8.8.8.8:53

195.130.217.73:443

GET /s/yVTwCRoARF0QMXDU9hFZf?domain=mediafire.com HTTP/1.1
Host: url.uk.m.mimecastprotect.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
DNT: 1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

HTTP/1.1 307 Temporary Redirect
Date: Thu, 18 Apr 2024 10:38:59 GMT
Content-Length: 0
Connection: keep-alive
Location: https://url.uk.m.mimecastprotect.com/r/SkY87F6eDFFuRzFD5cxU0zxTXFQ0JJ6WtHph_ZX8vNdmvUMCJsa_5WHUaQqLvMNsMPAKCRFmYwh6N1YYTF0pzkqPjDPesszv7yO9oouwMRe5Ozl10ecE__tDd26vhdEtNbyQOrl4AhwvIUCGVKEvSGjJIoG0X7fuBr74ciHDnfWDJnwV6QFLDaODOEljrhEWRluyNIV_cAmtSNi53DdCgfgG6cIwWe6YOpXVlyG2cINRSmwwFunvxBzyONPa2-_vNacvNlaTA9FrrgcHtw_h52w39oLikPJ4uPlIFB1n7Xcksh4i6_B0qrYOgAvHvl4srrtfDBU9mqIEd--Sl3W0qmkPR1pGFANjjKVrqs_CRkf8XecxbEuXuijVcPr0-Q6MJsdw0CYFzecrlmZJbp6DXlZodz870LVW0WFyZn61322U91HEmxB93RN9gWvFn8XKL8cvz999AIEFI5qezxAIhnkL0mr5vyUbPHtsoXxnAV6TfUlGqpwGr_cFeOpErvxGFdOCE0LI2g0yYQ26tx6-lWwP2NZnwLR9BqsxVEuAZfL9nU6Ia140lJy5siEJYwQ-kyhooaovXf6ct21cnWg2cdT2LiibL9IqOavDV9oEcqSRWgVTYRlj3H4XDt2yXnYfDm10IxqXrTh5R9ilsneALxGFDpzQ5HUcWL9xnLewlDUBXN3b6j7HytjuIYQISF9g64UrItugs-Caph_HGMJvoK7q8wKG-C9E28zY2kkxsqn_VOZ1f501aKLfM2A-A06kizQQ7Qk-QleLA8FxdNYiPiOAMxlgPifq0TREWALz9UlQ3GVlDQEsdKr7Pk0VKdioIW6oW8q7xpld_VpJecn4fM9e94vmJZ6eglQH4X2EqjTcOWkUmUSZczz1O9i5kQgDiRh3MP1MPJmAhhfSEBVJPfLADxmI05x8Slv9S-sNwBpiPSLMEJmG3_bQZXpMgSolL_6vWTNXus0-xfwXaXewZI-eRPuCbA0ANbKo2dpdVsrjfQwHSDNjXJ1wVYAQxEwQ1j4GtLINTGWV1FAJInRe3IF7efiF7IEXRK-_7o_XyA8Z7KAfGUF9K_QFvUepHu7xEIF99pbnwYun6WPLp55MnxK3V-i6ms9vSIWIIjfhnq2kOAjROClXwZ_Ja5amHrmltBN0sZiLCoy8AYpGyG5_fIVjbPlDnS-gSGy2XNAPoXCq4dBmaPxU_dvF0AQ8v47RZisBudkxDmGIxLnyrKcaNfSuu_VGp1FjbP4jTw4ytI3f2w6dMEutVRWjw3V1N9GMYQR_kdp4Oa6r75HskcwmEYxzjfp6T61EgNWO4o9mo6JLQOULeozRkxKeyfNkahtuMWCtAj99N-C9A8vAcNC7OR7eqyGjiG7duCe7GCySwfhGIjky8YFEO2AreyycPrQp6w95cbBXRY9TlvOxZJ615HzcAF-6TksZgN7R_rGyclwngeIN7dXdi2gEmdLHBf8GWOVCA53Cw3rlJXdHC7UQIY6SNXAtLCa5A4hyMl-37eADLw1e9dfW6N3UwWFJwHB9spx2fNTzi2g3inIT6d6MZDMCFon2yrBz3UT8txYp24kOZ6LqaPJz-856Uu97OiUzMHClcZBPVpNIg9T1UIRaGHeK318Fh8SPqGXCkChTcCwxmntaSjntD_pmtWwt6pYQVU9Q5gFF8aEbeoA491rXlH9syBzbUMzpfjjgzZEQu3XzKnYK1Kk6U0kodl8N7-yZ55kO3cvX7OiG9NaQWQvHetm0ZXlsORfHES7yjK957ld1rZkTCF5S4_SJQjg-gZyh8n9XIrnynlo5631O-Ii1fWqOhcicA_0iQOqLSDTOT2gBemJH8yyf_ubA-_7u1RsVy140IkLxpAGmiQubHtGZsrwBKVfqtOI2GTwcDZ2_fvAC5SfXi3gdcOJKg6NlPkAZtkX-2LwdoFH57h6MjcnZnhUPhpq2PZw4tut7HB1nwkyu18Apzr-eE8kb-xZVj_ciIFIJDdlbb4TRLO4TYDrgnSbojb182ZJkFdqtJKILO9PUDAK6bDSXWzh0JFp2JlbwJy9Hbkw8o20aN5jGpgPXpCCKo0UgmxAh2dzqHNDdjJNhOuR3fs-lTP8bPVX-qEUM__5Kprgsvpnc9fHlp2BM5A
Cache-control: no-store
Pragma: no-cache
X-Robots-Tag: noindex, nofollow

