hxxps://doportal[.]documentmailbox[.]com/RedirectTarget[.]aspx?Action=EmailRedirect&BrandingID=ConEdison&IdToken=4D0C767D-6C2F-11EB-812C-1C98EC1A1CCA&CheckSum=09205b8aVN92kl1vdHb01e516f6&TargetUrl=hxxps://dynamictech[.]co[.]ke/g63b/Acfn/98676/#?email=Y2ZvQGFjZm4uY29tDQ==

Analysis

max time kernel
40s
max time network
37s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
22/08/2024, 16:17 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://doportal.documentmailbox.com/RedirectTarget.aspx?Action=EmailRedirect&BrandingID=ConEdison&IdToken=4D0C767D-6C2F-11EB-812C-1C98EC1A1CCA&CheckSum=09205b8aVN92kl1vdHb01e516f6&TargetUrl=https://dynamictech.co.ke/g63b/Acfn/98676/#?email=Y2ZvQGFjZm4uY29tDQ==

Score

5^/10

microsoft discovery phishing

Malware Config

Signatures

Detected potential entity reuse from brand microsoft.
phishing microsoft
Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
544	msedge.exe
544	msedge.exe
880	msedge.exe
880	msedge.exe
888	identity_helper.exe
888	identity_helper.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs

pid	Process
880	msedge.exe
880	msedge.exe
880	msedge.exe
880	msedge.exe
880	msedge.exe
880	msedge.exe
880	msedge.exe
880	msedge.exe
880	msedge.exe
880	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
880	msedge.exe
880	msedge.exe
880	msedge.exe
880	msedge.exe
880	msedge.exe
880	msedge.exe
880	msedge.exe
880	msedge.exe
880	msedge.exe
880	msedge.exe
880	msedge.exe
880	msedge.exe
880	msedge.exe
880	msedge.exe
880	msedge.exe
880	msedge.exe
880	msedge.exe
880	msedge.exe
880	msedge.exe
880	msedge.exe
880	msedge.exe
880	msedge.exe
880	msedge.exe
880	msedge.exe
880	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
880	msedge.exe
880	msedge.exe
880	msedge.exe
880	msedge.exe
880	msedge.exe
880	msedge.exe
880	msedge.exe
880	msedge.exe
880	msedge.exe
880	msedge.exe
880	msedge.exe
880	msedge.exe
880	msedge.exe
880	msedge.exe
880	msedge.exe
880	msedge.exe
880	msedge.exe
880	msedge.exe
880	msedge.exe
880	msedge.exe
880	msedge.exe
880	msedge.exe
880	msedge.exe
880	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 880 wrote to memory of 4088	880	msedge.exe	84
PID 880 wrote to memory of 4088	880	msedge.exe	84
PID 880 wrote to memory of 1504	880	msedge.exe	85
PID 880 wrote to memory of 1504	880	msedge.exe	85
PID 880 wrote to memory of 1504	880	msedge.exe	85
PID 880 wrote to memory of 1504	880	msedge.exe	85
PID 880 wrote to memory of 1504	880	msedge.exe	85
PID 880 wrote to memory of 1504	880	msedge.exe	85
PID 880 wrote to memory of 1504	880	msedge.exe	85
PID 880 wrote to memory of 1504	880	msedge.exe	85
PID 880 wrote to memory of 1504	880	msedge.exe	85
PID 880 wrote to memory of 1504	880	msedge.exe	85
PID 880 wrote to memory of 1504	880	msedge.exe	85
PID 880 wrote to memory of 1504	880	msedge.exe	85
PID 880 wrote to memory of 1504	880	msedge.exe	85
PID 880 wrote to memory of 1504	880	msedge.exe	85
PID 880 wrote to memory of 1504	880	msedge.exe	85
PID 880 wrote to memory of 1504	880	msedge.exe	85
PID 880 wrote to memory of 1504	880	msedge.exe	85
PID 880 wrote to memory of 1504	880	msedge.exe	85
PID 880 wrote to memory of 1504	880	msedge.exe	85
PID 880 wrote to memory of 1504	880	msedge.exe	85
PID 880 wrote to memory of 1504	880	msedge.exe	85
PID 880 wrote to memory of 1504	880	msedge.exe	85
PID 880 wrote to memory of 1504	880	msedge.exe	85
PID 880 wrote to memory of 1504	880	msedge.exe	85
PID 880 wrote to memory of 1504	880	msedge.exe	85
PID 880 wrote to memory of 1504	880	msedge.exe	85
PID 880 wrote to memory of 1504	880	msedge.exe	85
PID 880 wrote to memory of 1504	880	msedge.exe	85
PID 880 wrote to memory of 1504	880	msedge.exe	85
PID 880 wrote to memory of 1504	880	msedge.exe	85
PID 880 wrote to memory of 1504	880	msedge.exe	85
PID 880 wrote to memory of 1504	880	msedge.exe	85
PID 880 wrote to memory of 1504	880	msedge.exe	85
PID 880 wrote to memory of 1504	880	msedge.exe	85
PID 880 wrote to memory of 1504	880	msedge.exe	85
PID 880 wrote to memory of 1504	880	msedge.exe	85
PID 880 wrote to memory of 1504	880	msedge.exe	85
PID 880 wrote to memory of 1504	880	msedge.exe	85
PID 880 wrote to memory of 1504	880	msedge.exe	85
PID 880 wrote to memory of 1504	880	msedge.exe	85
PID 880 wrote to memory of 544	880	msedge.exe	86
PID 880 wrote to memory of 544	880	msedge.exe	86
PID 880 wrote to memory of 2612	880	msedge.exe	87
PID 880 wrote to memory of 2612	880	msedge.exe	87
PID 880 wrote to memory of 2612	880	msedge.exe	87
PID 880 wrote to memory of 2612	880	msedge.exe	87
PID 880 wrote to memory of 2612	880	msedge.exe	87
PID 880 wrote to memory of 2612	880	msedge.exe	87
PID 880 wrote to memory of 2612	880	msedge.exe	87
PID 880 wrote to memory of 2612	880	msedge.exe	87
PID 880 wrote to memory of 2612	880	msedge.exe	87
PID 880 wrote to memory of 2612	880	msedge.exe	87
PID 880 wrote to memory of 2612	880	msedge.exe	87
PID 880 wrote to memory of 2612	880	msedge.exe	87
PID 880 wrote to memory of 2612	880	msedge.exe	87
PID 880 wrote to memory of 2612	880	msedge.exe	87
PID 880 wrote to memory of 2612	880	msedge.exe	87
PID 880 wrote to memory of 2612	880	msedge.exe	87
PID 880 wrote to memory of 2612	880	msedge.exe	87
PID 880 wrote to memory of 2612	880	msedge.exe	87
PID 880 wrote to memory of 2612	880	msedge.exe	87
PID 880 wrote to memory of 2612	880	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://doportal.documentmailbox.com/RedirectTarget.aspx?Action=EmailRedirect&BrandingID=ConEdison&IdToken=4D0C767D-6C2F-11EB-812C-1C98EC1A1CCA&CheckSum=09205b8aVN92kl1vdHb01e516f6&TargetUrl=https://dynamictech.co.ke/g63b/Acfn/98676/#?email=Y2ZvQGFjZm4uY29tDQ==
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:880
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff90a0446f8,0x7ff90a044708,0x7ff90a044718
  2⤵
  PID:4088
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,4933913048675861145,1380306964196710469,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2160 /prefetch:2
  2⤵
  PID:1504
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2108,4933913048675861145,1380306964196710469,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2228 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:544
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2108,4933913048675861145,1380306964196710469,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2816 /prefetch:8
  2⤵
  PID:2612
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,4933913048675861145,1380306964196710469,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3352 /prefetch:1
  2⤵
  PID:1100
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,4933913048675861145,1380306964196710469,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3364 /prefetch:1
  2⤵
  PID:2036
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,4933913048675861145,1380306964196710469,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4200 /prefetch:1
  2⤵
  PID:2576
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,4933913048675861145,1380306964196710469,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4792 /prefetch:1
  2⤵
  PID:4928
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,4933913048675861145,1380306964196710469,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4176 /prefetch:1
  2⤵
  PID:1928
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,4933913048675861145,1380306964196710469,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4036 /prefetch:1
  2⤵
  PID:812
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2108,4933913048675861145,1380306964196710469,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5648 /prefetch:8
  2⤵
  PID:3616
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2108,4933913048675861145,1380306964196710469,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5648 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:888
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,4933913048675861145,1380306964196710469,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5700 /prefetch:1
  2⤵
  PID:516
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,4933913048675861145,1380306964196710469,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5716 /prefetch:1
  2⤵
  PID:3224
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,4933913048675861145,1380306964196710469,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4156 /prefetch:1
  2⤵
  PID:3840
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,4933913048675861145,1380306964196710469,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6036 /prefetch:1
  2⤵
  PID:1140

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4764

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1416

Network

DNS

doportal.documentmailbox.com

msedge.exe

Remote address:

8.8.8.8:53

Request

doportal.documentmailbox.com

IN A

Response

doportal.documentmailbox.com

IN A

167.212.17.236
DNS

8.8.8.8.in-addr.arpa

Remote address:

8.8.8.8:53

Request

8.8.8.8.in-addr.arpa

IN PTR

Response

8.8.8.8.in-addr.arpa

IN PTR

dnsgoogle
GET

https://doportal.documentmailbox.com/RedirectTarget.aspx?Action=EmailRedirect&BrandingID=ConEdison&IdToken=4D0C767D-6C2F-11EB-812C-1C98EC1A1CCA&CheckSum=09205b8aVN92kl1vdHb01e516f6&TargetUrl=https://dynamictech.co.ke/g63b/Acfn/98676/

msedge.exe

Remote address:

167.212.17.236:443

Request

GET /RedirectTarget.aspx?Action=EmailRedirect&BrandingID=ConEdison&IdToken=4D0C767D-6C2F-11EB-812C-1C98EC1A1CCA&CheckSum=09205b8aVN92kl1vdHb01e516f6&TargetUrl=https://dynamictech.co.ke/g63b/Acfn/98676/ HTTP/1.1
Host: doportal.documentmailbox.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
DNT: 1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Cache-Control: private
Content-Type: text/html
Location: https://dynamictech.co.ke/g63b/Acfn/98676/
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Frame-Options: SAMEORIGIN
Date: Thu, 22 Aug 2024 16:17:53 GMT
Connection: close
DNS

dynamictech.co.ke

msedge.exe

Remote address:

8.8.8.8:53

Request

dynamictech.co.ke

IN A

Response

dynamictech.co.ke

IN A

192.185.171.234
DNS

23.159.190.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

23.159.190.20.in-addr.arpa

IN PTR

Response
DNS

73.144.22.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

73.144.22.2.in-addr.arpa

IN PTR

Response

73.144.22.2.in-addr.arpa

IN PTR

a2-22-144-73deploystaticakamaitechnologiescom
DNS

236.17.212.167.in-addr.arpa

Remote address:

8.8.8.8:53

Request

236.17.212.167.in-addr.arpa

IN PTR

Response
DNS

149.220.183.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

149.220.183.52.in-addr.arpa

IN PTR

Response
DNS

95.221.229.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

95.221.229.192.in-addr.arpa

IN PTR

Response
DNS

g.bing.com

Remote address:

8.8.8.8:53

Request

g.bing.com

IN A

Response

g.bing.com

IN CNAME

g-bing-com.ax-0001.ax-msedge.net

g-bing-com.ax-0001.ax-msedge.net

IN CNAME

ax-0001.ax-msedge.net

ax-0001.ax-msedge.net

IN A

150.171.28.10

ax-0001.ax-msedge.net

IN A

150.171.27.10
GET

https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=c3b02a944f674db48cf482142a847316&localId=w:BB8B17D4-59B3-6ACA-B6DD-FE09489D2C70&deviceId=6896205358085503&anid=

Remote address:

150.171.28.10:443

Request

GET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=c3b02a944f674db48cf482142a847316&localId=w:BB8B17D4-59B3-6ACA-B6DD-FE09489D2C70&deviceId=6896205358085503&anid= HTTP/2.0
host: g.bing.com
accept-encoding: gzip, deflate
user-agent: WindowsShellClient/9.0.40929.0 (Windows)

Response

HTTP/2.0 204

cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=3B5B75E1C16C699C1BE56102C08C6849; domain=.bing.com; expires=Tue, 16-Sep-2025 16:17:54 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E22A87BA8E644C5C85FB4D1730609BFC Ref B: LON04EDGE1219 Ref C: 2024-08-22T16:17:54Z
date: Thu, 22 Aug 2024 16:17:53 GMT
GET

https://g.bing.com/neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=c3b02a944f674db48cf482142a847316&localId=w:BB8B17D4-59B3-6ACA-B6DD-FE09489D2C70&deviceId=6896205358085503&anid=

Remote address:

150.171.28.10:443

Request

GET /neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=c3b02a944f674db48cf482142a847316&localId=w:BB8B17D4-59B3-6ACA-B6DD-FE09489D2C70&deviceId=6896205358085503&anid= HTTP/2.0
host: g.bing.com
accept-encoding: gzip, deflate
user-agent: WindowsShellClient/9.0.40929.0 (Windows)
cookie: MUID=3B5B75E1C16C699C1BE56102C08C6849

Response

HTTP/2.0 204

cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MSPTC=_HCReb928iMpwOjx7m_-X2UZknFQ16cXWMv0TU-5LXo; domain=.bing.com; expires=Tue, 16-Sep-2025 16:17:54 GMT; path=/; Partitioned; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8F2F39763EB742C284DB7691FAA763A3 Ref B: LON04EDGE1219 Ref C: 2024-08-22T16:17:54Z
date: Thu, 22 Aug 2024 16:17:53 GMT
GET

https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=c3b02a944f674db48cf482142a847316&localId=w:BB8B17D4-59B3-6ACA-B6DD-FE09489D2C70&deviceId=6896205358085503&anid=

Remote address:

150.171.28.10:443

Request

GET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=c3b02a944f674db48cf482142a847316&localId=w:BB8B17D4-59B3-6ACA-B6DD-FE09489D2C70&deviceId=6896205358085503&anid= HTTP/2.0
host: g.bing.com
accept-encoding: gzip, deflate
user-agent: WindowsShellClient/9.0.40929.0 (Windows)
cookie: MUID=3B5B75E1C16C699C1BE56102C08C6849; MSPTC=_HCReb928iMpwOjx7m_-X2UZknFQ16cXWMv0TU-5LXo

Response

HTTP/2.0 204

cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A53A2E47896E472FA3800D4275503C7A Ref B: LON04EDGE1219 Ref C: 2024-08-22T16:17:54Z
date: Thu, 22 Aug 2024 16:17:53 GMT
GET

https://dynamictech.co.ke/g63b/Acfn/98676/

msedge.exe

Remote address:

192.185.171.234:443

Request

GET /g63b/Acfn/98676/ HTTP/2.0
host: dynamictech.co.ke
dnt: 1
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

vary: Accept-Encoding
content-encoding: gzip
content-length: 182
content-type: text/html; charset=UTF-8
date: Thu, 22 Aug 2024 16:17:54 GMT
server: Apache
GET

https://dynamictech.co.ke/0/index.xml

msedge.exe

Remote address:

192.185.171.234:443

Request

GET /0/index.xml HTTP/2.0
host: dynamictech.co.ke
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://dynamictech.co.ke/g63b/Acfn/98676/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Wed, 03 Jul 2024 18:06:22 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 113
content-type: application/xml
date: Thu, 22 Aug 2024 16:17:54 GMT
server: Apache
GET

https://dynamictech.co.ke/0/index.xslt

msedge.exe

Remote address:

192.185.171.234:443

Request

GET /0/index.xslt HTTP/2.0
host: dynamictech.co.ke
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
accept: text/css,*/*;q=0.1
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-site: same-origin
sec-fetch-mode: same-origin
sec-fetch-dest: xslt
referer: https://dynamictech.co.ke/0/index.xml
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Thu, 22 Aug 2024 13:19:26 GMT
accept-ranges: bytes
content-length: 1826
content-type: application/xslt+xml
date: Thu, 22 Aug 2024 16:17:55 GMT
server: Apache
GET

https://dynamictech.co.ke/favicon.ico

msedge.exe

Remote address:

192.185.171.234:443

Request

GET /favicon.ico HTTP/2.0
host: dynamictech.co.ke
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://dynamictech.co.ke/0/index.xml
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

234.171.185.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

234.171.185.192.in-addr.arpa

IN PTR

Response

234.171.185.192.in-addr.arpa

IN PTR

192-185-171-234unifiedlayercom
DNS

fsbtv.contempi.su

msedge.exe

Remote address:

8.8.8.8:53

Request

fsbtv.contempi.su

IN A

Response

fsbtv.contempi.su

IN A

104.21.55.27

fsbtv.contempi.su

IN A

172.67.144.37
GET

https://fsbtv.contempi.su/DJuy2C6F/

msedge.exe

Remote address:

104.21.55.27:443

Request

GET /DJuy2C6F/ HTTP/2.0
host: fsbtv.contempi.su
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://dynamictech.co.ke/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 22 Aug 2024 16:17:56 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MfLz4%2BaLxOiP%2FgDeZadQhqffukf%2BPB%2Fi%2BfxFy5Do%2FJEOOOvXPiXTBcxl7ZeE4bcNFbEpxvEuOjyFbK5trIPHxHxI8qKsFqrDGoTe27Bnh5VNU9eU%2F4b6o1anxzcrUw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
set-cookie: XSRF-TOKEN=eyJpdiI6Ikd6VUkrWnZpZmZEZXgvT1QxNWdCQ2c9PSIsInZhbHVlIjoiY2NVZjV4NGtYOEtkcUpudHhEZmdhZ0JlcE9mUldEOUN0Vjcrb24za3V3UTA1RlZ3WVdvWkJjVFc5clVEdENCV3lrd3ZrYUJnaldIVER3UGpxcTArNmk3alhXVjArbEhiWXFGcmVKRVZ3SnM1UlZOYnNneHNhNGpKNG96SjNWZngiLCJtYWMiOiI0YzRiMTU5ZGRlMDI5NTU2M2U2YWZiNjgwMmZmMjZkNjgyMmVhYzBjNTMzOTQ0NDc1NWNiZTY1NjA2NjliZjQwIiwidGFnIjoiIn0%3D; expires=Thu, 22-Aug-2024 18:17:56 GMT; Max-Age=7200; path=/; secure; samesite=none
set-cookie: laravel_session=eyJpdiI6ImdLbk9EbHFNbzBLRnlLYkUvUXJtVmc9PSIsInZhbHVlIjoiRDJhcXBJck1KdExZNjhiQkF5K3RYK1g3WjNWS1A5TjRhSVpLT3JnbTkyQmJhRWJmK1RkUERjNzA5ZVNHZzRqcEJDNVJZcC9vNC9ETk94OVV1SFM0c3YwVWtPTFo0WEZObVc3eFBPckZQS25vRnNIM0V6TkV6dUJoL0QxVW03NzMiLCJtYWMiOiIxZGQ1Nzk3ZmFmOGRiMWVjYjU1ZjhlZTk0MDEzMjY3NzNiYmMxMGZkNDczNjY4ZmU0YzNmOTVjMDM0YmFkZDg5IiwidGFnIjoiIn0%3D; expires=Thu, 22-Aug-2024 18:17:56 GMT; Max-Age=7200; path=/; secure; httponly; samesite=none
server: cloudflare
cf-ray: 8b742d07589a7713-LHR
content-encoding: br
GET

https://fsbtv.contempi.su/favicon.ico

msedge.exe

Remote address:

