Report - ofys.ca/download/tool/VisualiseurDSQ

Report Overview

Visitedpublic

2025-01-30 19:05:39

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP	Fingerprints
ofys.ca	unknown	2010-11-24	2015-04-14	2022-08-29	512 B	10 MB	208.111.94.36

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

File detected

URL

ofys.ca/download/tool/VisualiseurDSQ_V5.12.zip

IP / ASN

208.111.94.36

#19515 ORICOM-QUEBEC1

File Overview

File TypeZip archive data, at least v2.0 to extract, compression method=store

Size10 MB (9962769 bytes)

MD5426a5314c1fc9c10f8411d6b40cd0359

SHA10d5a56550ad81fd2c2d3949e1ac88d406975eebd

SHA25646c342ccad9a2690c77fab99e913465a4fb1cd53b4bdb2514db88c8fd2de5bec

Archive (71)

Modified	Filename	Size	MD5	File type
2023-01-11 10:46	LisezMoi 5.11.docx	19 kB	9720bcd3bcee73e9212d06579d63986c	Microsoft Word 2007+
2023-01-11 10:47	LisezMoi 5.11.pdf	309 kB	e39d0c6a818196e65c4a13136239b9e1	PDF document, version 1.5, 2 page(s) (zip deflate encoded)
2019-11-21 11:24	Args.ps1	6.2 kB	33a41bab3132069a6f98d0ce241f982e	ISO-8859 text, with CRLF line terminators
2019-11-21 11:24	Config.ps1	3.0 kB	6500cd3712cc4c52d5bfdf515b8c4202	ISO-8859 text, with CRLF line terminators
2022-05-25 09:29	Constantes.ps1	3.6 kB	f27e70eeb3b755b1399098a39047f1b4	ISO-8859 text, with CRLF line terminators
2022-05-19 10:40	IEIntegration.ps1	14 kB	a78bde31a1773182da49ec8df4577d14	Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
2023-09-15 14:16	Install.ps1	16 kB	0378aa74de98c19c85895b7d3c878e69	Unicode text, UTF-8 text, with CRLF line terminators
2021-06-14 10:00	Lib.ps1	85 kB	e9c931243e1d1f522240fe735ffd9251	ISO-8859 text, with CRLF line terminators
2019-11-21 11:24	PostUninstall.ps1	1.6 kB	22f4576c7531b4315c14ac192cb51279	ISO-8859 text, with CRLF line terminators
2019-11-21 11:24	PreUninstall.ps1	2.5 kB	4bd46380f85aecac9fcf0aa1329da983	ISO-8859 text, with CRLF line terminators
2023-09-21 10:05	Uninstall.ps1	3.9 kB	2e94705c016997b6835d84076cc85a5b	Unicode text, UTF-8 text, with CRLF line terminators
2023-09-15 13:10	Variables.ps1	3.0 kB	8daeec251264feff845bc4697e1f469b	Unicode text, UTF-8 text, with CRLF line terminators
2023-09-26 10:33	Infos.txt	263 B	648c5e23f25bb63b817a87dfa741adaf	Unicode text, UTF-8 text, with CRLF line terminators
2019-11-21 11:24	Installation_Visualiseur.cmd	145 B	06182e1bc4d1c0397e8d20872e929624	DOS batch file, ASCII text, with CRLF line terminators
2022-05-25 09:31	ScriptInstall.ps1	21 kB	dc5df2c56cf7f042441b0478159b5212	ISO-8859 text, with CRLF line terminators
2016-08-17 07:37	atl80.dll	96 kB	3c7def3cbbca6284867aa4621d5d8a54	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections
2016-08-17 07:37	capicom.dll	511 kB	9130cce19b5db3d2e31f9f789263fc4a	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 4 sections
2016-08-17 07:37	crypt32.dll	598 kB	efc958396a7a7ef7e6d4a52b97512e18	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 4 sections
2016-08-17 07:37	CryptoHelper.inf	2.1 kB	a6e7c4d48eae56b9394d6f2711ce4487	Windows setup INFormation
2016-08-17 07:37	CryptoHelperATL.dll	141 kB	3d2b67df122f2c0e461034873f2f75a6	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections
2016-08-17 07:37	mfc80.dll	1.1 MB	1b7524806d0270b81360c63a2fa047cb	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 4 sections
2016-08-17 07:37	Microsoft.VC80.ATL.manifest	456 B	d5a659b220ec3694c39a3ed33f4637ca	XML 1.0 document, Unicode text, UTF-8 text, with CRLF line terminators