195.130.217.73:443

GET /r/SkY87F6eDFFuRzFD5cxU0zxTXFQ0JJ6WtHph_ZX8vNdmvUMCJsa_5WHUaQqLvMNsMPAKCRFmYwh6N1YYTF0pzkqPjDPesszv7yO9oouwMRe5Ozl10ecE__tDd26vhdEtNbyQOrl4AhwvIUCGVKEvSGjJIoG0X7fuBr74ciHDnfWDJnwV6QFLDaODOEljrhEWRluyNIV_cAmtSNi53DdCgfgG6cIwWe6YOpXVlyG2cINRSmwwFunvxBzyONPa2-_vNacvNlaTA9FrrgcHtw_h52w39oLikPJ4uPlIFB1n7Xcksh4i6_B0qrYOgAvHvl4srrtfDBU9mqIEd--Sl3W0qmkPR1pGFANjjKVrqs_CRkf8XecxbEuXuijVcPr0-Q6MJsdw0CYFzecrlmZJbp6DXlZodz870LVW0WFyZn61322U91HEmxB93RN9gWvFn8XKL8cvz999AIEFI5qezxAIhnkL0mr5vyUbPHtsoXxnAV6TfUlGqpwGr_cFeOpErvxGFdOCE0LI2g0yYQ26tx6-lWwP2NZnwLR9BqsxVEuAZfL9nU6Ia140lJy5siEJYwQ-kyhooaovXf6ct21cnWg2cdT2LiibL9IqOavDV9oEcqSRWgVTYRlj3H4XDt2yXnYfDm10IxqXrTh5R9ilsneALxGFDpzQ5HUcWL9xnLewlDUBXN3b6j7HytjuIYQISF9g64UrItugs-Caph_HGMJvoK7q8wKG-C9E28zY2kkxsqn_VOZ1f501aKLfM2A-A06kizQQ7Qk-QleLA8FxdNYiPiOAMxlgPifq0TREWALz9UlQ3GVlDQEsdKr7Pk0VKdioIW6oW8q7xpld_VpJecn4fM9e94vmJZ6eglQH4X2EqjTcOWkUmUSZczz1O9i5kQgDiRh3MP1MPJmAhhfSEBVJPfLADxmI05x8Slv9S-sNwBpiPSLMEJmG3_bQZXpMgSolL_6vWTNXus0-xfwXaXewZI-eRPuCbA0ANbKo2dpdVsrjfQwHSDNjXJ1wVYAQxEwQ1j4GtLINTGWV1FAJInRe3IF7efiF7IEXRK-_7o_XyA8Z7KAfGUF9K_QFvUepHu7xEIF99pbnwYun6WPLp55MnxK3V-i6ms9vSIWIIjfhnq2kOAjROClXwZ_Ja5amHrmltBN0sZiLCoy8AYpGyG5_fIVjbPlDnS-gSGy2XNAPoXCq4dBmaPxU_dvF0AQ8v47RZisBudkxDmGIxLnyrKcaNfSuu_VGp1FjbP4jTw4ytI3f2w6dMEutVRWjw3V1N9GMYQR_kdp4Oa6r75HskcwmEYxzjfp6T61EgNWO4o9mo6JLQOULeozRkxKeyfNkahtuMWCtAj99N-C9A8vAcNC7OR7eqyGjiG7duCe7GCySwfhGIjky8YFEO2AreyycPrQp6w95cbBXRY9TlvOxZJ615HzcAF-6TksZgN7R_rGyclwngeIN7dXdi2gEmdLHBf8GWOVCA53Cw3rlJXdHC7UQIY6SNXAtLCa5A4hyMl-37eADLw1e9dfW6N3UwWFJwHB9spx2fNTzi2g3inIT6d6MZDMCFon2yrBz3UT8txYp24kOZ6LqaPJz-856Uu97OiUzMHClcZBPVpNIg9T1UIRaGHeK318Fh8SPqGXCkChTcCwxmntaSjntD_pmtWwt6pYQVU9Q5gFF8aEbeoA491rXlH9syBzbUMzpfjjgzZEQu3XzKnYK1Kk6U0kodl8N7-yZ55kO3cvX7OiG9NaQWQvHetm0ZXlsORfHES7yjK957ld1rZkTCF5S4_SJQjg-gZyh8n9XIrnynlo5631O-Ii1fWqOhcicA_0iQOqLSDTOT2gBemJH8yyf_ubA-_7u1RsVy140IkLxpAGmiQubHtGZsrwBKVfqtOI2GTwcDZ2_fvAC5SfXi3gdcOJKg6NlPkAZtkX-2LwdoFH57h6MjcnZnhUPhpq2PZw4tut7HB1nwkyu18Apzr-eE8kb-xZVj_ciIFIJDdlbb4TRLO4TYDrgnSbojb182ZJkFdqtJKILO9PUDAK6bDSXWzh0JFp2JlbwJy9Hbkw8o20aN5jGpgPXpCCKo0UgmxAh2dzqHNDdjJNhOuR3fs-lTP8bPVX-qEUM__5Kprgsvpnc9fHlp2BM5A HTTP/1.1
Host: url.uk.m.mimecastprotect.com
Connection: keep-alive
DNT: 1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

HTTP/1.1 307 Temporary Redirect
Date: Thu, 18 Apr 2024 10:38:59 GMT
Content-Length: 0
Connection: keep-alive
Location: https://security-eu.mimecast.com/ttpwp?tkn=3.IgIJwAPH2qSob67Wa5Pjp3ciVyXrdWoKJsAYKGW9WJ25rbWtmvvqbn7sY1H2IXhvx1W87cBaAu1PWrjL-h3hc5tYmRGpZzHHt-p62jYINOTvMfAOAcgM3HFVMFoWKmzdgFeEEcqB5jAcitt-ymNigaAVaglX2mYNQ_WZb5Z1hN4.XPEw6l2Xhtb5yrYYw3r2BQ#/block?key=FMWZsInTJb8itXEirpbm5ezep_XoBCsVtjsCZHjekBuIlHHO8Di8VmD_oCUEQ636imCIZiVkN2pLW_bey0WGObWoHg2jVj3cYujL9PXaBrM
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Cache-control: no-store
Pragma: no-cache
X-Robots-Tag: noindex, nofollow