104.21.55.27:443

Request

GET /favicon.ico HTTP/2.0
host: fsbtv.contempi.su
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://fsbtv.contempi.su/DJuy2C6F/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6Ikd6VUkrWnZpZmZEZXgvT1QxNWdCQ2c9PSIsInZhbHVlIjoiY2NVZjV4NGtYOEtkcUpudHhEZmdhZ0JlcE9mUldEOUN0Vjcrb24za3V3UTA1RlZ3WVdvWkJjVFc5clVEdENCV3lrd3ZrYUJnaldIVER3UGpxcTArNmk3alhXVjArbEhiWXFGcmVKRVZ3SnM1UlZOYnNneHNhNGpKNG96SjNWZngiLCJtYWMiOiI0YzRiMTU5ZGRlMDI5NTU2M2U2YWZiNjgwMmZmMjZkNjgyMmVhYzBjNTMzOTQ0NDc1NWNiZTY1NjA2NjliZjQwIiwidGFnIjoiIn0%3D
cookie: laravel_session=eyJpdiI6ImdLbk9EbHFNbzBLRnlLYkUvUXJtVmc9PSIsInZhbHVlIjoiRDJhcXBJck1KdExZNjhiQkF5K3RYK1g3WjNWS1A5TjRhSVpLT3JnbTkyQmJhRWJmK1RkUERjNzA5ZVNHZzRqcEJDNVJZcC9vNC9ETk94OVV1SFM0c3YwVWtPTFo0WEZObVc3eFBPckZQS25vRnNIM0V6TkV6dUJoL0QxVW03NzMiLCJtYWMiOiIxZGQ1Nzk3ZmFmOGRiMWVjYjU1ZjhlZTk0MDEzMjY3NzNiYmMxMGZkNDczNjY4ZmU0YzNmOTVjMDM0YmFkZDg5IiwidGFnIjoiIn0%3D

Response

HTTP/2.0 404

date: Thu, 22 Aug 2024 16:17:56 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
age: 9512
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2YLl5pe67gTyPl23EGYXYaPHhcpfQ9BzoyEVCE5QRNcdfRB%2FOmrdAuQIHP%2FAgAIrAsfQZcJnTOPh9b50ZYI%2Bcszn%2BFfABRzXdTOTX7zo7opFQC8Fk3331ytUvKa%2Bdg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
server: cloudflare
cf-ray: 8b742d0adc4e7713-LHR
content-encoding: br
POST

https://fsbtv.contempi.su/clx7eS8pK1GVOJPP4dHNuarOoPa6pbD2Ghpd

msedge.exe

Remote address:

104.21.55.27:443

Request

POST /clx7eS8pK1GVOJPP4dHNuarOoPa6pbD2Ghpd HTTP/2.0
host: fsbtv.contempi.su
content-length: 1206
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: multipart/form-data; boundary=----WebKitFormBoundaryyTqvX9kNWj8cwdM6
accept: */*
origin: https://fsbtv.contempi.su
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://fsbtv.contempi.su/DJuy2C6F/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6Ikd6VUkrWnZpZmZEZXgvT1QxNWdCQ2c9PSIsInZhbHVlIjoiY2NVZjV4NGtYOEtkcUpudHhEZmdhZ0JlcE9mUldEOUN0Vjcrb24za3V3UTA1RlZ3WVdvWkJjVFc5clVEdENCV3lrd3ZrYUJnaldIVER3UGpxcTArNmk3alhXVjArbEhiWXFGcmVKRVZ3SnM1UlZOYnNneHNhNGpKNG96SjNWZngiLCJtYWMiOiI0YzRiMTU5ZGRlMDI5NTU2M2U2YWZiNjgwMmZmMjZkNjgyMmVhYzBjNTMzOTQ0NDc1NWNiZTY1NjA2NjliZjQwIiwidGFnIjoiIn0%3D
cookie: laravel_session=eyJpdiI6ImdLbk9EbHFNbzBLRnlLYkUvUXJtVmc9PSIsInZhbHVlIjoiRDJhcXBJck1KdExZNjhiQkF5K3RYK1g3WjNWS1A5TjRhSVpLT3JnbTkyQmJhRWJmK1RkUERjNzA5ZVNHZzRqcEJDNVJZcC9vNC9ETk94OVV1SFM0c3YwVWtPTFo0WEZObVc3eFBPckZQS25vRnNIM0V6TkV6dUJoL0QxVW03NzMiLCJtYWMiOiIxZGQ1Nzk3ZmFmOGRiMWVjYjU1ZjhlZTk0MDEzMjY3NzNiYmMxMGZkNDczNjY4ZmU0YzNmOTVjMDM0YmFkZDg5IiwidGFnIjoiIn0%3D

Response

HTTP/2.0 200

date: Thu, 22 Aug 2024 16:18:06 GMT
content-type: application/json
cache-control: no-cache, private
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tg2Tyz6rwOtsGoZFPZtbkqhvvZubnbILUZl8JWCtQLYa2FHbUgV9HYFGYmnUNXNCgMmnf4PusXqFgveZgwqBh%2F1eADub62MXWy%2Bp2a4D3Rdb0Urv8VznCrjzxq49iA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
set-cookie: XSRF-TOKEN=eyJpdiI6InBhbzNIaW01bmFMU2J0VDNERkIzSGc9PSIsInZhbHVlIjoieXNhQVNFcllhamYzNDQ3Rml0ZDJXc1VhYXE3UWsvVXZ2UURTaGtHRTBnTSsvTnhpOEl2Uk9aUUo2OFM1ZVlQZXphc284TG5UbXcrNlNuZ1NOeUJSQ09sRUlYa2N2R0Y2MFpxNGdWNHIxSUJvYUF6R0JZNHh1L3lqdEZmWWFiVS8iLCJtYWMiOiIwNDZjNDY4Nzc0MTJjZDQ5OGYxMzk1MWMwNjQwMTkyMGNmODUyMTAwZWM5YTgzYjdiOGY4NTM0ZjdmZjY4NzdjIiwidGFnIjoiIn0%3D; expires=Thu, 22-Aug-2024 18:18:05 GMT; Max-Age=7200; path=/; secure; samesite=none
set-cookie: laravel_session=eyJpdiI6InpSSDV3NzRLNnUrTGRESFB0Ny9BT0E9PSIsInZhbHVlIjoiL1BreTAxWUtXT05Zcy8zdlJmQkMwU3hmREc4U24wU2Jjc2tIM1ZMS2p3cjZCbDhKN2FmR0Fjc3hHa3lNeENXOVB3S1doVlIvTFh0aWRIWFBNeVVKd2kzVldMay81YmsyV25Mcm16MnFoV3ZFWmlQREtHMFR6UlFReUw2QU4wNVciLCJtYWMiOiIzNmM0ZTliMDVlN2I5NWZmNGE4MGIwMjdmNjQwNTdiN2YwNWY1NzY0YWFmM2Y2YzI0NGU4YjkyNDIzNWRjMzUzIiwidGFnIjoiIn0%3D; expires=Thu, 22-Aug-2024 18:18:05 GMT; Max-Age=7200; path=/; secure; httponly; samesite=none
server: cloudflare
cf-ray: 8b742d402e7b7713-LHR
content-encoding: br
GET

https://fsbtv.contempi.su/DJuy2C6F/

msedge.exe

Remote address:

104.21.55.27:443

Request

GET /DJuy2C6F/ HTTP/2.0
host: fsbtv.contempi.su
cache-control: max-age=0
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
referer: https://fsbtv.contempi.su/DJuy2C6F/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6InBhbzNIaW01bmFMU2J0VDNERkIzSGc9PSIsInZhbHVlIjoieXNhQVNFcllhamYzNDQ3Rml0ZDJXc1VhYXE3UWsvVXZ2UURTaGtHRTBnTSsvTnhpOEl2Uk9aUUo2OFM1ZVlQZXphc284TG5UbXcrNlNuZ1NOeUJSQ09sRUlYa2N2R0Y2MFpxNGdWNHIxSUJvYUF6R0JZNHh1L3lqdEZmWWFiVS8iLCJtYWMiOiIwNDZjNDY4Nzc0MTJjZDQ5OGYxMzk1MWMwNjQwMTkyMGNmODUyMTAwZWM5YTgzYjdiOGY4NTM0ZjdmZjY4NzdjIiwidGFnIjoiIn0%3D
cookie: laravel_session=eyJpdiI6InpSSDV3NzRLNnUrTGRESFB0Ny9BT0E9PSIsInZhbHVlIjoiL1BreTAxWUtXT05Zcy8zdlJmQkMwU3hmREc4U24wU2Jjc2tIM1ZMS2p3cjZCbDhKN2FmR0Fjc3hHa3lNeENXOVB3S1doVlIvTFh0aWRIWFBNeVVKd2kzVldMay81YmsyV25Mcm16MnFoV3ZFWmlQREtHMFR6UlFReUw2QU4wNVciLCJtYWMiOiIzNmM0ZTliMDVlN2I5NWZmNGE4MGIwMjdmNjQwNTdiN2YwNWY1NzY0YWFmM2Y2YzI0NGU4YjkyNDIzNWRjMzUzIiwidGFnIjoiIn0%3D

Response

HTTP/2.0 200

date: Thu, 22 Aug 2024 16:18:06 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ezwr8Dn%2BdhpeTCG9m3lCGYVBTsXyXQdJ2sFm5Pi%2B1N8OvGALdz%2FMB%2BZDj%2BjS%2B%2F5bhZs8uB7dU9i6hARaTUsCQvJfTs2F86%2FkuDDjBUPuWLIo9RVEyQOvJD9WyoDm7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
set-cookie: XSRF-TOKEN=eyJpdiI6ImJpRjlGUktoNnNVNWRXd3JTTFhvSVE9PSIsInZhbHVlIjoiY3haZXkzam83ZnUzMGRhbnUzVWpCbGZGeEkyYUhqSnBSQnRqc2VxbWNMT1JOREZ6aERaQlVuVW1KejhpQm1BRnRSTmJPUFk2MjNDV1QwRDdwRWk3RllrdnNOU0tGZnJWbXdxSGpRTDVFOXk1eWl0UHJXV3plRG5BSHd0aGJrVGMiLCJtYWMiOiJjZjYyZWNhNTk3ZDNlY2Q1ZmJhNWFiMGRhNDFjZTQ4NTFjMzJmOGQ3MDY5NTI5N2QxMDc2MzQ2YjZlM2Y1ZDM0IiwidGFnIjoiIn0%3D; expires=Thu, 22-Aug-2024 18:18:06 GMT; Max-Age=7200; path=/; secure; samesite=none
set-cookie: laravel_session=eyJpdiI6ImpuYkh2azduSktWSmxoS2hLTU01R1E9PSIsInZhbHVlIjoia1JYTldyaEM0M0ZpeEpWSForL1lpc3dZSmVNVGVhdFRkcGRzUDZpanFmRW5tZFlQcndZbE9nbDlOYStoOWY0NWI2MzkzVzFYekNEdXR6TkhPZGlUK3B0cFRmVFJRdDhZQ09yeitpT0g4UzZvQ0pKQlowcHlGMHpSWWY2UWtZczIiLCJtYWMiOiIzMDUwNmJkYzFiYTJiMWIwY2JmODljOWExODY0NGVjNjI1MDk0ZGFhM2Y1YjdmMWY3OGRlOGMzMDdkMjczODgwIiwidGFnIjoiIn0%3D; expires=Thu, 22-Aug-2024 18:18:06 GMT; Max-Age=7200; path=/; secure; httponly; samesite=none
server: cloudflare
cf-ray: 8b742d443ab97713-LHR
content-encoding: br
GET

https://fsbtv.contempi.su/DJuy2C6F/?aDcfo@acfn.com

msedge.exe

Remote address:

104.21.55.27:443

Request

GET /DJuy2C6F/?aDcfo@acfn.com HTTP/2.0
host: fsbtv.contempi.su
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://fsbtv.contempi.su/DJuy2C6F/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6ImJpRjlGUktoNnNVNWRXd3JTTFhvSVE9PSIsInZhbHVlIjoiY3haZXkzam83ZnUzMGRhbnUzVWpCbGZGeEkyYUhqSnBSQnRqc2VxbWNMT1JOREZ6aERaQlVuVW1KejhpQm1BRnRSTmJPUFk2MjNDV1QwRDdwRWk3RllrdnNOU0tGZnJWbXdxSGpRTDVFOXk1eWl0UHJXV3plRG5BSHd0aGJrVGMiLCJtYWMiOiJjZjYyZWNhNTk3ZDNlY2Q1ZmJhNWFiMGRhNDFjZTQ4NTFjMzJmOGQ3MDY5NTI5N2QxMDc2MzQ2YjZlM2Y1ZDM0IiwidGFnIjoiIn0%3D
cookie: laravel_session=eyJpdiI6ImpuYkh2azduSktWSmxoS2hLTU01R1E9PSIsInZhbHVlIjoia1JYTldyaEM0M0ZpeEpWSForL1lpc3dZSmVNVGVhdFRkcGRzUDZpanFmRW5tZFlQcndZbE9nbDlOYStoOWY0NWI2MzkzVzFYekNEdXR6TkhPZGlUK3B0cFRmVFJRdDhZQ09yeitpT0g4UzZvQ0pKQlowcHlGMHpSWWY2UWtZczIiLCJtYWMiOiIzMDUwNmJkYzFiYTJiMWIwY2JmODljOWExODY0NGVjNjI1MDk0ZGFhM2Y1YjdmMWY3OGRlOGMzMDdkMjczODgwIiwidGFnIjoiIn0%3D

Response

HTTP/2.0 302

date: Thu, 22 Aug 2024 16:18:06 GMT
content-type: text/html; charset=UTF-8
location: https://fsbtv.contempi.su/mxqxpuzhtczeukcyueislqrdnmuhnapo6689250660031690988124331668524956xtgppvwolh3wj5wikxeld333g2ptsc7rxn?xsbkvhcxfzjlmocpcyvpnrjsretgegby2717374538688782003044210682881066d9gowf9tbf3cb8k8ouw2tmqcoyce1tu306
cache-control: no-cache, private
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t0om4opKjBamplTIs%2FoykTayA1KfOlX%2BMOMudHeqyVrzVllMyy3Ktd7SbTetyxMZRJvrGb8db32eWvBnvtKBnADiVXvp%2BukiTx5XkKShmwFTWaz1qYlpUH4Z6qqcIg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
set-cookie: XSRF-TOKEN=eyJpdiI6ImljQitpWmY0YmVUSEN0SXRPNENRN2c9PSIsInZhbHVlIjoiWXIzSm05eEZCM3JxR2RLcjVGUWZOUkJ4Q2YxcHhvRXFNZGZoQjg0MitaOG9iMUF2aUpwZEtTVkU3Nm1mVUFmZXIrWEgyUVJGcW4zalNNUUlFSWJZNXlTNXpqU0pYRmFCaVJOMDNQTEZwMzVVbGF6ZXhvSFVSN3AveXlqTWNTc2EiLCJtYWMiOiI5NDU0MTZiYmVkNDE1MzI2ZTczZGIwZDMxMzhiMjIyZGEzODU0ZDZmODM5MzA2ZjBiOTZkZjZlZDdkNzg0NDU2IiwidGFnIjoiIn0%3D; expires=Thu, 22-Aug-2024 18:18:06 GMT; Max-Age=7200; path=/; secure; samesite=none
set-cookie: laravel_session=eyJpdiI6IjM2UytSN3lQUnhiU0tSeEgyZFFvN3c9PSIsInZhbHVlIjoiTzBUaENKNy82SzRRMHRrcnNNaHpHMWpoZVd2cEFDbmx0QjFSR2dOeEV1TnRtUks4RXhtMEQwNE12TmwwQkZkSFhNeml4MStYSlMraUowYzlLeXRzdldFSTB3NzMxWWxlYnZIaERUSlRSQWxrWktlSFAzU1hHNkpVbVgyTS9LL3ciLCJtYWMiOiJhMjAxYmJkNzBkN2MzYmNlYTIxM2I4MDhlYmY5YTNkMDA2NzQwNDdiYmY4OWZhNWEzMGQ4MGVkNDNjZGI0Mzk3IiwidGFnIjoiIn0%3D; expires=Thu, 22-Aug-2024 18:18:06 GMT; Max-Age=7200; path=/; secure; httponly; samesite=none
server: cloudflare
cf-ray: 8b742d46bdb47713-LHR
GET

https://fsbtv.contempi.su/mxqxpuzhtczeukcyueislqrdnmuhnapo6689250660031690988124331668524956xtgppvwolh3wj5wikxeld333g2ptsc7rxn?xsbkvhcxfzjlmocpcyvpnrjsretgegby2717374538688782003044210682881066d9gowf9tbf3cb8k8ouw2tmqcoyce1tu306

msedge.exe

Remote address:

104.21.55.27:443

Request

GET /mxqxpuzhtczeukcyueislqrdnmuhnapo6689250660031690988124331668524956xtgppvwolh3wj5wikxeld333g2ptsc7rxn?xsbkvhcxfzjlmocpcyvpnrjsretgegby2717374538688782003044210682881066d9gowf9tbf3cb8k8ouw2tmqcoyce1tu306 HTTP/2.0
host: fsbtv.contempi.su
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://fsbtv.contempi.su/DJuy2C6F/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6ImljQitpWmY0YmVUSEN0SXRPNENRN2c9PSIsInZhbHVlIjoiWXIzSm05eEZCM3JxR2RLcjVGUWZOUkJ4Q2YxcHhvRXFNZGZoQjg0MitaOG9iMUF2aUpwZEtTVkU3Nm1mVUFmZXIrWEgyUVJGcW4zalNNUUlFSWJZNXlTNXpqU0pYRmFCaVJOMDNQTEZwMzVVbGF6ZXhvSFVSN3AveXlqTWNTc2EiLCJtYWMiOiI5NDU0MTZiYmVkNDE1MzI2ZTczZGIwZDMxMzhiMjIyZGEzODU0ZDZmODM5MzA2ZjBiOTZkZjZlZDdkNzg0NDU2IiwidGFnIjoiIn0%3D
cookie: laravel_session=eyJpdiI6IjM2UytSN3lQUnhiU0tSeEgyZFFvN3c9PSIsInZhbHVlIjoiTzBUaENKNy82SzRRMHRrcnNNaHpHMWpoZVd2cEFDbmx0QjFSR2dOeEV1TnRtUks4RXhtMEQwNE12TmwwQkZkSFhNeml4MStYSlMraUowYzlLeXRzdldFSTB3NzMxWWxlYnZIaERUSlRSQWxrWktlSFAzU1hHNkpVbVgyTS9LL3ciLCJtYWMiOiJhMjAxYmJkNzBkN2MzYmNlYTIxM2I4MDhlYmY5YTNkMDA2NzQwNDdiYmY4OWZhNWEzMGQ4MGVkNDNjZGI0Mzk3IiwidGFnIjoiIn0%3D

Response

HTTP/2.0 200

date: Thu, 22 Aug 2024 16:18:07 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fnQXltK4L3uVt0220iyuazXmUYChHRzocF%2BIq7NHu5lP1rM7JFLx%2FxZNU6lo7tgWDkOUrctiGz6F7TUfCMEwNsP1qVgsH2FGs0mx9m9JgoZn3Y5INFFm3OE9I7nn6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
set-cookie: XSRF-TOKEN=eyJpdiI6IndVd2labWdCMExCZkRmR296dnI3R1E9PSIsInZhbHVlIjoieHFBbFo5LzdHMnNKL0JSRWU0ejloMzlCVlgzWWRHZGU1TFhxQnNPT2k4NjlvQWZvekt4aWxWSDRhNnhiMUZGemxGTWdzdkxCaFJBekJCSFl5TTBWQ1JxUnY3ZTk1UnE0ZTF6dWlpTGdSR0wyUTg1d0w1MldJcEt4S1RrTm5vSHYiLCJtYWMiOiI1ZTE3MzE1ZGIyOTQ5NjY1MzBkMGM4NGFlNGIwMjg1Nzk1ZDk5YWU5ZjhlOGRmYWQ5NDEyMmMzNTlhYzE5MGUwIiwidGFnIjoiIn0%3D; expires=Thu, 22-Aug-2024 18:18:07 GMT; Max-Age=7200; path=/; secure; samesite=none
set-cookie: laravel_session=eyJpdiI6ImlPd2lIOFVWU29qa0pVdkl1Y1FOU3c9PSIsInZhbHVlIjoiVHVWb3BIQTNNQmZ4S0p0M0l4ak56OHZjMDlndXkzSkYydy9vMk5oTEdRRHdCaVJUdTlQR0d1b2lSSDIyVjU3TTBZZUJYVHNjU011RS9hL3BybXNhSW5JUFdnSWM0dlFVTXVudEZ5Njl1VkZ3bXRBTW9JMVNNL21nc29kdEtyV2UiLCJtYWMiOiIxNTYyMzFjMGYxMmM2MTFiZjgzYmU2NDVkMjNmMDM2NTE1NDhhNjNiZjA5MDNmNjIzMWY5ODcxNDRmZmY5YmY2IiwidGFnIjoiIn0%3D; expires=Thu, 22-Aug-2024 18:18:07 GMT; Max-Age=7200; path=/; secure; httponly; samesite=none
server: cloudflare
cf-ray: 8b742d48f86b7713-LHR
content-encoding: br
GET

https://fsbtv.contempi.su/347Ds3PA9icRkcdwoa8911

msedge.exe

Remote address:

104.21.55.27:443

Request

GET /347Ds3PA9icRkcdwoa8911 HTTP/2.0
host: fsbtv.contempi.su
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://fsbtv.contempi.su/mxqxpuzhtczeukcyueislqrdnmuhnapo6689250660031690988124331668524956xtgppvwolh3wj5wikxeld333g2ptsc7rxn?xsbkvhcxfzjlmocpcyvpnrjsretgegby2717374538688782003044210682881066d9gowf9tbf3cb8k8ouw2tmqcoyce1tu306
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6IndVd2labWdCMExCZkRmR296dnI3R1E9PSIsInZhbHVlIjoieHFBbFo5LzdHMnNKL0JSRWU0ejloMzlCVlgzWWRHZGU1TFhxQnNPT2k4NjlvQWZvekt4aWxWSDRhNnhiMUZGemxGTWdzdkxCaFJBekJCSFl5TTBWQ1JxUnY3ZTk1UnE0ZTF6dWlpTGdSR0wyUTg1d0w1MldJcEt4S1RrTm5vSHYiLCJtYWMiOiI1ZTE3MzE1ZGIyOTQ5NjY1MzBkMGM4NGFlNGIwMjg1Nzk1ZDk5YWU5ZjhlOGRmYWQ5NDEyMmMzNTlhYzE5MGUwIiwidGFnIjoiIn0%3D
cookie: laravel_session=eyJpdiI6ImlPd2lIOFVWU29qa0pVdkl1Y1FOU3c9PSIsInZhbHVlIjoiVHVWb3BIQTNNQmZ4S0p0M0l4ak56OHZjMDlndXkzSkYydy9vMk5oTEdRRHdCaVJUdTlQR0d1b2lSSDIyVjU3TTBZZUJYVHNjU011RS9hL3BybXNhSW5JUFdnSWM0dlFVTXVudEZ5Njl1VkZ3bXRBTW9JMVNNL21nc29kdEtyV2UiLCJtYWMiOiIxNTYyMzFjMGYxMmM2MTFiZjgzYmU2NDVkMjNmMDM2NTE1NDhhNjNiZjA5MDNmNjIzMWY5ODcxNDRmZmY5YmY2IiwidGFnIjoiIn0%3D

Response

HTTP/2.0 200

date: Thu, 22 Aug 2024 16:18:07 GMT
content-type: font/woff
content-length: 35970
content-disposition: inline; filename="12sWJ0YWJx56O4bop50"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qYijy%2Fgm8bcFGsvtIC3dEfrRSbBCAOO28UJ3JNKfG4pBnpMx%2FSWtA86VslyCZB7aBbZwQQcWzkq2rTMuHDe5SG32MbTS2z%2BCjAVMdVb754%2BKrjlErICN2WyHpFHLFA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server: cloudflare
cf-ray: 8b742d4dade47713-LHR
GET

https://fsbtv.contempi.su/aba9mxy6FXoaIWrsjIgh24

msedge.exe

Remote address:

104.21.55.27:443

Request

GET /aba9mxy6FXoaIWrsjIgh24 HTTP/2.0
host: fsbtv.contempi.su
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://fsbtv.contempi.su/mxqxpuzhtczeukcyueislqrdnmuhnapo6689250660031690988124331668524956xtgppvwolh3wj5wikxeld333g2ptsc7rxn?xsbkvhcxfzjlmocpcyvpnrjsretgegby2717374538688782003044210682881066d9gowf9tbf3cb8k8ouw2tmqcoyce1tu306
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6IndVd2labWdCMExCZkRmR296dnI3R1E9PSIsInZhbHVlIjoieHFBbFo5LzdHMnNKL0JSRWU0ejloMzlCVlgzWWRHZGU1TFhxQnNPT2k4NjlvQWZvekt4aWxWSDRhNnhiMUZGemxGTWdzdkxCaFJBekJCSFl5TTBWQ1JxUnY3ZTk1UnE0ZTF6dWlpTGdSR0wyUTg1d0w1MldJcEt4S1RrTm5vSHYiLCJtYWMiOiI1ZTE3MzE1ZGIyOTQ5NjY1MzBkMGM4NGFlNGIwMjg1Nzk1ZDk5YWU5ZjhlOGRmYWQ5NDEyMmMzNTlhYzE5MGUwIiwidGFnIjoiIn0%3D
cookie: laravel_session=eyJpdiI6ImlPd2lIOFVWU29qa0pVdkl1Y1FOU3c9PSIsInZhbHVlIjoiVHVWb3BIQTNNQmZ4S0p0M0l4ak56OHZjMDlndXkzSkYydy9vMk5oTEdRRHdCaVJUdTlQR0d1b2lSSDIyVjU3TTBZZUJYVHNjU011RS9hL3BybXNhSW5JUFdnSWM0dlFVTXVudEZ5Njl1VkZ3bXRBTW9JMVNNL21nc29kdEtyV2UiLCJtYWMiOiIxNTYyMzFjMGYxMmM2MTFiZjgzYmU2NDVkMjNmMDM2NTE1NDhhNjNiZjA5MDNmNjIzMWY5ODcxNDRmZmY5YmY2IiwidGFnIjoiIn0%3D

Response

HTTP/2.0 200

date: Thu, 22 Aug 2024 16:18:07 GMT
content-type: text/css;charset=UTF-8
content-disposition: inline; filename="347Ds3PA9icRkcdwoa8911"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9KdfnhhWmH0VpDaN%2B7opDQCLdlf7C1yxABBpyOaY4s6JQEbqoTIQTLKPyZyEEu9yekKX2214DO03bKtti3o850w1gP4IxeZD1GuyUzoI0i%2BGzh1zHm6ncbEViIZblQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server: cloudflare
cf-ray: 8b742d4dade07713-LHR
content-encoding: br
GET

https://fsbtv.contempi.su/pq8Tk403hu340SJUuv40

msedge.exe

Remote address:

104.21.55.27:443

Request

GET /pq8Tk403hu340SJUuv40 HTTP/2.0
host: fsbtv.contempi.su
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://fsbtv.contempi.su
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://fsbtv.contempi.su/mxqxpuzhtczeukcyueislqrdnmuhnapo6689250660031690988124331668524956xtgppvwolh3wj5wikxeld333g2ptsc7rxn?xsbkvhcxfzjlmocpcyvpnrjsretgegby2717374538688782003044210682881066d9gowf9tbf3cb8k8ouw2tmqcoyce1tu306
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6IndVd2labWdCMExCZkRmR296dnI3R1E9PSIsInZhbHVlIjoieHFBbFo5LzdHMnNKL0JSRWU0ejloMzlCVlgzWWRHZGU1TFhxQnNPT2k4NjlvQWZvekt4aWxWSDRhNnhiMUZGemxGTWdzdkxCaFJBekJCSFl5TTBWQ1JxUnY3ZTk1UnE0ZTF6dWlpTGdSR0wyUTg1d0w1MldJcEt4S1RrTm5vSHYiLCJtYWMiOiI1ZTE3MzE1ZGIyOTQ5NjY1MzBkMGM4NGFlNGIwMjg1Nzk1ZDk5YWU5ZjhlOGRmYWQ5NDEyMmMzNTlhYzE5MGUwIiwidGFnIjoiIn0%3D
cookie: laravel_session=eyJpdiI6ImlPd2lIOFVWU29qa0pVdkl1Y1FOU3c9PSIsInZhbHVlIjoiVHVWb3BIQTNNQmZ4S0p0M0l4ak56OHZjMDlndXkzSkYydy9vMk5oTEdRRHdCaVJUdTlQR0d1b2lSSDIyVjU3TTBZZUJYVHNjU011RS9hL3BybXNhSW5JUFdnSWM0dlFVTXVudEZ5Njl1VkZ3bXRBTW9JMVNNL21nc29kdEtyV2UiLCJtYWMiOiIxNTYyMzFjMGYxMmM2MTFiZjgzYmU2NDVkMjNmMDM2NTE1NDhhNjNiZjA5MDNmNjIzMWY5ODcxNDRmZmY5YmY2IiwidGFnIjoiIn0%3D

Response

HTTP/2.0 200

date: Thu, 22 Aug 2024 16:18:07 GMT
content-type: font/woff2
content-length: 28000
content-disposition: inline; filename="pq8Tk403hu340SJUuv40"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xj%2FMXbT9iBaZXF4ELUTTWRddqH1Tv7dW5fEE1Btob6uHkKVAu5E9MNc0uW0Qa7jKgNbpPiobZJlDPey86F689xY44koCZJtGq6OBiDr1cIBR0THONjFu%2FfUehHqf6g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server: cloudflare
cf-ray: 8b742d4dade37713-LHR
GET

https://fsbtv.contempi.su/12sWJ0YWJx56O4bop50

msedge.exe

Remote address:

104.21.55.27:443

Request

GET /12sWJ0YWJx56O4bop50 HTTP/2.0
host: fsbtv.contempi.su
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://fsbtv.contempi.su
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://fsbtv.contempi.su/mxqxpuzhtczeukcyueislqrdnmuhnapo6689250660031690988124331668524956xtgppvwolh3wj5wikxeld333g2ptsc7rxn?xsbkvhcxfzjlmocpcyvpnrjsretgegby2717374538688782003044210682881066d9gowf9tbf3cb8k8ouw2tmqcoyce1tu306
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6IndVd2labWdCMExCZkRmR296dnI3R1E9PSIsInZhbHVlIjoieHFBbFo5LzdHMnNKL0JSRWU0ejloMzlCVlgzWWRHZGU1TFhxQnNPT2k4NjlvQWZvekt4aWxWSDRhNnhiMUZGemxGTWdzdkxCaFJBekJCSFl5TTBWQ1JxUnY3ZTk1UnE0ZTF6dWlpTGdSR0wyUTg1d0w1MldJcEt4S1RrTm5vSHYiLCJtYWMiOiI1ZTE3MzE1ZGIyOTQ5NjY1MzBkMGM4NGFlNGIwMjg1Nzk1ZDk5YWU5ZjhlOGRmYWQ5NDEyMmMzNTlhYzE5MGUwIiwidGFnIjoiIn0%3D
cookie: laravel_session=eyJpdiI6ImlPd2lIOFVWU29qa0pVdkl1Y1FOU3c9PSIsInZhbHVlIjoiVHVWb3BIQTNNQmZ4S0p0M0l4ak56OHZjMDlndXkzSkYydy9vMk5oTEdRRHdCaVJUdTlQR0d1b2lSSDIyVjU3TTBZZUJYVHNjU011RS9hL3BybXNhSW5JUFdnSWM0dlFVTXVudEZ5Njl1VkZ3bXRBTW9JMVNNL21nc29kdEtyV2UiLCJtYWMiOiIxNTYyMzFjMGYxMmM2MTFiZjgzYmU2NDVkMjNmMDM2NTE1NDhhNjNiZjA5MDNmNjIzMWY5ODcxNDRmZmY5YmY2IiwidGFnIjoiIn0%3D

Response

HTTP/2.0 200

date: Thu, 22 Aug 2024 16:18:08 GMT
content-type: font/woff2
content-length: 93276
content-disposition: inline; filename="efD9TamDa6gtksfI99EJH56hElxD8OKlomn100"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=npIJFUQvXbCSpWEHilQ7A7lg9MSb%2BEeV8uzU0yboFLmm0M8F6riKhPZGw8niXkD6u%2FoYjE39wctrhlWqwWkOYXyXoZ55CvM3jIesZEU7g9xapAu%2BV0eWxICt2H0dew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server: cloudflare
cf-ray: 8b742d4dadee7713-LHR
GET

https://fsbtv.contempi.su/78KFrt2VUEr9LXtR674jo9Tx2st60

msedge.exe

Remote address:

104.21.55.27:443

Request

GET /78KFrt2VUEr9LXtR674jo9Tx2st60 HTTP/2.0
host: fsbtv.contempi.su
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://fsbtv.contempi.su
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://fsbtv.contempi.su/mxqxpuzhtczeukcyueislqrdnmuhnapo6689250660031690988124331668524956xtgppvwolh3wj5wikxeld333g2ptsc7rxn?xsbkvhcxfzjlmocpcyvpnrjsretgegby2717374538688782003044210682881066d9gowf9tbf3cb8k8ouw2tmqcoyce1tu306
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6IndVd2labWdCMExCZkRmR296dnI3R1E9PSIsInZhbHVlIjoieHFBbFo5LzdHMnNKL0JSRWU0ejloMzlCVlgzWWRHZGU1TFhxQnNPT2k4NjlvQWZvekt4aWxWSDRhNnhiMUZGemxGTWdzdkxCaFJBekJCSFl5TTBWQ1JxUnY3ZTk1UnE0ZTF6dWlpTGdSR0wyUTg1d0w1MldJcEt4S1RrTm5vSHYiLCJtYWMiOiI1ZTE3MzE1ZGIyOTQ5NjY1MzBkMGM4NGFlNGIwMjg1Nzk1ZDk5YWU5ZjhlOGRmYWQ5NDEyMmMzNTlhYzE5MGUwIiwidGFnIjoiIn0%3D
cookie: laravel_session=eyJpdiI6ImlPd2lIOFVWU29qa0pVdkl1Y1FOU3c9PSIsInZhbHVlIjoiVHVWb3BIQTNNQmZ4S0p0M0l4ak56OHZjMDlndXkzSkYydy9vMk5oTEdRRHdCaVJUdTlQR0d1b2lSSDIyVjU3TTBZZUJYVHNjU011RS9hL3BybXNhSW5JUFdnSWM0dlFVTXVudEZ5Njl1VkZ3bXRBTW9JMVNNL21nc29kdEtyV2UiLCJtYWMiOiIxNTYyMzFjMGYxMmM2MTFiZjgzYmU2NDVkMjNmMDM2NTE1NDhhNjNiZjA5MDNmNjIzMWY5ODcxNDRmZmY5YmY2IiwidGFnIjoiIn0%3D

Response

HTTP/2.0 200

date: Thu, 22 Aug 2024 16:18:08 GMT
content-type: font/woff
content-length: 36696
content-disposition: inline; filename="45tVyWIy7e3hydbabw37Q63iMcvw70"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9mUw%2FkhJwXoKJD0wfdV540%2FkrrDfvnissb8Dk0nG0DiX7pWApHD6cIOczyjLu3s%2FnBgJtRVU2fZOkS70i7muB18Y3D99zLXgOKoMF3%2FnqkvI1aFaBV8HxsXgIDnWVw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server: cloudflare
cf-ray: 8b742d4dade87713-LHR
GET

https://fsbtv.contempi.su/45tVyWIy7e3hydbabw37Q63iMcvw70

msedge.exe

Remote address:

104.21.55.27:443

Request

GET /45tVyWIy7e3hydbabw37Q63iMcvw70 HTTP/2.0
host: fsbtv.contempi.su
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://fsbtv.contempi.su
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://fsbtv.contempi.su/mxqxpuzhtczeukcyueislqrdnmuhnapo6689250660031690988124331668524956xtgppvwolh3wj5wikxeld333g2ptsc7rxn?xsbkvhcxfzjlmocpcyvpnrjsretgegby2717374538688782003044210682881066d9gowf9tbf3cb8k8ouw2tmqcoyce1tu306
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6IndVd2labWdCMExCZkRmR296dnI3R1E9PSIsInZhbHVlIjoieHFBbFo5LzdHMnNKL0JSRWU0ejloMzlCVlgzWWRHZGU1TFhxQnNPT2k4NjlvQWZvekt4aWxWSDRhNnhiMUZGemxGTWdzdkxCaFJBekJCSFl5TTBWQ1JxUnY3ZTk1UnE0ZTF6dWlpTGdSR0wyUTg1d0w1MldJcEt4S1RrTm5vSHYiLCJtYWMiOiI1ZTE3MzE1ZGIyOTQ5NjY1MzBkMGM4NGFlNGIwMjg1Nzk1ZDk5YWU5ZjhlOGRmYWQ5NDEyMmMzNTlhYzE5MGUwIiwidGFnIjoiIn0%3D
cookie: laravel_session=eyJpdiI6ImlPd2lIOFVWU29qa0pVdkl1Y1FOU3c9PSIsInZhbHVlIjoiVHVWb3BIQTNNQmZ4S0p0M0l4ak56OHZjMDlndXkzSkYydy9vMk5oTEdRRHdCaVJUdTlQR0d1b2lSSDIyVjU3TTBZZUJYVHNjU011RS9hL3BybXNhSW5JUFdnSWM0dlFVTXVudEZ5Njl1VkZ3bXRBTW9JMVNNL21nc29kdEtyV2UiLCJtYWMiOiIxNTYyMzFjMGYxMmM2MTFiZjgzYmU2NDVkMjNmMDM2NTE1NDhhNjNiZjA5MDNmNjIzMWY5ODcxNDRmZmY5YmY2IiwidGFnIjoiIn0%3D

Response

HTTP/2.0 200

date: Thu, 22 Aug 2024 16:18:08 GMT
content-type: text/css;charset=UTF-8
content-disposition: inline; filename="aba9mxy6FXoaIWrsjIgh24"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UGyLDRsU%2FJzY2RhIj2EmKvmGO2ZN06Mfk%2FBsugg5WjEuxhjiB21vAw6ikEhDYWBotXHPj78WtRGHV5B8ZYqfaa4t%2BlzCYBFKKXMWRim9CZ8kS4Xc5vR6lcwqCmnU8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server: cloudflare
cf-ray: 8b742d4dade17713-LHR
content-encoding: br
GET

https://fsbtv.contempi.su/89tTX3SP4cn3680cAeftRt8ykDab74

msedge.exe

Remote address:

104.21.55.27:443

Request

GET /89tTX3SP4cn3680cAeftRt8ykDab74 HTTP/2.0
host: fsbtv.contempi.su
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://fsbtv.contempi.su
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://fsbtv.contempi.su/mxqxpuzhtczeukcyueislqrdnmuhnapo6689250660031690988124331668524956xtgppvwolh3wj5wikxeld333g2ptsc7rxn?xsbkvhcxfzjlmocpcyvpnrjsretgegby2717374538688782003044210682881066d9gowf9tbf3cb8k8ouw2tmqcoyce1tu306
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6IndVd2labWdCMExCZkRmR296dnI3R1E9PSIsInZhbHVlIjoieHFBbFo5LzdHMnNKL0JSRWU0ejloMzlCVlgzWWRHZGU1TFhxQnNPT2k4NjlvQWZvekt4aWxWSDRhNnhiMUZGemxGTWdzdkxCaFJBekJCSFl5TTBWQ1JxUnY3ZTk1UnE0ZTF6dWlpTGdSR0wyUTg1d0w1MldJcEt4S1RrTm5vSHYiLCJtYWMiOiI1ZTE3MzE1ZGIyOTQ5NjY1MzBkMGM4NGFlNGIwMjg1Nzk1ZDk5YWU5ZjhlOGRmYWQ5NDEyMmMzNTlhYzE5MGUwIiwidGFnIjoiIn0%3D
cookie: laravel_session=eyJpdiI6ImlPd2lIOFVWU29qa0pVdkl1Y1FOU3c9PSIsInZhbHVlIjoiVHVWb3BIQTNNQmZ4S0p0M0l4ak56OHZjMDlndXkzSkYydy9vMk5oTEdRRHdCaVJUdTlQR0d1b2lSSDIyVjU3TTBZZUJYVHNjU011RS9hL3BybXNhSW5JUFdnSWM0dlFVTXVudEZ5Njl1VkZ3bXRBTW9JMVNNL21nc29kdEtyV2UiLCJtYWMiOiIxNTYyMzFjMGYxMmM2MTFiZjgzYmU2NDVkMjNmMDM2NTE1NDhhNjNiZjA5MDNmNjIzMWY5ODcxNDRmZmY5YmY2IiwidGFnIjoiIn0%3D

Response

HTTP/2.0 200

date: Thu, 22 Aug 2024 16:18:08 GMT
content-type: font/woff2
content-length: 28584
content-disposition: inline; filename="78KFrt2VUEr9LXtR674jo9Tx2st60"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CSMnAkDO0jfQ8tDu0vX%2BdFvy29Qndps%2Ba6dT1EDKBzkLQq%2BqpT6cyrEQHAVAHG758YaHnFs7nHfJ65q%2BD8qshxzD5BfVCZ4x6YwhR68Dovm9b4aLB%2FCrx%2Bqv%2BJnbBw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server: cloudflare
cf-ray: 8b742d4dade67713-LHR
GET

https://fsbtv.contempi.su/efD9TamDa6gtksfI99EJH56hElxD8OKlomn100

msedge.exe

Remote address:

104.21.55.27:443

Request

GET /efD9TamDa6gtksfI99EJH56hElxD8OKlomn100 HTTP/2.0
host: fsbtv.contempi.su
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://fsbtv.contempi.su
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://fsbtv.contempi.su/mxqxpuzhtczeukcyueislqrdnmuhnapo6689250660031690988124331668524956xtgppvwolh3wj5wikxeld333g2ptsc7rxn?xsbkvhcxfzjlmocpcyvpnrjsretgegby2717374538688782003044210682881066d9gowf9tbf3cb8k8ouw2tmqcoyce1tu306
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6IndVd2labWdCMExCZkRmR296dnI3R1E9PSIsInZhbHVlIjoieHFBbFo5LzdHMnNKL0JSRWU0ejloMzlCVlgzWWRHZGU1TFhxQnNPT2k4NjlvQWZvekt4aWxWSDRhNnhiMUZGemxGTWdzdkxCaFJBekJCSFl5TTBWQ1JxUnY3ZTk1UnE0ZTF6dWlpTGdSR0wyUTg1d0w1MldJcEt4S1RrTm5vSHYiLCJtYWMiOiI1ZTE3MzE1ZGIyOTQ5NjY1MzBkMGM4NGFlNGIwMjg1Nzk1ZDk5YWU5ZjhlOGRmYWQ5NDEyMmMzNTlhYzE5MGUwIiwidGFnIjoiIn0%3D
cookie: laravel_session=eyJpdiI6ImlPd2lIOFVWU29qa0pVdkl1Y1FOU3c9PSIsInZhbHVlIjoiVHVWb3BIQTNNQmZ4S0p0M0l4ak56OHZjMDlndXkzSkYydy9vMk5oTEdRRHdCaVJUdTlQR0d1b2lSSDIyVjU3TTBZZUJYVHNjU011RS9hL3BybXNhSW5JUFdnSWM0dlFVTXVudEZ5Njl1VkZ3bXRBTW9JMVNNL21nc29kdEtyV2UiLCJtYWMiOiIxNTYyMzFjMGYxMmM2MTFiZjgzYmU2NDVkMjNmMDM2NTE1NDhhNjNiZjA5MDNmNjIzMWY5ODcxNDRmZmY5YmY2IiwidGFnIjoiIn0%3D

Response

HTTP/2.0 200

date: Thu, 22 Aug 2024 16:18:08 GMT
content-type: font/woff2
content-length: 43596
content-disposition: inline; filename="89tTX3SP4cn3680cAeftRt8ykDab74"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nNfiq%2BablbPwQ5dFd7GNVnmCJb1e9y5DysnSlUbBbsFIQYAXrBQid96t4ROdDBbILYIkhDcBH5QNBEsMoO2OX2vBS8cn7iCavhVhByZp0PK0d3aL32TxFs57r3oRHA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server: cloudflare
cf-ray: 8b742d4dadea7713-LHR
GET

https://fsbtv.contempi.su/56PN3L2NgPL4a4ZrsmkMVNaJooikliRQAneVPx967102

msedge.exe

Remote address:

104.21.55.27:443

Request

GET /56PN3L2NgPL4a4ZrsmkMVNaJooikliRQAneVPx967102 HTTP/2.0
host: fsbtv.contempi.su
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://fsbtv.contempi.su/mxqxpuzhtczeukcyueislqrdnmuhnapo6689250660031690988124331668524956xtgppvwolh3wj5wikxeld333g2ptsc7rxn?xsbkvhcxfzjlmocpcyvpnrjsretgegby2717374538688782003044210682881066d9gowf9tbf3cb8k8ouw2tmqcoyce1tu306
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6IndVd2labWdCMExCZkRmR296dnI3R1E9PSIsInZhbHVlIjoieHFBbFo5LzdHMnNKL0JSRWU0ejloMzlCVlgzWWRHZGU1TFhxQnNPT2k4NjlvQWZvekt4aWxWSDRhNnhiMUZGemxGTWdzdkxCaFJBekJCSFl5TTBWQ1JxUnY3ZTk1UnE0ZTF6dWlpTGdSR0wyUTg1d0w1MldJcEt4S1RrTm5vSHYiLCJtYWMiOiI1ZTE3MzE1ZGIyOTQ5NjY1MzBkMGM4NGFlNGIwMjg1Nzk1ZDk5YWU5ZjhlOGRmYWQ5NDEyMmMzNTlhYzE5MGUwIiwidGFnIjoiIn0%3D
cookie: laravel_session=eyJpdiI6ImlPd2lIOFVWU29qa0pVdkl1Y1FOU3c9PSIsInZhbHVlIjoiVHVWb3BIQTNNQmZ4S0p0M0l4ak56OHZjMDlndXkzSkYydy9vMk5oTEdRRHdCaVJUdTlQR0d1b2lSSDIyVjU3TTBZZUJYVHNjU011RS9hL3BybXNhSW5JUFdnSWM0dlFVTXVudEZ5Njl1VkZ3bXRBTW9JMVNNL21nc29kdEtyV2UiLCJtYWMiOiIxNTYyMzFjMGYxMmM2MTFiZjgzYmU2NDVkMjNmMDM2NTE1NDhhNjNiZjA5MDNmNjIzMWY5ODcxNDRmZmY5YmY2IiwidGFnIjoiIn0%3D

Response

HTTP/2.0 200

date: Thu, 22 Aug 2024 16:18:09 GMT
content-type: image/png
content-length: 49602
content-disposition: inline; filename="ghfBeIxfIREmlzumBUTim94ORzMRfklkprxVo3vcY5A6aZE3qZ9TYylef206"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IJ1EoZNuF0p9llJbttdSRxL6TwMOizl8VIW3CNFwTtB2uSn5TVfPjr%2BDuEASCtjuGS%2BFM8jGY4%2FGwoXaDDlJcbAb1upGniFRV3iGc6NF1uDe4pLKK3I103WFBpyxkw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server: cloudflare
cf-ray: 8b742d5779e47713-LHR
GET

https://fsbtv.contempi.su/dePwgKGp7peUBhHXJ0CNxJoeaTHy5NP7dCJdjTA6tYnqIzneOpQvgp9K4mnJ86U45zjIgDDcgBKv7mkyuRRVrcrOBx9Np6pl0F5KaNqbnN6A01Kcd665

msedge.exe

Remote address:

104.21.55.27:443

Request

GET /dePwgKGp7peUBhHXJ0CNxJoeaTHy5NP7dCJdjTA6tYnqIzneOpQvgp9K4mnJ86U45zjIgDDcgBKv7mkyuRRVrcrOBx9Np6pl0F5KaNqbnN6A01Kcd665 HTTP/2.0
host: fsbtv.contempi.su
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://fsbtv.contempi.su/mxqxpuzhtczeukcyueislqrdnmuhnapo6689250660031690988124331668524956xtgppvwolh3wj5wikxeld333g2ptsc7rxn?xsbkvhcxfzjlmocpcyvpnrjsretgegby2717374538688782003044210682881066d9gowf9tbf3cb8k8ouw2tmqcoyce1tu306
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6IndVd2labWdCMExCZkRmR296dnI3R1E9PSIsInZhbHVlIjoieHFBbFo5LzdHMnNKL0JSRWU0ejloMzlCVlgzWWRHZGU1TFhxQnNPT2k4NjlvQWZvekt4aWxWSDRhNnhiMUZGemxGTWdzdkxCaFJBekJCSFl5TTBWQ1JxUnY3ZTk1UnE0ZTF6dWlpTGdSR0wyUTg1d0w1MldJcEt4S1RrTm5vSHYiLCJtYWMiOiI1ZTE3MzE1ZGIyOTQ5NjY1MzBkMGM4NGFlNGIwMjg1Nzk1ZDk5YWU5ZjhlOGRmYWQ5NDEyMmMzNTlhYzE5MGUwIiwidGFnIjoiIn0%3D
cookie: laravel_session=eyJpdiI6ImlPd2lIOFVWU29qa0pVdkl1Y1FOU3c9PSIsInZhbHVlIjoiVHVWb3BIQTNNQmZ4S0p0M0l4ak56OHZjMDlndXkzSkYydy9vMk5oTEdRRHdCaVJUdTlQR0d1b2lSSDIyVjU3TTBZZUJYVHNjU011RS9hL3BybXNhSW5JUFdnSWM0dlFVTXVudEZ5Njl1VkZ3bXRBTW9JMVNNL21nc29kdEtyV2UiLCJtYWMiOiIxNTYyMzFjMGYxMmM2MTFiZjgzYmU2NDVkMjNmMDM2NTE1NDhhNjNiZjA5MDNmNjIzMWY5ODcxNDRmZmY5YmY2IiwidGFnIjoiIn0%3D

Response

HTTP/2.0 200

date: Thu, 22 Aug 2024 16:18:09 GMT
content-type: image/png
content-length: 70712
content-disposition: inline; filename="uvFRaRwxOneUXrxB9Un9JY0ZONghzKX0HQgDEZOd6zMT156I7j845zpjWp1N5oxg6haF7J0G7ajRkef253"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YBJCi1PPNekDy1zf%2Fn078LQO8c1GUBpeEFywQcImR9t6xw06ZnphnHz2zm5rkTN2%2FaHiwgFyRrUsoBhUwP3S9C8r9PwhqePgFJT30COHZ9Z7%2FIL%2B%2Bbv0GgiTPK6CNg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server: cloudflare
cf-ray: 8b742d5779ea7713-LHR
GET

https://fsbtv.contempi.su/uvI3CtR5Surtlf5F2aITuEwkoDNQR8qrZIDZi4bne1k5p12130

msedge.exe

Remote address:

104.21.55.27:443

Request

GET /uvI3CtR5Surtlf5F2aITuEwkoDNQR8qrZIDZi4bne1k5p12130 HTTP/2.0
host: fsbtv.contempi.su
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://fsbtv.contempi.su/mxqxpuzhtczeukcyueislqrdnmuhnapo6689250660031690988124331668524956xtgppvwolh3wj5wikxeld333g2ptsc7rxn?xsbkvhcxfzjlmocpcyvpnrjsretgegby2717374538688782003044210682881066d9gowf9tbf3cb8k8ouw2tmqcoyce1tu306
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6IndVd2labWdCMExCZkRmR296dnI3R1E9PSIsInZhbHVlIjoieHFBbFo5LzdHMnNKL0JSRWU0ejloMzlCVlgzWWRHZGU1TFhxQnNPT2k4NjlvQWZvekt4aWxWSDRhNnhiMUZGemxGTWdzdkxCaFJBekJCSFl5TTBWQ1JxUnY3ZTk1UnE0ZTF6dWlpTGdSR0wyUTg1d0w1MldJcEt4S1RrTm5vSHYiLCJtYWMiOiI1ZTE3MzE1ZGIyOTQ5NjY1MzBkMGM4NGFlNGIwMjg1Nzk1ZDk5YWU5ZjhlOGRmYWQ5NDEyMmMzNTlhYzE5MGUwIiwidGFnIjoiIn0%3D
cookie: laravel_session=eyJpdiI6ImlPd2lIOFVWU29qa0pVdkl1Y1FOU3c9PSIsInZhbHVlIjoiVHVWb3BIQTNNQmZ4S0p0M0l4ak56OHZjMDlndXkzSkYydy9vMk5oTEdRRHdCaVJUdTlQR0d1b2lSSDIyVjU3TTBZZUJYVHNjU011RS9hL3BybXNhSW5JUFdnSWM0dlFVTXVudEZ5Njl1VkZ3bXRBTW9JMVNNL21nc29kdEtyV2UiLCJtYWMiOiIxNTYyMzFjMGYxMmM2MTFiZjgzYmU2NDVkMjNmMDM2NTE1NDhhNjNiZjA5MDNmNjIzMWY5ODcxNDRmZmY5YmY2IiwidGFnIjoiIn0%3D

Response

HTTP/2.0 200

date: Thu, 22 Aug 2024 16:18:09 GMT
content-type: image/png
content-length: 231
content-disposition: inline; filename="uvI3CtR5Surtlf5F2aITuEwkoDNQR8qrZIDZi4bne1k5p12130"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DUj%2F2Wm3mgtX7v804iHBcEi8ydRvuQKP1Qs1WgFRjY%2FBLGrUi09qSPHHW63QGOrWVQniaLQ4YYdK2wKbDrXYpe4wP0UHqlL4VE6N8nAjzycUizaIxfhXhMtzNFUTow%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server: cloudflare
cf-ray: 8b742d5779d37713-LHR
GET

https://fsbtv.contempi.su/qrS0DrTAZlMuHjtV8nsViOXfUTghzfNjqenOnVt45140

msedge.exe

Remote address:

104.21.55.27:443

Request

GET /qrS0DrTAZlMuHjtV8nsViOXfUTghzfNjqenOnVt45140 HTTP/2.0
host: fsbtv.contempi.su
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://fsbtv.contempi.su/mxqxpuzhtczeukcyueislqrdnmuhnapo6689250660031690988124331668524956xtgppvwolh3wj5wikxeld333g2ptsc7rxn?xsbkvhcxfzjlmocpcyvpnrjsretgegby2717374538688782003044210682881066d9gowf9tbf3cb8k8ouw2tmqcoyce1tu306
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6IndVd2labWdCMExCZkRmR296dnI3R1E9PSIsInZhbHVlIjoieHFBbFo5LzdHMnNKL0JSRWU0ejloMzlCVlgzWWRHZGU1TFhxQnNPT2k4NjlvQWZvekt4aWxWSDRhNnhiMUZGemxGTWdzdkxCaFJBekJCSFl5TTBWQ1JxUnY3ZTk1UnE0ZTF6dWlpTGdSR0wyUTg1d0w1MldJcEt4S1RrTm5vSHYiLCJtYWMiOiI1ZTE3MzE1ZGIyOTQ5NjY1MzBkMGM4NGFlNGIwMjg1Nzk1ZDk5YWU5ZjhlOGRmYWQ5NDEyMmMzNTlhYzE5MGUwIiwidGFnIjoiIn0%3D
cookie: laravel_session=eyJpdiI6ImlPd2lIOFVWU29qa0pVdkl1Y1FOU3c9PSIsInZhbHVlIjoiVHVWb3BIQTNNQmZ4S0p0M0l4ak56OHZjMDlndXkzSkYydy9vMk5oTEdRRHdCaVJUdTlQR0d1b2lSSDIyVjU3TTBZZUJYVHNjU011RS9hL3BybXNhSW5JUFdnSWM0dlFVTXVudEZ5Njl1VkZ3bXRBTW9JMVNNL21nc29kdEtyV2UiLCJtYWMiOiIxNTYyMzFjMGYxMmM2MTFiZjgzYmU2NDVkMjNmMDM2NTE1NDhhNjNiZjA5MDNmNjIzMWY5ODcxNDRmZmY5YmY2IiwidGFnIjoiIn0%3D

Response

HTTP/2.0 200

date: Thu, 22 Aug 2024 16:18:09 GMT
content-type: image/png
content-length: 29796
content-disposition: inline; filename="opMnwd6tKZDr6ncBghLlSqMi33KGJUZgcuJNTgnQV5DAbbJuvmQOXA9jjn4qWJLDsBmo4vQef240"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q7os054PPVTt83ypUOFVzfZMz4TUE9MYlB9b9dd18AsOuKlb9SyAnFuwrJiwuO7m%2BAiHkbDPdEJhEyzH1gugV9sZ1wlZ%2Bhvx%2Ff7DoSHMt1G2iPY8Z6Smh011a7UTUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server: cloudflare
cf-ray: 8b742d5779e67713-LHR
GET

https://fsbtv.contempi.su/mnCgaNsRq14MxM7d8MolklYZqHoOUBBMdorNj90143

msedge.exe

Remote address:

104.21.55.27:443

Request

GET /mnCgaNsRq14MxM7d8MolklYZqHoOUBBMdorNj90143 HTTP/2.0
host: fsbtv.contempi.su
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://fsbtv.contempi.su/mxqxpuzhtczeukcyueislqrdnmuhnapo6689250660031690988124331668524956xtgppvwolh3wj5wikxeld333g2ptsc7rxn?xsbkvhcxfzjlmocpcyvpnrjsretgegby2717374538688782003044210682881066d9gowf9tbf3cb8k8ouw2tmqcoyce1tu306
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6IndVd2labWdCMExCZkRmR296dnI3R1E9PSIsInZhbHVlIjoieHFBbFo5LzdHMnNKL0JSRWU0ejloMzlCVlgzWWRHZGU1TFhxQnNPT2k4NjlvQWZvekt4aWxWSDRhNnhiMUZGemxGTWdzdkxCaFJBekJCSFl5TTBWQ1JxUnY3ZTk1UnE0ZTF6dWlpTGdSR0wyUTg1d0w1MldJcEt4S1RrTm5vSHYiLCJtYWMiOiI1ZTE3MzE1ZGIyOTQ5NjY1MzBkMGM4NGFlNGIwMjg1Nzk1ZDk5YWU5ZjhlOGRmYWQ5NDEyMmMzNTlhYzE5MGUwIiwidGFnIjoiIn0%3D
cookie: laravel_session=eyJpdiI6ImlPd2lIOFVWU29qa0pVdkl1Y1FOU3c9PSIsInZhbHVlIjoiVHVWb3BIQTNNQmZ4S0p0M0l4ak56OHZjMDlndXkzSkYydy9vMk5oTEdRRHdCaVJUdTlQR0d1b2lSSDIyVjU3TTBZZUJYVHNjU011RS9hL3BybXNhSW5JUFdnSWM0dlFVTXVudEZ5Njl1VkZ3bXRBTW9JMVNNL21nc29kdEtyV2UiLCJtYWMiOiIxNTYyMzFjMGYxMmM2MTFiZjgzYmU2NDVkMjNmMDM2NTE1NDhhNjNiZjA5MDNmNjIzMWY5ODcxNDRmZmY5YmY2IiwidGFnIjoiIn0%3D

Response

HTTP/2.0 200

date: Thu, 22 Aug 2024 16:18:09 GMT
content-type: image/svg+xml
content-disposition: inline; filename="wxlSizymGI7YgQwAs1795pAZpiqLWVi1Obnz9CNQrsQQ5AJo1qY6hhUZO33sab180"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FC2tnj4FQLLjSlrBCZMoVvds541faNBli5Q7iyFhmo4JgBM6KiA3FMeCCitX9ggcV5OKf5sJbXXKFI6gh5xib3pFy5eu560AnsYdYFDPVL4SQLSIUx6uwQjn5dP%2F9g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server: cloudflare
cf-ray: 8b742d5779e07713-LHR
content-encoding: br
GET

https://fsbtv.contempi.su/ijLAJrwMnIeqkX68PJocgoxqwpFcdsgc44mzTAzKh68Na56170

msedge.exe

Remote address:

104.21.55.27:443

Request

GET /ijLAJrwMnIeqkX68PJocgoxqwpFcdsgc44mzTAzKh68Na56170 HTTP/2.0
host: fsbtv.contempi.su
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://fsbtv.contempi.su/mxqxpuzhtczeukcyueislqrdnmuhnapo6689250660031690988124331668524956xtgppvwolh3wj5wikxeld333g2ptsc7rxn?xsbkvhcxfzjlmocpcyvpnrjsretgegby2717374538688782003044210682881066d9gowf9tbf3cb8k8ouw2tmqcoyce1tu306
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6IndVd2labWdCMExCZkRmR296dnI3R1E9PSIsInZhbHVlIjoieHFBbFo5LzdHMnNKL0JSRWU0ejloMzlCVlgzWWRHZGU1TFhxQnNPT2k4NjlvQWZvekt4aWxWSDRhNnhiMUZGemxGTWdzdkxCaFJBekJCSFl5TTBWQ1JxUnY3ZTk1UnE0ZTF6dWlpTGdSR0wyUTg1d0w1MldJcEt4S1RrTm5vSHYiLCJtYWMiOiI1ZTE3MzE1ZGIyOTQ5NjY1MzBkMGM4NGFlNGIwMjg1Nzk1ZDk5YWU5ZjhlOGRmYWQ5NDEyMmMzNTlhYzE5MGUwIiwidGFnIjoiIn0%3D
cookie: laravel_session=eyJpdiI6ImlPd2lIOFVWU29qa0pVdkl1Y1FOU3c9PSIsInZhbHVlIjoiVHVWb3BIQTNNQmZ4S0p0M0l4ak56OHZjMDlndXkzSkYydy9vMk5oTEdRRHdCaVJUdTlQR0d1b2lSSDIyVjU3TTBZZUJYVHNjU011RS9hL3BybXNhSW5JUFdnSWM0dlFVTXVudEZ5Njl1VkZ3bXRBTW9JMVNNL21nc29kdEtyV2UiLCJtYWMiOiIxNTYyMzFjMGYxMmM2MTFiZjgzYmU2NDVkMjNmMDM2NTE1NDhhNjNiZjA5MDNmNjIzMWY5ODcxNDRmZmY5YmY2IiwidGFnIjoiIn0%3D

Response

HTTP/2.0 200

date: Thu, 22 Aug 2024 16:18:09 GMT
content-type: image/svg+xml
content-disposition: inline; filename="rs1knMQFQ5EK5V19h75YbG9FOkHSoqbSijpaew61Qgo0mQOSs9T8p5S9XSLIyz20ef193"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y5y%2FIrp0N%2BMKQfHFv9tCUUmEJELLRbC8u2IHBV1sn5coVjP5kl5ssuQ26QyCj%2FGavYNeJtx%2BCpmKn72isgzmUkgJgMFAAn%2BM8RBP%2FweleyI66Dj89FuEM5XB6kzFoA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server: cloudflare
cf-ray: 8b742d5779e27713-LHR
content-encoding: br
GET

https://fsbtv.contempi.su/wxlSizymGI7YgQwAs1795pAZpiqLWVi1Obnz9CNQrsQQ5AJo1qY6hhUZO33sab180

msedge.exe

Remote address:

104.21.55.27:443

Request

GET /wxlSizymGI7YgQwAs1795pAZpiqLWVi1Obnz9CNQrsQQ5AJo1qY6hhUZO33sab180 HTTP/2.0
host: fsbtv.contempi.su
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://fsbtv.contempi.su/mxqxpuzhtczeukcyueislqrdnmuhnapo6689250660031690988124331668524956xtgppvwolh3wj5wikxeld333g2ptsc7rxn?xsbkvhcxfzjlmocpcyvpnrjsretgegby2717374538688782003044210682881066d9gowf9tbf3cb8k8ouw2tmqcoyce1tu306
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6IndVd2labWdCMExCZkRmR296dnI3R1E9PSIsInZhbHVlIjoieHFBbFo5LzdHMnNKL0JSRWU0ejloMzlCVlgzWWRHZGU1TFhxQnNPT2k4NjlvQWZvekt4aWxWSDRhNnhiMUZGemxGTWdzdkxCaFJBekJCSFl5TTBWQ1JxUnY3ZTk1UnE0ZTF6dWlpTGdSR0wyUTg1d0w1MldJcEt4S1RrTm5vSHYiLCJtYWMiOiI1ZTE3MzE1ZGIyOTQ5NjY1MzBkMGM4NGFlNGIwMjg1Nzk1ZDk5YWU5ZjhlOGRmYWQ5NDEyMmMzNTlhYzE5MGUwIiwidGFnIjoiIn0%3D
cookie: laravel_session=eyJpdiI6ImlPd2lIOFVWU29qa0pVdkl1Y1FOU3c9PSIsInZhbHVlIjoiVHVWb3BIQTNNQmZ4S0p0M0l4ak56OHZjMDlndXkzSkYydy9vMk5oTEdRRHdCaVJUdTlQR0d1b2lSSDIyVjU3TTBZZUJYVHNjU011RS9hL3BybXNhSW5JUFdnSWM0dlFVTXVudEZ5Njl1VkZ3bXRBTW9JMVNNL21nc29kdEtyV2UiLCJtYWMiOiIxNTYyMzFjMGYxMmM2MTFiZjgzYmU2NDVkMjNmMDM2NTE1NDhhNjNiZjA5MDNmNjIzMWY5ODcxNDRmZmY5YmY2IiwidGFnIjoiIn0%3D

Response

HTTP/2.0 200

date: Thu, 22 Aug 2024 16:18:09 GMT
content-type: application/javascript
content-disposition: inline; filename="56PN3L2NgPL4a4ZrsmkMVNaJooikliRQAneVPx967102"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BfRoa31R0Lrv7orcHeIbkhh9z%2B0D%2BSjCmGv%2FgJBQpkZAsVzTtNMqaN6UraPRHHFhcI5RJEp4BA0H%2F5ngRZQfhQE6WmKGzDzfHUYpfTbzb%2BmyloIM4d5vhsMVoQFCZg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server: cloudflare
cf-ray: 8b742d5779cc7713-LHR
content-encoding: br
GET

https://fsbtv.contempi.su/rs1knMQFQ5EK5V19h75YbG9FOkHSoqbSijpaew61Qgo0mQOSs9T8p5S9XSLIyz20ef193

msedge.exe

Remote address:

104.21.55.27:443

Request

GET /rs1knMQFQ5EK5V19h75YbG9FOkHSoqbSijpaew61Qgo0mQOSs9T8p5S9XSLIyz20ef193 HTTP/2.0
host: fsbtv.contempi.su
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://fsbtv.contempi.su/mxqxpuzhtczeukcyueislqrdnmuhnapo6689250660031690988124331668524956xtgppvwolh3wj5wikxeld333g2ptsc7rxn?xsbkvhcxfzjlmocpcyvpnrjsretgegby2717374538688782003044210682881066d9gowf9tbf3cb8k8ouw2tmqcoyce1tu306
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6IndVd2labWdCMExCZkRmR296dnI3R1E9PSIsInZhbHVlIjoieHFBbFo5LzdHMnNKL0JSRWU0ejloMzlCVlgzWWRHZGU1TFhxQnNPT2k4NjlvQWZvekt4aWxWSDRhNnhiMUZGemxGTWdzdkxCaFJBekJCSFl5TTBWQ1JxUnY3ZTk1UnE0ZTF6dWlpTGdSR0wyUTg1d0w1MldJcEt4S1RrTm5vSHYiLCJtYWMiOiI1ZTE3MzE1ZGIyOTQ5NjY1MzBkMGM4NGFlNGIwMjg1Nzk1ZDk5YWU5ZjhlOGRmYWQ5NDEyMmMzNTlhYzE5MGUwIiwidGFnIjoiIn0%3D
cookie: laravel_session=eyJpdiI6ImlPd2lIOFVWU29qa0pVdkl1Y1FOU3c9PSIsInZhbHVlIjoiVHVWb3BIQTNNQmZ4S0p0M0l4ak56OHZjMDlndXkzSkYydy9vMk5oTEdRRHdCaVJUdTlQR0d1b2lSSDIyVjU3TTBZZUJYVHNjU011RS9hL3BybXNhSW5JUFdnSWM0dlFVTXVudEZ5Njl1VkZ3bXRBTW9JMVNNL21nc29kdEtyV2UiLCJtYWMiOiIxNTYyMzFjMGYxMmM2MTFiZjgzYmU2NDVkMjNmMDM2NTE1NDhhNjNiZjA5MDNmNjIzMWY5ODcxNDRmZmY5YmY2IiwidGFnIjoiIn0%3D

Response

HTTP/2.0 200

date: Thu, 22 Aug 2024 16:18:09 GMT
content-type: image/png
content-length: 5139
content-disposition: inline; filename="dePwgKGp7peUBhHXJ0CNxJoeaTHy5NP7dCJdjTA6tYnqIzneOpQvgp9K4mnJ86U45zjIgDDcgBKv7mkyuRRVrcrOBx9Np6pl0F5KaNqbnN6A01Kcd665"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pv478p8Ek65jPDRlxxcKhR8oPFuePMziM%2BYKdcAjzZDJezdKnF79EOXMqdi348Fs693NM9Li6ufoBY4LSfDzGwXz%2BkLMXo5qbGssxuvGF%2F1UAKQ%2FVgpnQM5JB49W1A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server: cloudflare
cf-ray: 8b742d5779d17713-LHR
GET

https://fsbtv.contempi.su/ghfBeIxfIREmlzumBUTim94ORzMRfklkprxVo3vcY5A6aZE3qZ9TYylef206

msedge.exe

Remote address:

104.21.55.27:443

Request

GET /ghfBeIxfIREmlzumBUTim94ORzMRfklkprxVo3vcY5A6aZE3qZ9TYylef206 HTTP/2.0
host: fsbtv.contempi.su
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://fsbtv.contempi.su/mxqxpuzhtczeukcyueislqrdnmuhnapo6689250660031690988124331668524956xtgppvwolh3wj5wikxeld333g2ptsc7rxn?xsbkvhcxfzjlmocpcyvpnrjsretgegby2717374538688782003044210682881066d9gowf9tbf3cb8k8ouw2tmqcoyce1tu306
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6IndVd2labWdCMExCZkRmR296dnI3R1E9PSIsInZhbHVlIjoieHFBbFo5LzdHMnNKL0JSRWU0ejloMzlCVlgzWWRHZGU1TFhxQnNPT2k4NjlvQWZvekt4aWxWSDRhNnhiMUZGemxGTWdzdkxCaFJBekJCSFl5TTBWQ1JxUnY3ZTk1UnE0ZTF6dWlpTGdSR0wyUTg1d0w1MldJcEt4S1RrTm5vSHYiLCJtYWMiOiI1ZTE3MzE1ZGIyOTQ5NjY1MzBkMGM4NGFlNGIwMjg1Nzk1ZDk5YWU5ZjhlOGRmYWQ5NDEyMmMzNTlhYzE5MGUwIiwidGFnIjoiIn0%3D
cookie: laravel_session=eyJpdiI6ImlPd2lIOFVWU29qa0pVdkl1Y1FOU3c9PSIsInZhbHVlIjoiVHVWb3BIQTNNQmZ4S0p0M0l4ak56OHZjMDlndXkzSkYydy9vMk5oTEdRRHdCaVJUdTlQR0d1b2lSSDIyVjU3TTBZZUJYVHNjU011RS9hL3BybXNhSW5JUFdnSWM0dlFVTXVudEZ5Njl1VkZ3bXRBTW9JMVNNL21nc29kdEtyV2UiLCJtYWMiOiIxNTYyMzFjMGYxMmM2MTFiZjgzYmU2NDVkMjNmMDM2NTE1NDhhNjNiZjA5MDNmNjIzMWY5ODcxNDRmZmY5YmY2IiwidGFnIjoiIn0%3D

