Report - tukix.net/qp9sKz1A43Pt/news/0650a9b88a71e02fc325f84c290bdd60/YmRvcmRpQHdlc3RvbmZvcmVzdC5jb20=?pid=TransactionalEmails&af_adset=ConfirmationEmail&af_ad=ConfirmationEmail_ICE_ICE3171_A_PRIME_KEEP1792_A&is

Report Overview

Submitted URL
tukix.net/qp9sKz1A43Pt/news/0650a9b88a71e02fc325f84c290bdd60/YmRvcmRpQHdlc3RvbmZvcmVzdC5jb20=?pid=TransactionalEmails&af_adset=ConfirmationEmail&af_ad=ConfirmationEmail_ICE_ICE3171_A_PRIME_KEEP1792_A&is_retargeting=true
IP
183.181.83.141
ASN
#131965 Xserver Inc.
Submitted
2024-04-16 12:34:53
Access
public
Website Title
Sign in to your account
Final URL
k3ed.icu/main/main.php#pngKjL7ZpUedq2GIFNQfTt2zYJsaDmP2K6N3RV3hPhvfkbY0YPfSiish2UsGhhI1nw5fr8xhq2xKdvKck04DjxUmsn2JFKL3hRjI0QZqSxb62WjmXoZgVUCniE7XpS1HKkpKbpa4WlaZiulfSlvOf8bxNjvdbxUVSkG3JQ7GciFuM1JFmftCoEabXFp9dj55DL8nCg4PzKklL418juKI9UU7AjgNDmTh82FLiJARuUdgZeoiJ91S3VZDegrSDk9MmOxFy8x23Lj2ZIlJRmBUhBywRZoukxgHlOmUWTWZEg1EYmoPJZJ0AiwsiUXCsekN2GHZAEZfV1UToiI7hs7SLEk3zhG1w0PyGxyhcxw7yq0WIJ4ZcbSXQc0puGq0HfznM8EYFb6eB7bjQfj3rc0ho1GTI6UpmuN9Cs8iDewflHzcWTfo5gFuhln0sipONdYpF6HjlezGW8TT18h6oWAGhYGKh6z4jxuZEcjZqSGn1zg2Ix97tKNLIuv0A44UCzUgLefc6Vz8vPadmjkQ38BMC7MdbR8Or24chkpogYwLOGYb0j14rDQ4LDhWvpLWsP9J9y7pxDbmkayktAoVdfZYTgVoGHl8wvRG3Z6BChYXswhV6GQkVPjP6fdMWzVs4N98MgKpxImZfDVlkMGfCZ5IeivaSqDWdM5Z2PpAxLAMpw8JiOZUN4D2n8dfzQcMDhMG6bhEXSrmoA5Go5Bc9ffxosMXiZKVgwCnIT2FLt1937QsdsFnIUU6mH3EGNAWkdk26mHSQJ2TRSm4l1r3Vl9h2dWJ1xGlK0nRn5JdOL6FEtK0ub3pxdHzrDisaYNVZbMmgvz4hGKV9uVEGZ3ddKNEo66z5Uu45hrlN0q4HbZQFVulUyz7jmMIsShxNMCS43eR4EVLQVCvR7RLFqTZNGHfzZNmMqfRttIy8EjYzVur3lcIM6IAMqQlqDId4X4yqM6zrpx1l2sooF7aLQKygAUHeCUjzYR0LXzcn7eJ9G8xlfI75tFm4A4jcYCMXuNJsnWPuazEQHcbXUj3nYpszuLMsoyqSm9kJ5adgJS6q4ioZBrmARP9lAVOYueRQobztlNJ4GQvK8UJKl6lcVvywqmvVAmMZxmtT9dYP3uAcojXJqiWlNuSeQnarKWrhiUbs79haDSn1bkKCDHYqbQF2ePuYLVg3PrvWAN7dFufRP0usHsTTjyVxnqw9lNdbeJ8Pwf3cKi4Aiy201VTkuORRfo0AbeMqXUgtajGVCLvVkyVluOFYDxQSVRt75fx29Owk7cfKXKGiiBDMqjK4QAXMrqUwFryPf49nho8f9OxrqbeRuYVkzT71j1yZt7PJcZ7tofJx4gZvsdmWcihMboNvqlvTskDEjK8H0Rf58eABsXxEgOqsdeXEzsx2NbH7VQPWH41QjBrLzZqPOQh24fGEIeHwpoDleshWwiNQUfBte1j3SB5XQLCzZj5pIJKXb1TIjHydXaHcc0f4Bk2s5E25X8uFReC2fwLzejNbuuoGvDL7XNz3rC9pKE4BSHE8epItJwFd13UwGFDEsdIUPSjzwobp6PylegOXMubNy5keKYTdcC71vrB1PNrWCZhRg6P3A0R85bnQah4mUcopDZrtNSppRGg7N5ao61wcdU3nc7J7j8wX7XqVPQkHwBPkHZIN1fZf92Dmantuv0rCYSyNISvfukzbkhZmwZBG2e3cBxH6x8Jv1hjKaPZE9zQtRPPoOr4RG83hFKodT8IVq2FARFf1f5u6VkuKMzBsHFKnp8AjhjeHmUhdAxePCJVy4qiQZTiHz25ZbFisZx9lsrz2ZNRBxMaBdsrcmKUVMZUYFdqELAZd2yf1m7DTUNv7gWkDGezteurTHSxstxGw5Wys3blXZQ5gNpTuEtXSXpLEhi7LPOhVKPnO1JM1zRhngbRUEOMBeygwQnhGbzCWpZKqIwrioJGFUxAymnaAVq6MOos0X4Wm4HNNef6CYMhTjRsGeCga2nWQLpQIuN5yuSlJ7sl6eDZyvreJ4vT6SQXDfOlJCri7jEQr6cykPxSkZ743CYauP874XtNzU6GeKxFQJeazM3ULbZPNY0iN8pS6TGFOMm2wUImEWxeIB8uM8kz6kSUtiMzbsfZeC2KwK6bHEppfxU1GeBMytH2LtCXWRWauYV1J1cqGBQV9KWPZyCy1jANNcKJ4HTyGPzpQMQwnHswsomrWYZYiAL6NvPSdJrTy0jpM9WaRoHjN3LK2LIlltr9Zh1d0s6ytqYgzUrri8K6cvQfgyBC22M2jNfkgmTKMR1mLsN4ByaO403kzEXBHJE1xUlOgez25ApR3cVFL6tP7xaGc7iTRXUoRgd7uMaAnArrNn7yuAnC8yjkFBdxz8Wqo9yTWJukjVL7jTFOu3qCBJWhlaOUjKlITTCQD6aX2W4lPJajNAVpjSGF3uznfU58OHZrO9oQ5tcVdme0Wapg36V6AvuPqzYehXG575Vdz78MunMqxcHAiDHT8bJzLIO3Gv8NA409b9WFwI63VOEerm8AySakAYngtv44z4eLearKTyOOms3OPbpo3zIDy5U1BY6b3kWhuo2nXQckjf88qywt8f7Gk2IV1O7593nDsp1pfdJysSHSremztugOxZKyORDXV0BnqCNGPxehpWaRbwrF1HtyHe7v5Kt1L4pcGcSvJ6M93X1etsTv9n4RBbmHWPIHT8TAkM54TSeWPfbjI5PRtTJ445M0VvIPDCpYov3hoieeyqxgvm8YgR3lXPlSl4HZH7Y6D1o1kDfS3N9yahwq8AL5q7YLcGLTNJ0qLos51HX4v7DFoa5xKRCaYBWbhH55r5wcuYhwGfBbmeRKoXh9OUjNwgYNY3Sp9oBDmSa38Lfu06fo3xySsRFY8EL6IDvR26vpZFs7rHCrORQRooKQgpOo4AvNe1Eg8aF7Q8fiQRJFIAx7YhXeHMDLm9yAadRioxqeFFxwxgbfQInPZk4H7HsuQ141fWjDtKS9ppFWFRcwAAlzUpg2?cfg=bdordi@westonforest.com
Tags
phishing microsoft outlook suspicious
urlquery detections
Phishing - Microsoft Outlook
Suspicious - Anti-debugging code

Detections

urlquery
4
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
tukix.net	unknown	2008-09-09	2015-06-19	2024-04-16	673 B	245 B	183.181.83.141
k3ed.icu	unknown	2024-04-12	2024-04-12	2024-04-16	2.8 kB	30 kB	194.5.212.157
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20	2024-04-16	1.9 kB	35 kB	104.17.3.184
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-04-16	862 B	58 kB	104.17.24.14
bc1q3tg7zvzwn752jqr6smnajyj.com	unknown	2024-02-24	2024-02-24	2024-03-25	1.0 kB	17 kB	193.222.96.166
aadcdn.msftauth.net	1455	2018-10-25	2018-11-19	2024-04-16	2.5 kB	44 kB	152.199.23.37
aadcdn.msauth.net	1421	2018-10-25	2018-11-19	2024-04-16	500 B	21 kB	13.107.246.53
outlook.office.com	77	1999-04-20	2018-12-21	2019-01-03	425 B	8.9 kB	52.97.230.162

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (15)

