRPULhl4wfDAcupajdh6q5fLY35XPL8nDYipgDtMS7n4CMfWZx2qCicBmhyb3HyHFQ6WuAInI5rkSHgRfjiSCvtYN29QJIxpzEl3f3qX9Sh1AyTPScHuHbsudCkXlSmUxIYMMoJVh1XRAQHs2oXJzqeN3yKor7jZQhLCGvyXwvO7lvzoUx8uXmi1U3pmaIl107DGCbD9Gsg2YQqTnynlUFmPJLcTuxUuFybhKOqqhGtfwT9UsxfmdBcWnoPSWKnBjyT3njuE0XUxR3sjBHGOjSKHhAAekXPEwIHT2cy39tB1x3k8K1W4TGMbgmpBjefPXXJ0ah3kLEliHFqsHmxA2jMjFbUZqaPo8yoiQsCB6XTODkhkGOVJ7I2NTXMk7BIg96y0zbCG9vuNQM8wA4gIMjvFghZoSIE2Pd2opE4yazm0luxVyOEl790nq0MjJrlyFoX431DeAZfVtNR2BvnIFo65pTp8kLHZaE3dGHsgGHcau4c5AAOfZUloNKx8wf7GUbTASlRz34Jx8WDJwrYvmjUa4siAIqgCCadvv44z8N6hJK0gcZMyjHJna2YStev5oIAUNFtWsAdclesxde5xVPU5RSYk7tqwb0rZFVV8w8kRnMoB1u8Xj32bW0w3uWAGX1FDXALtJ6k7TIIUcRRwUUIRVeVpav58xLLulxX5Dicw0VrdMiKHdsz8GuxRZDZxoK1KhZPVh2riXSvKbgroI0wpv4hvIh2713Rj2HfkJHCHz8rLoTa7UHxpLOUu5WB70sr3aHnUoZBY82JxVTEPAcfm19Q76sf6VH95oxZMxAKFDtcznRoY3El4NcbUEr0A8aFwHFieg2UTw6sUXRT1we5jrhe6IeGRpmn71GliJfcgmFajx4l3jqnKIBRrQxifTGmVmIe5Yqlk5wECBZFUq3F9EwAu3TKXz7TVP71Oxn9DUNfvNVpeY4nDBY7ERSCqZvmPCoDaLMNGA3boZBCYF0BhYJVQCyhB4EqH24ROQFurJGPJhsHXsjer3ahFIzgMdHtgLl5C0z3KgStxlbvNuJfxUxdC6upkbTAXeFzffC0vvt3QEyE9iTHcrUPxofRA8rxn77DmJDSf6V5LuKUMEBZ5wOCU3uvcW2z39cqTQi8WeeIIZCvDevIKjlFnPaAMc9Pmmggdyp9NDSvCu1gJwYtQj8e9iOVvYLRl18yAxInaATN5U4Or2hhmqwvIkrdjc5EedcOKUbVv5JA0NprQGJc6fIPA93Tm9xAmKp7FB3aGNLGBa7rRREY6nNGxRAT08unSTvxuzIbmuRXEZpwQ4uXriEY9eS9mnxfg2NLBvWY0NWENlaEpFBRXfQ6uIgR5N7mQU7sq4qqRm5FIfj7UUZSaPYFxfxD3EZUy7mZbMp39uIRK2ZFXYx8NwNlLlYPZYJy65xhSXl2r3Tc6TR3RobFUZ1Gk0vjYfS5lpmemHgOLa0R3SVVg6Bb5CSqCoKBDCGZ13doKudwEdoI6jDnqfywRrWtPG5tiLtkOGJzaW5PauxgObDeqcLhEHLuoQXHCr2q7LZiI57TAE9oPNDf0oxE6j8ua6bMxdcFZcXHi4ATJKhyyVOyjmdpFmUPs5C0jPFj1D1kICdrmv0VqPuKbHaR34Hwajxu8dNaQOuyqI0Ne0IFPcp1UASYFzvPT2j1g7c6WHFmpFaDFSjv5Iw0joYYYuORw8TNf5UbMzycfIQVB9qHSWHblGajaYbH65umboxYY6adO18qby73vPfQvpaGomnurSQCgoBevMsjNAKY9S2EIhvdHFU51hAt9r5qQHFlt7FhIpfSiiw0z1ehH8mJpXczoi0eZFAsNfJwEZoXhUXRWb8EjvnJtzjRRj6RYGjMW3iA2GykBvbyGkc0QAKj93b1miSlYc7Vfqwi64DHzPfg9shZ21jc4udqM6MLiUGykcRqgv8Qko6uQntToN5thjU3pGPIAvgVH8mYDuOYTVsKjWDIJJb0264rMT9noqj6zF5d9Ub2PDM9AqRj93kb9oDWiNkHeDOOiT1sNdvDQiMrIEKSH44RtHNLu7sJLgx4aywYM2BDko432OWJT0BnHo8cwBVhStl22S0OVCrf0vj2kfMegnBXMJail6AezWhCOiqJUSZVojYIzKXP8yNViXdD4OSEK9gzrHjlzjhXCfGc0D28cP4uNi8R60vQ9MqBtJX22e0FtHRtlUCxJG2xYap4bUVkGlW95Tc77dMAUE4gyGNimQPl0eqb9lwQHs0MmdUtqG4ll8BUPpdcf3xgiXrrjYi1rjNNwHgWolhKuTFjiSvxV2Nd0fFkeYlFh9sNRJKg520zVGSdynLuqzIrOoL2m6IDfar6UbmZdny93rmBP86fHOGwcszyyhcOsEUmQhm3FVcImzkbHqrpf8VrAu09MdXeRSBH9YLOTYxfxRrfiTFx2AZD5ZMScK74CILMGxBAv9Q30hjjbYRdzQREQDx2nE70mTN3qoDWytZzLjSXhJbQA2vqF2t3GA43tR7TgLPOfPn08gYpZ9gAbM0QOtUv3ZywQFq7qgWF5jGeAEEANUaZGaQvDK0HJzeAeE?cfg=crainwater@southpoint.bank Certificate IssuerDigiCert Inc Subjectaadcdn.msauth.net FingerprintEB:7C:D1:4E:EF:B5:D4:72:25:0B:1A:AF:5F:10:3D:EA:13:80:5A:47 ValidityMon, 29 Jan 2024 00:00:00 GMT - Wed, 29 Jan 2025 23:59:59 GMT File type SVG Scalable Vector Graphics image Size 276 B (276 bytes) Hash a9cc2824ef3517b6c4160dcf8ff7d410 8db9aebad84ca6e4225bfdd2458ff3821cc4f064 34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58 HTTP Headers `GET /shared/1.0/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg HTTP/1.1 Host: aadcdn.msauth.