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

195.130.217.78:443

GET /ttpwp?tkn=3.IgIJwAPH2qSob67Wa5Pjp3ciVyXrdWoKJsAYKGW9WJ25rbWtmvvqbn7sY1H2IXhvx1W87cBaAu1PWrjL-h3hc5tYmRGpZzHHt-p62jYINOTvMfAOAcgM3HFVMFoWKmzdgFeEEcqB5jAcitt-ymNigaAVaglX2mYNQ_WZb5Z1hN4.XPEw6l2Xhtb5yrYYw3r2BQ HTTP/1.1
Host: security-eu.mimecast.com
Connection: keep-alive
DNT: 1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

HTTP/1.1 200 OK
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
Referrer-Policy: no-referrer
X-Robots-Tag: noindex, nofollow
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/html; charset=utf-8
ETag: W/"1692-RJnKgcPpsS8iLJ4Rv1eE6epHkfc"
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 18 Apr 2024 10:38:59 GMT
Connection: keep-alive
Transfer-Encoding: chunked

195.130.217.78:443

GET /branding/b27414d05a9c6cd47862ee8f13bc9c27616f5df2/style.css?tkn=3.IgIJwAPH2qSob67Wa5Pjp3ciVyXrdWoKJsAYKGW9WJ25rbWtmvvqbn7sY1H2IXhvx1W87cBaAu1PWrjL-h3hc5tYmRGpZzHHt-p62jYINOTvMfAOAcgM3HFVMFoWKmzdgFeEEcqB5jAcitt-ymNigaAVaglX2mYNQ_WZb5Z1hN4.XPEw6l2Xhtb5yrYYw3r2BQ&originalContextPath=ttpwp HTTP/1.1
Host: security-eu.mimecast.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

HTTP/1.1 200 OK
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
Referrer-Policy: no-referrer
X-Robots-Tag: noindex, nofollow
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Cache-Control: public, max-age=1209600000
Accept-Ranges: bytes
Last-Modified: Wed, 20 Mar 2024 00:36:18 GMT
ETag: W/"1147-18e5949963c"
Content-Type: text/css; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 18 Apr 2024 10:38:59 GMT
Connection: keep-alive
Transfer-Encoding: chunked

195.130.217.78:443

GET /ttpwp/resources/polyfills.5257ca6e429949972959.js HTTP/1.1
Host: security-eu.mimecast.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

HTTP/1.1 200 OK
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
Referrer-Policy: no-referrer
X-Robots-Tag: noindex, nofollow
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Thu, 08 Feb 2024 17:09:18 GMT
ETag: W/"1743c-18d89b1f630"
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 18 Apr 2024 10:38:59 GMT
Connection: keep-alive
Transfer-Encoding: chunked

195.130.217.78:443

GET /branding/b27414d05a9c6cd47862ee8f13bc9c27616f5df2/main-page-logo.png?tkn=3.IgIJwAPH2qSob67Wa5Pjp3ciVyXrdWoKJsAYKGW9WJ25rbWtmvvqbn7sY1H2IXhvx1W87cBaAu1PWrjL-h3hc5tYmRGpZzHHt-p62jYINOTvMfAOAcgM3HFVMFoWKmzdgFeEEcqB5jAcitt-ymNigaAVaglX2mYNQ_WZb5Z1hN4.XPEw6l2Xhtb5yrYYw3r2BQ&originalContextPath=ttpwp HTTP/1.1
Host: security-eu.mimecast.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

HTTP/1.1 200 OK
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
Referrer-Policy: no-referrer
X-Robots-Tag: noindex, nofollow
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Cache-Control: public, max-age=1209600000
Accept-Ranges: bytes
Last-Modified: Wed, 20 Mar 2024 00:36:18 GMT
ETag: W/"f0a-18e594996b3"
Content-Type: image/png
Content-Length: 3850
Date: Thu, 18 Apr 2024 10:39:00 GMT
Connection: keep-alive