	URL	Size	First Seen	Last Seen
	unknown	6.6 kB	2024-04-16	2024-04-16
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 14:34:54 Last Seen2024-04-16 14:34:54 Times Seen1 Hash 862b87653b503e1f047b8c9085d71460 9229335f4c9bc41a2dcf286619d067802bfa6aca 3dce89a77f8ff0529dfe9a4668c8b7a21d8336599ad1a456b49733416c07a9e7 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js	90 kB	2023-03-07	2024-04-29
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-04-29 21:47:52 Times Seen263283 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	k3ed.icu/main/main.php#pngKjL7ZpUedq2GIFNQfTt2zYJsaDmP2K6N3RV3hPhvfkbY0YPfSiish2UsGhhI1nw5fr8xhq2xKdvKck04DjxUmsn2JFKL3hRjI0QZqSxb62WjmXoZgVUCniE7XpS1HKkpKbpa4WlaZiulfSlvOf8bxNjvdbxUVSkG3JQ7GciFuM1JFmftCoEabXFp9dj55DL8nCg4PzKklL418juKI9UU7AjgNDmTh82FLiJARuUdgZeoiJ91S3VZDegrSDk9MmOxFy8x23Lj2ZIlJRmBUhBywRZoukxgHlOmUWTWZEg1EYmoPJZJ0AiwsiUXCsekN2GHZAEZfV1UToiI7hs7SLEk3zhG1w0PyGxyhcxw7yq0WIJ4ZcbSXQc0puGq0HfznM8EYFb6eB7bjQfj3rc0ho1GTI6UpmuN9Cs8iDewflHzcWTfo5gFuhln0sipONdYpF6HjlezGW8TT18h6oWAGhYGKh6z4jxuZEcjZqSGn1zg2Ix97tKNLIuv0A44UCzUgLefc6Vz8vPadmjkQ38BMC7MdbR8Or24chkpogYwLOGYb0j14rDQ4LDhWvpLWsP9J9y7pxDbmkayktAoVdfZYTgVoGHl8wvRG3Z6BChYXswhV6GQkVPjP6fdMWzVs4N98MgKpxImZfDVlkMGfCZ5IeivaSqDWdM5Z2PpAxLAMpw8JiOZUN4D2n8dfzQcMDhMG6bhEXSrmoA5Go5Bc9ffxosMXiZKVgwCnIT2FLt1937QsdsFnIUU6mH3EGNAWkdk26mHSQJ2TRSm4l1r3Vl9h2dWJ1xGlK0nRn5JdOL6FEtK0ub3pxdHzrDisaYNVZbMmgvz4hGKV9uVEGZ3ddKNEo66z5Uu45hrlN0q4HbZQFVulUyz7jmMIsShxNMCS43eR4EVLQVCvR7RLFqTZNGHfzZNmMqfRttIy8EjYzVur3lcIM6IAMqQlqDId4X4yqM6zrpx1l2sooF7aLQKygAUHeCUjzYR0LXzcn7eJ9G8xlfI75tFm4A4jcYCMXuNJsnWPuazEQHcbXUj3nYpszuLMsoyqSm9kJ5adgJS6q4ioZBrmARP9lAVOYueRQobztlNJ4GQvK8UJKl6lcVvywqmvVAmMZxmtT9dYP3uAcojXJqiWlNuSeQnarKWrhiUbs79haDSn1bkKCDHYqbQF2ePuYLVg3PrvWAN7dFufRP0usHsTTjyVxnqw9lNdbeJ8Pwf3cKi4Aiy201VTkuORRfo0AbeMqXUgtajGVCLvVkyVluOFYDxQSVRt75fx29Owk7cfKXKGiiBDMqjK4QAXMrqUwFryPf49nho8f9OxrqbeRuYVkzT71j1yZt7PJcZ7tofJx4gZvsdmWcihMboNvqlvTskDEjK8H0Rf58eABsXxEgOqsdeXEzsx2NbH7VQPWH41QjBrLzZqPOQh24fGEIeHwpoDleshWwiNQUfBte1j3SB5XQLCzZj5pIJKXb1TIjHydXaHcc0f4Bk2s5E25X8uFReC2fwLzejNbuuoGvDL7XNz3rC9pKE4BSHE8epItJwFd13UwGFDEsdIUPSjzwobp6PylegOXMubNy5keKYTdcC71vrB1PNrWCZhRg6P3A0R85bnQah4mUcopDZrtNSppRGg7N5ao61wcdU3nc7J7j8wX7XqVPQkHwBPkHZIN1fZf92Dmantuv0rCYSyNISvfukzbkhZmwZBG2e3cBxH6x8Jv1hjKaPZE9zQtRPPoOr4RG83hFKodT8IVq2FARFf1f5u6VkuKMzBsHFKnp8AjhjeHmUhdAxePCJVy4qiQZTiHz25ZbFisZx9lsrz2ZNRBxMaBdsrcmKUVMZUYFdqELAZd2yf1m7DTUNv7gWkDGezteurTHSxstxGw5Wys3blXZQ5gNpTuEtXSXpLEhi7LPOhVKPnO1JM1zRhngbRUEOMBeygwQnhGbzCWpZKqIwrioJGFUxAymnaAVq6MOos0X4Wm4HNNef6CYMhTjRsGeCga2nWQLpQIuN5yuSlJ7sl6eDZyvreJ4vT6SQXDfOlJCri7jEQr6cykPxSkZ743CYauP874XtNzU6GeKxFQJeazM3ULbZPNY0iN8pS6TGFOMm2wUImEWxeIB8uM8kz6kSUtiMzbsfZeC2KwK6bHEppfxU1GeBMytH2LtCXWRWauYV1J1cqGBQV9KWPZyCy1jANNcKJ4HTyGPzpQMQwnHswsomrWYZYiAL6NvPSdJrTy0jpM9WaRoHjN3LK2LIlltr9Zh1d0s6ytqYgzUrri8K6cvQfgyBC22M2jNfkgmTKMR1mLsN4ByaO403kzEXBHJE1xUlOgez25ApR3cVFL6tP7xaGc7iTRXUoRgd7uMaAnArrNn7yuAnC8yjkFBdxz8Wqo9yTWJukjVL7jTFOu3qCBJWhlaOUjKlITTCQD6aX2W4lPJajNAVpjSGF3uznfU58OHZrO9oQ5tcVdme0Wapg36V6AvuPqzYehXG575Vdz78MunMqxcHAiDHT8bJzLIO3Gv8NA409b9WFwI63VOEerm8AySakAYngtv44z4eLearKTyOOms3OPbpo3zIDy5U1BY6b3kWhuo2nXQckjf88qywt8f7Gk2IV1O7593nDsp1pfdJysSHSremztugOxZKyORDXV0BnqCNGPxehpWaRbwrF1HtyHe7v5Kt1L4pcGcSvJ6M93X1etsTv9n4RBbmHWPIHT8TAkM54TSeWPfbjI5PRtTJ445M0VvIPDCpYov3hoieeyqxgvm8YgR3lXPlSl4HZH7Y6D1o1kDfS3N9yahwq8AL5q7YLcGLTNJ0qLos51HX4v7DFoa5xKRCaYBWbhH55r5wcuYhwGfBbmeRKoXh9OUjNwgYNY3Sp9oBDmSa38Lfu06fo3xySsRFY8EL6IDvR26vpZFs7rHCrORQRooKQgpOo4AvNe1Eg8aF7Q8fiQRJFIAx7YhXeHMDLm9yAadRioxqeFFxwxgbfQInPZk4H7HsuQ141fWjDtKS9ppFWFRcwAAlzUpg2?cfg=bdordi@westonforest.com	4.2 kB	2024-04-16	2024-04-19
Pretty URL k3ed.icu/main/main.php#pngKjL7ZpUedq2GIFNQfTt2zYJsaDmP2K6N3RV3hPhvfkbY0YPfSiish2UsGhhI1nw5fr8xhq2xKdvKck04DjxUmsn2JFKL3hRjI0QZqSxb62WjmXoZgVUCniE7XpS1HKkpKbpa4WlaZiulfSlvOf8bxNjvdbxUVSkG3JQ7GciFuM1JFmftCoEabXFp9dj55DL8nCg4PzKklL418juKI9UU7AjgNDmTh82FLiJARuUdgZeoiJ91S3VZDegrSDk9MmOxFy8x23Lj2ZIlJRmBUhBywRZoukxgHlOmUWTWZEg1EYmoPJZJ0AiwsiUXCsekN2GHZAEZfV1UToiI7hs7SLEk3zhG1w0PyGxyhcxw7yq0WIJ4ZcbSXQc0puGq0HfznM8EYFb6eB7bjQfj3rc0ho1GTI6UpmuN9Cs8iDewflHzcWTfo5gFuhln0sipONdYpF6HjlezGW8TT18h6oWAGhYGKh6z4jxuZEcjZqSGn1zg2Ix97tKNLIuv0A44UCzUgLefc6Vz8vPadmjkQ38BMC7MdbR8Or24chkpogYwLOGYb0j14rDQ4LDhWvpLWsP9J9y7pxDbmkayktAoVdfZYTgVoGHl8wvRG3Z6BChYXswhV6GQkVPjP6fdMWzVs4N98MgKpxImZfDVlkMGfCZ5IeivaSqDWdM5Z2PpAxLAMpw8JiOZUN4D2n8dfzQcMDhMG6bhEXSrmoA5Go5Bc9ffxosMXiZKVgwCnIT2FLt1937QsdsFnIUU6mH3EGNAWkdk26mHSQJ2TRSm4l1r3Vl9h2dWJ1xGlK0nRn5JdOL6FEtK0ub3pxdHzrDisaYNVZbMmgvz4hGKV9uVEGZ3ddKNEo66z5Uu45hrlN0q4HbZQFVulUyz7jmMIsShxNMCS43eR4EVLQVCvR7RLFqTZNGHfzZNmMqfRttIy8EjYzVur3lcIM6IAMqQlqDId4X4yqM6zrpx1l2sooF7aLQKygAUHeCUjzYR0LXzcn7eJ9G8xlfI75tFm4A4jcYCMXuNJsnWPuazEQHcbXUj3nYpszuLMsoyqSm9kJ5adgJS6q4ioZBrmARP9lAVOYueRQobztlNJ4GQvK8UJKl6lcVvywqmvVAmMZxmtT9dYP3uAcojXJqiWlNuSeQnarKWrhiUbs79haDSn1bkKCDHYqbQF2ePuYLVg3PrvWAN7dFufRP0usHsTTjyVxnqw9lNdbeJ8Pwf3cKi4Aiy201VTkuORRfo0AbeMqXUgtajGVCLvVkyVluOFYDxQSVRt75fx29Owk7cfKXKGiiBDMqjK4QAXMrqUwFryPf49nho8f9OxrqbeRuYVkzT71j1yZt7PJcZ7tofJx4gZvsdmWcihMboNvqlvTskDEjK8H0Rf58eABsXxEgOqsdeXEzsx2NbH7VQPWH41QjBrLzZqPOQh24fGEIeHwpoDleshWwiNQUfBte1j3SB5XQLCzZj5pIJKXb1TIjHydXaHcc0f4Bk2s5E25X8uFReC2fwLzejNbuuoGvDL7XNz3rC9pKE4BSHE8epItJwFd13UwGFDEsdIUPSjzwobp6PylegOXMubNy5keKYTdcC71vrB1PNrWCZhRg6P3A0R85bnQah4mUcopDZrtNSppRGg7N5ao61wcdU3nc7J7j8wX7XqVPQkHwBPkHZIN1fZf92Dmantuv0rCYSyNISvfukzbkhZmwZBG2e3cBxH6x8Jv1hjKaPZE9zQtRPPoOr4RG83hFKodT8IVq2FARFf1f5u6VkuKMzBsHFKnp8AjhjeHmUhdAxePCJVy4qiQZTiHz25ZbFisZx9lsrz2ZNRBxMaBdsrcmKUVMZUYFdqELAZd2yf1m7DTUNv7gWkDGezteurTHSxstxGw5Wys3blXZQ5gNpTuEtXSXpLEhi7LPOhVKPnO1JM1zRhngbRUEOMBeygwQnhGbzCWpZKqIwrioJGFUxAymnaAVq6MOos0X4Wm4HNNef6CYMhTjRsGeCga2nWQLpQIuN5yuSlJ7sl6eDZyvreJ4vT6SQXDfOlJCri7jEQr6cykPxSkZ743CYauP874XtNzU6GeKxFQJeazM3ULbZPNY0iN8pS6TGFOMm2wUImEWxeIB8uM8kz6kSUtiMzbsfZeC2KwK6bHEppfxU1GeBMytH2LtCXWRWauYV1J1cqGBQV9KWPZyCy1jANNcKJ4HTyGPzpQMQwnHswsomrWYZYiAL6NvPSdJrTy0jpM9WaRoHjN3LK2LIlltr9Zh1d0s6ytqYgzUrri8K6cvQfgyBC22M2jNfkgmTKMR1mLsN4ByaO403kzEXBHJE1xUlOgez25ApR3cVFL6tP7xaGc7iTRXUoRgd7uMaAnArrNn7yuAnC8yjkFBdxz8Wqo9yTWJukjVL7jTFOu3qCBJWhlaOUjKlITTCQD6aX2W4lPJajNAVpjSGF3uznfU58OHZrO9oQ5tcVdme0Wapg36V6AvuPqzYehXG575Vdz78MunMqxcHAiDHT8bJzLIO3Gv8NA409b9WFwI63VOEerm8AySakAYngtv44z4eLearKTyOOms3OPbpo3zIDy5U1BY6b3kWhuo2nXQckjf88qywt8f7Gk2IV1O7593nDsp1pfdJysSHSremztugOxZKyORDXV0BnqCNGPxehpWaRbwrF1HtyHe7v5Kt1L4pcGcSvJ6M93X1etsTv9n4RBbmHWPIHT8TAkM54TSeWPfbjI5PRtTJ445M0VvIPDCpYov3hoieeyqxgvm8YgR3lXPlSl4HZH7Y6D1o1kDfS3N9yahwq8AL5q7YLcGLTNJ0qLos51HX4v7DFoa5xKRCaYBWbhH55r5wcuYhwGfBbmeRKoXh9OUjNwgYNY3Sp9oBDmSa38Lfu06fo3xySsRFY8EL6IDvR26vpZFs7rHCrORQRooKQgpOo4AvNe1Eg8aF7Q8fiQRJFIAx7YhXeHMDLm9yAadRioxqeFFxwxgbfQInPZk4H7HsuQ141fWjDtKS9ppFWFRcwAAlzUpg2?cfg=bdordi@westonforest.com IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-16 00:32:16 Last Seen2024-04-19 09:41:43 Times Seen190 Hash bcbf3815f7d4f8975dfc3d5e823eafa6 6fb38099b6f82307e8b0022aac08673936f5aab1 cddbd0745a0e364f4945147af5c68aaa5026ab44c7869381780ca483eb0fe290 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07	2024-04-29
Pretty Observations First Seen2023-03-07 01:03:43 Last Seen2024-04-29 22:31:09 Times Seen350651 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	#2 Eval - 1cc96b5f6c21a93ae9dd27e7211a5da6	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 14:34:54 Last Seen2024-04-16 14:34:54 Times Seen1 Hash 1cc96b5f6c21a93ae9dd27e7211a5da6 e5896e770b39da4d7929f3aa80ac499a1424884e 2d58dca63293edbd4aa96711beb52524af849b0f2883d8130dd8ccd82ba7d871 Loading...

	#3 Eval - 688917d82eb1e7230da8cb3e195bfa6b	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 14:34:54 Last Seen2024-04-16 14:34:54 Times Seen1 Hash 688917d82eb1e7230da8cb3e195bfa6b 22ce282c9cf77743661b76eeca4b2e3112a70660 628847fc3c159a37f099a6fa42bb49f5e2374dcfcc72a977f849b942243def95 Loading...

	#4 Eval - d814428a3b40edddde1385f531bc4e16	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 14:34:54 Last Seen2024-04-16 14:34:54 Times Seen1 Hash d814428a3b40edddde1385f531bc4e16 6d4a4b44f5c2b1539fda3503c81ca64cff0cff70 8817b58e3a577e67b5f72e97b06f8bf5902181d9513c5015c57771eba685bad4 Loading...

	#5 Eval - e55b2d5f2cb9594b20ef2353ffa77ba1	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 14:34:54 Last Seen2024-04-16 14:34:54 Times Seen1 Hash e55b2d5f2cb9594b20ef2353ffa77ba1 b801ea0831a63822e35582ac27b56ac07cb47d93 48a8b63b7a6cc9a35aef9c759c62861f4a6a795fdb819e41ee577aed7cb33e3c Loading...

	#6 Eval - 75da5d3bbdd6ef982cffc66a10cf3833	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 14:34:54 Last Seen2024-04-16 14:34:54 Times Seen1 Hash 75da5d3bbdd6ef982cffc66a10cf3833 044f9faa2ec8509327c9b00375a63a846aaa8aaa f32410b1e3b9c5d9c1ba3b6b74a130d4743c39909267d5f312f3dc8290fb9aa7 Loading...

	#7 Eval - e03dbbb9f21180023d9b205a76e9ec0b	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 14:34:54 Last Seen2024-04-16 14:34:54 Times Seen1 Hash e03dbbb9f21180023d9b205a76e9ec0b f473e31c3b2f2f3389c0385487890eedc101c6be e8c1c66919ccf467760c3e789c09fd256f8778968a6edc67ac4aeb10519275e9 Loading...

	#8 Eval - ac6d43b49aec2f87daf340337b6a7882	60 B	2024-04-04	2024-04-17
Pretty Observations First Seen2024-04-04 12:28:09 Last Seen2024-04-17 16:04:31 Times Seen3428 Hash ac6d43b49aec2f87daf340337b6a7882 d3874a31a6b7fe11121edc3ed80fdc8b66f6589a 1af55b64e0b39e0f5f760a8050b284a66fe404ddff945697590f8240798311b2 Loading...

	#9 Eval - 03ddd2ea9c9cb019d16152b5f52c9924	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 14:34:54 Last Seen2024-04-16 14:34:54 Times Seen1 Hash 03ddd2ea9c9cb019d16152b5f52c9924 fd10c5daabb8aaba8aa4aec09475f6bf19e0f9da 739ce3e513d1aa1088711c699a09c4b84cce70edc51fb42d775b4213d4dbe325 Loading...

	#10 Eval - 5110be88cecde8dab235d9ed4b27d0e4	28 B	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 14:34:54 Last Seen2024-04-16 14:34:54 Times Seen1 Hash 5110be88cecde8dab235d9ed4b27d0e4 ce6456bc16bb0c79726b93e14db465d4b6c0c9aa 2ebf861aa6c5d653c7ed39716ff099daf5a2bf8a959d4b925394302ef707eeba Loading...

		Size	First Seen	Last Seen
	#1 Write - 8a0bed010a9fd21a560b90da24f37189	795 B	2023-03-07	2024-04-19
Pretty Observations First Seen2023-03-07 12:57:45 Last Seen2024-04-19 15:49:12 Times Seen3733 Hash 8a0bed010a9fd21a560b90da24f37189 38972fe20940c05edb4139a266dffe2e8e627b1a bc30534b563e7ba1a059a806e101b42c69104b5aacb6afe2293b575e9935dfde Loading...

	#2 Write - 9127a3859829ff2c5a6f57f0637683d8	16 kB	2024-04-16	2024-04-16
Pretty Observations First Seen2024-04-16 14:34:54 Last Seen2024-04-16 14:34:54 Times Seen1 Hash 9127a3859829ff2c5a6f57f0637683d8 d7c83cf8608daddaf84b938c44e5130eab533126 a94ab1d5f305e552253f10cf75fa7bf46e7693150209001602a2a8b51e70e53b Loading...

HTTP Transactions (20)

	URL	IP	Response	Size
	tukix.net/qp9sKz1A43Pt/news/0650a9b88a71e02fc325f84c290bdd60/YmRvcmRpQHdlc3RvbmZvcmVzdC5jb20=?pid=TransactionalEmails&af_adset=ConfirmationEmail&af_ad=ConfirmationEmail_ICE_ICE3171_A_PRIME_KEEP1792_A&is_retargeting=true	183.181.83.141		0 B
URL tukix.net/qp9sKz1A43Pt/news/0650a9b88a71e02fc325f84c290bdd60/YmRvcmRpQHdlc3RvbmZvcmVzdC5jb20=?pid=TransactionalEmails&af_adset=ConfirmationEmail&af_ad=ConfirmationEmail_ICE_ICE3171_A_PRIME_KEEP1792_A&is_retargeting=true IP 183.181.83.141:0 ASN #131965 Xserver Inc. File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /qp9sKz1A43Pt/news/0650a9b88a71e02fc325f84c290bdd60/YmRvcmRpQHdlc3RvbmZvcmVzdC5jb20=?pid=TransactionalEmails&af_adset=ConfirmationEmail&af_ad=ConfirmationEmail_ICE_ICE3171_A_PRIME_KEEP1792_A&is_retargeting=true HTTP/1.1 Host: tukix.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK server: nginx date: Tue, 16 Apr 2024 12:34:28 GMT content-type: text/html; charset=UTF-8 content-length: 0 refresh: 0;url=https://k3ed.icu?e=bdordi@westonforest.com vary: User-Agent accept-ranges: bytes X-Firefox-Spdy: h2`

	k3ed.icu/?e=bdordi@westonforest.com	194.5.212.157		0 B
URL k3ed.icu/?e=bdordi@westonforest.com IP 194.5.212.157:0 ASN #9009 M247 Europe SRL File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /?e=bdordi@westonforest.com HTTP/1.1 Host: k3ed.icu User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 302 Found Server: nginx Date: Tue, 16 Apr 2024 12:34:28 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive Keep-Alive: timeout=60 X-Powered-By: PHP/5.4.16 Set-Cookie: PHPSESSID=f7iunhspd3ip27hocphqs5pi83; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache location: main/`

	k3ed.icu/main/	194.5.212.157		3.5 kB
URL k3ed.icu/main/ IP 194.5.212.157:0 ASN #9009 M247 Europe SRL File type JavaScript source, ASCII text, with very long lines (3087) Size 3.5 kB (3540 bytes) Hash 90f37546ec7bda73397af3ba8c09f0c5 73bcbfc30d7e5db3ce410956b334e790198ba03a 8614c7aec25e6e18d5084fe92df98fe8d46bc657af8a2e329b7d774141c6a98f HTTP Headers `GET /main/ HTTP/1.1 Host: k3ed.icu User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: PHPSESSID=f7iunhspd3ip27hocphqs5pi83 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Date: Tue, 16 Apr 2024 12:34:28 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=60 Vary: Accept-Encoding X-Powered-By: PHP/5.4.16 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Encoding: gzip`

	challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback	104.17.3.184		0 B
URL challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback IP 104.17.3.184:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP/1.1 Host: challenges.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://k3ed.icu/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 302 Found date: Tue, 16 Apr 2024 12:34:29 GMT content-length: 0 location: /turnstile/v0/b/bcc5fb0a8815/api.js?onload=onloadTurnstileCallback access-control-allow-origin: * cross-origin-resource-policy: cross-origin cache-control: max-age=300, public vary: Accept-Encoding server: cloudflare cf-ray: 875435b3398356b5-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2`

	k3ed.icu/favicon.ico	194.5.212.157		135 B
URL k3ed.icu/favicon.ico IP 194.5.212.157:0 ASN #9009 M247 Europe SRL File type HTML document, ASCII text Size 135 B (135 bytes) Hash 83b862bead2d480026254fb2a6eb9969 26bad9e6c1579172b0e3b6bc1c18918164ff6478 fb258cb538ca92d61c8cd4eb08cc23da70c278b8766eaa731ce11e9b2f1da4d4 HTTP Headers `GET /favicon.ico HTTP/1.1 Host: k3ed.icu User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://k3ed.icu/main/ Cookie: PHPSESSID=f7iunhspd3ip27hocphqs5pi83 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Date: Tue, 16 Apr 2024 12:34:29 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 135 Connection: keep-alive Keep-Alive: timeout=60 Last-Modified: Mon, 15 Apr 2024 19:23:05 GMT ETag: "87-616278cfe1d53" Accept-Ranges: bytes`