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://k3ed.icu/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Tue, 16 Apr 2024 14:34:11 GMT content-type: image/svg+xml content-length: 276 cache-control: public, max-age=31536000 content-encoding: gzip last-modified: Fri, 17 Jan 2020 19:28:34 GMT etag: 0x8D79B8371B97A82 x-ms-request-id: 01141f63-001e-0066-400c-8f5db0000000 x-ms-version: 2009-09-19 x-ms-lease-status: unlocked x-ms-blob-type: BlockBlob access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding access-control-allow-origin: * x-azure-ref: 20240416T143411Z-16c87f56bf7n8ktrg1rd4pyxn0000000081g000000000sq6 x-fd-int-roxy-purgeid: 4554691 x-cache: TCP_HIT accept-ranges: bytes X-Firefox-Spdy: h2

	aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_ziytf8dzt9eg1s6-ohhleg2.css	13.107.246.53	200 OK	20 kB
URL GET HTTP/2 aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_ziytf8dzt9eg1s6-ohhleg2.css IP 13.107.246.53:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://k3ed.icu/main/main.php#ba8T1rBuBL4dPWaHJaFI3xCgWeJ2kxiwIqpJR0etLiHBeRjY1ZG4xiltx4vSCOokeN46OizzBgbP8uN9tue0NzukE0cgOBB2pF9dYJNz0Yp8tchXHwYu5sPKt20hDCk3htgfc3Pd2elwrDt89sDfVsZov0F9C0cUtsaGwZTzdf5ESzN21qhWThloi0yU0KPudZbJY5jbkpQdYDf03xWXPim7jU2jERORQ0BO5U0pkQDitSixpfvexRmQLoapgZh6ZSV5NWu7M8qg0JOqYjFwa1nVqylGyCMxvICjE7rrfSIgBxGAQl71nuXN3jtBWg9sYMLDUd596OqHl6icspePUcCXv5zrlITkvFYpT4zZTZHe6ZryoGojS0hn6QOszIN4oMthQ2hJ1YY8XqGm65FZ5WmcNbEmUsqieUz4WQOYPN6MdN8kSOjYLGbyRPULhl4wfDAcupajdh6q5fLY35XPL8nDYipgDtMS7n4CMfWZx2qCicBmhyb3HyHFQ6WuAInI5rkSHgRfjiSCvtYN29QJIxpzEl3f3qX9Sh1AyTPScHuHbsudCkXlSmUxIYMMoJVh1XRAQHs2oXJzqeN3yKor7jZQhLCGvyXwvO7lvzoUx8uXmi1U3pmaIl107DGCbD9Gsg2YQqTnynlUFmPJLcTuxUuFybhKOqqhGtfwT9UsxfmdBcWnoPSWKnBjyT3njuE0XUxR3sjBHGOjSKHhAAekXPEwIHT2cy39tB1x3k8K1W4TGMbgmpBjefPXXJ0ah3kLEliHFqsHmxA2jMjFbUZqaPo8yoiQsCB6XTODkhkGOVJ7I2NTXMk7BIg96y0zbCG9vuNQM8wA4gIMjvFghZoSIE2Pd2opE4yazm0luxVyOEl790nq0MjJrlyFoX431DeAZfVtNR2BvnIFo65pTp8kLHZaE3dGHsgGHcau4c5AAOfZUloNKx8wf7GUbTASlRz34Jx8WDJwrYvmjUa4siAIqgCCadvv44z8N6hJK0gcZMyjHJna2YStev5oIAUNFtWsAdclesxde5xVPU5RSYk7tqwb0rZFVV8w8kRnMoB1u8Xj32bW0w3uWAGX1FDXALtJ6k7TIIUcRRwUUIRVeVpav58xLLulxX5Dicw0VrdMiKHdsz8GuxRZDZxoK1KhZPVh2riXSvKbgroI0wpv4hvIh2713Rj2HfkJHCHz8rLoTa7UHxpLOUu5WB70sr3aHnUoZBY82JxVTEPAcfm19Q76sf6VH95oxZMxAKFDtcznRoY3El4NcbUEr0A8aFwHFieg2UTw6sUXRT1we5jrhe6IeGRpmn71GliJfcgmFajx4l3jqnKIBRrQxifTGmVmIe5Yqlk5wECBZFUq3F9EwAu3TKXz7TVP71Oxn9DUNfvNVpeY4nDBY7ERSCqZvmPCoDaLMNGA3boZBCYF0BhYJVQCyhB4EqH24ROQFurJGPJhsHXsjer3ahFIzgMdHtgLl5C0z3KgStxlbvNuJfxUxdC6upkbTAXeFzffC0vvt3QEyE9iTHcrUPxofRA8rxn77DmJDSf6V5LuKUMEBZ5wOCU3uvcW2z39cqTQi8WeeIIZCvDevIKjlFnPaAMc9Pmmggdyp9NDSvCu1gJwYtQj8e9iOVvYLRl18yAxInaATN5U4Or2hhmqwvIkrdjc5EedcOKUbVv5JA0NprQGJc6fIPA93Tm9xAmKp7FB3aGNLGBa7rRREY6nNGxRAT08unSTvxuzIbmuRXEZpwQ4uXriEY9eS9mnxfg2NLBvWY0NWENlaEpFBRXfQ6uIgR5N7mQU7sq4qqRm5FIfj7UUZSaPYFxfxD3EZUy7mZbMp39uIRK2ZFXYx8NwNlLlYPZYJy65xhSXl2r3Tc6TR3RobFUZ1Gk0vjYfS5lpmemHgOLa0R3SVVg6Bb5CSqCoKBDCGZ13doKudwEdoI6jDnqfywRrWtPG5tiLtkOGJzaW5PauxgObDeqcLhEHLuoQXHCr2q7LZiI57TAE9oPNDf0oxE6j8ua6bMxdcFZcXHi4ATJKhyyVOyjmdpFmUPs5C0jPFj1D1kICdrmv0VqPuKbHaR34Hwajxu8dNaQOuyqI0Ne0IFPcp1UASYFzvPT2j1g7c6WHFmpFaDFSjv5Iw0joYYYuORw8TNf5UbMzycfIQVB9qHSWHblGajaYbH65umboxYY6adO18qby73vPfQvpaGomnurSQCgoBevMsjNAKY9S2EIhvdHFU51hAt9r5qQHFlt7FhIpfSiiw0z1ehH8mJpXczoi0eZFAsNfJwEZoXhUXRWb8EjvnJtzjRRj6RYGjMW3iA2GykBvbyGkc0QAKj93b1miSlYc7Vfqwi64DHzPfg9shZ21jc4udqM6MLiUGykcRqgv8Qko6uQntToN5thjU3pGPIAvgVH8mYDuOYTVsKjWDIJJb0264rMT9noqj6zF5d9Ub2PDM9AqRj93kb9oDWiNkHeDOOiT1sNdvDQiMrIEKSH44RtHNLu7sJLgx4aywYM2BDko432OWJT0BnHo8cwBVhStl22S0OVCrf0vj2kfMegnBXMJail6AezWhCOiqJUSZVojYIzKXP8yNViXdD4OSEK9gzrHjlzjhXCfGc0D28cP4uNi8R60vQ9MqBtJX22e0FtHRtlUCxJG2xYap4bUVkGlW95Tc77dMAUE4gyGNimQPl0eqb9lwQHs0MmdUtqG4ll8BUPpdcf3xgiXrrjYi1rjNNwHgWolhKuTFjiSvxV2Nd0fFkeYlFh9sNRJKg520zVGSdynLuqzIrOoL2m6IDfar6UbmZdny93rmBP86fHOGwcszyyhcOsEUmQhm3FVcImzkbHqrpf8VrAu09MdXeRSBH9YLOTYxfxRrfiTFx2AZD5ZMScK74CILMGxBAv9Q30hjjbYRdzQREQDx2nE70mTN3qoDWytZzLjSXhJbQA2vqF2t3GA43tR7TgLPOfPn08gYpZ9gAbM0QOtUv3ZywQFq7qgWF5jGeAEEANUaZGaQvDK0HJzeAeE?cfg=crainwater@southpoint.bank Certificate IssuerDigiCert Inc Subjectaadcdn.msauth.net FingerprintEB:7C:D1:4E:EF:B5:D4:72:25:0B:1A:AF:5F:10:3D:EA:13:80:5A:47 ValidityMon, 29 Jan 2024 00:00:00 GMT - Wed, 29 Jan 2025 23:59:59 GMT File type ASCII text, with very long lines (61177) Size 20 kB (19953 bytes) Hash ce26137fc0d9b7d7a0d52ebe3a186512 b9d7fb3fe7d08f46c2d1153bb47b13809375c663 1304c5090f063c677a5b3720fe7b97ef4d9ea102e2bdd837ce399df6057fe385 HTTP Headers `GET /ests/2.1/content/cdnbundles/converged.v2.login.min_ziytf8dzt9eg1s6-ohhleg2.css HTTP/1.1 Host: aadcdn.msauth.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://k3ed.icu DNT: 1 Connection: keep-alive Referer: https://k3ed.icu/ Sec-Fetch-Dest: style Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 16 Apr 2024 14:34:11 GMT content-type: text/css content-length: 19953 cache-control: public, max-age=31536000 content-encoding: gzip last-modified: Mon, 18 Apr 2022 21:18:26 GMT etag: 0x8DA2180FA29F5AF x-ms-request-id: 7fee1130-201e-0058-3033-8fdebc000000 x-ms-version: 2009-09-19 x-ms-lease-status: unlocked x-ms-blob-type: BlockBlob access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding access-control-allow-origin: * x-azure-ref: 20240416T143411Z-16c87f56bf7kk65hgfs7mar8xw00000007gg000000003r77 x-fd-int-roxy-purgeid: 4554691 x-cache: TCP_HIT accept-ranges: bytes X-Firefox-Spdy: h2

	aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg	152.199.23.37	200 OK	673 B