195.130.217.78:443

GET /ttpwp/resources/fa-solid-900.54dfc8f551be346014e4.woff2 HTTP/1.1
Host: security-eu.mimecast.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
Origin: https://security-eu.mimecast.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: font
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

HTTP/1.1 200 OK
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
Referrer-Policy: no-referrer
X-Robots-Tag: noindex, nofollow
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Thu, 08 Feb 2024 17:09:18 GMT
ETag: W/"21790-18d89b1f630"
Content-Type: font/woff2
Content-Length: 137104
Date: Thu, 18 Apr 2024 10:39:00 GMT
Connection: keep-alive

195.130.217.78:443

GET /ttpwp/resources/images/favicon.ico HTTP/1.1
Host: security-eu.mimecast.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

HTTP/1.1 200 OK
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
Referrer-Policy: no-referrer
X-Robots-Tag: noindex, nofollow
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Thu, 08 Feb 2024 17:09:18 GMT
ETag: W/"47e-18d89b1f630"
Content-Type: image/x-icon
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 18 Apr 2024 10:39:00 GMT
Connection: keep-alive
Transfer-Encoding: chunked

195.130.217.78:443

GET /ttpwp/resources/runtime.5257ca6e429949972959.js HTTP/1.1
Host: security-eu.mimecast.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

HTTP/1.1 200 OK
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
Referrer-Policy: no-referrer
X-Robots-Tag: noindex, nofollow
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Thu, 08 Feb 2024 17:09:18 GMT
ETag: W/"5d4-18d89b1f630"
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 18 Apr 2024 10:38:59 GMT
Connection: keep-alive
Transfer-Encoding: chunked

195.130.217.78:443

GET /ttpwp/resources/styles.5257ca6e429949972959.js HTTP/1.1
Host: security-eu.mimecast.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

HTTP/1.1 200 OK
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
Referrer-Policy: no-referrer
X-Robots-Tag: noindex, nofollow
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Thu, 08 Feb 2024 17:09:18 GMT
ETag: W/"6434f-18d89b1f630"
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 18 Apr 2024 10:38:59 GMT
Connection: keep-alive
Transfer-Encoding: chunked

195.130.217.78:443

POST /api/ttp/url/get-page-data HTTP/1.1
Host: security-eu.mimecast.com
Connection: keep-alive
Content-Length: 152
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
Accept: application/json, text/plain, */*
DNT: 1
x-context-route: ttpwp
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-Type: application/json
Origin: https://security-eu.mimecast.com
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

HTTP/1.1 200 OK
date: Thu, 18 Apr 2024 10:39:00 GMT
content-type: application/json; charset=UTF-8
connection: close
cache-control: no-store
pragma: no-cache
X-Robots-Tag: noindex, nofollow
content-encoding: gzip
trailer: Content-MD5
x-mc-req-id: 65872419-a1f8-4ffb-b79d-f9cba10b50f6
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
Referrer-Policy: no-referrer
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Length: 175
ETag: W/"af-QD63+4w8MZNzIMKUVTAxmgZpLMU"

195.130.217.78:443

GET /ttpwp/resources/images/mimecastlogo@2x.png HTTP/1.1
Host: security-eu.mimecast.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

HTTP/1.1 200 OK
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
Referrer-Policy: no-referrer
X-Robots-Tag: noindex, nofollow
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Thu, 08 Feb 2024 17:09:18 GMT
ETag: W/"ade-18d89b1f630"
Content-Type: image/png
Content-Length: 2782
Date: Thu, 18 Apr 2024 10:39:00 GMT
Connection: keep-alive

195.130.217.78:443

GET /ttpwp/resources/mimecast-icons.bb1a2cd16db9345fc437.woff2?25417273 HTTP/1.1
Host: security-eu.mimecast.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
Origin: https://security-eu.mimecast.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: font
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