	k3ed.icu/main/main.php	194.5.212.157		5.7 kB
URL k3ed.icu/main/main.php IP 194.5.212.157:0 ASN #9009 M247 Europe SRL File type HTML document, ASCII text, with very long lines (4198) Size 5.7 kB (5655 bytes) Hash e11c2acf1ae86fc07f6c79e559a6075a 6b430e0023c111831bdd16e24f8039dd90c091bf 10c57b3e50bc1fc08d7e6de8562b40c1b0147b98e1ee09290edd2cfcb7375620 HTTP Headers POST /main/main.php HTTP/1.1 Host: k3ed.icu User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Content-Length: 539 Origin: https://k3ed.icu DNT: 1 Connection: keep-alive Referer: https://k3ed.icu/main/ Cookie: PHPSESSID=f7iunhspd3ip27hocphqs5pi83 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-origin Sec-Fetch-User: ?1 Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Server: nginx Date: Tue, 16 Apr 2024 12:34:33 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=60 Vary: Accept-Encoding X-Powered-By: PHP/5.4.16 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Encoding: gzip`

	cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js	104.17.24.14	200 OK	28 kB
URL GET HTTP/3 cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js IP 104.17.24.14:443 ASN #13335 CLOUDFLARENET Requested by https://k3ed.icu/main/main.php#pngKjL7ZpUedq2GIFNQfTt2zYJsaDmP2K6N3RV3hPhvfkbY0YPfSiish2UsGhhI1nw5fr8xhq2xKdvKck04DjxUmsn2JFKL3hRjI0QZqSxb62WjmXoZgVUCniE7XpS1HKkpKbpa4WlaZiulfSlvOf8bxNjvdbxUVSkG3JQ7GciFuM1JFmftCoEabXFp9dj55DL8nCg4PzKklL418juKI9UU7AjgNDmTh82FLiJARuUdgZeoiJ91S3VZDegrSDk9MmOxFy8x23Lj2ZIlJRmBUhBywRZoukxgHlOmUWTWZEg1EYmoPJZJ0AiwsiUXCsekN2GHZAEZfV1UToiI7hs7SLEk3zhG1w0PyGxyhcxw7yq0WIJ4ZcbSXQc0puGq0HfznM8EYFb6eB7bjQfj3rc0ho1GTI6UpmuN9Cs8iDewflHzcWTfo5gFuhln0sipONdYpF6HjlezGW8TT18h6oWAGhYGKh6z4jxuZEcjZqSGn1zg2Ix97tKNLIuv0A44UCzUgLefc6Vz8vPadmjkQ38BMC7MdbR8Or24chkpogYwLOGYb0j14rDQ4LDhWvpLWsP9J9y7pxDbmkayktAoVdfZYTgVoGHl8wvRG3Z6BChYXswhV6GQkVPjP6fdMWzVs4N98MgKpxImZfDVlkMGfCZ5IeivaSqDWdM5Z2PpAxLAMpw8JiOZUN4D2n8dfzQcMDhMG6bhEXSrmoA5Go5Bc9ffxosMXiZKVgwCnIT2FLt1937QsdsFnIUU6mH3EGNAWkdk26mHSQJ2TRSm4l1r3Vl9h2dWJ1xGlK0nRn5JdOL6FEtK0ub3pxdHzrDisaYNVZbMmgvz4hGKV9uVEGZ3ddKNEo66z5Uu45hrlN0q4HbZQFVulUyz7jmMIsShxNMCS43eR4EVLQVCvR7RLFqTZNGHfzZNmMqfRttIy8EjYzVur3lcIM6IAMqQlqDId4X4yqM6zrpx1l2sooF7aLQKygAUHeCUjzYR0LXzcn7eJ9G8xlfI75tFm4A4jcYCMXuNJsnWPuazEQHcbXUj3nYpszuLMsoyqSm9kJ5adgJS6q4ioZBrmARP9lAVOYueRQobztlNJ4GQvK8UJKl6lcVvywqmvVAmMZxmtT9dYP3uAcojXJqiWlNuSeQnarKWrhiUbs79haDSn1bkKCDHYqbQF2ePuYLVg3PrvWAN7dFufRP0usHsTTjyVxnqw9lNdbeJ8Pwf3cKi4Aiy201VTkuORRfo0AbeMqXUgtajGVCLvVkyVluOFYDxQSVRt75fx29Owk7cfKXKGiiBDMqjK4QAXMrqUwFryPf49nho8f9OxrqbeRuYVkzT71j1yZt7PJcZ7tofJx4gZvsdmWcihMboNvqlvTskDEjK8H0Rf58eABsXxEgOqsdeXEzsx2NbH7VQPWH41QjBrLzZqPOQh24fGEIeHwpoDleshWwiNQUfBte1j3SB5XQLCzZj5pIJKXb1TIjHydXaHcc0f4Bk2s5E25X8uFReC2fwLzejNbuuoGvDL7XNz3rC9pKE4BSHE8epItJwFd13UwGFDEsdIUPSjzwobp6PylegOXMubNy5keKYTdcC71vrB1PNrWCZhRg6P3A0R85bnQah4mUcopDZrtNSppRGg7N5ao61wcdU3nc7J7j8wX7XqVPQkHwBPkHZIN1fZf92Dmantuv0rCYSyNISvfukzbkhZmwZBG2e3cBxH6x8Jv1hjKaPZE9zQtRPPoOr4RG83hFKodT8IVq2FARFf1f5u6VkuKMzBsHFKnp8AjhjeHmUhdAxePCJVy4qiQZTiHz25ZbFisZx9lsrz2ZNRBxMaBdsrcmKUVMZUYFdqELAZd2yf1m7DTUNv7gWkDGezteurTHSxstxGw5Wys3blXZQ5gNpTuEtXSXpLEhi7LPOhVKPnO1JM1zRhngbRUEOMBeygwQnhGbzCWpZKqIwrioJGFUxAymnaAVq6MOos0X4Wm4HNNef6CYMhTjRsGeCga2nWQLpQIuN5yuSlJ7sl6eDZyvreJ4vT6SQXDfOlJCri7jEQr6cykPxSkZ743CYauP874XtNzU6GeKxFQJeazM3ULbZPNY0iN8pS6TGFOMm2wUImEWxeIB8uM8kz6kSUtiMzbsfZeC2KwK6bHEppfxU1GeBMytH2LtCXWRWauYV1J1cqGBQV9KWPZyCy1jANNcKJ4HTyGPzpQMQwnHswsomrWYZYiAL6NvPSdJrTy0jpM9WaRoHjN3LK2LIlltr9Zh1d0s6ytqYgzUrri8K6cvQfgyBC22M2jNfkgmTKMR1mLsN4ByaO403kzEXBHJE1xUlOgez25ApR3cVFL6tP7xaGc7iTRXUoRgd7uMaAnArrNn7yuAnC8yjkFBdxz8Wqo9yTWJukjVL7jTFOu3qCBJWhlaOUjKlITTCQD6aX2W4lPJajNAVpjSGF3uznfU58OHZrO9oQ5tcVdme0Wapg36V6AvuPqzYehXG575Vdz78MunMqxcHAiDHT8bJzLIO3Gv8NA409b9WFwI63VOEerm8AySakAYngtv44z4eLearKTyOOms3OPbpo3zIDy5U1BY6b3kWhuo2nXQckjf88qywt8f7Gk2IV1O7593nDsp1pfdJysSHSremztugOxZKyORDXV0BnqCNGPxehpWaRbwrF1HtyHe7v5Kt1L4pcGcSvJ6M93X1etsTv9n4RBbmHWPIHT8TAkM54TSeWPfbjI5PRtTJ445M0VvIPDCpYov3hoieeyqxgvm8YgR3lXPlSl4HZH7Y6D1o1kDfS3N9yahwq8AL5q7YLcGLTNJ0qLos51HX4v7DFoa5xKRCaYBWbhH55r5wcuYhwGfBbmeRKoXh9OUjNwgYNY3Sp9oBDmSa38Lfu06fo3xySsRFY8EL6IDvR26vpZFs7rHCrORQRooKQgpOo4AvNe1Eg8aF7Q8fiQRJFIAx7YhXeHMDLm9yAadRioxqeFFxwxgbfQInPZk4H7HsuQ141fWjDtKS9ppFWFRcwAAlzUpg2?cfg=bdordi@westonforest.com Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (65447) Size 28 kB (27938 bytes) Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e HTTP Headers `GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1 Host: cdnjs.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://k3ed.icu/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 16 Apr 2024 12:34:34 GMT content-type: application/javascript; charset=utf-8 content-length: 27938 access-control-allow-origin: * cache-control: public, max-age=30672000 content-encoding: br etag: "603e8adc-15d9d" last-modified: Tue, 02 Mar 2021 18:58:36 GMT cf-cdnjs-via: cfworker/kv cross-origin-resource-policy: cross-origin timing-allow-origin: * x-content-type-options: nosniff vary: Accept-Encoding cf-cache-status: HIT age: 2796381 expires: Sun, 06 Apr 2025 12:34:34 GMT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h0q2j9HP1Sy4rYZ4JllKGCFruxaZcBbOt%2F3U8kz405EDSyLjogP19vdrydnPfaNtOnFkhPgMtao05K43iGilIEpL6LTUxfWeLKfUdmzm4mhlDfnApIwBUmrFXhLuVkH4DK0CaGFJ"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15780000 server: cloudflare cf-ray: 875435d2ac9b712f-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1792594672:1713266999:e2wsbtH7h5z8l9VlnI0af5lGkrl4P9YrKkD-ctXW41s/875435b3ff8756a5/88f7b444b586e9b	104.17.3.184		25 kB
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1792594672:1713266999:e2wsbtH7h5z8l9VlnI0af5lGkrl4P9YrKkD-ctXW41s/875435b3ff8756a5/88f7b444b586e9b IP 104.17.3.184:0 ASN #13335 CLOUDFLARENET File type ASCII text, with very long lines (22544), with no line terminators Size 25 kB (24815 bytes) Hash 66895228120d3106dff76e987a74b17a 499c1040ee3d3725298ba07de66ba08192dd3c80 27a809bffefce4ce8a65842d0dd0314a7c9a839821d4daafc8fe12c45a57dd81 HTTP Headers POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1792594672:1713266999:e2wsbtH7h5z8l9VlnI0af5lGkrl4P9YrKkD-ctXW41s/875435b3ff8756a5/88f7b444b586e9b HTTP/1.1 Host: challenges.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/urfrk/0x4AAAAAAAW0WK3FVyMLGCYF/auto/normal Content-type: application/x-www-form-urlencoded CF-Challenge: 88f7b444b586e9b Content-Length: 24993 Origin: https://challenges.cloudflare.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/3 200 OK date: Tue, 16 Apr 2024 12:34:30 GMT content-type: text/plain; charset=UTF-8 cf-chl-gen: /hfhcC0M0ch1bBocVige8g9+x7hv1S9U6ywbZkDByMJD49NmvzbWDzN+GEwbjfGl$E2fxF9ho066X69Cyd8OGtw== server: cloudflare cf-ray: 875435bda84456a5-OSL content-encoding: br alt-svc: h3=":443"; ma=86400`

	bc1q3tg7zvzwn752jqr6smnajyj.com/api/v3/auth	193.222.96.166	200 OK	2 B
URL OPTIONS HTTP/1.1 bc1q3tg7zvzwn752jqr6smnajyj.com/api/v3/auth IP 193.222.96.166:443 ASN #203168 Constant MOULIN Requested by https://k3ed.icu/main/main.php#pngKjL7ZpUedq2GIFNQfTt2zYJsaDmP2K6N3RV3hPhvfkbY0YPfSiish2UsGhhI1nw5fr8xhq2xKdvKck04DjxUmsn2JFKL3hRjI0QZqSxb62WjmXoZgVUCniE7XpS1HKkpKbpa4WlaZiulfSlvOf8bxNjvdbxUVSkG3JQ7GciFuM1JFmftCoEabXFp9dj55DL8nCg4PzKklL418juKI9UU7AjgNDmTh82FLiJARuUdgZeoiJ91S3VZDegrSDk9MmOxFy8x23Lj2ZIlJRmBUhBywRZoukxgHlOmUWTWZEg1EYmoPJZJ0AiwsiUXCsekN2GHZAEZfV1UToiI7hs7SLEk3zhG1w0PyGxyhcxw7yq0WIJ4ZcbSXQc0puGq0HfznM8EYFb6eB7bjQfj3rc0ho1GTI6UpmuN9Cs8iDewflHzcWTfo5gFuhln0sipONdYpF6HjlezGW8TT18h6oWAGhYGKh6z4jxuZEcjZqSGn1zg2Ix97tKNLIuv0A44UCzUgLefc6Vz8vPadmjkQ38BMC7MdbR8Or24chkpogYwLOGYb0j14rDQ4LDhWvpLWsP9J9y7pxDbmkayktAoVdfZYTgVoGHl8wvRG3Z6BChYXswhV6GQkVPjP6fdMWzVs4N98MgKpxImZfDVlkMGfCZ5IeivaSqDWdM5Z2PpAxLAMpw8JiOZUN4D2n8dfzQcMDhMG6bhEXSrmoA5Go5Bc9ffxosMXiZKVgwCnIT2FLt1937QsdsFnIUU6mH3EGNAWkdk26mHSQJ2TRSm4l1r3Vl9h2dWJ1xGlK0nRn5JdOL6FEtK0ub3pxdHzrDisaYNVZbMmgvz4hGKV9uVEGZ3ddKNEo66z5Uu45hrlN0q4HbZQFVulUyz7jmMIsShxNMCS43eR4EVLQVCvR7RLFqTZNGHfzZNmMqfRttIy8EjYzVur3lcIM6IAMqQlqDId4X4yqM6zrpx1l2sooF7aLQKygAUHeCUjzYR0LXzcn7eJ9G8xlfI75tFm4A4jcYCMXuNJsnWPuazEQHcbXUj3nYpszuLMsoyqSm9kJ5adgJS6q4ioZBrmARP9lAVOYueRQobztlNJ4GQvK8UJKl6lcVvywqmvVAmMZxmtT9dYP3uAcojXJqiWlNuSeQnarKWrhiUbs79haDSn1bkKCDHYqbQF2ePuYLVg3PrvWAN7dFufRP0usHsTTjyVxnqw9lNdbeJ8Pwf3cKi4Aiy201VTkuORRfo0AbeMqXUgtajGVCLvVkyVluOFYDxQSVRt75fx29Owk7cfKXKGiiBDMqjK4QAXMrqUwFryPf49nho8f9OxrqbeRuYVkzT71j1yZt7PJcZ7tofJx4gZvsdmWcihMboNvqlvTskDEjK8H0Rf58eABsXxEgOqsdeXEzsx2NbH7VQPWH41QjBrLzZqPOQh24fGEIeHwpoDleshWwiNQUfBte1j3SB5XQLCzZj5pIJKXb1TIjHydXaHcc0f4Bk2s5E25X8uFReC2fwLzejNbuuoGvDL7XNz3rC9pKE4BSHE8epItJwFd13UwGFDEsdIUPSjzwobp6PylegOXMubNy5keKYTdcC71vrB1PNrWCZhRg6P3A0R85bnQah4mUcopDZrtNSppRGg7N5ao61wcdU3nc7J7j8wX7XqVPQkHwBPkHZIN1fZf92Dmantuv0rCYSyNISvfukzbkhZmwZBG2e3cBxH6x8Jv1hjKaPZE9zQtRPPoOr4RG83hFKodT8IVq2FARFf1f5u6VkuKMzBsHFKnp8AjhjeHmUhdAxePCJVy4qiQZTiHz25ZbFisZx9lsrz2ZNRBxMaBdsrcmKUVMZUYFdqELAZd2yf1m7DTUNv7gWkDGezteurTHSxstxGw5Wys3blXZQ5gNpTuEtXSXpLEhi7LPOhVKPnO1JM1zRhngbRUEOMBeygwQnhGbzCWpZKqIwrioJGFUxAymnaAVq6MOos0X4Wm4HNNef6CYMhTjRsGeCga2nWQLpQIuN5yuSlJ7sl6eDZyvreJ4vT6SQXDfOlJCri7jEQr6cykPxSkZ743CYauP874XtNzU6GeKxFQJeazM3ULbZPNY0iN8pS6TGFOMm2wUImEWxeIB8uM8kz6kSUtiMzbsfZeC2KwK6bHEppfxU1GeBMytH2LtCXWRWauYV1J1cqGBQV9KWPZyCy1jANNcKJ4HTyGPzpQMQwnHswsomrWYZYiAL6NvPSdJrTy0jpM9WaRoHjN3LK2LIlltr9Zh1d0s6ytqYgzUrri8K6cvQfgyBC22M2jNfkgmTKMR1mLsN4ByaO403kzEXBHJE1xUlOgez25ApR3cVFL6tP7xaGc7iTRXUoRgd7uMaAnArrNn7yuAnC8yjkFBdxz8Wqo9yTWJukjVL7jTFOu3qCBJWhlaOUjKlITTCQD6aX2W4lPJajNAVpjSGF3uznfU58OHZrO9oQ5tcVdme0Wapg36V6AvuPqzYehXG575Vdz78MunMqxcHAiDHT8bJzLIO3Gv8NA409b9WFwI63VOEerm8AySakAYngtv44z4eLearKTyOOms3OPbpo3zIDy5U1BY6b3kWhuo2nXQckjf88qywt8f7Gk2IV1O7593nDsp1pfdJysSHSremztugOxZKyORDXV0BnqCNGPxehpWaRbwrF1HtyHe7v5Kt1L4pcGcSvJ6M93X1etsTv9n4RBbmHWPIHT8TAkM54TSeWPfbjI5PRtTJ445M0VvIPDCpYov3hoieeyqxgvm8YgR3lXPlSl4HZH7Y6D1o1kDfS3N9yahwq8AL5q7YLcGLTNJ0qLos51HX4v7DFoa5xKRCaYBWbhH55r5wcuYhwGfBbmeRKoXh9OUjNwgYNY3Sp9oBDmSa38Lfu06fo3xySsRFY8EL6IDvR26vpZFs7rHCrORQRooKQgpOo4AvNe1Eg8aF7Q8fiQRJFIAx7YhXeHMDLm9yAadRioxqeFFxwxgbfQInPZk4H7HsuQ141fWjDtKS9ppFWFRcwAAlzUpg2?cfg=bdordi@westonforest.com Certificate IssuerLet's Encrypt Subjectbc1q3tg7zvzwn752jqr6smnajyj.com Fingerprint4E:54:78:D7:DF:96:6E:80:11:47:40:6F:33:CF:F9:99:B3:89:B6:13 ValiditySat, 24 Feb 2024 20:49:15 GMT - Fri, 24 May 2024 20:49:14 GMT File type ASCII text, with no line terminators Size 2 B (2 bytes) Hash e0aa021e21dddbd6d8cecec71e9cf564 9ce3bd4224c8c1780db56b4125ecf3f24bf748b7 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 HTTP Headers OPTIONS /api/v3/auth HTTP/1.1 Host: bc1q3tg7zvzwn752jqr6smnajyj.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://k3ed.icu/ Origin: https://k3ed.icu DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK date: Tue, 16 Apr 2024 12:34:35 GMT server: uvicorn vary: Origin access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT access-control-max-age: 600 access-control-allow-credentials: true access-control-allow-origin: https://k3ed.icu access-control-allow-headers: content-type content-length: 2 content-type: text/plain; charset=utf-8`