Response

HTTP/2.0 200

date: Thu, 22 Aug 2024 16:18:09 GMT
content-type: image/svg+xml
content-disposition: inline; filename="ijLAJrwMnIeqkX68PJocgoxqwpFcdsgc44mzTAzKh68Na56170"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2qaFNGAksQg5feMWVw%2Bjg5k9hKdLjFksu5n9VrJt3K4fDTZxJ4dkAzb11%2FTMYAQ8ALFWmowGM0TzAQozwezwtf2S9sqDyx9Kc5byTDWQ5E9nzsln5cA3DuCtgdECrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server: cloudflare
cf-ray: 8b742d5779dd7713-LHR
content-encoding: br
GET

https://fsbtv.contempi.su/opMnwd6tKZDr6ncBghLlSqMi33KGJUZgcuJNTgnQV5DAbbJuvmQOXA9jjn4qWJLDsBmo4vQef240

msedge.exe

Remote address:

104.21.55.27:443

Request

GET /opMnwd6tKZDr6ncBghLlSqMi33KGJUZgcuJNTgnQV5DAbbJuvmQOXA9jjn4qWJLDsBmo4vQef240 HTTP/2.0
host: fsbtv.contempi.su
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://fsbtv.contempi.su/mxqxpuzhtczeukcyueislqrdnmuhnapo6689250660031690988124331668524956xtgppvwolh3wj5wikxeld333g2ptsc7rxn?xsbkvhcxfzjlmocpcyvpnrjsretgegby2717374538688782003044210682881066d9gowf9tbf3cb8k8ouw2tmqcoyce1tu306
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6IndVd2labWdCMExCZkRmR296dnI3R1E9PSIsInZhbHVlIjoieHFBbFo5LzdHMnNKL0JSRWU0ejloMzlCVlgzWWRHZGU1TFhxQnNPT2k4NjlvQWZvekt4aWxWSDRhNnhiMUZGemxGTWdzdkxCaFJBekJCSFl5TTBWQ1JxUnY3ZTk1UnE0ZTF6dWlpTGdSR0wyUTg1d0w1MldJcEt4S1RrTm5vSHYiLCJtYWMiOiI1ZTE3MzE1ZGIyOTQ5NjY1MzBkMGM4NGFlNGIwMjg1Nzk1ZDk5YWU5ZjhlOGRmYWQ5NDEyMmMzNTlhYzE5MGUwIiwidGFnIjoiIn0%3D
cookie: laravel_session=eyJpdiI6ImlPd2lIOFVWU29qa0pVdkl1Y1FOU3c9PSIsInZhbHVlIjoiVHVWb3BIQTNNQmZ4S0p0M0l4ak56OHZjMDlndXkzSkYydy9vMk5oTEdRRHdCaVJUdTlQR0d1b2lSSDIyVjU3TTBZZUJYVHNjU011RS9hL3BybXNhSW5JUFdnSWM0dlFVTXVudEZ5Njl1VkZ3bXRBTW9JMVNNL21nc29kdEtyV2UiLCJtYWMiOiIxNTYyMzFjMGYxMmM2MTFiZjgzYmU2NDVkMjNmMDM2NTE1NDhhNjNiZjA5MDNmNjIzMWY5ODcxNDRmZmY5YmY2IiwidGFnIjoiIn0%3D

Response

HTTP/2.0 200

date: Thu, 22 Aug 2024 16:18:09 GMT
content-type: image/png
content-length: 1208
content-disposition: inline; filename="klsmji7EPdlaLGYp9EUiPPktT0yvGhwP2g117Bx6qTxoEGmG0m2fMS9mm5IYr3eFGziT43QwdnKqLC8em9noQSbrPOMacjVUDTm0onka9TIP7YI6zIEpyjnogkS8r5LKgEaFJWoVuO27Upg10tvrDFNJayz655"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SuqpZLY1RNpVCXL5BtpOl0nYdmqtHq3gvDnQOq3kWl5fr2kSl%2BG0ZC4%2FtAQiVH09rHaoJPo8A3hOm1E%2Bcmj8kAye9qXfAvSEhiWlexftDGN9IptWFmkOAX5OiwcrbA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server: cloudflare
cf-ray: 8b742d57aa1f7713-LHR
GET

https://fsbtv.contempi.su/uvFRaRwxOneUXrxB9Un9JY0ZONghzKX0HQgDEZOd6zMT156I7j845zpjWp1N5oxg6haF7J0G7ajRkef253

msedge.exe

Remote address:

104.21.55.27:443

Request

GET /uvFRaRwxOneUXrxB9Un9JY0ZONghzKX0HQgDEZOd6zMT156I7j845zpjWp1N5oxg6haF7J0G7ajRkef253 HTTP/2.0
host: fsbtv.contempi.su
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://fsbtv.contempi.su/mxqxpuzhtczeukcyueislqrdnmuhnapo6689250660031690988124331668524956xtgppvwolh3wj5wikxeld333g2ptsc7rxn?xsbkvhcxfzjlmocpcyvpnrjsretgegby2717374538688782003044210682881066d9gowf9tbf3cb8k8ouw2tmqcoyce1tu306
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6IndVd2labWdCMExCZkRmR296dnI3R1E9PSIsInZhbHVlIjoieHFBbFo5LzdHMnNKL0JSRWU0ejloMzlCVlgzWWRHZGU1TFhxQnNPT2k4NjlvQWZvekt4aWxWSDRhNnhiMUZGemxGTWdzdkxCaFJBekJCSFl5TTBWQ1JxUnY3ZTk1UnE0ZTF6dWlpTGdSR0wyUTg1d0w1MldJcEt4S1RrTm5vSHYiLCJtYWMiOiI1ZTE3MzE1ZGIyOTQ5NjY1MzBkMGM4NGFlNGIwMjg1Nzk1ZDk5YWU5ZjhlOGRmYWQ5NDEyMmMzNTlhYzE5MGUwIiwidGFnIjoiIn0%3D
cookie: laravel_session=eyJpdiI6ImlPd2lIOFVWU29qa0pVdkl1Y1FOU3c9PSIsInZhbHVlIjoiVHVWb3BIQTNNQmZ4S0p0M0l4ak56OHZjMDlndXkzSkYydy9vMk5oTEdRRHdCaVJUdTlQR0d1b2lSSDIyVjU3TTBZZUJYVHNjU011RS9hL3BybXNhSW5JUFdnSWM0dlFVTXVudEZ5Njl1VkZ3bXRBTW9JMVNNL21nc29kdEtyV2UiLCJtYWMiOiIxNTYyMzFjMGYxMmM2MTFiZjgzYmU2NDVkMjNmMDM2NTE1NDhhNjNiZjA5MDNmNjIzMWY5ODcxNDRmZmY5YmY2IiwidGFnIjoiIn0%3D

Response

HTTP/2.0 200

date: Thu, 22 Aug 2024 16:18:09 GMT
content-type: image/png
content-length: 1400
content-disposition: inline; filename="klMhVkVZewmNqTNFG3dMgQmE4DovDPlr3jW1hEcAbKYg3BqrEZ0ouVoCdGpwRDjDBPJ1ab230"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dNOAIMORQBhFsESe1uohqnE%2FgzTwXy8aAffPuecqpOlbKV2xyMSjm4Tj1yfVm6bVySnVg9%2FIsc1aXf6hdO85cjHZcwZrNpiBjiH11spnv%2FjURjxr063PnbhWdnHb4g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server: cloudflare
cf-ray: 8b742d57aa207713-LHR
GET

https://fsbtv.contempi.su/klsmji7EPdlaLGYp9EUiPPktT0yvGhwP2g117Bx6qTxoEGmG0m2fMS9mm5IYr3eFGziT43QwdnKqLC8em9noQSbrPOMacjVUDTm0onka9TIP7YI6zIEpyjnogkS8r5LKgEaFJWoVuO27Upg10tvrDFNJayz655

msedge.exe

Remote address:

104.21.55.27:443

Request

GET /klsmji7EPdlaLGYp9EUiPPktT0yvGhwP2g117Bx6qTxoEGmG0m2fMS9mm5IYr3eFGziT43QwdnKqLC8em9noQSbrPOMacjVUDTm0onka9TIP7YI6zIEpyjnogkS8r5LKgEaFJWoVuO27Upg10tvrDFNJayz655 HTTP/2.0
host: fsbtv.contempi.su
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://fsbtv.contempi.su/mxqxpuzhtczeukcyueislqrdnmuhnapo6689250660031690988124331668524956xtgppvwolh3wj5wikxeld333g2ptsc7rxn?xsbkvhcxfzjlmocpcyvpnrjsretgegby2717374538688782003044210682881066d9gowf9tbf3cb8k8ouw2tmqcoyce1tu306
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6IndVd2labWdCMExCZkRmR296dnI3R1E9PSIsInZhbHVlIjoieHFBbFo5LzdHMnNKL0JSRWU0ejloMzlCVlgzWWRHZGU1TFhxQnNPT2k4NjlvQWZvekt4aWxWSDRhNnhiMUZGemxGTWdzdkxCaFJBekJCSFl5TTBWQ1JxUnY3ZTk1UnE0ZTF6dWlpTGdSR0wyUTg1d0w1MldJcEt4S1RrTm5vSHYiLCJtYWMiOiI1ZTE3MzE1ZGIyOTQ5NjY1MzBkMGM4NGFlNGIwMjg1Nzk1ZDk5YWU5ZjhlOGRmYWQ5NDEyMmMzNTlhYzE5MGUwIiwidGFnIjoiIn0%3D
cookie: laravel_session=eyJpdiI6ImlPd2lIOFVWU29qa0pVdkl1Y1FOU3c9PSIsInZhbHVlIjoiVHVWb3BIQTNNQmZ4S0p0M0l4ak56OHZjMDlndXkzSkYydy9vMk5oTEdRRHdCaVJUdTlQR0d1b2lSSDIyVjU3TTBZZUJYVHNjU011RS9hL3BybXNhSW5JUFdnSWM0dlFVTXVudEZ5Njl1VkZ3bXRBTW9JMVNNL21nc29kdEtyV2UiLCJtYWMiOiIxNTYyMzFjMGYxMmM2MTFiZjgzYmU2NDVkMjNmMDM2NTE1NDhhNjNiZjA5MDNmNjIzMWY5ODcxNDRmZmY5YmY2IiwidGFnIjoiIn0%3D

Response

HTTP/2.0 200

date: Thu, 22 Aug 2024 16:18:09 GMT
content-type: image/svg+xml
content-disposition: inline; filename="mnCgaNsRq14MxM7d8MolklYZqHoOUBBMdorNj90143"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hjWW9jweqtClwuP4jgz7bKhjobjm0oyBnb6fYQjZgwhQEfFRXSWr3b1mmQUS%2F7yiXqTNS2JiVmeevX1WOYFy0Mn0F0OLKBIfrfaZ%2FltDzxzEPrmHNELbhRjv4Ftg8A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server: cloudflare
cf-ray: 8b742d5779db7713-LHR
content-encoding: br
GET

https://fsbtv.contempi.su/klMhVkVZewmNqTNFG3dMgQmE4DovDPlr3jW1hEcAbKYg3BqrEZ0ouVoCdGpwRDjDBPJ1ab230

msedge.exe

Remote address:

104.21.55.27:443

Request

GET /klMhVkVZewmNqTNFG3dMgQmE4DovDPlr3jW1hEcAbKYg3BqrEZ0ouVoCdGpwRDjDBPJ1ab230 HTTP/2.0
host: fsbtv.contempi.su
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://fsbtv.contempi.su/mxqxpuzhtczeukcyueislqrdnmuhnapo6689250660031690988124331668524956xtgppvwolh3wj5wikxeld333g2ptsc7rxn?xsbkvhcxfzjlmocpcyvpnrjsretgegby2717374538688782003044210682881066d9gowf9tbf3cb8k8ouw2tmqcoyce1tu306
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6IndVd2labWdCMExCZkRmR296dnI3R1E9PSIsInZhbHVlIjoieHFBbFo5LzdHMnNKL0JSRWU0ejloMzlCVlgzWWRHZGU1TFhxQnNPT2k4NjlvQWZvekt4aWxWSDRhNnhiMUZGemxGTWdzdkxCaFJBekJCSFl5TTBWQ1JxUnY3ZTk1UnE0ZTF6dWlpTGdSR0wyUTg1d0w1MldJcEt4S1RrTm5vSHYiLCJtYWMiOiI1ZTE3MzE1ZGIyOTQ5NjY1MzBkMGM4NGFlNGIwMjg1Nzk1ZDk5YWU5ZjhlOGRmYWQ5NDEyMmMzNTlhYzE5MGUwIiwidGFnIjoiIn0%3D
cookie: laravel_session=eyJpdiI6ImlPd2lIOFVWU29qa0pVdkl1Y1FOU3c9PSIsInZhbHVlIjoiVHVWb3BIQTNNQmZ4S0p0M0l4ak56OHZjMDlndXkzSkYydy9vMk5oTEdRRHdCaVJUdTlQR0d1b2lSSDIyVjU3TTBZZUJYVHNjU011RS9hL3BybXNhSW5JUFdnSWM0dlFVTXVudEZ5Njl1VkZ3bXRBTW9JMVNNL21nc29kdEtyV2UiLCJtYWMiOiIxNTYyMzFjMGYxMmM2MTFiZjgzYmU2NDVkMjNmMDM2NTE1NDhhNjNiZjA5MDNmNjIzMWY5ODcxNDRmZmY5YmY2IiwidGFnIjoiIn0%3D

Response

HTTP/2.0 200

date: Thu, 22 Aug 2024 16:18:09 GMT
content-type: image/png
content-length: 727
content-disposition: inline; filename="qrS0DrTAZlMuHjtV8nsViOXfUTghzfNjqenOnVt45140"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3CHaB%2BnVstEkoPEtvsnim%2BWYVvbIHpFhJkgh8vPO%2B29vv61Il3pHb%2BXsoHHvimY5k%2Fn4z5oznvZAmwKtZYdK%2B8VLroJ22yP1QPb8mA2PMOc5troafpIL4AKf0Aq2mQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server: cloudflare
cf-ray: 8b742d5779d67713-LHR
POST

https://fsbtv.contempi.su/rvkPhMg4X6h5ngxu6yJ7YWMgocxYulAlFhPqxPgaErzn3dslBymz8wdEtb

msedge.exe

Remote address:

104.21.55.27:443

Request

POST /rvkPhMg4X6h5ngxu6yJ7YWMgocxYulAlFhPqxPgaErzn3dslBymz8wdEtb HTTP/2.0
host: fsbtv.contempi.su
content-length: 53
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
accept: */*
dnt: 1
x-requested-with: XMLHttpRequest
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/x-www-form-urlencoded; charset=UTF-8
origin: https://fsbtv.contempi.su
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://fsbtv.contempi.su/mxqxpuzhtczeukcyueislqrdnmuhnapo6689250660031690988124331668524956xtgppvwolh3wj5wikxeld333g2ptsc7rxn?xsbkvhcxfzjlmocpcyvpnrjsretgegby2717374538688782003044210682881066d9gowf9tbf3cb8k8ouw2tmqcoyce1tu306
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6IndVd2labWdCMExCZkRmR296dnI3R1E9PSIsInZhbHVlIjoieHFBbFo5LzdHMnNKL0JSRWU0ejloMzlCVlgzWWRHZGU1TFhxQnNPT2k4NjlvQWZvekt4aWxWSDRhNnhiMUZGemxGTWdzdkxCaFJBekJCSFl5TTBWQ1JxUnY3ZTk1UnE0ZTF6dWlpTGdSR0wyUTg1d0w1MldJcEt4S1RrTm5vSHYiLCJtYWMiOiI1ZTE3MzE1ZGIyOTQ5NjY1MzBkMGM4NGFlNGIwMjg1Nzk1ZDk5YWU5ZjhlOGRmYWQ5NDEyMmMzNTlhYzE5MGUwIiwidGFnIjoiIn0%3D
cookie: laravel_session=eyJpdiI6ImlPd2lIOFVWU29qa0pVdkl1Y1FOU3c9PSIsInZhbHVlIjoiVHVWb3BIQTNNQmZ4S0p0M0l4ak56OHZjMDlndXkzSkYydy9vMk5oTEdRRHdCaVJUdTlQR0d1b2lSSDIyVjU3TTBZZUJYVHNjU011RS9hL3BybXNhSW5JUFdnSWM0dlFVTXVudEZ5Njl1VkZ3bXRBTW9JMVNNL21nc29kdEtyV2UiLCJtYWMiOiIxNTYyMzFjMGYxMmM2MTFiZjgzYmU2NDVkMjNmMDM2NTE1NDhhNjNiZjA5MDNmNjIzMWY5ODcxNDRmZmY5YmY2IiwidGFnIjoiIn0%3D

Response

HTTP/2.0 200

date: Thu, 22 Aug 2024 16:18:09 GMT
content-type: application/json
cache-control: no-cache, private
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oXrUhAGDzKqAofniQbYB3YC9z3QxN5T5fh735u8j5jU96XWM3YSqhlhqjM3sOZuAtTDeu4EtfU4gR8BDfdz3%2FNzRxBx1%2FDnmnMWdpWuAiLGj9YHrRKN7XJY4sCD4Mw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
set-cookie: XSRF-TOKEN=eyJpdiI6Ik5jV3MvZXJrUkFWaEpXbWg0bmxQN2c9PSIsInZhbHVlIjoiNU9vSFlqczlHeDExNGRPeVJHS3BhUGtFQnN3S202VGUwVUg1TkkxUkJvSDA3K0FUNTNaZzIvS0FZUTg1NWIyaDJRTitHVjl2TU8xUVhQeDdSbE4zaVo0aVdXeG0ycGo5SFFyZGZLUlExQko0Tk1VVUR0cVRPcmlPaXBTRjZ2U1QiLCJtYWMiOiIzYzcxMjkyYjI1NDMyZjFjM2Q3OGFiMDQwMjUyZjE0ZTA1NTI3NmE0YWZkZWFhOThjMThmMTU5ZTJmMmM3ZTIxIiwidGFnIjoiIn0%3D; expires=Thu, 22-Aug-2024 18:18:09 GMT; Max-Age=7200; path=/; secure; samesite=none
set-cookie: laravel_session=eyJpdiI6InQ2YzRLeVJDTWJmc2ZyRDNneW9ocEE9PSIsInZhbHVlIjoiYWJ6ZW5MbXNGSTBtYnpUWVFQOXZ6cnVIWGRNMXBRcUFnRWR1N242NjhSd1R3MWxrdzlKNlEyaWJBNWhOVStyc3Nrc0luMnNuTmI4TThkRnBkVVlibjZHenBZZzQ4Y25sMC9XY2NINFc3NUkvY1pBd1dqbnFyYmhoSDBlRmZPc2EiLCJtYWMiOiI5NjhhNTNkYTViNjQ5MTM3ZGRhYzlkNGMyZjkwZWE3ZjdjZWFkMTJiYzZlODJmMjlmYTVmOTFhYmY5YmUwM2QzIiwidGFnIjoiIn0%3D; expires=Thu, 22-Aug-2024 18:18:09 GMT; Max-Age=7200; path=/; secure; httponly; samesite=none
server: cloudflare
cf-ray: 8b742d58fb817713-LHR
content-encoding: br
POST

https://fsbtv.contempi.su/rvkPhMg4X6h5ngxu6yJ7YWMgocxYulAlFhPqxPgaErzn3dslBymz8wdEtb

msedge.exe

Remote address:

104.21.55.27:443

Request

POST /rvkPhMg4X6h5ngxu6yJ7YWMgocxYulAlFhPqxPgaErzn3dslBymz8wdEtb HTTP/2.0
host: fsbtv.contempi.su
content-length: 261
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
accept: */*
dnt: 1
x-requested-with: XMLHttpRequest
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/x-www-form-urlencoded; charset=UTF-8
origin: https://fsbtv.contempi.su
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://fsbtv.contempi.su/mxqxpuzhtczeukcyueislqrdnmuhnapo6689250660031690988124331668524956xtgppvwolh3wj5wikxeld333g2ptsc7rxn?xsbkvhcxfzjlmocpcyvpnrjsretgegby2717374538688782003044210682881066d9gowf9tbf3cb8k8ouw2tmqcoyce1tu306
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6Ik5jV3MvZXJrUkFWaEpXbWg0bmxQN2c9PSIsInZhbHVlIjoiNU9vSFlqczlHeDExNGRPeVJHS3BhUGtFQnN3S202VGUwVUg1TkkxUkJvSDA3K0FUNTNaZzIvS0FZUTg1NWIyaDJRTitHVjl2TU8xUVhQeDdSbE4zaVo0aVdXeG0ycGo5SFFyZGZLUlExQko0Tk1VVUR0cVRPcmlPaXBTRjZ2U1QiLCJtYWMiOiIzYzcxMjkyYjI1NDMyZjFjM2Q3OGFiMDQwMjUyZjE0ZTA1NTI3NmE0YWZkZWFhOThjMThmMTU5ZTJmMmM3ZTIxIiwidGFnIjoiIn0%3D
cookie: laravel_session=eyJpdiI6InQ2YzRLeVJDTWJmc2ZyRDNneW9ocEE9PSIsInZhbHVlIjoiYWJ6ZW5MbXNGSTBtYnpUWVFQOXZ6cnVIWGRNMXBRcUFnRWR1N242NjhSd1R3MWxrdzlKNlEyaWJBNWhOVStyc3Nrc0luMnNuTmI4TThkRnBkVVlibjZHenBZZzQ4Y25sMC9XY2NINFc3NUkvY1pBd1dqbnFyYmhoSDBlRmZPc2EiLCJtYWMiOiI5NjhhNTNkYTViNjQ5MTM3ZGRhYzlkNGMyZjkwZWE3ZjdjZWFkMTJiYzZlODJmMjlmYTVmOTFhYmY5YmUwM2QzIiwidGFnIjoiIn0%3D

Response

HTTP/2.0 200

date: Thu, 22 Aug 2024 16:18:13 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mJQb4r33Ill1L8jYzfvT0ZK%2BUi94yTvbdI9Vrehe7z09kxTyOv3dvGTdrRiEcf3AO5YqUy0gY%2B6Ec1ck32M2cUt%2B09MMLqFKqq1t8UcBUriIJJgct6dqHt1EEhhZcA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
set-cookie: XSRF-TOKEN=eyJpdiI6Imk0cW9DUlJPK3FUTUFWNmN2U3Flc1E9PSIsInZhbHVlIjoiSDdlNG42SHNsUXF3Ym9XRldXL0UwdjA1ZUJWYlVuK2RIOHowd0NQcHdQdXdxVUNXbkQ3TGtGYmFxa2ZMeVh0Ym1TT3FVUTJ3UmcyY2tkdzhMNFRKMHFpM2l6VVJkSm1qTGR6RnFjTmRqeVU2RHUwZ0lrRW9pT0VENVBuOE5qblgiLCJtYWMiOiJmMjA5NGRhYzk5YmU1MDBmZjk0ODE3NDExNjhkMGRjNjg2ODQzODk3ZGM3MDIxZmI4MDNiNzk5ZWE2NTgwMjY0IiwidGFnIjoiIn0%3D; expires=Thu, 22-Aug-2024 18:18:13 GMT; Max-Age=7200; path=/; secure; samesite=none
set-cookie: laravel_session=eyJpdiI6IkdTMGlzTjhuQm9BbXFFNThjd2FyWXc9PSIsInZhbHVlIjoiMXZqZWZYSmwyVUNIbTZlTzczeVFJbVRhem5nL1ArMm1kRlJidGVmc1laUDhsaERoTUpndk5ZVC96RStNbGlYSVZlUjlyYUlzQjM3Y2RkMmhLbk42VXpENURNdFM3WUtIL2cwTWVQOVBrZ2NWMjdsbUhTNVY0U3RLaWNmMmg0RnAiLCJtYWMiOiI4ZmJmNTBmZDZjMGU1MjE0MmI3YmFhMTA2M2QyMzJiMjJjZGVjZTEyMzk2YWFkNDg0MTJlNDg4OWFiYzE1ZmYxIiwidGFnIjoiIn0%3D; expires=Thu, 22-Aug-2024 18:18:13 GMT; Max-Age=7200; path=/; secure; httponly; samesite=none
server: cloudflare
cf-ray: 8b742d6ea9a07713-LHR
content-encoding: br
DNS

cjby.maktated.ru

msedge.exe

Remote address:

8.8.8.8:53

Request

cjby.maktated.ru

IN A

Response

cjby.maktated.ru

IN A

104.21.23.73

cjby.maktated.ru

IN A

172.67.209.199
DNS

a.nel.cloudflare.com

msedge.exe

Remote address:

8.8.8.8:53

Request

a.nel.cloudflare.com

IN A

Response

a.nel.cloudflare.com

IN A

35.190.80.1
GET

https://cjby.maktated.ru/uxoenhflfzktgnqmmpgprfesJpMvjJBSOVXZDUZGCSUUETHSPTJQPNPMILVYDYEBUUVUHTUIEUSFKLE

msedge.exe

Remote address:

104.21.23.73:443

Request

GET /uxoenhflfzktgnqmmpgprfesJpMvjJBSOVXZDUZGCSUUETHSPTJQPNPMILVYDYEBUUVUHTUIEUSFKLE HTTP/2.0
host: cjby.maktated.ru
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://fsbtv.contempi.su
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://fsbtv.contempi.su/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 22 Aug 2024 16:17:57 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4Crjoc4TRGaWWnWfELlYJlJixwEd2Qin1zOm7Bcr1gDgGBo%2BM%2F8hPkg6jbofJZFMFjTulksks1sTMEqCST7D5bMZJg%2F4CjDmYEqO7gXbmpyyzrnefsES3SeRqs5WDA0cigje"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8b742d0bf9dd9532-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
OPTIONS

https://a.nel.cloudflare.com/report/v4?s=2YLl5pe67gTyPl23EGYXYaPHhcpfQ9BzoyEVCE5QRNcdfRB%2FOmrdAuQIHP%2FAgAIrAsfQZcJnTOPh9b50ZYI%2Bcszn%2BFfABRzXdTOTX7zo7opFQC8Fk3331ytUvKa%2Bdg%3D%3D

msedge.exe

Remote address:

35.190.80.1:443

Request

OPTIONS /report/v4?s=2YLl5pe67gTyPl23EGYXYaPHhcpfQ9BzoyEVCE5QRNcdfRB%2FOmrdAuQIHP%2FAgAIrAsfQZcJnTOPh9b50ZYI%2Bcszn%2BFfABRzXdTOTX7zo7opFQC8Fk3331ytUvKa%2Bdg%3D%3D HTTP/2.0
host: a.nel.cloudflare.com
origin: https://fsbtv.contempi.su
access-control-request-method: POST
access-control-request-headers: content-type
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
POST

https://a.nel.cloudflare.com/report/v4?s=2YLl5pe67gTyPl23EGYXYaPHhcpfQ9BzoyEVCE5QRNcdfRB%2FOmrdAuQIHP%2FAgAIrAsfQZcJnTOPh9b50ZYI%2Bcszn%2BFfABRzXdTOTX7zo7opFQC8Fk3331ytUvKa%2Bdg%3D%3D

msedge.exe

Remote address:

35.190.80.1:443

Request

POST /report/v4?s=2YLl5pe67gTyPl23EGYXYaPHhcpfQ9BzoyEVCE5QRNcdfRB%2FOmrdAuQIHP%2FAgAIrAsfQZcJnTOPh9b50ZYI%2Bcszn%2BFfABRzXdTOTX7zo7opFQC8Fk3331ytUvKa%2Bdg%3D%3D HTTP/2.0
host: a.nel.cloudflare.com
content-length: 445
content-type: application/reports+json
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

27.55.21.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

27.55.21.104.in-addr.arpa

IN PTR

Response
DNS

code.jquery.com

msedge.exe

Remote address:

8.8.8.8:53

Request

code.jquery.com

IN A

Response

code.jquery.com

IN A

151.101.194.137

code.jquery.com

IN A

151.101.130.137

code.jquery.com

IN A

151.101.66.137

code.jquery.com

IN A

151.101.2.137
DNS

challenges.cloudflare.com

msedge.exe

Remote address:

8.8.8.8:53

Request

challenges.cloudflare.com

IN A

Response

challenges.cloudflare.com

IN A

104.18.95.41

challenges.cloudflare.com

IN A

104.18.94.41
DNS

cdnjs.cloudflare.com

msedge.exe

Remote address:

8.8.8.8:53

Request

cdnjs.cloudflare.com

IN A

Response

cdnjs.cloudflare.com

IN A

104.17.25.14

cdnjs.cloudflare.com

IN A

104.17.24.14
GET

https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit

msedge.exe

Remote address:

104.18.95.41:443

Request

GET /turnstile/v0/api.js?render=explicit HTTP/2.0
host: challenges.cloudflare.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
intervention: <https://permanently-removed.invalid/feature/5718547946799104>; level="warning"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://fsbtv.contempi.su/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 22 Aug 2024 16:17:57 GMT
content-length: 0
access-control-allow-origin: *
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=300, public
cross-origin-resource-policy: cross-origin
location: /turnstile/v0/b/6790c32b9fc9/api.js
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b742d10c82e52db-LHR
alt-svc: h3=":443"; ma=86400
GET

https://challenges.cloudflare.com/turnstile/v0/b/6790c32b9fc9/api.js

msedge.exe

Remote address:

104.18.95.41:443

Request

GET /turnstile/v0/b/6790c32b9fc9/api.js HTTP/2.0
host: challenges.cloudflare.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
intervention: <https://permanently-removed.invalid/feature/5718547946799104>; level="warning"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://fsbtv.contempi.su/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 22 Aug 2024 16:17:57 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 15 Aug 2024 16:28:23 GMT
cache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 8b742d11187a52db-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/cvbog/0x4AAAAAAAfEHa2Vg0cZiqSU/auto/fbE/normal/auto/

msedge.exe

Remote address:

104.18.95.41:443

Request

GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/cvbog/0x4AAAAAAAfEHa2Vg0cZiqSU/auto/fbE/normal/auto/ HTTP/2.0
host: challenges.cloudflare.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fsbtv.contempi.su/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 22 Aug 2024 16:17:58 GMT
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
origin-agent-cluster: ?1
cross-origin-resource-policy: cross-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-opener-policy: same-origin
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
referrer-policy: same-origin
server: cloudflare
cf-ray: 8b742d11a8ec52db-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/cgqGdwECWZ0l%2BqhlK11yd%2Bx5hS12pvhB1sHMXO%2F%2F%2F3U%3D

msedge.exe

Remote address:

104.18.95.41:443

Request

GET /cdn-cgi/challenge-platform/h/b/cmg/1/cgqGdwECWZ0l%2BqhlK11yd%2Bx5hS12pvhB1sHMXO%2F%2F%2F3U%3D HTTP/2.0
host: challenges.cloudflare.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/cvbog/0x4AAAAAAAfEHa2Vg0cZiqSU/auto/fbE/normal/auto/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 22 Aug 2024 16:17:58 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 8b742d1299d852db-LHR
alt-svc: h3=":443"; ma=86400
GET

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8b742d11a8ec52db&lang=auto

msedge.exe

Remote address:

104.18.95.41:443

Request

GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8b742d11a8ec52db&lang=auto HTTP/2.0
host: challenges.cloudflare.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/cvbog/0x4AAAAAAAfEHa2Vg0cZiqSU/auto/fbE/normal/auto/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 22 Aug 2024 16:17:58 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: cloudflare
cf-ray: 8b742d1299de52db-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
POST

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/152058687:1724340571:J8xnZp8CmZNrVkrnRGf3Yo2LBeb7N7t8HBNYqU6HDIA/8b742d11a8ec52db/d060b9c2466881b

msedge.exe

Remote address:

104.18.95.41:443

Request

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/152058687:1724340571:J8xnZp8CmZNrVkrnRGf3Yo2LBeb7N7t8HBNYqU6HDIA/8b742d11a8ec52db/d060b9c2466881b HTTP/2.0
host: challenges.cloudflare.com
content-length: 2596
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
cf-challenge: d060b9c2466881b
content-type: application/x-www-form-urlencoded
accept: */*
origin: https://challenges.cloudflare.com
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/cvbog/0x4AAAAAAAfEHa2Vg0cZiqSU/auto/fbE/normal/auto/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 22 Aug 2024 16:17:58 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: we/CcvI6NGTS+XGgou8E7P0kixpV6HUppf/qE1wq5MDMnazOAyAM804HQqmM9LmNxbJi9PBQ+lUMQSoTo42fz6Y4KofSQavJ0IlqRxNOI/K42GUhNNB8EiPqljYx82z9Aesy1iuTqBHI4xLUj5PoqZiIiNEhmdNp2Ekr8q9lUH43SZWQGRR1sFsTQOqeWd7IPZHwU9muhOiEgr/LvHHnYle6ZsX/eAYg5vmVo/nnyrzvZUbrDMVWcnKgc5yeGAalFZyiaWSZFV2a2ruTzZJVFowj/+t/fZ0gDbO4MAHYp3Y85TvBmwgNbfoDsOetLfUAFn21SpsoIijfiwBBS4h1LwK+WHeX50nT0k3gWwdbW5It8gmUz+BdbVyOtStAWvaomvXLBHvkFVmw1o6eL9Ltb2WrmiTC98k8NTnfA9pxXUhLlNushsSuBEOj7ClOgft31utSDeuihD1qlavUWOiTwAKmwX0jiMKVDZYu$PwINZ1cayTS7PLFD
server: cloudflare
cf-ray: 8b742d13db1052db-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/8b742d11a8ec52db/1724343478398/c327dcba4f5183c28c73ab6382a037e5c5caf68dbe9f854758923938d72fa9f4/syon28gxAum6ICX

msedge.exe

Remote address:

104.18.95.41:443

Request

GET /cdn-cgi/challenge-platform/h/b/pat/8b742d11a8ec52db/1724343478398/c327dcba4f5183c28c73ab6382a037e5c5caf68dbe9f854758923938d72fa9f4/syon28gxAum6ICX HTTP/2.0
host: challenges.cloudflare.com
cache-control: max-age=0
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/cvbog/0x4AAAAAAAfEHa2Vg0cZiqSU/auto/fbE/normal/auto/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 401

date: Thu, 22 Aug 2024 16:17:59 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gwyfcuk9Rg8KMc6tjgqA35cXK9o2-n4VHWJI5ONcvqfQAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAtwmEumGLYZgwDTVv6yjvMvJNk3XjMOmRNanBNnL5DSSCz7sJE-uBwsxAYckU5Q7fbNx-Oq55fRGHXYT869NdtY817ACqcflST8vKmr7S5v-3zWtJWDyztK7McqDKscL6WguqcioWIAxYxw045Wuom2Or_Kjx16LyQQdaXdKBSR9ifPA17ELXvwH8UB4D6GjTyy1jQ0rOhDcyT1tstTNhq1QpQXCod7RCWcxF1VqCurVNs08_90gowZZoHSfOgO742FUkKQbwCstMckdatL0f_JP-XcBYTfUiW98aM991M3bpLFrUUAd53E3AQzan6j07sGUITTi37UR2BG4pNeOCuwIDAQAB", max-age=20, PrivateToken challenge="AAIAHXNhdC5wYXQtaXNzdWVyLmNsb3VkZmxhcmUuY29tIMMn3LpPUYPCjHOrY4KgN-XFyvaNvp-FR1iSOTjXL6n0ABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAu2FlB5ktDoeROxA-CL3BCDo3MeeTuCmxb24sUOtLSedclIaHLU1EAC4D5nGqr-aczjp9M9qFQYJBi6e07hOPSMkAX__GsSGSwArapiA8zNHer8YXwzMZmO0fvD-C6G93rpdMQCFAFQNOl0LwZWgntZa3JqfFO7HQWCO6qmOSju2VD4xvdLtNsn248ypVfQG_EyYKqi0MdbWu-eGJvAAYS-LrZKn2uSrKCltLs8hk2TTJ5btxvC7zFmcn0c7zCEZMham2aMVPUo5rI08ZQhGBYzKjc1VS7PIbmPz0nsaal3-Saa-3afBQyM-8Bwq1FuIGA9MG2lS1ZZ5iDL8LZB9SmwIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIMMn3LpPUYPCjHOrY4KgN-XFyvaNvp-FR1iSOTjXL6n0ABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAj3aKE3IQZKxrwhP2RNsMWYqLXI8QXFhRupd9uNWzU8gu_JF_dI6YsaHdYHHn80foDV62bwNGz5IYcRfev1qam5Z0OC_DbCZjjJ8mWSQDNsnDtdZqHM82YF6j8Vl6UW7_03LWsPENx7ugdyqyJKLR0DI0bbP23ly1VI-JJf6jCBmbrLIsLDEWqrEE7aNIVakpmpp9B17hOUH-kgEed2jw-KTqhyvwnQJTkFUJ8rNyJ9J1ryyoqeKce9Ybl7LLaanLNZJf3yHtbguBuZJuljPOArUjuZ8psUEcVhm1hsseZ2BzlgECW7X80svcm9_sMZxFM6R0-gU1wXyrd9kMUUnXhwIDAQAB", max-age=20
server: cloudflare
cf-ray: 8b742d17fe9f52db-LHR
alt-svc: h3=":443"; ma=86400
GET