2016-08-17 07:37	Microsoft.VC80.CRT.manifest	1.9 kB	541423a06efdcd4e4554c719061f82cf	XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with very long lines (504), with CRLF line terminators
2016-08-17 07:37	Microsoft.VC80.MFC.manifest	2.4 kB	97b859f11538bbe20f17dfb9c0979a1c	XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with very long lines (504), with CRLF line terminators
2016-08-17 07:37	msvcm80.dll	479 kB	cae6861b19a2a7e5d42fefc4dfdf5ccf	PE32 executable (DLL) (GUI) Intel 80386 Mono/.Net assembly, for MS Windows, 5 sections
2016-08-17 07:37	msvcr80.dll	627 kB	e4fece18310e23b1d8fee993e35e7a6f	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections
2021-05-12 16:04	AC_emettrice_G3.cer	2.2 kB	272bc25bf1c259a03c1f02edf5c49dd1	Certificate, Version=3
2021-05-18 16:53	AC_emettrice_PARTE_G3.cer	2.2 kB	8d73a73a96017dd2b259042906bb0082	Certificate, Version=3
2016-08-17 07:37	certadm.dll	86 kB	aed39116fe12c5550975043da1d1b244	PE32 executable (DLL) (console) Intel 80386, for MS Windows, 4 sections
2016-08-17 07:37	certutil.exe	569 kB	711db2ef10b6c2ab2080698aec6c6d08	PE32 executable (console) Intel 80386, for MS Windows, 3 sections
2016-08-17 07:37	PKI2015-racineparteG32015.cer	1.4 kB	ff1bd7f3ca10e3390b5b6ec3ae9ecefa	Certificate, Version=3
2016-08-17 07:37	PKI2015-racinesecursanteG32015.cer	1.4 kB	1ff1cbb3a9a9ba481c859ce496a1ce69	Certificate, Version=3
2023-05-12 01:14	FortiToken-FTK300-Minidriver-Setup_x64.msi	3.3 MB	1fb9419674cdbcaf9d85b86ab1210ec2	Composite Document File V2 Document, Little Endian, Os: Windows, Version 10.0, MSI Installer, Code page: 1252, Title: Installation Database, Subject: FortiToken Installer, Author: Hypersecu Information Systems Inc, Keywords: Mindriver Installer, Comments: FortiToken is developed by Hypersecu., Template: x64;1033, Revision Number: {A7E0A946-5ACB-407F-A36C-80E8AA30D8BA}, Create Time/Date: Fri May 12 08:00:30 2023, Last Saved Time/Date: Fri May 12 08:00:30 2023, Number of Pages: 200, Number of Words: 2, Name of Creating Application: Windows Installer XML Toolset (3.11.2.4516), Security: 2
2023-08-24 22:16	FortiToken-FTK300-Setup_x64.msi	3.3 MB	069410b20af9cfea9dd405cad3252dd3	Composite Document File V2 Document, Little Endian, Os: Windows, Version 10.0, MSI Installer, Code page: 1252, Title: Installation Database, Subject: FortiToken Installer, Author: Hypersecu Information Systems Inc, Keywords: Mindriver Installer, Comments: FortiToken is developed by Hypersecu., Template: x64;1033, Revision Number: {D8AF5215-1D7A-483C-87C3-7CB54087FBFE}, Create Time/Date: Fri Aug 25 01:42:40 2023, Last Saved Time/Date: Fri Aug 25 01:42:40 2023, Number of Pages: 200, Number of Words: 2, Name of Creating Application: Windows Installer XML Toolset (3.11.2.4516), Security: 2
2021-02-16 02:03	axaltocm.dll	23 kB	d0334b10bc93a7629b64b207ab74805a	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections
2021-02-16 02:03	axaltocm_x64.dll	24 kB	ad4006ec753d6cc3c194f7ad23dc380c	PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections
2021-02-16 02:03	SafeNet.Minidriver.IDPrime.cat	12 kB	77ded97b8e31b9e08c5334c377fa8863	DER Encoded PKCS#7 Signed Data
2021-02-16 01:55	SafeNet.Minidriver.IDPrime.inf	43 kB	c057a5df2609401636d9de9d2c1c63f1	Windows setup INFormation
2021-02-16 02:03	SafenetMD.dll	796 kB	e8fea28e0932fc1b46fdce873e4aa8af	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows, 5 sections
2021-02-16 02:03	SafenetMD_x64.dll	950 kB	f04dc9f7db6d5118d2c607cdf74333e4	PE32+ executable (DLL) (GUI) x86-64, for MS Windows, 6 sections
2016-10-17 16:34	GemCCID.cat	11 kB	2a03294119edf2420b9f65bcc06142b1	DER Encoded PKCS#7 Signed Data
2016-10-17 16:29	gemccid.inf	6.9 kB	8a4b3b2cdc241735e98be7681c34ae8d	Windows setup INFormation
2017-06-06 09:59	gemccid.PNF	23 kB	7e3f91246f7a1927a11c9b287d504c86	Windows Precompiled iNF, version 3.1 (Windows Vista-8.1), flags 0x1000083, unicoded, has strings, at 0x4980 "Signature", InfVersionLastWriteTime Mon Oct 17 20:29:42 2016, at 0x60 WinDirPath, LanguageID 40c
2016-10-17 16:35	GemCCID.sys	138 kB	d9dd4df7c7ff10f4dbbb1fc3a0193bb8	PE32+ executable (native) x86-64, for MS Windows, 8 sections
2016-08-17 07:37	GemCCID.pdb	888 kB	25b56cb3ee3fd7f024df91ba1e7f1542	MSVC program database ver 7.00, 1024*867 bytes
2016-10-17 16:34	GemCCID.cat	11 kB	c3cd219380a6be669552e520c2f11781	DER Encoded PKCS#7 Signed Data
2016-10-17 16:29	gemccid.inf	12 kB	7b22ce6b6ca60852b1f716b0090298fa	Windows setup INFormation
2016-10-17 16:35	GemCCID.sys	106 kB	bc918d0a06770b25b083fd045fa18c08	PE32 executable (native) Intel 80386, for MS Windows, 7 sections
2016-08-17 07:37	GemCCID.pdb	1.0 MB	2e1689b448e11f0df9846df6ebe15871	MSVC program database ver 7.00, 1024*987 bytes
2016-08-17 07:37	GemPcCCID_en-us_32.msi	1.2 MB	40c1f130d30c72fa7f26a955cafbe081	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, MSI Installer, Code page: 1252, Title: Installation Database, Subject: GemPcCCID Version 2.0.5, Author: Gemalto, Keywords: Installer, Comments: GemPcCCID Installer Version 2.0.5 for Windows 2000 32-bits and next OS releases, Template: Intel;1033, Revision Number: {2BF0728C-3216-4AFB-815F-DEE582A0E9DF}, Create Time/Date: Tue Nov 11 09:49:20 2014, Last Saved Time/Date: Tue Nov 11 09:49:20 2014, Number of Pages: 200, Number of Words: 2, Name of Creating Application: Windows Installer XML (3.5.2519.0), Security: 2
2016-08-17 07:37	GemPcCCID_en-us_64.msi	1.6 MB	6a2ce47081a86d2d5ffe9c4406e11d35	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, MSI Installer, Code page: 1252, Title: Installation Database, Subject: GemPcCCID Version 2.0.5, Author: Gemalto, Keywords: Installer, Comments: GemPcCCID Installer Version 2.0.5 for Windows XP 64-bits and next OS releases, Template: x64;1033, Revision Number: {98F2DF03-86E4-4B2D-B2FA-96C91F7AFE28}, Create Time/Date: Tue Nov 11 09:51:10 2014, Last Saved Time/Date: Tue Nov 11 09:51:10 2014, Number of Pages: 200, Number of Words: 2, Name of Creating Application: Windows Installer XML (3.5.2519.0), Security: 2
2016-08-17 07:37	GemPcCCID_fr-fr_32.msi	1.2 MB	a158cdeb7d3e52fc021da65afb21a33b	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, MSI Installer, Code page: 1252, Title: Installation Database, Subject: GemPcCCID Version 2.0.5, Author: Gemalto, Keywords: Installer, Comments: GemPcCCID Installer Version 2.0.5 for Windows 2000 32-bits and next OS releases, Template: Intel;1036, Revision Number: {FDA7B8B2-D518-44B9-BE20-12F86A04D665}, Create Time/Date: Tue Nov 11 09:50:02 2014, Last Saved Time/Date: Tue Nov 11 09:50:02 2014, Number of Pages: 200, Number of Words: 2, Name of Creating Application: Windows Installer XML (3.5.2519.0), Security: 2
2016-08-17 07:37	GemPcCCID_fr-fr_64.msi	1.6 MB	bb27922b1511466172ff260b48d62dde	Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, MSI Installer, Code page: 1252, Title: Installation Database, Subject: GemPcCCID Version 2.0.5, Author: Gemalto, Keywords: Installer, Comments: GemPcCCID Installer Version 2.0.5 for Windows XP 64-bits and next OS releases, Template: x64;1036, Revision Number: {29208F50-8174-4D3D-AEC8-CD31AA450D67}, Create Time/Date: Tue Nov 11 09:51:26 2014, Last Saved Time/Date: Tue Nov 11 09:51:26 2014, Number of Pages: 200, Number of Words: 2, Name of Creating Application: Windows Installer XML (3.5.2519.0), Security: 2