	bc1q3tg7zvzwn752jqr6smnajyj.com/api/v3/auth	193.222.96.166	200 OK	16 kB
URL OPTIONS HTTP/1.1 bc1q3tg7zvzwn752jqr6smnajyj.com/api/v3/auth IP 193.222.96.166:443 ASN #203168 Constant MOULIN Requested by https://k3ed.icu/main/main.php#pngKjL7ZpUedq2GIFNQfTt2zYJsaDmP2K6N3RV3hPhvfkbY0YPfSiish2UsGhhI1nw5fr8xhq2xKdvKck04DjxUmsn2JFKL3hRjI0QZqSxb62WjmXoZgVUCniE7XpS1HKkpKbpa4WlaZiulfSlvOf8bxNjvdbxUVSkG3JQ7GciFuM1JFmftCoEabXFp9dj55DL8nCg4PzKklL418juKI9UU7AjgNDmTh82FLiJARuUdgZeoiJ91S3VZDegrSDk9MmOxFy8x23Lj2ZIlJRmBUhBywRZoukxgHlOmUWTWZEg1EYmoPJZJ0AiwsiUXCsekN2GHZAEZfV1UToiI7hs7SLEk3zhG1w0PyGxyhcxw7yq0WIJ4ZcbSXQc0puGq0HfznM8EYFb6eB7bjQfj3rc0ho1GTI6UpmuN9Cs8iDewflHzcWTfo5gFuhln0sipONdYpF6HjlezGW8TT18h6oWAGhYGKh6z4jxuZEcjZqSGn1zg2Ix97tKNLIuv0A44UCzUgLefc6Vz8vPadmjkQ38BMC7MdbR8Or24chkpogYwLOGYb0j14rDQ4LDhWvpLWsP9J9y7pxDbmkayktAoVdfZYTgVoGHl8wvRG3Z6BChYXswhV6GQkVPjP6fdMWzVs4N98MgKpxImZfDVlkMGfCZ5IeivaSqDWdM5Z2PpAxLAMpw8JiOZUN4D2n8dfzQcMDhMG6bhEXSrmoA5Go5Bc9ffxosMXiZKVgwCnIT2FLt1937QsdsFnIUU6mH3EGNAWkdk26mHSQJ2TRSm4l1r3Vl9h2dWJ1xGlK0nRn5JdOL6FEtK0ub3pxdHzrDisaYNVZbMmgvz4hGKV9uVEGZ3ddKNEo66z5Uu45hrlN0q4HbZQFVulUyz7jmMIsShxNMCS43eR4EVLQVCvR7RLFqTZNGHfzZNmMqfRttIy8EjYzVur3lcIM6IAMqQlqDId4X4yqM6zrpx1l2sooF7aLQKygAUHeCUjzYR0LXzcn7eJ9G8xlfI75tFm4A4jcYCMXuNJsnWPuazEQHcbXUj3nYpszuLMsoyqSm9kJ5adgJS6q4ioZBrmARP9lAVOYueRQobztlNJ4GQvK8UJKl6lcVvywqmvVAmMZxmtT9dYP3uAcojXJqiWlNuSeQnarKWrhiUbs79haDSn1bkKCDHYqbQF2ePuYLVg3PrvWAN7dFufRP0usHsTTjyVxnqw9lNdbeJ8Pwf3cKi4Aiy201VTkuORRfo0AbeMqXUgtajGVCLvVkyVluOFYDxQSVRt75fx29Owk7cfKXKGiiBDMqjK4QAXMrqUwFryPf49nho8f9OxrqbeRuYVkzT71j1yZt7PJcZ7tofJx4gZvsdmWcihMboNvqlvTskDEjK8H0Rf58eABsXxEgOqsdeXEzsx2NbH7VQPWH41QjBrLzZqPOQh24fGEIeHwpoDleshWwiNQUfBte1j3SB5XQLCzZj5pIJKXb1TIjHydXaHcc0f4Bk2s5E25X8uFReC2fwLzejNbuuoGvDL7XNz3rC9pKE4BSHE8epItJwFd13UwGFDEsdIUPSjzwobp6PylegOXMubNy5keKYTdcC71vrB1PNrWCZhRg6P3A0R85bnQah4mUcopDZrtNSppRGg7N5ao61wcdU3nc7J7j8wX7XqVPQkHwBPkHZIN1fZf92Dmantuv0rCYSyNISvfukzbkhZmwZBG2e3cBxH6x8Jv1hjKaPZE9zQtRPPoOr4RG83hFKodT8IVq2FARFf1f5u6VkuKMzBsHFKnp8AjhjeHmUhdAxePCJVy4qiQZTiHz25ZbFisZx9lsrz2ZNRBxMaBdsrcmKUVMZUYFdqELAZd2yf1m7DTUNv7gWkDGezteurTHSxstxGw5Wys3blXZQ5gNpTuEtXSXpLEhi7LPOhVKPnO1JM1zRhngbRUEOMBeygwQnhGbzCWpZKqIwrioJGFUxAymnaAVq6MOos0X4Wm4HNNef6CYMhTjRsGeCga2nWQLpQIuN5yuSlJ7sl6eDZyvreJ4vT6SQXDfOlJCri7jEQr6cykPxSkZ743CYauP874XtNzU6GeKxFQJeazM3ULbZPNY0iN8pS6TGFOMm2wUImEWxeIB8uM8kz6kSUtiMzbsfZeC2KwK6bHEppfxU1GeBMytH2LtCXWRWauYV1J1cqGBQV9KWPZyCy1jANNcKJ4HTyGPzpQMQwnHswsomrWYZYiAL6NvPSdJrTy0jpM9WaRoHjN3LK2LIlltr9Zh1d0s6ytqYgzUrri8K6cvQfgyBC22M2jNfkgmTKMR1mLsN4ByaO403kzEXBHJE1xUlOgez25ApR3cVFL6tP7xaGc7iTRXUoRgd7uMaAnArrNn7yuAnC8yjkFBdxz8Wqo9yTWJukjVL7jTFOu3qCBJWhlaOUjKlITTCQD6aX2W4lPJajNAVpjSGF3uznfU58OHZrO9oQ5tcVdme0Wapg36V6AvuPqzYehXG575Vdz78MunMqxcHAiDHT8bJzLIO3Gv8NA409b9WFwI63VOEerm8AySakAYngtv44z4eLearKTyOOms3OPbpo3zIDy5U1BY6b3kWhuo2nXQckjf88qywt8f7Gk2IV1O7593nDsp1pfdJysSHSremztugOxZKyORDXV0BnqCNGPxehpWaRbwrF1HtyHe7v5Kt1L4pcGcSvJ6M93X1etsTv9n4RBbmHWPIHT8TAkM54TSeWPfbjI5PRtTJ445M0VvIPDCpYov3hoieeyqxgvm8YgR3lXPlSl4HZH7Y6D1o1kDfS3N9yahwq8AL5q7YLcGLTNJ0qLos51HX4v7DFoa5xKRCaYBWbhH55r5wcuYhwGfBbmeRKoXh9OUjNwgYNY3Sp9oBDmSa38Lfu06fo3xySsRFY8EL6IDvR26vpZFs7rHCrORQRooKQgpOo4AvNe1Eg8aF7Q8fiQRJFIAx7YhXeHMDLm9yAadRioxqeFFxwxgbfQInPZk4H7HsuQ141fWjDtKS9ppFWFRcwAAlzUpg2?cfg=bdordi@westonforest.com Certificate IssuerLet's Encrypt Subjectbc1q3tg7zvzwn752jqr6smnajyj.com Fingerprint4E:54:78:D7:DF:96:6E:80:11:47:40:6F:33:CF:F9:99:B3:89:B6:13 ValiditySat, 24 Feb 2024 20:49:15 GMT - Fri, 24 May 2024 20:49:14 GMT File type JSON text data Size 16 kB (16470 bytes) Hash 6ff999422f703c595ef6bec6fa2ff7d7 8c89fd4da3638929a2048a90e1bb6f64120a55c2 9b5ddde076642d8be653aee40de9d3fda4e73376631b607578e175c80009eedc HTTP Headers POST /api/v3/auth HTTP/1.1 Host: bc1q3tg7zvzwn752jqr6smnajyj.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json, text/javascript, /; q=0.01 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Content-Length: 175 Origin: https://k3ed.icu DNT: 1 Connection: keep-alive Referer: https://k3ed.icu/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK date: Tue, 16 Apr 2024 12:34:35 GMT server: uvicorn content-length: 16470 content-type: application/json access-control-allow-origin: * access-control-allow-credentials: true`

	cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js	104.17.24.14	200 OK	28 kB
URL GET HTTP/3 cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js IP 104.17.24.14:443 ASN #13335 CLOUDFLARENET Requested by https://k3ed.icu/main/main.php#pngKjL7ZpUedq2GIFNQfTt2zYJsaDmP2K6N3RV3hPhvfkbY0YPfSiish2UsGhhI1nw5fr8xhq2xKdvKck04DjxUmsn2JFKL3hRjI0QZqSxb62WjmXoZgVUCniE7XpS1HKkpKbpa4WlaZiulfSlvOf8bxNjvdbxUVSkG3JQ7GciFuM1JFmftCoEabXFp9dj55DL8nCg4PzKklL418juKI9UU7AjgNDmTh82FLiJARuUdgZeoiJ91S3VZDegrSDk9MmOxFy8x23Lj2ZIlJRmBUhBywRZoukxgHlOmUWTWZEg1EYmoPJZJ0AiwsiUXCsekN2GHZAEZfV1UToiI7hs7SLEk3zhG1w0PyGxyhcxw7yq0WIJ4ZcbSXQc0puGq0HfznM8EYFb6eB7bjQfj3rc0ho1GTI6UpmuN9Cs8iDewflHzcWTfo5gFuhln0sipONdYpF6HjlezGW8TT18h6oWAGhYGKh6z4jxuZEcjZqSGn1zg2Ix97tKNLIuv0A44UCzUgLefc6Vz8vPadmjkQ38BMC7MdbR8Or24chkpogYwLOGYb0j14rDQ4LDhWvpLWsP9J9y7pxDbmkayktAoVdfZYTgVoGHl8wvRG3Z6BChYXswhV6GQkVPjP6fdMWzVs4N98MgKpxImZfDVlkMGfCZ5IeivaSqDWdM5Z2PpAxLAMpw8JiOZUN4D2n8dfzQcMDhMG6bhEXSrmoA5Go5Bc9ffxosMXiZKVgwCnIT2FLt1937QsdsFnIUU6mH3EGNAWkdk26mHSQJ2TRSm4l1r3Vl9h2dWJ1xGlK0nRn5JdOL6FEtK0ub3pxdHzrDisaYNVZbMmgvz4hGKV9uVEGZ3ddKNEo66z5Uu45hrlN0q4HbZQFVulUyz7jmMIsShxNMCS43eR4EVLQVCvR7RLFqTZNGHfzZNmMqfRttIy8EjYzVur3lcIM6IAMqQlqDId4X4yqM6zrpx1l2sooF7aLQKygAUHeCUjzYR0LXzcn7eJ9G8xlfI75tFm4A4jcYCMXuNJsnWPuazEQHcbXUj3nYpszuLMsoyqSm9kJ5adgJS6q4ioZBrmARP9lAVOYueRQobztlNJ4GQvK8UJKl6lcVvywqmvVAmMZxmtT9dYP3uAcojXJqiWlNuSeQnarKWrhiUbs79haDSn1bkKCDHYqbQF2ePuYLVg3PrvWAN7dFufRP0usHsTTjyVxnqw9lNdbeJ8Pwf3cKi4Aiy201VTkuORRfo0AbeMqXUgtajGVCLvVkyVluOFYDxQSVRt75fx29Owk7cfKXKGiiBDMqjK4QAXMrqUwFryPf49nho8f9OxrqbeRuYVkzT71j1yZt7PJcZ7tofJx4gZvsdmWcihMboNvqlvTskDEjK8H0Rf58eABsXxEgOqsdeXEzsx2NbH7VQPWH41QjBrLzZqPOQh24fGEIeHwpoDleshWwiNQUfBte1j3SB5XQLCzZj5pIJKXb1TIjHydXaHcc0f4Bk2s5E25X8uFReC2fwLzejNbuuoGvDL7XNz3rC9pKE4BSHE8epItJwFd13UwGFDEsdIUPSjzwobp6PylegOXMubNy5keKYTdcC71vrB1PNrWCZhRg6P3A0R85bnQah4mUcopDZrtNSppRGg7N5ao61wcdU3nc7J7j8wX7XqVPQkHwBPkHZIN1fZf92Dmantuv0rCYSyNISvfukzbkhZmwZBG2e3cBxH6x8Jv1hjKaPZE9zQtRPPoOr4RG83hFKodT8IVq2FARFf1f5u6VkuKMzBsHFKnp8AjhjeHmUhdAxePCJVy4qiQZTiHz25ZbFisZx9lsrz2ZNRBxMaBdsrcmKUVMZUYFdqELAZd2yf1m7DTUNv7gWkDGezteurTHSxstxGw5Wys3blXZQ5gNpTuEtXSXpLEhi7LPOhVKPnO1JM1zRhngbRUEOMBeygwQnhGbzCWpZKqIwrioJGFUxAymnaAVq6MOos0X4Wm4HNNef6CYMhTjRsGeCga2nWQLpQIuN5yuSlJ7sl6eDZyvreJ4vT6SQXDfOlJCri7jEQr6cykPxSkZ743CYauP874XtNzU6GeKxFQJeazM3ULbZPNY0iN8pS6TGFOMm2wUImEWxeIB8uM8kz6kSUtiMzbsfZeC2KwK6bHEppfxU1GeBMytH2LtCXWRWauYV1J1cqGBQV9KWPZyCy1jANNcKJ4HTyGPzpQMQwnHswsomrWYZYiAL6NvPSdJrTy0jpM9WaRoHjN3LK2LIlltr9Zh1d0s6ytqYgzUrri8K6cvQfgyBC22M2jNfkgmTKMR1mLsN4ByaO403kzEXBHJE1xUlOgez25ApR3cVFL6tP7xaGc7iTRXUoRgd7uMaAnArrNn7yuAnC8yjkFBdxz8Wqo9yTWJukjVL7jTFOu3qCBJWhlaOUjKlITTCQD6aX2W4lPJajNAVpjSGF3uznfU58OHZrO9oQ5tcVdme0Wapg36V6AvuPqzYehXG575Vdz78MunMqxcHAiDHT8bJzLIO3Gv8NA409b9WFwI63VOEerm8AySakAYngtv44z4eLearKTyOOms3OPbpo3zIDy5U1BY6b3kWhuo2nXQckjf88qywt8f7Gk2IV1O7593nDsp1pfdJysSHSremztugOxZKyORDXV0BnqCNGPxehpWaRbwrF1HtyHe7v5Kt1L4pcGcSvJ6M93X1etsTv9n4RBbmHWPIHT8TAkM54TSeWPfbjI5PRtTJ445M0VvIPDCpYov3hoieeyqxgvm8YgR3lXPlSl4HZH7Y6D1o1kDfS3N9yahwq8AL5q7YLcGLTNJ0qLos51HX4v7DFoa5xKRCaYBWbhH55r5wcuYhwGfBbmeRKoXh9OUjNwgYNY3Sp9oBDmSa38Lfu06fo3xySsRFY8EL6IDvR26vpZFs7rHCrORQRooKQgpOo4AvNe1Eg8aF7Q8fiQRJFIAx7YhXeHMDLm9yAadRioxqeFFxwxgbfQInPZk4H7HsuQ141fWjDtKS9ppFWFRcwAAlzUpg2?cfg=bdordi@westonforest.com Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (65447) Size 28 kB (27938 bytes) Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e HTTP Headers `GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1 Host: cdnjs.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://k3ed.icu/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Tue, 16 Apr 2024 12:34:39 GMT content-type: application/javascript; charset=utf-8 content-length: 27938 access-control-allow-origin: * cache-control: public, max-age=30672000 content-encoding: br etag: "603e8adc-15d9d" last-modified: Tue, 02 Mar 2021 18:58:36 GMT cf-cdnjs-via: cfworker/kv cross-origin-resource-policy: cross-origin timing-allow-origin: * x-content-type-options: nosniff vary: Accept-Encoding cf-cache-status: HIT age: 2796386 expires: Sun, 06 Apr 2025 12:34:39 GMT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qTDsD1CA7DqP3H9ybWZaUAd102t%2FGKG4QKZZ88I0IGci1P401pj0xAytrZId7BMQV3HmSTQR7BN7T727nnSljPbw6%2BJII%2BNw6ErXp9YFyjVgj%2F7ISANEsV0zbV6EalHcjlpj0OVZ"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15780000 server: cloudflare cf-ray: 875435f5886956c9-OSL alt-svc: h3=":443"; ma=86400