URL GET HTTP/2 aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg IP 152.199.23.37:443 ASN #15133 EDGECAST Requested by https://k3ed.icu/main/main.php#ba8T1rBuBL4dPWaHJaFI3xCgWeJ2kxiwIqpJR0etLiHBeRjY1ZG4xiltx4vSCOokeN46OizzBgbP8uN9tue0NzukE0cgOBB2pF9dYJNz0Yp8tchXHwYu5sPKt20hDCk3htgfc3Pd2elwrDt89sDfVsZov0F9C0cUtsaGwZTzdf5ESzN21qhWThloi0yU0KPudZbJY5jbkpQdYDf03xWXPim7jU2jERORQ0BO5U0pkQDitSixpfvexRmQLoapgZh6ZSV5NWu7M8qg0JOqYjFwa1nVqylGyCMxvICjE7rrfSIgBxGAQl71nuXN3jtBWg9sYMLDUd596OqHl6icspePUcCXv5zrlITkvFYpT4zZTZHe6ZryoGojS0hn6QOszIN4oMthQ2hJ1YY8XqGm65FZ5WmcNbEmUsqieUz4WQOYPN6MdN8kSOjYLGbyRPULhl4wfDAcupajdh6q5fLY35XPL8nDYipgDtMS7n4CMfWZx2qCicBmhyb3HyHFQ6WuAInI5rkSHgRfjiSCvtYN29QJIxpzEl3f3qX9Sh1AyTPScHuHbsudCkXlSmUxIYMMoJVh1XRAQHs2oXJzqeN3yKor7jZQhLCGvyXwvO7lvzoUx8uXmi1U3pmaIl107DGCbD9Gsg2YQqTnynlUFmPJLcTuxUuFybhKOqqhGtfwT9UsxfmdBcWnoPSWKnBjyT3njuE0XUxR3sjBHGOjSKHhAAekXPEwIHT2cy39tB1x3k8K1W4TGMbgmpBjefPXXJ0ah3kLEliHFqsHmxA2jMjFbUZqaPo8yoiQsCB6XTODkhkGOVJ7I2NTXMk7BIg96y0zbCG9vuNQM8wA4gIMjvFghZoSIE2Pd2opE4yazm0luxVyOEl790nq0MjJrlyFoX431DeAZfVtNR2BvnIFo65pTp8kLHZaE3dGHsgGHcau4c5AAOfZUloNKx8wf7GUbTASlRz34Jx8WDJwrYvmjUa4siAIqgCCadvv44z8N6hJK0gcZMyjHJna2YStev5oIAUNFtWsAdclesxde5xVPU5RSYk7tqwb0rZFVV8w8kRnMoB1u8Xj32bW0w3uWAGX1FDXALtJ6k7TIIUcRRwUUIRVeVpav58xLLulxX5Dicw0VrdMiKHdsz8GuxRZDZxoK1KhZPVh2riXSvKbgroI0wpv4hvIh2713Rj2HfkJHCHz8rLoTa7UHxpLOUu5WB70sr3aHnUoZBY82JxVTEPAcfm19Q76sf6VH95oxZMxAKFDtcznRoY3El4NcbUEr0A8aFwHFieg2UTw6sUXRT1we5jrhe6IeGRpmn71GliJfcgmFajx4l3jqnKIBRrQxifTGmVmIe5Yqlk5wECBZFUq3F9EwAu3TKXz7TVP71Oxn9DUNfvNVpeY4nDBY7ERSCqZvmPCoDaLMNGA3boZBCYF0BhYJVQCyhB4EqH24ROQFurJGPJhsHXsjer3ahFIzgMdHtgLl5C0z3KgStxlbvNuJfxUxdC6upkbTAXeFzffC0vvt3QEyE9iTHcrUPxofRA8rxn77DmJDSf6V5LuKUMEBZ5wOCU3uvcW2z39cqTQi8WeeIIZCvDevIKjlFnPaAMc9Pmmggdyp9NDSvCu1gJwYtQj8e9iOVvYLRl18yAxInaATN5U4Or2hhmqwvIkrdjc5EedcOKUbVv5JA0NprQGJc6fIPA93Tm9xAmKp7FB3aGNLGBa7rRREY6nNGxRAT08unSTvxuzIbmuRXEZpwQ4uXriEY9eS9mnxfg2NLBvWY0NWENlaEpFBRXfQ6uIgR5N7mQU7sq4qqRm5FIfj7UUZSaPYFxfxD3EZUy7mZbMp39uIRK2ZFXYx8NwNlLlYPZYJy65xhSXl2r3Tc6TR3RobFUZ1Gk0vjYfS5lpmemHgOLa0R3SVVg6Bb5CSqCoKBDCGZ13doKudwEdoI6jDnqfywRrWtPG5tiLtkOGJzaW5PauxgObDeqcLhEHLuoQXHCr2q7LZiI57TAE9oPNDf0oxE6j8ua6bMxdcFZcXHi4ATJKhyyVOyjmdpFmUPs5C0jPFj1D1kICdrmv0VqPuKbHaR34Hwajxu8dNaQOuyqI0Ne0IFPcp1UASYFzvPT2j1g7c6WHFmpFaDFSjv5Iw0joYYYuORw8TNf5UbMzycfIQVB9qHSWHblGajaYbH65umboxYY6adO18qby73vPfQvpaGomnurSQCgoBevMsjNAKY9S2EIhvdHFU51hAt9r5qQHFlt7FhIpfSiiw0z1ehH8mJpXczoi0eZFAsNfJwEZoXhUXRWb8EjvnJtzjRRj6RYGjMW3iA2GykBvbyGkc0QAKj93b1miSlYc7Vfqwi64DHzPfg9shZ21jc4udqM6MLiUGykcRqgv8Qko6uQntToN5thjU3pGPIAvgVH8mYDuOYTVsKjWDIJJb0264rMT9noqj6zF5d9Ub2PDM9AqRj93kb9oDWiNkHeDOOiT1sNdvDQiMrIEKSH44RtHNLu7sJLgx4aywYM2BDko432OWJT0BnHo8cwBVhStl22S0OVCrf0vj2kfMegnBXMJail6AezWhCOiqJUSZVojYIzKXP8yNViXdD4OSEK9gzrHjlzjhXCfGc0D28cP4uNi8R60vQ9MqBtJX22e0FtHRtlUCxJG2xYap4bUVkGlW95Tc77dMAUE4gyGNimQPl0eqb9lwQHs0MmdUtqG4ll8BUPpdcf3xgiXrrjYi1rjNNwHgWolhKuTFjiSvxV2Nd0fFkeYlFh9sNRJKg520zVGSdynLuqzIrOoL2m6IDfar6UbmZdny93rmBP86fHOGwcszyyhcOsEUmQhm3FVcImzkbHqrpf8VrAu09MdXeRSBH9YLOTYxfxRrfiTFx2AZD5ZMScK74CILMGxBAv9Q30hjjbYRdzQREQDx2nE70mTN3qoDWytZzLjSXhJbQA2vqF2t3GA43tR7TgLPOfPn08gYpZ9gAbM0QOtUv3ZywQFq7qgWF5jGeAEEANUaZGaQvDK0HJzeAeE?cfg=crainwater@southpoint.bank