2016-08-17 07:37	create_shorcut_dsq_labo.vbs	2.8 kB	ac3ad5d9c8b3e9631e523bfbd51cef74	ASCII text, with CRLF line terminators
2016-08-17 07:37	Installation_Visualiseur Labortoire.bat	697 B	7dcace89a3e591e2dc77379c6bfa018a	Unicode text, UTF-8 (with BOM) text, with CRLF, LF line terminators
2016-08-17 07:37	LogoDSQ.ico	370 kB	37a7a5d6599cb4ae7f0f628e0ee37372	MS Windows icon resource - 6 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
2021-10-13 15:38	DSQ Formation.lnk	2.6 kB	05c364b735038fb6c53cd1e1a56ffd6d	MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Unicoded, HasExpIcon "%SystemRoot%\System32\LogoDSQ.ico" KnownFolderID 7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E, Archive, ctime=Fri May 21 13:17:07 2021, atime=Tue Oct 12 13:10:58 2021, mtime=Mon Oct 11 07:23:31 2021, length=3379608, window=normal, IDListSize 0x0231, Root folder "20D04FE0-3AEA-1069-A2D8-08002B30309D", Volume "C:\", LocalBasePath "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
2021-10-13 15:37	DSQ Production.lnk	2.6 kB	ee68da29f3975da7739aac61b6d58366	MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Unicoded, HasExpIcon "%SystemRoot%\System32\LogoDSQ.ico", MachineID p901610q KnownFolderID 7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E, Archive, ctime=Fri May 21 13:17:07 2021, atime=Tue Oct 12 13:10:58 2021, mtime=Mon Oct 11 07:23:31 2021, length=3379608, window=normal, IDListSize 0x0231, Root folder "20D04FE0-3AEA-1069-A2D8-08002B30309D", Volume "C:\", LocalBasePath "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
2016-08-17 07:37	Portail libre-service.rdp	2.5 kB	18dc9cd795948a641deb507a297f4f89	Unicode text, UTF-16, little-endian text, with CRLF line terminators
2016-08-17 07:37	ActiveX_x64.reg	5.7 kB	dcc288ecd084e212a056bc26f969cc95	Windows Registry little-endian text (Win2K or above)
2016-08-17 07:37	IE10_SiteDeConfiance_x64.reg	626 B	2aeff6e77947502a84c37e7f1d31e08e	Windows Registry little-endian text (Win2K or above)
2016-08-17 07:37	IE10_SiteDeConfiance_x86.reg	740 B	ff662250e524054713fa1ebf22dced49	Windows Registry little-endian text (Win2K or above)
2016-08-17 07:37	IE11_SiteDeConfiance_Win8.1_x64.reg	7.2 kB	22f3a6f51da4c1e38c7bfdf3a9cdcbdf	Windows Registry little-endian text (Win2K or above)
2016-08-17 07:37	IE11_SiteDeConfiance_x64.reg	4.5 kB	9c455ac7f3ca6e6eb81986bb661b4991	Windows Registry little-endian text (Win2K or above)
2016-08-17 07:37	IE11_SiteDeConfiance_x86.reg	2.7 kB	c2d3b55b93610c8ca755fb9ee94519c7	Windows Registry little-endian text (Win2K or above)
2016-08-17 07:37	IE9_CompatibilityView_x64.reg	12 kB	d02e5dd0d46c64497d83cfc7f8044057	Unicode text, UTF-16, little-endian text, with CRLF line terminators
2016-08-17 07:37	IE9_CompatibilityView_x86.reg	12 kB	d02e5dd0d46c64497d83cfc7f8044057	Unicode text, UTF-16, little-endian text, with CRLF line terminators
2016-08-17 07:37	ModuleUsage_x64.reg	8.6 kB	548d0cacd1488f29a6395133bc847033	Windows Registry little-endian text (Win2K or above)
2016-08-17 07:37	TrustedSites_x64.reg	1.5 kB	8ec390833fa4668490c1fafb9d264f07	Windows Registry little-endian text (Win2K or above)
2017-08-01 14:42	TrustedSites_x86.reg	834 B	98c7c796995a497609d61841d1bc2cff	Windows Registry little-endian text (Win2K or above)
2016-08-17 07:37	TrustedSites_x86.reg.temp	736 B	742c8d6d7d4b4bae9a7e0b5b747102e3	Windows Registry little-endian text (Win2K or above)