	aadcdn.msftauth.net/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg	152.199.23.37	200 OK	621 B
URL GET HTTP/2 aadcdn.msftauth.net/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg IP 152.199.23.37:443 ASN #15133 EDGECAST Requested by https://k3ed.icu/main/main.php#pngKjL7ZpUedq2GIFNQfTt2zYJsaDmP2K6N3RV3hPhvfkbY0YPfSiish2UsGhhI1nw5fr8xhq2xKdvKck04DjxUmsn2JFKL3hRjI0QZqSxb62WjmXoZgVUCniE7XpS1HKkpKbpa4WlaZiulfSlvOf8bxNjvdbxUVSkG3JQ7GciFuM1JFmftCoEabXFp9dj55DL8nCg4PzKklL418juKI9UU7AjgNDmTh82FLiJARuUdgZeoiJ91S3VZDegrSDk9MmOxFy8x23Lj2ZIlJRmBUhBywRZoukxgHlOmUWTWZEg1EYmoPJZJ0AiwsiUXCsekN2GHZAEZfV1UToiI7hs7SLEk3zhG1w0PyGxyhcxw7yq0WIJ4ZcbSXQc0puGq0HfznM8EYFb6eB7bjQfj3rc0ho1GTI6UpmuN9Cs8iDewflHzcWTfo5gFuhln0sipONdYpF6HjlezGW8TT18h6oWAGhYGKh6z4jxuZEcjZqSGn1zg2Ix97tKNLIuv0A44UCzUgLefc6Vz8vPadmjkQ38BMC7MdbR8Or24chkpogYwLOGYb0j14rDQ4LDhWvpLWsP9J9y7pxDbmkayktAoVdfZYTgVoGHl8wvRG3Z6BChYXswhV6GQkVPjP6fdMWzVs4N98MgKpxImZfDVlkMGfCZ5IeivaSqDWdM5Z2PpAxLAMpw8JiOZUN4D2n8dfzQcMDhMG6bhEXSrmoA5Go5Bc9ffxosMXiZKVgwCnIT2FLt1937QsdsFnIUU6mH3EGNAWkdk26mHSQJ2TRSm4l1r3Vl9h2dWJ1xGlK0nRn5JdOL6FEtK0ub3pxdHzrDisaYNVZbMmgvz4hGKV9uVEGZ3ddKNEo66z5Uu45hrlN0q4HbZQFVulUyz7jmMIsShxNMCS43eR4EVLQVCvR7RLFqTZNGHfzZNmMqfRttIy8EjYzVur3lcIM6IAMqQlqDId4X4yqM6zrpx1l2sooF7aLQKygAUHeCUjzYR0LXzcn7eJ9G8xlfI75tFm4A4jcYCMXuNJsnWPuazEQHcbXUj3nYpszuLMsoyqSm9kJ5adgJS6q4ioZBrmARP9lAVOYueRQobztlNJ4GQvK8UJKl6lcVvywqmvVAmMZxmtT9dYP3uAcojXJqiWlNuSeQnarKWrhiUbs79haDSn1bkKCDHYqbQF2ePuYLVg3PrvWAN7dFufRP0usHsTTjyVxnqw9lNdbeJ8Pwf3cKi4Aiy201VTkuORRfo0AbeMqXUgtajGVCLvVkyVluOFYDxQSVRt75fx29Owk7cfKXKGiiBDMqjK4QAXMrqUwFryPf49nho8f9OxrqbeRuYVkzT71j1yZt7PJcZ7tofJx4gZvsdmWcihMboNvqlvTskDEjK8H0Rf58eABsXxEgOqsdeXEzsx2NbH7VQPWH41QjBrLzZqPOQh24fGEIeHwpoDleshWwiNQUfBte1j3SB5XQLCzZj5pIJKXb1TIjHydXaHcc0f4Bk2s5E25X8uFReC2fwLzejNbuuoGvDL7XNz3rC9pKE4BSHE8epItJwFd13UwGFDEsdIUPSjzwobp6PylegOXMubNy5keKYTdcC71vrB1PNrWCZhRg6P3A0R85bnQah4mUcopDZrtNSppRGg7N5ao61wcdU3nc7J7j8wX7XqVPQkHwBPkHZIN1fZf92Dmantuv0rCYSyNISvfukzbkhZmwZBG2e3cBxH6x8Jv1hjKaPZE9zQtRPPoOr4RG83hFKodT8IVq2FARFf1f5u6VkuKMzBsHFKnp8AjhjeHmUhdAxePCJVy4qiQZTiHz25ZbFisZx9lsrz2ZNRBxMaBdsrcmKUVMZUYFdqELAZd2yf1m7DTUNv7gWkDGezteurTHSxstxGw5Wys3blXZQ5gNpTuEtXSXpLEhi7LPOhVKPnO1JM1zRhngbRUEOMBeygwQnhGbzCWpZKqIwrioJGFUxAymnaAVq6MOos0X4Wm4HNNef6CYMhTjRsGeCga2nWQLpQIuN5yuSlJ7sl6eDZyvreJ4vT6SQXDfOlJCri7jEQr6cykPxSkZ743CYauP874XtNzU6GeKxFQJeazM3ULbZPNY0iN8pS6TGFOMm2wUImEWxeIB8uM8kz6kSUtiMzbsfZeC2KwK6bHEppfxU1GeBMytH2LtCXWRWauYV1J1cqGBQV9KWPZyCy1jANNcKJ4HTyGPzpQMQwnHswsomrWYZYiAL6NvPSdJrTy0jpM9WaRoHjN3LK2LIlltr9Zh1d0s6ytqYgzUrri8K6cvQfgyBC22M2jNfkgmTKMR1mLsN4ByaO403kzEXBHJE1xUlOgez25ApR3cVFL6tP7xaGc7iTRXUoRgd7uMaAnArrNn7yuAnC8yjkFBdxz8Wqo9yTWJukjVL7jTFOu3qCBJWhlaOUjKlITTCQD6aX2W4lPJajNAVpjSGF3uznfU58OHZrO9oQ5tcVdme0Wapg36V6AvuPqzYehXG575Vdz78MunMqxcHAiDHT8bJzLIO3Gv8NA409b9WFwI63VOEerm8AySakAYngtv44z4eLearKTyOOms3OPbpo3zIDy5U1BY6b3kWhuo2nXQckjf88qywt8f7Gk2IV1O7593nDsp1pfdJysSHSremztugOxZKyORDXV0BnqCNGPxehpWaRbwrF1HtyHe7v5Kt1L4pcGcSvJ6M93X1etsTv9n4RBbmHWPIHT8TAkM54TSeWPfbjI5PRtTJ445M0VvIPDCpYov3hoieeyqxgvm8YgR3lXPlSl4HZH7Y6D1o1kDfS3N9yahwq8AL5q7YLcGLTNJ0qLos51HX4v7DFoa5xKRCaYBWbhH55r5wcuYhwGfBbmeRKoXh9OUjNwgYNY3Sp9oBDmSa38Lfu06fo3xySsRFY8EL6IDvR26vpZFs7rHCrORQRooKQgpOo4AvNe1Eg8aF7Q8fiQRJFIAx7YhXeHMDLm9yAadRioxqeFFxwxgbfQInPZk4H7HsuQ141fWjDtKS9ppFWFRcwAAlzUpg2?cfg=bdordi@westonforest.com Certificate IssuerDigiCert Inc Subjectaadcdn.msftauth.net Fingerprint3C:9E:70:F5:B3:D1:80:80:8C:97:1C:7B:7E:A8:2C:D8:7B:94:95:0B ValidityFri, 01 Dec 2023 00:00:00 GMT - Sun, 01 Dec 2024 23:59:59 GMT File type SVG Scalable Vector Graphics image Size 621 B (621 bytes) Hash 4e48046ce74f4b89d45037c90576bfac 4a41b3b51ed787f7b33294202da72220c7cd2c32 8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93 HTTP Headers `GET /shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg HTTP/1.1 Host: aadcdn.msftauth.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://k3ed.icu/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK content-encoding: gzip accept-ranges: bytes access-control-allow-origin: * access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding age: 1932957 cache-control: public, max-age=31536000 content-md5: R2FAVxfpONfnQAuxVxXbHg== content-type: image/svg+xml date: Tue, 16 Apr 2024 12:34:39 GMT etag: 0x8D8852A740F01B9 last-modified: Tue, 10 Nov 2020 03:41:05 GMT server: ECAcc (ska/F695) vary: Accept-Encoding x-cache: HIT x-ms-blob-type: BlockBlob x-ms-lease-status: unlocked x-ms-request-id: 4c2f906d-401e-0037-6c65-7eaa39000000 x-ms-version: 2009-09-19 content-length: 621 X-Firefox-Spdy: h2

	aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css	152.199.23.37	200 OK	20 kB
URL GET HTTP/2 aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css IP 152.199.23.37:443 ASN #15133 EDGECAST Requested by https://k3ed.icu/main/main.php#pngKjL7ZpUedq2GIFNQfTt2zYJsaDmP2K6N3RV3hPhvfkbY0YPfSiish2UsGhhI1nw5fr8xhq2xKdvKck04DjxUmsn2JFKL3hRjI0QZqSxb62WjmXoZgVUCniE7XpS1HKkpKbpa4WlaZiulfSlvOf8bxNjvdbxUVSkG3JQ7GciFuM1JFmftCoEabXFp9dj55DL8nCg4PzKklL418juKI9UU7AjgNDmTh82FLiJARuUdgZeoiJ91S3VZDegrSDk9MmOxFy8x23Lj2ZIlJRmBUhBywRZoukxgHlOmUWTWZEg1EYmoPJZJ0AiwsiUXCsekN2GHZAEZfV1UToiI7hs7SLEk3zhG1w0PyGxyhcxw7yq0WIJ4ZcbSXQc0puGq0HfznM8EYFb6eB7bjQfj3rc0ho1GTI6UpmuN9Cs8iDewflHzcWTfo5gFuhln0sipONdYpF6HjlezGW8TT18h6oWAGhYGKh6z4jxuZEcjZqSGn1zg2Ix97tKNLIuv0A44UCzUgLefc6Vz8vPadmjkQ38BMC7MdbR8Or24chkpogYwLOGYb0j14rDQ4LDhWvpLWsP9J9y7pxDbmkayktAoVdfZYTgVoGHl8wvRG3Z6BChYXswhV6GQkVPjP6fdMWzVs4N98MgKpxImZfDVlkMGfCZ5IeivaSqDWdM5Z2PpAxLAMpw8JiOZUN4D2n8dfzQcMDhMG6bhEXSrmoA5Go5Bc9ffxosMXiZKVgwCnIT2FLt1937QsdsFnIUU6mH3EGNAWkdk26mHSQJ2TRSm4l1r3Vl9h2dWJ1xGlK0nRn5JdOL6FEtK0ub3pxdHzrDisaYNVZbMmgvz4hGKV9uVEGZ3ddKNEo66z5Uu45hrlN0q4HbZQFVulUyz7jmMIsShxNMCS43eR4EVLQVCvR7RLFqTZNGHfzZNmMqfRttIy8EjYzVur3lcIM6IAMqQlqDId4X4yqM6zrpx1l2sooF7aLQKygAUHeCUjzYR0LXzcn7eJ9G8xlfI75tFm4A4jcYCMXuNJsnWPuazEQHcbXUj3nYpszuLMsoyqSm9kJ5adgJS6q4ioZBrmARP9lAVOYueRQobztlNJ4GQvK8UJKl6lcVvywqmvVAmMZxmtT9dYP3uAcojXJqiWlNuSeQnarKWrhiUbs79haDSn1bkKCDHYqbQF2ePuYLVg3PrvWAN7dFufRP0usHsTTjyVxnqw9lNdbeJ8Pwf3cKi4Aiy201VTkuORRfo0AbeMqXUgtajGVCLvVkyVluOFYDxQSVRt75fx29Owk7cfKXKGiiBDMqjK4QAXMrqUwFryPf49nho8f9OxrqbeRuYVkzT71j1yZt7PJcZ7tofJx4gZvsdmWcihMboNvqlvTskDEjK8H0Rf58eABsXxEgOqsdeXEzsx2NbH7VQPWH41QjBrLzZqPOQh24fGEIeHwpoDleshWwiNQUfBte1j3SB5XQLCzZj5pIJKXb1TIjHydXaHcc0f4Bk2s5E25X8uFReC2fwLzejNbuuoGvDL7XNz3rC9pKE4BSHE8epItJwFd13UwGFDEsdIUPSjzwobp6PylegOXMubNy5keKYTdcC71vrB1PNrWCZhRg6P3A0R85bnQah4mUcopDZrtNSppRGg7N5ao61wcdU3nc7J7j8wX7XqVPQkHwBPkHZIN1fZf92Dmantuv0rCYSyNISvfukzbkhZmwZBG2e3cBxH6x8Jv1hjKaPZE9zQtRPPoOr4RG83hFKodT8IVq2FARFf1f5u6VkuKMzBsHFKnp8AjhjeHmUhdAxePCJVy4qiQZTiHz25ZbFisZx9lsrz2ZNRBxMaBdsrcmKUVMZUYFdqELAZd2yf1m7DTUNv7gWkDGezteurTHSxstxGw5Wys3blXZQ5gNpTuEtXSXpLEhi7LPOhVKPnO1JM1zRhngbRUEOMBeygwQnhGbzCWpZKqIwrioJGFUxAymnaAVq6MOos0X4Wm4HNNef6CYMhTjRsGeCga2nWQLpQIuN5yuSlJ7sl6eDZyvreJ4vT6SQXDfOlJCri7jEQr6cykPxSkZ743CYauP874XtNzU6GeKxFQJeazM3ULbZPNY0iN8pS6TGFOMm2wUImEWxeIB8uM8kz6kSUtiMzbsfZeC2KwK6bHEppfxU1GeBMytH2LtCXWRWauYV1J1cqGBQV9KWPZyCy1jANNcKJ4HTyGPzpQMQwnHswsomrWYZYiAL6NvPSdJrTy0jpM9WaRoHjN3LK2LIlltr9Zh1d0s6ytqYgzUrri8K6cvQfgyBC22M2jNfkgmTKMR1mLsN4ByaO403kzEXBHJE1xUlOgez25ApR3cVFL6tP7xaGc7iTRXUoRgd7uMaAnArrNn7yuAnC8yjkFBdxz8Wqo9yTWJukjVL7jTFOu3qCBJWhlaOUjKlITTCQD6aX2W4lPJajNAVpjSGF3uznfU58OHZrO9oQ5tcVdme0Wapg36V6AvuPqzYehXG575Vdz78MunMqxcHAiDHT8bJzLIO3Gv8NA409b9WFwI63VOEerm8AySakAYngtv44z4eLearKTyOOms3OPbpo3zIDy5U1BY6b3kWhuo2nXQckjf88qywt8f7Gk2IV1O7593nDsp1pfdJysSHSremztugOxZKyORDXV0BnqCNGPxehpWaRbwrF1HtyHe7v5Kt1L4pcGcSvJ6M93X1etsTv9n4RBbmHWPIHT8TAkM54TSeWPfbjI5PRtTJ445M0VvIPDCpYov3hoieeyqxgvm8YgR3lXPlSl4HZH7Y6D1o1kDfS3N9yahwq8AL5q7YLcGLTNJ0qLos51HX4v7DFoa5xKRCaYBWbhH55r5wcuYhwGfBbmeRKoXh9OUjNwgYNY3Sp9oBDmSa38Lfu06fo3xySsRFY8EL6IDvR26vpZFs7rHCrORQRooKQgpOo4AvNe1Eg8aF7Q8fiQRJFIAx7YhXeHMDLm9yAadRioxqeFFxwxgbfQInPZk4H7HsuQ141fWjDtKS9ppFWFRcwAAlzUpg2?cfg=bdordi@westonforest.com Certificate IssuerDigiCert Inc Subjectaadcdn.msftauth.net Fingerprint3C:9E:70:F5:B3:D1:80:80:8C:97:1C:7B:7E:A8:2C:D8:7B:94:95:0B ValidityFri, 01 Dec 2023 00:00:00 GMT - Sun, 01 Dec 2024 23:59:59 GMT File type ASCII text, with very long lines (61177) Size 20 kB (19970 bytes) Hash f0e5964f8bbedf73d2d3001623bb663b aadf3504d5e5a93e678487eeb4a63398f2699341 9537f00ca371747a97a2acca388f7b2379a7fa7c59bde18c3d2621c0de8de492 HTTP Headers `GET /ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css HTTP/1.1 Host: aadcdn.msftauth.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br X-Moz: prefetch DNT: 1 Connection: keep-alive Referer: https://k3ed.icu/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK content-encoding: gzip accept-ranges: bytes access-control-allow-origin: * access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding age: 1897617 cache-control: public, max-age=31536000 content-md5: 9K2/nGCj75WAmmAI9nZNCA== content-type: text/css date: Tue, 16 Apr 2024 12:34:39 GMT etag: 0x8DA7650B375AC9B last-modified: Thu, 04 Aug 2022 19:37:00 GMT server: ECAcc (ska/F7A0) vary: Accept-Encoding x-cache: HIT x-ms-blob-type: BlockBlob x-ms-lease-status: unlocked x-ms-request-id: 8887ee14-601e-0019-5fb8-7e9917000000 x-ms-version: 2009-09-19 content-length: 19970 X-Firefox-Spdy: h2