Certificate IssuerDigiCert Inc Subjectaadcdn.msftauth.net Fingerprint3C:9E:70:F5:B3:D1:80:80:8C:97:1C:7B:7E:A8:2C:D8:7B:94:95:0B ValidityFri, 01 Dec 2023 00:00:00 GMT - Sun, 01 Dec 2024 23:59:59 GMT File type SVG Scalable Vector Graphics image Size 673 B (673 bytes) Hash bc3d32a696895f78c19df6c717586a5d 9191cb156a30a3ed79c44c0a16c95159e8ff689d 0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68 HTTP Headers `GET /shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg HTTP/1.1 Host: aadcdn.msftauth.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://k3ed.icu/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK content-encoding: gzip accept-ranges: bytes access-control-allow-origin: * access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding age: 1944060 cache-control: public, max-age=31536000 content-md5: DhdidjYrlCeaRJJRG/y9mA== content-type: image/svg+xml date: Tue, 16 Apr 2024 14:34:11 GMT etag: 0x8D7B007297AE131 last-modified: Wed, 12 Feb 2020 22:01:50 GMT server: ECAcc (ska/F732) vary: Accept-Encoding x-cache: HIT x-ms-blob-type: BlockBlob x-ms-lease-status: unlocked x-ms-request-id: 52d23733-f01e-004c-3a5c-7e7d2e000000 x-ms-version: 2009-09-19 content-length: 673 X-Firefox-Spdy: h2

	aadcdn.msftauthimages.net/dbd5a2dd-gx4hm3pwflte4ba9bzxcgcxn7ygn-q2gb0prdcsgpiw/logintenantbranding/0/bannerlogo?ts=637099856348574182	13.107.246.53	200 OK	7.5 kB
URL GET HTTP/2 aadcdn.msftauthimages.net/dbd5a2dd-gx4hm3pwflte4ba9bzxcgcxn7ygn-q2gb0prdcsgpiw/logintenantbranding/0/bannerlogo?ts=637099856348574182 IP 13.107.246.53:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://k3ed.icu/main/main.php#ba8T1rBuBL4dPWaHJaFI3xCgWeJ2kxiwIqpJR0etLiHBeRjY1ZG4xiltx4vSCOokeN46OizzBgbP8uN9tue0NzukE0cgOBB2pF9dYJNz0Yp8tchXHwYu5sPKt20hDCk3htgfc3Pd2elwrDt89sDfVsZov0F9C0cUtsaGwZTzdf5ESzN21qhWThloi0yU0KPudZbJY5jbkpQdYDf03xWXPim7jU2jERORQ0BO5U0pkQDitSixpfvexRmQLoapgZh6ZSV5NWu7M8qg0JOqYjFwa1nVqylGyCMxvICjE7rrfSIgBxGAQl71nuXN3jtBWg9sYMLDUd596OqHl6icspePUcCXv5zrlITkvFYpT4zZTZHe6ZryoGojS0hn6QOszIN4oMthQ2hJ1YY8XqGm65FZ5WmcNbEmUsqieUz4WQOYPN6MdN8kSOjYLGbyRPULhl4wfDAcupajdh6q5fLY35XPL8nDYipgDtMS7n4CMfWZx2qCicBmhyb3HyHFQ6WuAInI5rkSHgRfjiSCvtYN29QJIxpzEl3f3qX9Sh1AyTPScHuHbsudCkXlSmUxIYMMoJVh1XRAQHs2oXJzqeN3yKor7jZQhLCGvyXwvO7lvzoUx8uXmi1U3pmaIl107DGCbD9Gsg2YQqTnynlUFmPJLcTuxUuFybhKOqqhGtfwT9UsxfmdBcWnoPSWKnBjyT3njuE0XUxR3sjBHGOjSKHhAAekXPEwIHT2cy39tB1x3k8K1W4TGMbgmpBjefPXXJ0ah3kLEliHFqsHmxA2jMjFbUZqaPo8yoiQsCB6XTODkhkGOVJ7I2NTXMk7BIg96y0zbCG9vuNQM8wA4gIMjvFghZoSIE2Pd2opE4yazm0luxVyOEl790nq0MjJrlyFoX431DeAZfVtNR2BvnIFo65pTp8kLHZaE3dGHsgGHcau4c5AAOfZUloNKx8wf7GUbTASlRz34Jx8WDJwrYvmjUa4siAIqgCCadvv44z8N6hJK0gcZMyjHJna2YStev5oIAUNFtWsAdclesxde5xVPU5RSYk7tqwb0rZFVV8w8kRnMoB1u8Xj32bW0w3uWAGX1FDXALtJ6k7TIIUcRRwUUIRVeVpav58xLLulxX5Dicw0VrdMiKHdsz8GuxRZDZxoK1KhZPVh2riXSvKbgroI0wpv4hvIh2713Rj2HfkJHCHz8rLoTa7UHxpLOUu5WB70sr3aHnUoZBY82JxVTEPAcfm19Q76sf6VH95oxZMxAKFDtcznRoY3El4NcbUEr0A8aFwHFieg2UTw6sUXRT1we5jrhe6IeGRpmn71GliJfcgmFajx4l3jqnKIBRrQxifTGmVmIe5Yqlk5wECBZFUq3F9EwAu3TKXz7TVP71Oxn9DUNfvNVpeY4nDBY7ERSCqZvmPCoDaLMNGA3boZBCYF0BhYJVQCyhB4EqH24ROQFurJGPJhsHXsjer3ahFIzgMdHtgLl5C0z3KgStxlbvNuJfxUxdC6upkbTAXeFzffC0vvt3QEyE9iTHcrUPxofRA8rxn77DmJDSf6V5LuKUMEBZ5wOCU3uvcW2z39cqTQi8WeeIIZCvDevIKjlFnPaAMc9Pmmggdyp9NDSvCu1gJwYtQj8e9iOVvYLRl18yAxInaATN5U4Or2hhmqwvIkrdjc5EedcOKUbVv5JA0NprQGJc6fIPA93Tm9xAmKp7FB3aGNLGBa7rRREY6nNGxRAT08unSTvxuzIbmuRXEZpwQ4uXriEY9eS9mnxfg2NLBvWY0NWENlaEpFBRXfQ6uIgR5N7mQU7sq4qqRm5FIfj7UUZSaPYFxfxD3EZUy7mZbMp39uIRK2ZFXYx8NwNlLlYPZYJy65xhSXl2r3Tc6TR3RobFUZ1Gk0vjYfS5lpmemHgOLa0R3SVVg6Bb5CSqCoKBDCGZ13doKudwEdoI6jDnqfywRrWtPG5tiLtkOGJzaW5PauxgObDeqcLhEHLuoQXHCr2q7LZiI57TAE9oPNDf0oxE6j8ua6bMxdcFZcXHi4ATJKhyyVOyjmdpFmUPs5C0jPFj1D1kICdrmv0VqPuKbHaR34Hwajxu8dNaQOuyqI0Ne0IFPcp1UASYFzvPT2j1g7c6WHFmpFaDFSjv5Iw0joYYYuORw8TNf5UbMzycfIQVB9qHSWHblGajaYbH65umboxYY6adO18qby73vPfQvpaGomnurSQCgoBevMsjNAKY9S2EIhvdHFU51hAt9r5qQHFlt7FhIpfSiiw0z1ehH8mJpXczoi0eZFAsNfJwEZoXhUXRWb8EjvnJtzjRRj6RYGjMW3iA2GykBvbyGkc0QAKj93b1miSlYc7Vfqwi64DHzPfg9shZ21jc4udqM6MLiUGykcRqgv8Qko6uQntToN5thjU3pGPIAvgVH8mYDuOYTVsKjWDIJJb0264rMT9noqj6zF5d9Ub2PDM9AqRj93kb9oDWiNkHeDOOiT1sNdvDQiMrIEKSH44RtHNLu7sJLgx4aywYM2BDko432OWJT0BnHo8cwBVhStl22S0OVCrf0vj2kfMegnBXMJail6AezWhCOiqJUSZVojYIzKXP8yNViXdD4OSEK9gzrHjlzjhXCfGc0D28cP4uNi8R60vQ9MqBtJX22e0FtHRtlUCxJG2xYap4bUVkGlW95Tc77dMAUE4gyGNimQPl0eqb9lwQHs0MmdUtqG4ll8BUPpdcf3xgiXrrjYi1rjNNwHgWolhKuTFjiSvxV2Nd0fFkeYlFh9sNRJKg520zVGSdynLuqzIrOoL2m6IDfar6UbmZdny93rmBP86fHOGwcszyyhcOsEUmQhm3FVcImzkbHqrpf8VrAu09MdXeRSBH9YLOTYxfxRrfiTFx2AZD5ZMScK74CILMGxBAv9Q30hjjbYRdzQREQDx2nE70mTN3qoDWytZzLjSXhJbQA2vqF2t3GA43tR7TgLPOfPn08gYpZ9gAbM0QOtUv3ZywQFq7qgWF5jGeAEEANUaZGaQvDK0HJzeAeE?cfg=crainwater@southpoint.bank Certificate IssuerMicrosoft Corporation Subjectaadcdn.msftauthimages.net FingerprintE6:88:22:EC:52:D3:88:E3:A1:7B:01:0A:70:8F:08:41:F8:AD:6D:4B ValiditySun, 18 Feb 2024 02:47:29 GMT - Wed, 12 Feb 2025 02:47:29 GMT File type PNG image data, 280 x 47, 8-bit/color RGB, non-interlaced Size 7.5 kB (7497 bytes) Hash 4fb50d8df579b59958217799682d2901 632dd0aced7a01ab5d49cd78d7bfe078302b7262 4cb26fc8fe53b3f1c6aa00dd43fa108047c65f20ebf9e77f4079a7b44a230c73 HTTP Headers GET /dbd5a2dd-gx4hm3pwflte4ba9bzxcgcxn7ygn-q2gb0prdcsgpiw/logintenantbranding/0/bannerlogo?ts=637099856348574182 HTTP/1.1 Host: aadcdn.msftauthimages.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://k3ed.icu/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Tue, 16 Apr 2024 14:34:11 GMT content-type: image/* content-length: 7497 cache-control: public, max-age=86400 last-modified: Fri, 22 Nov 2019 02:13:55 GMT etag: 0x8D76EF1A0417351 x-ms-request-id: e9357f9d-101e-005b-4b0b-903e68000000 x-ms-version: 2009-09-19 x-ms-lease-status: unlocked x-ms-blob-type: BlockBlob access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding access-control-allow-origin: * x-azure-ref: 20240416T143411Z-16c87f56bf7v4fsdbqq57ywnqs00000009x000000000ct51 x-fd-int-roxy-purgeid: 50755578 x-cache: TCP_MISS accept-ranges: bytes X-Firefox-Spdy: h2