HTTP/1.1 200 OK
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
Referrer-Policy: no-referrer
X-Robots-Tag: noindex, nofollow
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Thu, 08 Feb 2024 17:09:18 GMT
ETag: W/"92e8-18d89b1f630"
Content-Type: font/woff2
Content-Length: 37608
Date: Thu, 18 Apr 2024 10:39:00 GMT
Connection: keep-alive

195.130.217.78:443

GET /ttpwp/resources/main.5257ca6e429949972959.js HTTP/1.1
Host: security-eu.mimecast.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

HTTP/1.1 200 OK
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
Referrer-Policy: no-referrer
X-Robots-Tag: noindex, nofollow
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Thu, 08 Feb 2024 17:09:18 GMT
ETag: W/"fe6a4-18d89b1f630"
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 18 Apr 2024 10:39:00 GMT
Connection: keep-alive
Transfer-Encoding: chunked

195.130.217.78:443

GET /ttpwp/resources/languages/en.json HTTP/1.1
Host: security-eu.mimecast.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
Accept: application/json, text/plain, */*
DNT: 1
x-context-route: ttpwp
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-Type: application/json
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

HTTP/1.1 200 OK
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
Referrer-Policy: no-referrer
X-Robots-Tag: noindex, nofollow
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Thu, 08 Feb 2024 17:09:18 GMT
ETag: W/"4300-18d89b1f630"
Content-Type: application/json; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 18 Apr 2024 10:39:00 GMT
Connection: keep-alive
Transfer-Encoding: chunked

8.8.8.8:53

8.8.8.8:53

204.79.197.237:443

GET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=d5074bce810949fdabea2842c29667c7&localId=w:6B64A61F-3845-A817-60EE-6065BD62B10E&deviceId=6825832441214664&anid= HTTP/2.0
host: g.bing.com
accept-encoding: gzip, deflate
user-agent: WindowsShellClient/9.0.40929.0 (Windows)

HTTP/2.0 204
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=3B7F9B5426E0696115EE8F31270068F2; domain=.bing.com; expires=Tue, 13-May-2025 10:39:00 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 81CE1683FBB24DBAA874C9A836AEB538 Ref B: LON04EDGE1205 Ref C: 2024-04-18T10:39:00Z
date: Thu, 18 Apr 2024 10:38:59 GMT

204.79.197.237:443

GET /neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=d5074bce810949fdabea2842c29667c7&localId=w:6B64A61F-3845-A817-60EE-6065BD62B10E&deviceId=6825832441214664&anid= HTTP/2.0
host: g.bing.com
accept-encoding: gzip, deflate
user-agent: WindowsShellClient/9.0.40929.0 (Windows)
cookie: MUID=3B7F9B5426E0696115EE8F31270068F2

HTTP/2.0 204
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MSPTC=GkVS5hlgnIjh9AqiGXna4gKmAgJmXsCpo2xpi9UsBBY; domain=.bing.com; expires=Tue, 13-May-2025 10:39:00 GMT; path=/; Partitioned; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 54C59F1987AF4419B8F284F04B4D056C Ref B: LON04EDGE1205 Ref C: 2024-04-18T10:39:00Z
date: Thu, 18 Apr 2024 10:39:00 GMT

204.79.197.237:443

GET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=d5074bce810949fdabea2842c29667c7&localId=w:6B64A61F-3845-A817-60EE-6065BD62B10E&deviceId=6825832441214664&anid= HTTP/2.0
host: g.bing.com
accept-encoding: gzip, deflate
user-agent: WindowsShellClient/9.0.40929.0 (Windows)
cookie: MUID=3B7F9B5426E0696115EE8F31270068F2; MSPTC=GkVS5hlgnIjh9AqiGXna4gKmAgJmXsCpo2xpi9UsBBY

HTTP/2.0 204
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 229989274B9D428694156D9129C92B58 Ref B: LON04EDGE1205 Ref C: 2024-04-18T10:39:00Z
date: Thu, 18 Apr 2024 10:39:00 GMT

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53