	aadcdn.msftauth.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg	152.199.23.37	200 OK	1.4 kB
URL GET HTTP/2 aadcdn.msftauth.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg IP 152.199.23.37:443 ASN #15133 EDGECAST Requested by https://k3ed.icu/main/main.php#pngKjL7ZpUedq2GIFNQfTt2zYJsaDmP2K6N3RV3hPhvfkbY0YPfSiish2UsGhhI1nw5fr8xhq2xKdvKck04DjxUmsn2JFKL3hRjI0QZqSxb62WjmXoZgVUCniE7XpS1HKkpKbpa4WlaZiulfSlvOf8bxNjvdbxUVSkG3JQ7GciFuM1JFmftCoEabXFp9dj55DL8nCg4PzKklL418juKI9UU7AjgNDmTh82FLiJARuUdgZeoiJ91S3VZDegrSDk9MmOxFy8x23Lj2ZIlJRmBUhBywRZoukxgHlOmUWTWZEg1EYmoPJZJ0AiwsiUXCsekN2GHZAEZfV1UToiI7hs7SLEk3zhG1w0PyGxyhcxw7yq0WIJ4ZcbSXQc0puGq0HfznM8EYFb6eB7bjQfj3rc0ho1GTI6UpmuN9Cs8iDewflHzcWTfo5gFuhln0sipONdYpF6HjlezGW8TT18h6oWAGhYGKh6z4jxuZEcjZqSGn1zg2Ix97tKNLIuv0A44UCzUgLefc6Vz8vPadmjkQ38BMC7MdbR8Or24chkpogYwLOGYb0j14rDQ4LDhWvpLWsP9J9y7pxDbmkayktAoVdfZYTgVoGHl8wvRG3Z6BChYXswhV6GQkVPjP6fdMWzVs4N98MgKpxImZfDVlkMGfCZ5IeivaSqDWdM5Z2PpAxLAMpw8JiOZUN4D2n8dfzQcMDhMG6bhEXSrmoA5Go5Bc9ffxosMXiZKVgwCnIT2FLt1937QsdsFnIUU6mH3EGNAWkdk26mHSQJ2TRSm4l1r3Vl9h2dWJ1xGlK0nRn5JdOL6FEtK0ub3pxdHzrDisaYNVZbMmgvz4hGKV9uVEGZ3ddKNEo66z5Uu45hrlN0q4HbZQFVulUyz7jmMIsShxNMCS43eR4EVLQVCvR7RLFqTZNGHfzZNmMqfRttIy8EjYzVur3lcIM6IAMqQlqDId4X4yqM6zrpx1l2sooF7aLQKygAUHeCUjzYR0LXzcn7eJ9G8xlfI75tFm4A4jcYCMXuNJsnWPuazEQHcbXUj3nYpszuLMsoyqSm9kJ5adgJS6q4ioZBrmARP9lAVOYueRQobztlNJ4GQvK8UJKl6lcVvywqmvVAmMZxmtT9dYP3uAcojXJqiWlNuSeQnarKWrhiUbs79haDSn1bkKCDHYqbQF2ePuYLVg3PrvWAN7dFufRP0usHsTTjyVxnqw9lNdbeJ8Pwf3cKi4Aiy201VTkuORRfo0AbeMqXUgtajGVCLvVkyVluOFYDxQSVRt75fx29Owk7cfKXKGiiBDMqjK4QAXMrqUwFryPf49nho8f9OxrqbeRuYVkzT71j1yZt7PJcZ7tofJx4gZvsdmWcihMboNvqlvTskDEjK8H0Rf58eABsXxEgOqsdeXEzsx2NbH7VQPWH41QjBrLzZqPOQh24fGEIeHwpoDleshWwiNQUfBte1j3SB5XQLCzZj5pIJKXb1TIjHydXaHcc0f4Bk2s5E25X8uFReC2fwLzejNbuuoGvDL7XNz3rC9pKE4BSHE8epItJwFd13UwGFDEsdIUPSjzwobp6PylegOXMubNy5keKYTdcC71vrB1PNrWCZhRg6P3A0R85bnQah4mUcopDZrtNSppRGg7N5ao61wcdU3nc7J7j8wX7XqVPQkHwBPkHZIN1fZf92Dmantuv0rCYSyNISvfukzbkhZmwZBG2e3cBxH6x8Jv1hjKaPZE9zQtRPPoOr4RG83hFKodT8IVq2FARFf1f5u6VkuKMzBsHFKnp8AjhjeHmUhdAxePCJVy4qiQZTiHz25ZbFisZx9lsrz2ZNRBxMaBdsrcmKUVMZUYFdqELAZd2yf1m7DTUNv7gWkDGezteurTHSxstxGw5Wys3blXZQ5gNpTuEtXSXpLEhi7LPOhVKPnO1JM1zRhngbRUEOMBeygwQnhGbzCWpZKqIwrioJGFUxAymnaAVq6MOos0X4Wm4HNNef6CYMhTjRsGeCga2nWQLpQIuN5yuSlJ7sl6eDZyvreJ4vT6SQXDfOlJCri7jEQr6cykPxSkZ743CYauP874XtNzU6GeKxFQJeazM3ULbZPNY0iN8pS6TGFOMm2wUImEWxeIB8uM8kz6kSUtiMzbsfZeC2KwK6bHEppfxU1GeBMytH2LtCXWRWauYV1J1cqGBQV9KWPZyCy1jANNcKJ4HTyGPzpQMQwnHswsomrWYZYiAL6NvPSdJrTy0jpM9WaRoHjN3LK2LIlltr9Zh1d0s6ytqYgzUrri8K6cvQfgyBC22M2jNfkgmTKMR1mLsN4ByaO403kzEXBHJE1xUlOgez25ApR3cVFL6tP7xaGc7iTRXUoRgd7uMaAnArrNn7yuAnC8yjkFBdxz8Wqo9yTWJukjVL7jTFOu3qCBJWhlaOUjKlITTCQD6aX2W4lPJajNAVpjSGF3uznfU58OHZrO9oQ5tcVdme0Wapg36V6AvuPqzYehXG575Vdz78MunMqxcHAiDHT8bJzLIO3Gv8NA409b9WFwI63VOEerm8AySakAYngtv44z4eLearKTyOOms3OPbpo3zIDy5U1BY6b3kWhuo2nXQckjf88qywt8f7Gk2IV1O7593nDsp1pfdJysSHSremztugOxZKyORDXV0BnqCNGPxehpWaRbwrF1HtyHe7v5Kt1L4pcGcSvJ6M93X1etsTv9n4RBbmHWPIHT8TAkM54TSeWPfbjI5PRtTJ445M0VvIPDCpYov3hoieeyqxgvm8YgR3lXPlSl4HZH7Y6D1o1kDfS3N9yahwq8AL5q7YLcGLTNJ0qLos51HX4v7DFoa5xKRCaYBWbhH55r5wcuYhwGfBbmeRKoXh9OUjNwgYNY3Sp9oBDmSa38Lfu06fo3xySsRFY8EL6IDvR26vpZFs7rHCrORQRooKQgpOo4AvNe1Eg8aF7Q8fiQRJFIAx7YhXeHMDLm9yAadRioxqeFFxwxgbfQInPZk4H7HsuQ141fWjDtKS9ppFWFRcwAAlzUpg2?cfg=bdordi@westonforest.com Certificate IssuerDigiCert Inc Subjectaadcdn.msftauth.net Fingerprint3C:9E:70:F5:B3:D1:80:80:8C:97:1C:7B:7E:A8:2C:D8:7B:94:95:0B ValidityFri, 01 Dec 2023 00:00:00 GMT - Sun, 01 Dec 2024 23:59:59 GMT File type SVG Scalable Vector Graphics image Size 1.4 kB (1435 bytes) Hash ee5c8d9fb6248c938fd0dc19370e90bd d01a22720918b781338b5bbf9202b241a5f99ee4 04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a HTTP Headers `GET /shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg HTTP/1.1 Host: aadcdn.msftauth.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://k3ed.icu/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK content-encoding: gzip accept-ranges: bytes access-control-allow-origin: * access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding age: 1751252 cache-control: public, max-age=31536000 content-md5: nzaLxFgP7ZB3dfMcaybWzw== content-type: image/svg+xml date: Tue, 16 Apr 2024 12:34:39 GMT etag: 0x8D79A1B9F5E121A last-modified: Thu, 16 Jan 2020 00:32:52 GMT server: ECAcc (ska/F76D) vary: Accept-Encoding x-cache: HIT x-ms-blob-type: BlockBlob x-ms-lease-status: unlocked x-ms-request-id: a1e45449-701e-0068-210c-804015000000 x-ms-version: 2009-09-19 content-length: 1435 X-Firefox-Spdy: h2

	aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_ziytf8dzt9eg1s6-ohhleg2.css	13.107.246.53	200 OK	20 kB
URL GET HTTP/2 aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_ziytf8dzt9eg1s6-ohhleg2.css IP 13.107.246.53:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://k3ed.icu/main/main.php#pngKjL7ZpUedq2GIFNQfTt2zYJsaDmP2K6N3RV3hPhvfkbY0YPfSiish2UsGhhI1nw5fr8xhq2xKdvKck04DjxUmsn2JFKL3hRjI0QZqSxb62WjmXoZgVUCniE7XpS1HKkpKbpa4WlaZiulfSlvOf8bxNjvdbxUVSkG3JQ7GciFuM1JFmftCoEabXFp9dj55DL8nCg4PzKklL418juKI9UU7AjgNDmTh82FLiJARuUdgZeoiJ91S3VZDegrSDk9MmOxFy8x23Lj2ZIlJRmBUhBywRZoukxgHlOmUWTWZEg1EYmoPJZJ0AiwsiUXCsekN2GHZAEZfV1UToiI7hs7SLEk3zhG1w0PyGxyhcxw7yq0WIJ4ZcbSXQc0puGq0HfznM8EYFb6eB7bjQfj3rc0ho1GTI6UpmuN9Cs8iDewflHzcWTfo5gFuhln0sipONdYpF6HjlezGW8TT18h6oWAGhYGKh6z4jxuZEcjZqSGn1zg2Ix97tKNLIuv0A44UCzUgLefc6Vz8vPadmjkQ38BMC7MdbR8Or24chkpogYwLOGYb0j14rDQ4LDhWvpLWsP9J9y7pxDbmkayktAoVdfZYTgVoGHl8wvRG3Z6BChYXswhV6GQkVPjP6fdMWzVs4N98MgKpxImZfDVlkMGfCZ5IeivaSqDWdM5Z2PpAxLAMpw8JiOZUN4D2n8dfzQcMDhMG6bhEXSrmoA5Go5Bc9ffxosMXiZKVgwCnIT2FLt1937QsdsFnIUU6mH3EGNAWkdk26mHSQJ2TRSm4l1r3Vl9h2dWJ1xGlK0nRn5JdOL6FEtK0ub3pxdHzrDisaYNVZbMmgvz4hGKV9uVEGZ3ddKNEo66z5Uu45hrlN0q4HbZQFVulUyz7jmMIsShxNMCS43eR4EVLQVCvR7RLFqTZNGHfzZNmMqfRttIy8EjYzVur3lcIM6IAMqQlqDId4X4yqM6zrpx1l2sooF7aLQKygAUHeCUjzYR0LXzcn7eJ9G8xlfI75tFm4A4jcYCMXuNJsnWPuazEQHcbXUj3nYpszuLMsoyqSm9kJ5adgJS6q4ioZBrmARP9lAVOYueRQobztlNJ4GQvK8UJKl6lcVvywqmvVAmMZxmtT9dYP3uAcojXJqiWlNuSeQnarKWrhiUbs79haDSn1bkKCDHYqbQF2ePuYLVg3PrvWAN7dFufRP0usHsTTjyVxnqw9lNdbeJ8Pwf3cKi4Aiy201VTkuORRfo0AbeMqXUgtajGVCLvVkyVluOFYDxQSVRt75fx29Owk7cfKXKGiiBDMqjK4QAXMrqUwFryPf49nho8f9OxrqbeRuYVkzT71j1yZt7PJcZ7tofJx4gZvsdmWcihMboNvqlvTskDEjK8H0Rf58eABsXxEgOqsdeXEzsx2NbH7VQPWH41QjBrLzZqPOQh24fGEIeHwpoDleshWwiNQUfBte1j3SB5XQLCzZj5pIJKXb1TIjHydXaHcc0f4Bk2s5E25X8uFReC2fwLzejNbuuoGvDL7XNz3rC9pKE4BSHE8epItJwFd13UwGFDEsdIUPSjzwobp6PylegOXMubNy5keKYTdcC71vrB1PNrWCZhRg6P3A0R85bnQah4mUcopDZrtNSppRGg7N5ao61wcdU3nc7J7j8wX7XqVPQkHwBPkHZIN1fZf92Dmantuv0rCYSyNISvfukzbkhZmwZBG2e3cBxH6x8Jv1hjKaPZE9zQtRPPoOr4RG83hFKodT8IVq2FARFf1f5u6VkuKMzBsHFKnp8AjhjeHmUhdAxePCJVy4qiQZTiHz25ZbFisZx9lsrz2ZNRBxMaBdsrcmKUVMZUYFdqELAZd2yf1m7DTUNv7gWkDGezteurTHSxstxGw5Wys3blXZQ5gNpTuEtXSXpLEhi7LPOhVKPnO1JM1zRhngbRUEOMBeygwQnhGbzCWpZKqIwrioJGFUxAymnaAVq6MOos0X4Wm4HNNef6CYMhTjRsGeCga2nWQLpQIuN5yuSlJ7sl6eDZyvreJ4vT6SQXDfOlJCri7jEQr6cykPxSkZ743CYauP874XtNzU6GeKxFQJeazM3ULbZPNY0iN8pS6TGFOMm2wUImEWxeIB8uM8kz6kSUtiMzbsfZeC2KwK6bHEppfxU1GeBMytH2LtCXWRWauYV1J1cqGBQV9KWPZyCy1jANNcKJ4HTyGPzpQMQwnHswsomrWYZYiAL6NvPSdJrTy0jpM9WaRoHjN3LK2LIlltr9Zh1d0s6ytqYgzUrri8K6cvQfgyBC22M2jNfkgmTKMR1mLsN4ByaO403kzEXBHJE1xUlOgez25ApR3cVFL6tP7xaGc7iTRXUoRgd7uMaAnArrNn7yuAnC8yjkFBdxz8Wqo9yTWJukjVL7jTFOu3qCBJWhlaOUjKlITTCQD6aX2W4lPJajNAVpjSGF3uznfU58OHZrO9oQ5tcVdme0Wapg36V6AvuPqzYehXG575Vdz78MunMqxcHAiDHT8bJzLIO3Gv8NA409b9WFwI63VOEerm8AySakAYngtv44z4eLearKTyOOms3OPbpo3zIDy5U1BY6b3kWhuo2nXQckjf88qywt8f7Gk2IV1O7593nDsp1pfdJysSHSremztugOxZKyORDXV0BnqCNGPxehpWaRbwrF1HtyHe7v5Kt1L4pcGcSvJ6M93X1etsTv9n4RBbmHWPIHT8TAkM54TSeWPfbjI5PRtTJ445M0VvIPDCpYov3hoieeyqxgvm8YgR3lXPlSl4HZH7Y6D1o1kDfS3N9yahwq8AL5q7YLcGLTNJ0qLos51HX4v7DFoa5xKRCaYBWbhH55r5wcuYhwGfBbmeRKoXh9OUjNwgYNY3Sp9oBDmSa38Lfu06fo3xySsRFY8EL6IDvR26vpZFs7rHCrORQRooKQgpOo4AvNe1Eg8aF7Q8fiQRJFIAx7YhXeHMDLm9yAadRioxqeFFxwxgbfQInPZk4H7HsuQ141fWjDtKS9ppFWFRcwAAlzUpg2?cfg=bdordi@westonforest.com Certificate IssuerDigiCert Inc Subjectaadcdn.msauth.net FingerprintEB:7C:D1:4E:EF:B5:D4:72:25:0B:1A:AF:5F:10:3D:EA:13:80:5A:47 ValidityMon, 29 Jan 2024 00:00:00 GMT - Wed, 29 Jan 2025 23:59:59 GMT File type ASCII text, with very long lines (61177) Size 20 kB (19953 bytes) Hash ce26137fc0d9b7d7a0d52ebe3a186512 b9d7fb3fe7d08f46c2d1153bb47b13809375c663 1304c5090f063c677a5b3720fe7b97ef4d9ea102e2bdd837ce399df6057fe385 HTTP Headers `GET /ests/2.1/content/cdnbundles/converged.v2.login.min_ziytf8dzt9eg1s6-ohhleg2.css HTTP/1.1 Host: aadcdn.msauth.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://k3ed.icu DNT: 1 Connection: keep-alive Referer: https://k3ed.icu/ Sec-Fetch-Dest: style Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 16 Apr 2024 12:34:39 GMT content-type: text/css content-length: 19953 cache-control: public, max-age=31536000 content-encoding: gzip last-modified: Mon, 18 Apr 2022 21:18:26 GMT etag: 0x8DA2180FA29F5AF x-ms-request-id: 7fee1130-201e-0058-3033-8fdebc000000 x-ms-version: 2009-09-19 x-ms-lease-status: unlocked x-ms-blob-type: BlockBlob access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding access-control-allow-origin: * x-azure-ref: 20240416T123439Z-16c87f56bf7lj4dfuz81h69uc8000000020g000000006szk x-fd-int-roxy-purgeid: 4554691 x-cache: TCP_HIT accept-ranges: bytes X-Firefox-Spdy: h2

	aadcdn.msftauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico	152.199.23.37	200 OK	17 kB
URL GET HTTP/2 aadcdn.msftauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico IP 152.199.23.37:443 ASN #15133 EDGECAST Requested by https://k3ed.icu/main/main.php#pngKjL7ZpUedq2GIFNQfTt2zYJsaDmP2K6N3RV3hPhvfkbY0YPfSiish2UsGhhI1nw5fr8xhq2xKdvKck04DjxUmsn2JFKL3hRjI0QZqSxb62WjmXoZgVUCniE7XpS1HKkpKbpa4WlaZiulfSlvOf8bxNjvdbxUVSkG3JQ7GciFuM1JFmftCoEabXFp9dj55DL8nCg4PzKklL418juKI9UU7AjgNDmTh82FLiJARuUdgZeoiJ91S3VZDegrSDk9MmOxFy8x23Lj2ZIlJRmBUhBywRZoukxgHlOmUWTWZEg1EYmoPJZJ0AiwsiUXCsekN2GHZAEZfV1UToiI7hs7SLEk3zhG1w0PyGxyhcxw7yq0WIJ4ZcbSXQc0puGq0HfznM8EYFb6eB7bjQfj3rc0ho1GTI6UpmuN9Cs8iDewflHzcWTfo5gFuhln0sipONdYpF6HjlezGW8TT18h6oWAGhYGKh6z4jxuZEcjZqSGn1zg2Ix97tKNLIuv0A44UCzUgLefc6Vz8vPadmjkQ38BMC7MdbR8Or24chkpogYwLOGYb0j14rDQ4LDhWvpLWsP9J9y7pxDbmkayktAoVdfZYTgVoGHl8wvRG3Z6BChYXswhV6GQkVPjP6fdMWzVs4N98MgKpxImZfDVlkMGfCZ5IeivaSqDWdM5Z2PpAxLAMpw8JiOZUN4D2n8dfzQcMDhMG6bhEXSrmoA5Go5Bc9ffxosMXiZKVgwCnIT2FLt1937QsdsFnIUU6mH3EGNAWkdk26mHSQJ2TRSm4l1r3Vl9h2dWJ1xGlK0nRn5JdOL6FEtK0ub3pxdHzrDisaYNVZbMmgvz4hGKV9uVEGZ3ddKNEo66z5Uu45hrlN0q4HbZQFVulUyz7jmMIsShxNMCS43eR4EVLQVCvR7RLFqTZNGHfzZNmMqfRttIy8EjYzVur3lcIM6IAMqQlqDId4X4yqM6zrpx1l2sooF7aLQKygAUHeCUjzYR0LXzcn7eJ9G8xlfI75tFm4A4jcYCMXuNJsnWPuazEQHcbXUj3nYpszuLMsoyqSm9kJ5adgJS6q4ioZBrmARP9lAVOYueRQobztlNJ4GQvK8UJKl6lcVvywqmvVAmMZxmtT9dYP3uAcojXJqiWlNuSeQnarKWrhiUbs79haDSn1bkKCDHYqbQF2ePuYLVg3PrvWAN7dFufRP0usHsTTjyVxnqw9lNdbeJ8Pwf3cKi4Aiy201VTkuORRfo0AbeMqXUgtajGVCLvVkyVluOFYDxQSVRt75fx29Owk7cfKXKGiiBDMqjK4QAXMrqUwFryPf49nho8f9OxrqbeRuYVkzT71j1yZt7PJcZ7tofJx4gZvsdmWcihMboNvqlvTskDEjK8H0Rf58eABsXxEgOqsdeXEzsx2NbH7VQPWH41QjBrLzZqPOQh24fGEIeHwpoDleshWwiNQUfBte1j3SB5XQLCzZj5pIJKXb1TIjHydXaHcc0f4Bk2s5E25X8uFReC2fwLzejNbuuoGvDL7XNz3rC9pKE4BSHE8epItJwFd13UwGFDEsdIUPSjzwobp6PylegOXMubNy5keKYTdcC71vrB1PNrWCZhRg6P3A0R85bnQah4mUcopDZrtNSppRGg7N5ao61wcdU3nc7J7j8wX7XqVPQkHwBPkHZIN1fZf92Dmantuv0rCYSyNISvfukzbkhZmwZBG2e3cBxH6x8Jv1hjKaPZE9zQtRPPoOr4RG83hFKodT8IVq2FARFf1f5u6VkuKMzBsHFKnp8AjhjeHmUhdAxePCJVy4qiQZTiHz25ZbFisZx9lsrz2ZNRBxMaBdsrcmKUVMZUYFdqELAZd2yf1m7DTUNv7gWkDGezteurTHSxstxGw5Wys3blXZQ5gNpTuEtXSXpLEhi7LPOhVKPnO1JM1zRhngbRUEOMBeygwQnhGbzCWpZKqIwrioJGFUxAymnaAVq6MOos0X4Wm4HNNef6CYMhTjRsGeCga2nWQLpQIuN5yuSlJ7sl6eDZyvreJ4vT6SQXDfOlJCri7jEQr6cykPxSkZ743CYauP874XtNzU6GeKxFQJeazM3ULbZPNY0iN8pS6TGFOMm2wUImEWxeIB8uM8kz6kSUtiMzbsfZeC2KwK6bHEppfxU1GeBMytH2LtCXWRWauYV1J1cqGBQV9KWPZyCy1jANNcKJ4HTyGPzpQMQwnHswsomrWYZYiAL6NvPSdJrTy0jpM9WaRoHjN3LK2LIlltr9Zh1d0s6ytqYgzUrri8K6cvQfgyBC22M2jNfkgmTKMR1mLsN4ByaO403kzEXBHJE1xUlOgez25ApR3cVFL6tP7xaGc7iTRXUoRgd7uMaAnArrNn7yuAnC8yjkFBdxz8Wqo9yTWJukjVL7jTFOu3qCBJWhlaOUjKlITTCQD6aX2W4lPJajNAVpjSGF3uznfU58OHZrO9oQ5tcVdme0Wapg36V6AvuPqzYehXG575Vdz78MunMqxcHAiDHT8bJzLIO3Gv8NA409b9WFwI63VOEerm8AySakAYngtv44z4eLearKTyOOms3OPbpo3zIDy5U1BY6b3kWhuo2nXQckjf88qywt8f7Gk2IV1O7593nDsp1pfdJysSHSremztugOxZKyORDXV0BnqCNGPxehpWaRbwrF1HtyHe7v5Kt1L4pcGcSvJ6M93X1etsTv9n4RBbmHWPIHT8TAkM54TSeWPfbjI5PRtTJ445M0VvIPDCpYov3hoieeyqxgvm8YgR3lXPlSl4HZH7Y6D1o1kDfS3N9yahwq8AL5q7YLcGLTNJ0qLos51HX4v7DFoa5xKRCaYBWbhH55r5wcuYhwGfBbmeRKoXh9OUjNwgYNY3Sp9oBDmSa38Lfu06fo3xySsRFY8EL6IDvR26vpZFs7rHCrORQRooKQgpOo4AvNe1Eg8aF7Q8fiQRJFIAx7YhXeHMDLm9yAadRioxqeFFxwxgbfQInPZk4H7HsuQ141fWjDtKS9ppFWFRcwAAlzUpg2?cfg=bdordi@westonforest.com Certificate IssuerDigiCert Inc Subjectaadcdn.msftauth.net Fingerprint3C:9E:70:F5:B3:D1:80:80:8C:97:1C:7B:7E:A8:2C:D8:7B:94:95:0B ValidityFri, 01 Dec 2023 00:00:00 GMT - Sun, 01 Dec 2024 23:59:59 GMT File type MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors Size 17 kB (17174 bytes) Hash 12e3dac858061d088023b2bd48e2fa96 e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5 90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21 HTTP Headers `GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1 Host: aadcdn.msftauth.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://k3ed.icu/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding age: 1937657 cache-control: public, max-age=31536000 content-md5: EuPayFgGHQiAI7K9SOL6lg== content-type: image/x-icon date: Tue, 16 Apr 2024 12:34:39 GMT etag: 0x8D8731240E548EB last-modified: Sun, 18 Oct 2020 03:02:30 GMT server: ECAcc (ska/F738) x-cache: HIT x-ms-blob-type: BlockBlob x-ms-lease-status: unlocked x-ms-request-id: 582df77a-301e-0028-1b5a-7e9304000000 x-ms-version: 2009-09-19 content-length: 17174 X-Firefox-Spdy: h2

	aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg	152.199.23.37	200 OK	673 B
URL GET HTTP/2 aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg IP 152.199.23.37:443 ASN #15133 EDGECAST Requested by https://k3ed.icu/main/main.php#pngKjL7ZpUedq2GIFNQfTt2zYJsaDmP2K6N3RV3hPhvfkbY0YPfSiish2UsGhhI1nw5fr8xhq2xKdvKck04DjxUmsn2JFKL3hRjI0QZqSxb62WjmXoZgVUCniE7XpS1HKkpKbpa4WlaZiulfSlvOf8bxNjvdbxUVSkG3JQ7GciFuM1JFmftCoEabXFp9dj55DL8nCg4PzKklL418juKI9UU7AjgNDmTh82FLiJARuUdgZeoiJ91S3VZDegrSDk9MmOxFy8x23Lj2ZIlJRmBUhBywRZoukxgHlOmUWTWZEg1EYmoPJZJ0AiwsiUXCsekN2GHZAEZfV1UToiI7hs7SLEk3zhG1w0PyGxyhcxw7yq0WIJ4ZcbSXQc0puGq0HfznM8EYFb6eB7bjQfj3rc0ho1GTI6UpmuN9Cs8iDewflHzcWTfo5gFuhln0sipONdYpF6HjlezGW8TT18h6oWAGhYGKh6z4jxuZEcjZqSGn1zg2Ix97tKNLIuv0A44UCzUgLefc6Vz8vPadmjkQ38BMC7MdbR8Or24chkpogYwLOGYb0j14rDQ4LDhWvpLWsP9J9y7pxDbmkayktAoVdfZYTgVoGHl8wvRG3Z6BChYXswhV6GQkVPjP6fdMWzVs4N98MgKpxImZfDVlkMGfCZ5IeivaSqDWdM5Z2PpAxLAMpw8JiOZUN4D2n8dfzQcMDhMG6bhEXSrmoA5Go5Bc9ffxosMXiZKVgwCnIT2FLt1937QsdsFnIUU6mH3EGNAWkdk26mHSQJ2TRSm4l1r3Vl9h2dWJ1xGlK0nRn5JdOL6FEtK0ub3pxdHzrDisaYNVZbMmgvz4hGKV9uVEGZ3ddKNEo66z5Uu45hrlN0q4HbZQFVulUyz7jmMIsShxNMCS43eR4EVLQVCvR7RLFqTZNGHfzZNmMqfRttIy8EjYzVur3lcIM6IAMqQlqDId4X4yqM6zrpx1l2sooF7aLQKygAUHeCUjzYR0LXzcn7eJ9G8xlfI75tFm4A4jcYCMXuNJsnWPuazEQHcbXUj3nYpszuLMsoyqSm9kJ5adgJS6q4ioZBrmARP9lAVOYueRQobztlNJ4GQvK8UJKl6lcVvywqmvVAmMZxmtT9dYP3uAcojXJqiWlNuSeQnarKWrhiUbs79haDSn1bkKCDHYqbQF2ePuYLVg3PrvWAN7dFufRP0usHsTTjyVxnqw9lNdbeJ8Pwf3cKi4Aiy201VTkuORRfo0AbeMqXUgtajGVCLvVkyVluOFYDxQSVRt75fx29Owk7cfKXKGiiBDMqjK4QAXMrqUwFryPf49nho8f9OxrqbeRuYVkzT71j1yZt7PJcZ7tofJx4gZvsdmWcihMboNvqlvTskDEjK8H0Rf58eABsXxEgOqsdeXEzsx2NbH7VQPWH41QjBrLzZqPOQh24fGEIeHwpoDleshWwiNQUfBte1j3SB5XQLCzZj5pIJKXb1TIjHydXaHcc0f4Bk2s5E25X8uFReC2fwLzejNbuuoGvDL7XNz3rC9pKE4BSHE8epItJwFd13UwGFDEsdIUPSjzwobp6PylegOXMubNy5keKYTdcC71vrB1PNrWCZhRg6P3A0R85bnQah4mUcopDZrtNSppRGg7N5ao61wcdU3nc7J7j8wX7XqVPQkHwBPkHZIN1fZf92Dmantuv0rCYSyNISvfukzbkhZmwZBG2e3cBxH6x8Jv1hjKaPZE9zQtRPPoOr4RG83hFKodT8IVq2FARFf1f5u6VkuKMzBsHFKnp8AjhjeHmUhdAxePCJVy4qiQZTiHz25ZbFisZx9lsrz2ZNRBxMaBdsrcmKUVMZUYFdqELAZd2yf1m7DTUNv7gWkDGezteurTHSxstxGw5Wys3blXZQ5gNpTuEtXSXpLEhi7LPOhVKPnO1JM1zRhngbRUEOMBeygwQnhGbzCWpZKqIwrioJGFUxAymnaAVq6MOos0X4Wm4HNNef6CYMhTjRsGeCga2nWQLpQIuN5yuSlJ7sl6eDZyvreJ4vT6SQXDfOlJCri7jEQr6cykPxSkZ743CYauP874XtNzU6GeKxFQJeazM3ULbZPNY0iN8pS6TGFOMm2wUImEWxeIB8uM8kz6kSUtiMzbsfZeC2KwK6bHEppfxU1GeBMytH2LtCXWRWauYV1J1cqGBQV9KWPZyCy1jANNcKJ4HTyGPzpQMQwnHswsomrWYZYiAL6NvPSdJrTy0jpM9WaRoHjN3LK2LIlltr9Zh1d0s6ytqYgzUrri8K6cvQfgyBC22M2jNfkgmTKMR1mLsN4ByaO403kzEXBHJE1xUlOgez25ApR3cVFL6tP7xaGc7iTRXUoRgd7uMaAnArrNn7yuAnC8yjkFBdxz8Wqo9yTWJukjVL7jTFOu3qCBJWhlaOUjKlITTCQD6aX2W4lPJajNAVpjSGF3uznfU58OHZrO9oQ5tcVdme0Wapg36V6AvuPqzYehXG575Vdz78MunMqxcHAiDHT8bJzLIO3Gv8NA409b9WFwI63VOEerm8AySakAYngtv44z4eLearKTyOOms3OPbpo3zIDy5U1BY6b3kWhuo2nXQckjf88qywt8f7Gk2IV1O7593nDsp1pfdJysSHSremztugOxZKyORDXV0BnqCNGPxehpWaRbwrF1HtyHe7v5Kt1L4pcGcSvJ6M93X1etsTv9n4RBbmHWPIHT8TAkM54TSeWPfbjI5PRtTJ445M0VvIPDCpYov3hoieeyqxgvm8YgR3lXPlSl4HZH7Y6D1o1kDfS3N9yahwq8AL5q7YLcGLTNJ0qLos51HX4v7DFoa5xKRCaYBWbhH55r5wcuYhwGfBbmeRKoXh9OUjNwgYNY3Sp9oBDmSa38Lfu06fo3xySsRFY8EL6IDvR26vpZFs7rHCrORQRooKQgpOo4AvNe1Eg8aF7Q8fiQRJFIAx7YhXeHMDLm9yAadRioxqeFFxwxgbfQInPZk4H7HsuQ141fWjDtKS9ppFWFRcwAAlzUpg2?cfg=bdordi@westonforest.com Certificate IssuerDigiCert Inc Subjectaadcdn.msftauth.net Fingerprint3C:9E:70:F5:B3:D1:80:80:8C:97:1C:7B:7E:A8:2C:D8:7B:94:95:0B ValidityFri, 01 Dec 2023 00:00:00 GMT - Sun, 01 Dec 2024 23:59:59 GMT File type SVG Scalable Vector Graphics image Size 673 B (673 bytes) Hash bc3d32a696895f78c19df6c717586a5d 9191cb156a30a3ed79c44c0a16c95159e8ff689d 0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68 HTTP Headers `GET /shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg HTTP/1.1 Host: aadcdn.msftauth.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://k3ed.icu/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK content-encoding: gzip accept-ranges: bytes access-control-allow-origin: * access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding age: 1936888 cache-control: public, max-age=31536000 content-md5: DhdidjYrlCeaRJJRG/y9mA== content-type: image/svg+xml date: Tue, 16 Apr 2024 12:34:39 GMT etag: 0x8D7B007297AE131 last-modified: Wed, 12 Feb 2020 22:01:50 GMT server: ECAcc (ska/F732) vary: Accept-Encoding x-cache: HIT x-ms-blob-type: BlockBlob x-ms-lease-status: unlocked x-ms-request-id: 52d23733-f01e-004c-3a5c-7e7d2e000000 x-ms-version: 2009-09-19 content-length: 673 X-Firefox-Spdy: h2

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D	104.17.3.184		9.1 kB
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D IP 104.17.3.184:0 ASN #13335 CLOUDFLARENET File type PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced Size 9.1 kB (9104 bytes) Hash 862f06bb16740e10c2835e2520e18cf3 fdf1a827620cffdf0018748904e30d077ccea3c1 0c3a8526450b2e900775ce62c1e6b629afd152f70f05711d207a2f6f505bc44a HTTP Headers GET /cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1 Host: challenges.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/urfrk/0x4AAAAAAAW0WK3FVyMLGCYF/auto/normal DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/3 200 OK date: Tue, 16 Apr 2024 12:34:29 GMT content-type: image/png cache-control: max-age=2629800, public server: cloudflare cf-ray: 875435b498d756a5-OSL alt-svc: h3=":443"; ma=86400`

	k3ed.icu/main/main.php	194.5.212.157	200 OK	19 kB
URL User Request POST HTTP/1.1 k3ed.icu/main/main.php IP 194.5.212.157:443 ASN #9009 M247 Europe SRL Certificate IssuerLet's Encrypt Subjectk3ed.icu Fingerprint38:8C:F9:F9:50:CB:2F:02:9C:6D:EE:ED:BE:32:CE:22:DB:AC:19:E4 ValidityFri, 12 Apr 2024 19:50:22 GMT - Thu, 11 Jul 2024 19:50:21 GMT File type HTML document, ASCII text, with very long lines (4198) Size 19 kB (19233 bytes) Hash e11c2acf1ae86fc07f6c79e559a6075a 6b430e0023c111831bdd16e24f8039dd90c091bf 10c57b3e50bc1fc08d7e6de8562b40c1b0147b98e1ee09290edd2cfcb7375620 HTTP Headers POST /main/main.php HTTP/1.1 Host: k3ed.icu User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Content-Length: 539 Origin: https://k3ed.icu DNT: 1 Connection: keep-alive Referer: https://k3ed.icu/main/ Cookie: PHPSESSID=f7iunhspd3ip27hocphqs5pi83 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-origin Sec-Fetch-User: ?1 Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Server: nginx Date: Tue, 16 Apr 2024 12:34:33 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=60 Vary: Accept-Encoding X-Powered-By: PHP/5.4.16 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Encoding: gzip`

	outlook.office.com/mail/favicon.ico	52.97.230.162	200 OK	7.9 kB
URL GET HTTP/2 outlook.office.com/mail/favicon.ico IP 52.97.230.162:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://k3ed.icu/main/main.php#pngKjL7ZpUedq2GIFNQfTt2zYJsaDmP2K6N3RV3hPhvfkbY0YPfSiish2UsGhhI1nw5fr8xhq2xKdvKck04DjxUmsn2JFKL3hRjI0QZqSxb62WjmXoZgVUCniE7XpS1HKkpKbpa4WlaZiulfSlvOf8bxNjvdbxUVSkG3JQ7GciFuM1JFmftCoEabXFp9dj55DL8nCg4PzKklL418juKI9UU7AjgNDmTh82FLiJARuUdgZeoiJ91S3VZDegrSDk9MmOxFy8x23Lj2ZIlJRmBUhBywRZoukxgHlOmUWTWZEg1EYmoPJZJ0AiwsiUXCsekN2GHZAEZfV1UToiI7hs7SLEk3zhG1w0PyGxyhcxw7yq0WIJ4ZcbSXQc0puGq0HfznM8EYFb6eB7bjQfj3rc0ho1GTI6UpmuN9Cs8iDewflHzcWTfo5gFuhln0sipONdYpF6HjlezGW8TT18h6oWAGhYGKh6z4jxuZEcjZqSGn1zg2Ix97tKNLIuv0A44UCzUgLefc6Vz8vPadmjkQ38BMC7MdbR8Or24chkpogYwLOGYb0j14rDQ4LDhWvpLWsP9J9y7pxDbmkayktAoVdfZYTgVoGHl8wvRG3Z6BChYXswhV6GQkVPjP6fdMWzVs4N98MgKpxImZfDVlkMGfCZ5IeivaSqDWdM5Z2PpAxLAMpw8JiOZUN4D2n8dfzQcMDhMG6bhEXSrmoA5Go5Bc9ffxosMXiZKVgwCnIT2FLt1937QsdsFnIUU6mH3EGNAWkdk26mHSQJ2TRSm4l1r3Vl9h2dWJ1xGlK0nRn5JdOL6FEtK0ub3pxdHzrDisaYNVZbMmgvz4hGKV9uVEGZ3ddKNEo66z5Uu45hrlN0q4HbZQFVulUyz7jmMIsShxNMCS43eR4EVLQVCvR7RLFqTZNGHfzZNmMqfRttIy8EjYzVur3lcIM6IAMqQlqDId4X4yqM6zrpx1l2sooF7aLQKygAUHeCUjzYR0LXzcn7eJ9G8xlfI75tFm4A4jcYCMXuNJsnWPuazEQHcbXUj3nYpszuLMsoyqSm9kJ5adgJS6q4ioZBrmARP9lAVOYueRQobztlNJ4GQvK8UJKl6lcVvywqmvVAmMZxmtT9dYP3uAcojXJqiWlNuSeQnarKWrhiUbs79haDSn1bkKCDHYqbQF2ePuYLVg3PrvWAN7dFufRP0usHsTTjyVxnqw9lNdbeJ8Pwf3cKi4Aiy201VTkuORRfo0AbeMqXUgtajGVCLvVkyVluOFYDxQSVRt75fx29Owk7cfKXKGiiBDMqjK4QAXMrqUwFryPf49nho8f9OxrqbeRuYVkzT71j1yZt7PJcZ7tofJx4gZvsdmWcihMboNvqlvTskDEjK8H0Rf58eABsXxEgOqsdeXEzsx2NbH7VQPWH41QjBrLzZqPOQh24fGEIeHwpoDleshWwiNQUfBte1j3SB5XQLCzZj5pIJKXb1TIjHydXaHcc0f4Bk2s5E25X8uFReC2fwLzejNbuuoGvDL7XNz3rC9pKE4BSHE8epItJwFd13UwGFDEsdIUPSjzwobp6PylegOXMubNy5keKYTdcC71vrB1PNrWCZhRg6P3A0R85bnQah4mUcopDZrtNSppRGg7N5ao61wcdU3nc7J7j8wX7XqVPQkHwBPkHZIN1fZf92Dmantuv0rCYSyNISvfukzbkhZmwZBG2e3cBxH6x8Jv1hjKaPZE9zQtRPPoOr4RG83hFKodT8IVq2FARFf1f5u6VkuKMzBsHFKnp8AjhjeHmUhdAxePCJVy4qiQZTiHz25ZbFisZx9lsrz2ZNRBxMaBdsrcmKUVMZUYFdqELAZd2yf1m7DTUNv7gWkDGezteurTHSxstxGw5Wys3blXZQ5gNpTuEtXSXpLEhi7LPOhVKPnO1JM1zRhngbRUEOMBeygwQnhGbzCWpZKqIwrioJGFUxAymnaAVq6MOos0X4Wm4HNNef6CYMhTjRsGeCga2nWQLpQIuN5yuSlJ7sl6eDZyvreJ4vT6SQXDfOlJCri7jEQr6cykPxSkZ743CYauP874XtNzU6GeKxFQJeazM3ULbZPNY0iN8pS6TGFOMm2wUImEWxeIB8uM8kz6kSUtiMzbsfZeC2KwK6bHEppfxU1GeBMytH2LtCXWRWauYV1J1cqGBQV9KWPZyCy1jANNcKJ4HTyGPzpQMQwnHswsomrWYZYiAL6NvPSdJrTy0jpM9WaRoHjN3LK2LIlltr9Zh1d0s6ytqYgzUrri8K6cvQfgyBC22M2jNfkgmTKMR1mLsN4ByaO403kzEXBHJE1xUlOgez25ApR3cVFL6tP7xaGc7iTRXUoRgd7uMaAnArrNn7yuAnC8yjkFBdxz8Wqo9yTWJukjVL7jTFOu3qCBJWhlaOUjKlITTCQD6aX2W4lPJajNAVpjSGF3uznfU58OHZrO9oQ5tcVdme0Wapg36V6AvuPqzYehXG575Vdz78MunMqxcHAiDHT8bJzLIO3Gv8NA409b9WFwI63VOEerm8AySakAYngtv44z4eLearKTyOOms3OPbpo3zIDy5U1BY6b3kWhuo2nXQckjf88qywt8f7Gk2IV1O7593nDsp1pfdJysSHSremztugOxZKyORDXV0BnqCNGPxehpWaRbwrF1HtyHe7v5Kt1L4pcGcSvJ6M93X1etsTv9n4RBbmHWPIHT8TAkM54TSeWPfbjI5PRtTJ445M0VvIPDCpYov3hoieeyqxgvm8YgR3lXPlSl4HZH7Y6D1o1kDfS3N9yahwq8AL5q7YLcGLTNJ0qLos51HX4v7DFoa5xKRCaYBWbhH55r5wcuYhwGfBbmeRKoXh9OUjNwgYNY3Sp9oBDmSa38Lfu06fo3xySsRFY8EL6IDvR26vpZFs7rHCrORQRooKQgpOo4AvNe1Eg8aF7Q8fiQRJFIAx7YhXeHMDLm9yAadRioxqeFFxwxgbfQInPZk4H7HsuQ141fWjDtKS9ppFWFRcwAAlzUpg2?cfg=bdordi@westonforest.com Certificate IssuerDigiCert Inc Subjectoutlook.com Fingerprint2C:61:C5:26:BC:9A:1C:E6:BE:6B:92:00:FC:AF:29:2A:23:84:5E:5C ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 21 Jan 2025 23:59:59 GMT File type MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel Size 7.9 kB (7886 bytes) Hash ac16fa7fc862073b02acd1187fc6def4 f2b9a6255f6293000f30eee272abdd372a14e9d3 e35d94b76894d6eca96ff5b1a12d94dfe73485ef3c52cb5b4395be8ffac1cb45 HTTP Headers `GET /mail/favicon.ico HTTP/1.1 Host: outlook.office.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://k3ed.icu/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-length: 7886 content-type: image/x-icon last-modified: Mon, 15 Apr 2024 16:41:28 GMT accept-ranges: bytes etag: "1da8f53c326b2ce" server: Microsoft-IIS/10.0 request-id: 45599a16-19ce-29bc-2eda-646edec40b21 strict-transport-security: max-age=31536000; includeSubDomains; preload alt-svc: h3=":443";ma=2592000,h3-29=":443";ma=2592000 x-preferredroutingkeydiagnostics: 0 x-calculatedfetarget: SV0P279CU001.internal.outlook.com x-calculatedbetarget: SV0P279MB0203.NORP279.PROD.OUTLOOK.COM x-backendhttpstatus: 200, 200 x-besku: GEN6 x-rum-validated: 1 x-rum-notupdatequeriedpath: 1 x-rum-notupdatequerieddbcopy: 1 x-proxy-routingcorrectness: 1 x-proxy-backendserverstatus: 200 x-bepartition: Clique/CLNORP279SVG00 x-feproxyinfo: OL1P279CA0049.NORP279.PROD.OUTLOOK.COM x-feefzinfo: OSL ms-cv: FppZRc4ZvCku2mRu3sQLIQ.1.1 x-firsthopcafeefz: OSL x-powered-by: ASP.NET x-feserver: SV0P279CA0014, OL1P279CA0049 date: Tue, 16 Apr 2024 12:34:33 GMT X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (15)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

HTTP Transactions (20)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type