	aadcdn.msftauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico	152.199.23.37	200 OK	17 kB
URL GET HTTP/2 aadcdn.msftauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico IP 152.199.23.37:443 ASN #15133 EDGECAST Requested by https://k3ed.icu/main/main.php#ba8T1rBuBL4dPWaHJaFI3xCgWeJ2kxiwIqpJR0etLiHBeRjY1ZG4xiltx4vSCOokeN46OizzBgbP8uN9tue0NzukE0cgOBB2pF9dYJNz0Yp8tchXHwYu5sPKt20hDCk3htgfc3Pd2elwrDt89sDfVsZov0F9C0cUtsaGwZTzdf5ESzN21qhWThloi0yU0KPudZbJY5jbkpQdYDf03xWXPim7jU2jERORQ0BO5U0pkQDitSixpfvexRmQLoapgZh6ZSV5NWu7M8qg0JOqYjFwa1nVqylGyCMxvICjE7rrfSIgBxGAQl71nuXN3jtBWg9sYMLDUd596OqHl6icspePUcCXv5zrlITkvFYpT4zZTZHe6ZryoGojS0hn6QOszIN4oMthQ2hJ1YY8XqGm65FZ5WmcNbEmUsqieUz4WQOYPN6MdN8kSOjYLGbyRPULhl4wfDAcupajdh6q5fLY35XPL8nDYipgDtMS7n4CMfWZx2qCicBmhyb3HyHFQ6WuAInI5rkSHgRfjiSCvtYN29QJIxpzEl3f3qX9Sh1AyTPScHuHbsudCkXlSmUxIYMMoJVh1XRAQHs2oXJzqeN3yKor7jZQhLCGvyXwvO7lvzoUx8uXmi1U3pmaIl107DGCbD9Gsg2YQqTnynlUFmPJLcTuxUuFybhKOqqhGtfwT9UsxfmdBcWnoPSWKnBjyT3njuE0XUxR3sjBHGOjSKHhAAekXPEwIHT2cy39tB1x3k8K1W4TGMbgmpBjefPXXJ0ah3kLEliHFqsHmxA2jMjFbUZqaPo8yoiQsCB6XTODkhkGOVJ7I2NTXMk7BIg96y0zbCG9vuNQM8wA4gIMjvFghZoSIE2Pd2opE4yazm0luxVyOEl790nq0MjJrlyFoX431DeAZfVtNR2BvnIFo65pTp8kLHZaE3dGHsgGHcau4c5AAOfZUloNKx8wf7GUbTASlRz34Jx8WDJwrYvmjUa4siAIqgCCadvv44z8N6hJK0gcZMyjHJna2YStev5oIAUNFtWsAdclesxde5xVPU5RSYk7tqwb0rZFVV8w8kRnMoB1u8Xj32bW0w3uWAGX1FDXALtJ6k7TIIUcRRwUUIRVeVpav58xLLulxX5Dicw0VrdMiKHdsz8GuxRZDZxoK1KhZPVh2riXSvKbgroI0wpv4hvIh2713Rj2HfkJHCHz8rLoTa7UHxpLOUu5WB70sr3aHnUoZBY82JxVTEPAcfm19Q76sf6VH95oxZMxAKFDtcznRoY3El4NcbUEr0A8aFwHFieg2UTw6sUXRT1we5jrhe6IeGRpmn71GliJfcgmFajx4l3jqnKIBRrQxifTGmVmIe5Yqlk5wECBZFUq3F9EwAu3TKXz7TVP71Oxn9DUNfvNVpeY4nDBY7ERSCqZvmPCoDaLMNGA3boZBCYF0BhYJVQCyhB4EqH24ROQFurJGPJhsHXsjer3ahFIzgMdHtgLl5C0z3KgStxlbvNuJfxUxdC6upkbTAXeFzffC0vvt3QEyE9iTHcrUPxofRA8rxn77DmJDSf6V5LuKUMEBZ5wOCU3uvcW2z39cqTQi8WeeIIZCvDevIKjlFnPaAMc9Pmmggdyp9NDSvCu1gJwYtQj8e9iOVvYLRl18yAxInaATN5U4Or2hhmqwvIkrdjc5EedcOKUbVv5JA0NprQGJc6fIPA93Tm9xAmKp7FB3aGNLGBa7rRREY6nNGxRAT08unSTvxuzIbmuRXEZpwQ4uXriEY9eS9mnxfg2NLBvWY0NWENlaEpFBRXfQ6uIgR5N7mQU7sq4qqRm5FIfj7UUZSaPYFxfxD3EZUy7mZbMp39uIRK2ZFXYx8NwNlLlYPZYJy65xhSXl2r3Tc6TR3RobFUZ1Gk0vjYfS5lpmemHgOLa0R3SVVg6Bb5CSqCoKBDCGZ13doKudwEdoI6jDnqfywRrWtPG5tiLtkOGJzaW5PauxgObDeqcLhEHLuoQXHCr2q7LZiI57TAE9oPNDf0oxE6j8ua6bMxdcFZcXHi4ATJKhyyVOyjmdpFmUPs5C0jPFj1D1kICdrmv0VqPuKbHaR34Hwajxu8dNaQOuyqI0Ne0IFPcp1UASYFzvPT2j1g7c6WHFmpFaDFSjv5Iw0joYYYuORw8TNf5UbMzycfIQVB9qHSWHblGajaYbH65umboxYY6adO18qby73vPfQvpaGomnurSQCgoBevMsjNAKY9S2EIhvdHFU51hAt9r5qQHFlt7FhIpfSiiw0z1ehH8mJpXczoi0eZFAsNfJwEZoXhUXRWb8EjvnJtzjRRj6RYGjMW3iA2GykBvbyGkc0QAKj93b1miSlYc7Vfqwi64DHzPfg9shZ21jc4udqM6MLiUGykcRqgv8Qko6uQntToN5thjU3pGPIAvgVH8mYDuOYTVsKjWDIJJb0264rMT9noqj6zF5d9Ub2PDM9AqRj93kb9oDWiNkHeDOOiT1sNdvDQiMrIEKSH44RtHNLu7sJLgx4aywYM2BDko432OWJT0BnHo8cwBVhStl22S0OVCrf0vj