Detections

Analyzer	Verdict	Alert
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	Detect pe file that no import table
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
YARAhub by abuse.ch	malware	files - file ~tmp01925d3f.exe
Public InfoSec YARA rules	malware	Identifies executable artefacts in shortcut (LNK) files.
Public InfoSec YARA rules	malware	Identifies download artefacts in shortcut (LNK) files.
Public InfoSec YARA rules	malware	Identifies shortcut (LNK) file with a long relative path. Might be used in an attempt to hide the path.
Public InfoSec YARA rules	malware	Identifies executable artefacts in shortcut (LNK) files.
Public InfoSec YARA rules	malware	Identifies download artefacts in shortcut (LNK) files.
Public InfoSec YARA rules	malware	Identifies shortcut (LNK) file with a long relative path. Might be used in an attempt to hide the path.

JavaScript (0)

HTTP Transactions (1)

URL IP Response Size

	URL	IP	Response	Size
	GET ofys.ca/download/tool/VisualiseurDSQ_V5.12.zip	208.111.94.36	200 OK	10 MB
URL ofys.ca/download/tool/VisualiseurDSQ_V5.12.zip IP / ASN 208.111.94.36 #19515 ORICOM-QUEBEC1 Requested byN/A Resource Info File typeZip archive data, at least v2.0 to extract, compression method=store First Seen2025-01-30 Last Seen2025-01-30 Times Seen1 Size10 MB (9962769 bytes) MD5426a5314c1fc9c10f8411d6b40cd0359 SHA10d5a56550ad81fd2c2d3949e1ac88d406975eebd SHA25646c342ccad9a2690c77fab99e913465a4fb1cd53b4bdb2514db88c8fd2de5bec Certificate Info IssuerSectigo Limited Subjectofys.ca FingerprintB7:6E:D4:46:C4:AB:45:E0:BE:39:84:20:43:FE:ED:4A:61:38:23:E7 ValidityTue, 11 Jun 2024 00:00:00 GMT - Thu, 03 Jul 2025 23:59:59 GMT HTTP Headers `GET /download/tool/VisualiseurDSQ_V5.12.zip HTTP/1.1 Host: ofys.ca User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK date: Thu, 30 Jan 2025 19:05:06 GMT last-modified: Wed, 18 Oct 2023 20:08:49 GMT etag: "980511-60803351abd63" accept-ranges: bytes content-length: 9962769 content-type: application/zip x-frame-options: SAMEORIGIN x-xss-protection: : 1 x-content-type-options: : nosniff strict-transport-security: max-age=31536000;includeSubDomains;preload referrer-policy: no-referrer-when-downgrade set-cookie: SERVERID=ServerOfys1; path=/; HttpOnly; Secure; SameSite=strict cache-control: private`

GET ofys.ca/download/tool/VisualiseurDSQ_V5.12.zip

208.111.94.36

200 OK

10 MB

URL

ofys.ca/download/tool/VisualiseurDSQ_V5.12.zip

IP / ASN

208.111.94.36

#19515 ORICOM-QUEBEC1

Requested byN/A

Resource Info

File typeZip archive data, at least v2.0 to extract, compression method=store

First Seen2025-01-30

Last Seen2025-01-30

Times Seen1

Size10 MB (9962769 bytes)

MD5426a5314c1fc9c10f8411d6b40cd0359

SHA10d5a56550ad81fd2c2d3949e1ac88d406975eebd

SHA25646c342ccad9a2690c77fab99e913465a4fb1cd53b4bdb2514db88c8fd2de5bec

Certificate Info

IssuerSectigo Limited

Subjectofys.ca

FingerprintB7:6E:D4:46:C4:AB:45:E0:BE:39:84:20:43:FE:ED:4A:61:38:23:E7

ValidityTue, 11 Jun 2024 00:00:00 GMT - Thu, 03 Jul 2025 23:59:59 GMT

HTTP Headers

GET /download/tool/VisualiseurDSQ_V5.12.zip HTTP/1.1
Host: ofys.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
date: Thu, 30 Jan 2025 19:05:06 GMT
last-modified: Wed, 18 Oct 2023 20:08:49 GMT
etag: "980511-60803351abd63"
accept-ranges: bytes
content-length: 9962769
content-type: application/zip
x-frame-options: SAMEORIGIN
x-xss-protection: : 1
x-content-type-options: : nosniff
strict-transport-security: max-age=31536000;includeSubDomains;preload
referrer-policy: no-referrer-when-downgrade
set-cookie: SERVERID=ServerOfys1; path=/; HttpOnly; Secure; SameSite=strict
cache-control: private