2kfMegnBXMJail6AezWhCOiqJUSZVojYIzKXP8yNViXdD4OSEK9gzrHjlzjhXCfGc0D28cP4uNi8R60vQ9MqBtJX22e0FtHRtlUCxJG2xYap4bUVkGlW95Tc77dMAUE4gyGNimQPl0eqb9lwQHs0MmdUtqG4ll8BUPpdcf3xgiXrrjYi1rjNNwHgWolhKuTFjiSvxV2Nd0fFkeYlFh9sNRJKg520zVGSdynLuqzIrOoL2m6IDfar6UbmZdny93rmBP86fHOGwcszyyhcOsEUmQhm3FVcImzkbHqrpf8VrAu09MdXeRSBH9YLOTYxfxRrfiTFx2AZD5ZMScK74CILMGxBAv9Q30hjjbYRdzQREQDx2nE70mTN3qoDWytZzLjSXhJbQA2vqF2t3GA43tR7TgLPOfPn08gYpZ9gAbM0QOtUv3ZywQFq7qgWF5jGeAEEANUaZGaQvDK0HJzeAeE?cfg=crainwater@southpoint.bank Certificate IssuerDigiCert Inc Subjectaadcdn.msftauth.net Fingerprint3C:9E:70:F5:B3:D1:80:80:8C:97:1C:7B:7E:A8:2C:D8:7B:94:95:0B ValidityFri, 01 Dec 2023 00:00:00 GMT - Sun, 01 Dec 2024 23:59:59 GMT File type MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors Size 17 kB (17174 bytes) Hash 12e3dac858061d088023b2bd48e2fa96 e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5 90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21 HTTP Headers `GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1 Host: aadcdn.msftauth.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://k3ed.icu/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding age: 1944829 cache-control: public, max-age=31536000 content-md5: EuPayFgGHQiAI7K9SOL6lg== content-type: image/x-icon date: Tue, 16 Apr 2024 14:34:11 GMT etag: 0x8D8731240E548EB last-modified: Sun, 18 Oct 2020 03:02:30 GMT server: ECAcc (ska/F738) x-cache: HIT x-ms-blob-type: BlockBlob x-ms-lease-status: unlocked x-ms-request-id: 582df77a-301e-0028-1b5a-7e9304000000 x-ms-version: 2009-09-19 content-length: 17174 X-Firefox-Spdy: h2

	k3ed.icu/main/main.php	194.5.212.157	200 OK	19 kB
URL User Request POST HTTP/1.1 k3ed.icu/main/main.php IP 194.5.212.157:443 ASN #9009 M247 Europe SRL Certificate IssuerLet's Encrypt Subjectk3ed.icu Fingerprint38:8C:F9:F9:50:CB:2F:02:9C:6D:EE:ED:BE:32:CE:22:DB:AC:19:E4 ValidityFri, 12 Apr 2024 19:50:22 GMT - Thu, 11 Jul 2024 19:50:21 GMT File type HTML document, ASCII text, with very long lines (4198) Size 19 kB (19233 bytes) Hash e11c2acf1ae86fc07f6c79e559a6075a 6b430e0023c111831bdd16e24f8039dd90c091bf 10c57b3e50bc1fc08d7e6de8562b40c1b0147b98e1ee09290edd2cfcb7375620 HTTP Headers POST /main/main.php HTTP/1.1 Host: k3ed.icu User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Content-Length: 539 Origin: https://k3ed.icu DNT: 1 Connection: keep-alive Referer: https://k3ed.icu/main/ Cookie: PHPSESSID=nrq2gvt7mcstd5j2mmfgpsmim2 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-origin Sec-Fetch-User: ?1 Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Server: nginx Date: Tue, 16 Apr 2024 14:34:04 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=60 Vary: Accept-Encoding X-Powered-By: PHP/5.4.16 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Encoding: gzip`

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (19)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

HTTP Transactions (20)

URL

IP

ASN