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/8b742d11a8ec52db/1724343478413/BOuc0MIziggQ3rk

msedge.exe

Remote address:

104.18.95.41:443

Request

GET /cdn-cgi/challenge-platform/h/b/i/8b742d11a8ec52db/1724343478413/BOuc0MIziggQ3rk HTTP/2.0
host: challenges.cloudflare.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/cvbog/0x4AAAAAAAfEHa2Vg0cZiqSU/auto/fbE/normal/auto/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 22 Aug 2024 16:18:00 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 8b742d1e0bd552db-LHR
alt-svc: h3=":443"; ma=86400
POST

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/152058687:1724340571:J8xnZp8CmZNrVkrnRGf3Yo2LBeb7N7t8HBNYqU6HDIA/8b742d11a8ec52db/d060b9c2466881b

msedge.exe

Remote address:

104.18.95.41:443

Request

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/152058687:1724340571:J8xnZp8CmZNrVkrnRGf3Yo2LBeb7N7t8HBNYqU6HDIA/8b742d11a8ec52db/d060b9c2466881b HTTP/2.0
host: challenges.cloudflare.com
content-length: 29954
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
cf-challenge: d060b9c2466881b
content-type: application/x-www-form-urlencoded
accept: */*
origin: https://challenges.cloudflare.com
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/cvbog/0x4AAAAAAAfEHa2Vg0cZiqSU/auto/fbE/normal/auto/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 22 Aug 2024 16:18:00 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: Rpi+gVkUANlOb1I3T//aw7lsIP5GHOZTv2DKK4RHzy/hDgbZO7ov2W3ofdUCMLrbXnZ4vMPhp5lx41zY$5YSsbSSawWKBKYPu
server: cloudflare
cf-ray: 8b742d1f1cb952db-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
POST

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/152058687:1724340571:J8xnZp8CmZNrVkrnRGf3Yo2LBeb7N7t8HBNYqU6HDIA/8b742d11a8ec52db/d060b9c2466881b

msedge.exe

Remote address:

104.18.95.41:443

Request

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/152058687:1724340571:J8xnZp8CmZNrVkrnRGf3Yo2LBeb7N7t8HBNYqU6HDIA/8b742d11a8ec52db/d060b9c2466881b HTTP/2.0
host: challenges.cloudflare.com
content-length: 32296
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
cf-challenge: d060b9c2466881b
content-type: application/x-www-form-urlencoded
accept: */*
origin: https://challenges.cloudflare.com
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/cvbog/0x4AAAAAAAfEHa2Vg0cZiqSU/auto/fbE/normal/auto/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 22 Aug 2024 16:18:05 GMT
content-type: text/html; charset=UTF-8
cf-chl-out: 1ASBy8TKRgfz1l3w93UauMdRgRfBlMbRqj86cOAmNEH5HKOofdbTYbt2KszQSN5tFSpyWV/H//jbmHqa90gnVl6e7qaKMignsKnZmZygv+q5VfSY0tGEfxb8gY7QOULvfhuDobE2yIwYHddQMj7aCIdPN7U455c1OQPUybYDdmZjEvW4uNWgVfOy+XN8EAr/EF9QR4wvBe9yswe7/9as$fO1a62iu4FJyX4Oh
cf-chl-out-s: fB3igfzexwafWvdCD7Iu+4S/vo69mWRxKKTOahyciJ2UAhaK7LxEQ6zygUMbVZbY+ExSs74kbrL35PwWwA0jMaf88BVuhXLq4doHW9CYT3++7nVhCkYPrbvNqHfXiKlT7AuYu0VWgL+bbyLHzTbyjnX4dpfbTqx61ISN/4/3ywqWj1C0Emec+uoSjrw+rki01FbfJVOOcoBVypl+KGxH7TYi1um4mSqz78X2f99lalN22h/BcI2jKi7f1jHLnE4dZZOiuFjZI3/BL/TGfhniX9XbZuYXbZ+H0fF//iOvQpCLX54MNoRjuKDUeA6/S1Vc9UWZhIvb3X12bGB9aUuTVj0dxzSmsLhYIh93YWhIH0A48nLvwU8pTf/6iMQGoMCocOi2IOa1Bch+e9DHQLoV58EX9SMKGhiu9mCIepxJCZMRvpiASSH+JlsLkpCiyUqpfbfrPYtAn/ZYowg/P+G90J/2d31UckROsUFIOUPbm3ftRe3hROkyRRuJHu3yRvW01GtCZ5lQ2HGRvsDzWEMtoLIThPHi5ASHSep+hnt8P0mgxyk66DXQoeG5iuvy49/MeExwtOUxRLSr3sEpVR44nCVybxiUeM+kV5aCYlXem7CTOJqM2F1g8emUH/C1qDFBzYrHm1cPj9coBmjL/Kj/Hj1WMOhtlAy9DTvGEKeZydYhcnhQLgHaq/QR+sMmlUts+nfFpUHlKV5/7gHUxjMLeh+CoUZCDMEFhQClgHfhHiBEk9lzhhbvpOHFO0XperqnZr5yKlP/5yh7R/e9L6XXIojqXPI608OBrbw2dd4L8MMYGNMK1pL2DOKgM3v3iNc55oFLbyi/dMdlo42OQTsDPeWGoNhntokAfBhm7Vr7FVGPf9G5xLVvTFevV5ffb3B1X4oPO9jfE5AWLkOAwn89oB8SsKg+630u5j04fS61pTPQrvDYkFHD2B6FelpGqPFeI+Z0ChjKha8+Fe3/pmHmsN1oZ3kEJq0K44VxrYLMi3IYvlV+UdeGNh62O75jjwFZcDJpySEBqi1v5VkTycx2fJcV3acZhfc55+ZK7F2cV6bEghh/LmG0jkvfB4B9C429gtOf7d2SGuI+Ho5f08raCuLvSBwm6xzQ+Wog5dJ3Tt6pU3QZjjm7OKCWV4Xdc3OFYBOGru34tPLz/E6Yfmp+fk/3urQJ/gGYXsrS1fdBE1N2t7tQJjeRYZs3TOab+j5JZjXYj7XBwdysZI9JFyRlKiiY5peiMhgKAk65eK7+mTe4Z4sulsX970/Mk8QWdI0CkrqnA1reRsSP6ZTJhdklcHcwQNXOu2qYFKzR9VgP$OrnK2jh2NStVZPBT
server: cloudflare
cf-ray: 8b742d3f7f9e52db-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://code.jquery.com/jquery-3.6.0.min.js

msedge.exe

Remote address:

151.101.194.137:443

Request

GET /jquery-3.6.0.min.js HTTP/2.0
host: code.jquery.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
intervention: <https://permanently-removed.invalid/feature/5718547946799104>; level="warning"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://fsbtv.contempi.su/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d9d"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 22 Aug 2024 16:17:57 GMT
age: 2361223
x-served-by: cache-lga21931-LGA, cache-lon420131-LON
x-cache: HIT, HIT
x-cache-hits: 68, 99253
x-timer: S1724343478.698843,VS0,VE0
vary: Accept-Encoding
content-length: 30875
GET

https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js

msedge.exe

Remote address:

104.17.25.14:443

Request

GET /ajax/libs/crypto-js/4.1.1/crypto-js.min.js HTTP/2.0
host: cdnjs.cloudflare.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
intervention: <https://permanently-removed.invalid/feature/5718547946799104>; level="warning"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://fsbtv.contempi.su/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 22 Aug 2024 16:17:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 13972
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "61182885-3694"
last-modified: Sat, 14 Aug 2021 20:33:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 778827
expires: Tue, 12 Aug 2025 16:17:57 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OcgXD3eEBVHq%2BboeB9z1xxkZu%2Brzb7%2FHNjiXB8gFiT0CL2xXOFDl%2Frq3w%2FoX7HYZE%2BInuqvP1J9h3jPxXrggOxeF2ZfO9b93U77pBnd1JXGOsVuPaQTFdYIB%2BGKkFAkLybR%2BkOco"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8b742d0f9e7c3d9a-LHR
alt-svc: h3=":443"; ma=86400
DNS

apps.identrust.com

msedge.exe

Remote address:

8.8.8.8:53

Request

apps.identrust.com

IN A

Response

apps.identrust.com

IN CNAME

identrust.edgesuite.net

identrust.edgesuite.net

IN CNAME

a1952.dscq.akamai.net

a1952.dscq.akamai.net

IN A

173.222.211.58

a1952.dscq.akamai.net

IN A

173.222.211.8
GET

http://apps.identrust.com/roots/dstrootcax3.p7c

msedge.exe

Remote address:

173.222.211.58:80

Request

GET /roots/dstrootcax3.p7c HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/10.0
Host: apps.identrust.com

Response

HTTP/1.1 200 OK

X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex
Referrer-Policy: same-origin
Last-Modified: Wed, 08 Feb 2023 16:52:56 GMT
ETag: "37d-5f433188daa00"
Accept-Ranges: bytes
Content-Length: 893
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
Content-Type: application/pkcs7-mime
Cache-Control: max-age=3600
Expires: Thu, 22 Aug 2024 17:17:57 GMT
Date: Thu, 22 Aug 2024 16:17:57 GMT
Connection: keep-alive
DNS

73.23.21.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

73.23.21.104.in-addr.arpa

IN PTR

Response
DNS

1.80.190.35.in-addr.arpa

Remote address:

8.8.8.8:53

Request

1.80.190.35.in-addr.arpa

IN PTR

Response

1.80.190.35.in-addr.arpa

IN PTR

18019035bcgoogleusercontentcom
DNS

41.95.18.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

41.95.18.104.in-addr.arpa

IN PTR

Response
DNS

137.194.101.151.in-addr.arpa

Remote address:

8.8.8.8:53

Request

137.194.101.151.in-addr.arpa

IN PTR

Response
DNS

14.25.17.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

14.25.17.104.in-addr.arpa

IN PTR

Response
DNS

58.211.222.173.in-addr.arpa

Remote address:

8.8.8.8:53

Request

58.211.222.173.in-addr.arpa

IN PTR

Response

58.211.222.173.in-addr.arpa

IN PTR

a173-222-211-58deploystaticakamaitechnologiescom
DNS

13.86.106.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

13.86.106.20.in-addr.arpa

IN PTR

Response
DNS

cdn.socket.io

msedge.exe

Remote address:

8.8.8.8:53

Request

cdn.socket.io

IN A

Response

cdn.socket.io

IN CNAME

d2vgu95hoyrpkh.cloudfront.net

d2vgu95hoyrpkh.cloudfront.net

IN A

18.245.187.80

d2vgu95hoyrpkh.cloudfront.net

IN A

18.245.187.34

d2vgu95hoyrpkh.cloudfront.net

IN A

18.245.187.127

d2vgu95hoyrpkh.cloudfront.net

IN A

18.245.187.88
DNS

github.com

msedge.exe

Remote address:

8.8.8.8:53

Request

github.com

IN A

Response

github.com

IN A

20.26.156.215
DNS

www.google.com

msedge.exe

Remote address:

8.8.8.8:53

Request

www.google.com

IN A

Response

www.google.com

IN A

142.250.179.68
GET

https://www.google.com/recaptcha/api.js

msedge.exe

Remote address:

142.250.179.68:443

Request

GET /recaptcha/api.js HTTP/2.0
host: www.google.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
intervention: <https://permanently-removed.invalid/feature/5718547946799104>; level="warning"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://fsbtv.contempi.su/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://cdn.socket.io/4.6.0/socket.io.min.js

msedge.exe

Remote address:

18.245.187.80:443

Request

GET /4.6.0/socket.io.min.js HTTP/2.0
host: cdn.socket.io
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
intervention: <https://permanently-removed.invalid/feature/5718547946799104>; level="warning"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://fsbtv.contempi.su/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
content-disposition: inline; filename="socket.io.min.js"
content-encoding: gzip
date: Thu, 15 Aug 2024 09:38:06 GMT
etag: W/"80f5b8c6a9eeac15de93e5a112036a06"
server: Vercel
strict-transport-security: max-age=63072000
x-vercel-cache: HIT
x-vercel-id: lhr1::j8s2r-1723714686892-7f8aa69e4933
x-cache: Hit from cloudfront
via: 1.1 8a92b2b0171484a741fd7fa869ed518c.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR5-P3
x-amz-cf-id: RV688Ix8dWkPWz63KqsfgAMd_kaY1sMWvN6ISteXqSoyElZLFuZjpw==
age: 1942632
GET

https://github.com/fent/randexp.js/releases/download/v0.4.3/randexp.min.js

msedge.exe

Remote address:

20.26.156.215:443

Request

GET /fent/randexp.js/releases/download/v0.4.3/randexp.min.js HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
intervention: <https://permanently-removed.invalid/feature/5718547946799104>; level="warning"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://fsbtv.contempi.su/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

server: GitHub.com
date: Thu, 22 Aug 2024 16:18:08 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
location: https://objects.githubusercontent.com/github-production-release-asset-2e65be/2925284/11f3acf8-4ccb-11e6-8ce4-c179c0a212de?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20240822%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240822T161808Z&X-Amz-Expires=300&X-Amz-Signature=1f2e79a923ecc0dbd3e30b370e596c1c95894fd5e4f09ce802c92787aed937b3&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=2925284&response-content-disposition=attachment%3B%20filename%3Drandexp.min.js&response-content-type=application%2Foctet-stream
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com api.githubcopilot.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com/v1/engines/github-completion/completions proxy.enterprise.githubcopilot.com/v1/engines/github-completion/completions *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
content-length: 0
x-github-request-id: EC05:0A36:116439:12CAB5:66C764BF
DNS

80.187.245.18.in-addr.arpa

Remote address:

8.8.8.8:53

Request

80.187.245.18.in-addr.arpa

IN PTR

Response

80.187.245.18.in-addr.arpa

IN PTR

server-18-245-187-80lhr5r cloudfrontnet
DNS

68.179.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

68.179.250.142.in-addr.arpa

IN PTR

Response

68.179.250.142.in-addr.arpa

IN PTR

par21s19-in-f41e100net
DNS

215.156.26.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

215.156.26.20.in-addr.arpa

IN PTR

Response
DNS

objects.githubusercontent.com

msedge.exe

Remote address:

8.8.8.8:53

Request

objects.githubusercontent.com

IN A

Response

objects.githubusercontent.com

IN A

185.199.111.133

objects.githubusercontent.com

IN A

185.199.108.133

objects.githubusercontent.com

IN A

185.199.110.133

objects.githubusercontent.com

IN A

185.199.109.133
GET

https://objects.githubusercontent.com/github-production-release-asset-2e65be/2925284/11f3acf8-4ccb-11e6-8ce4-c179c0a212de?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20240822%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240822T161808Z&X-Amz-Expires=300&X-Amz-Signature=1f2e79a923ecc0dbd3e30b370e596c1c95894fd5e4f09ce802c92787aed937b3&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=2925284&response-content-disposition=attachment%3B%20filename%3Drandexp.min.js&response-content-type=application%2Foctet-stream

msedge.exe

Remote address:

185.199.111.133:443

Request

GET /github-production-release-asset-2e65be/2925284/11f3acf8-4ccb-11e6-8ce4-c179c0a212de?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20240822%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240822T161808Z&X-Amz-Expires=300&X-Amz-Signature=1f2e79a923ecc0dbd3e30b370e596c1c95894fd5e4f09ce802c92787aed937b3&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=2925284&response-content-disposition=attachment%3B%20filename%3Drandexp.min.js&response-content-type=application%2Foctet-stream HTTP/2.0
host: objects.githubusercontent.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
intervention: <https://permanently-removed.invalid/feature/5718547946799104>; level="warning"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://fsbtv.contempi.su/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/octet-stream
last-modified: Tue, 07 Dec 2021 16:38:45 GMT
etag: "0x8D9B9A009499A1E"
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: c04d24d1-701e-006d-40c9-dd551e000000
x-ms-version: 2020-10-02
x-ms-creation-time: Tue, 17 Aug 2021 14:57:31 GMT
x-ms-blob-content-md5: bCCivoupALwKcRiJOisQcg==
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
content-disposition: attachment; filename=randexp.min.js
x-ms-server-encrypted: true
via: 1.1 varnish, 1.1 varnish
fastly-restarts: 1
accept-ranges: bytes
date: Thu, 22 Aug 2024 16:18:09 GMT
age: 2667
x-served-by: cache-iad-kiad7000071-IAD, cache-lon420126-LON
x-cache: HIT, HIT
x-cache-hits: 6634, 1
x-timer: S1724343489.817183,VS0,VE1
content-length: 10245
DNS

ok4static.oktacdn.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ok4static.oktacdn.com

IN A

Response

ok4static.oktacdn.com

IN CNAME

d19d360lklgih4.cloudfront.net

d19d360lklgih4.cloudfront.net

IN A

108.156.39.22

d19d360lklgih4.cloudfront.net

IN A

108.156.39.118

d19d360lklgih4.cloudfront.net

IN A

108.156.39.24

d19d360lklgih4.cloudfront.net

IN A

108.156.39.60
GET

https://ok4static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.18.0/css/okta-sign-in.min.css

msedge.exe

Remote address:

108.156.39.22:443

Request

GET /assets/js/sdk/okta-signin-widget/7.18.0/css/okta-sign-in.min.css HTTP/2.0
host: ok4static.oktacdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://fsbtv.contempi.su/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/css
date: Sat, 17 Aug 2024 06:13:20 GMT
server: nginx
last-modified: Tue, 14 May 2024 21:48:24 GMT
etag: W/"0329c939fca7c78756b94fbcd95e322b"
x-amz-meta-sha1sum: 7b5499b46660a0348cc2b22cae927dcc3fda8b20
expires: Sun, 17 Aug 2025 06:13:20 GMT
cache-control: max-age=31536000
cache-control: public,max-age=31536000,s-maxage=1814400
strict-transport-security: max-age=315360000; includeSubDomains
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 17a77a72dc1e9981253a822e540e37c2.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: 0B-bJEbEMUAib-OXI_1e2GVN4GfEZG7EXpXjBG4xSL5cI-A5miZVVw==
age: 468289
GET

https://ok4static.oktacdn.com/assets/loginpage/css/loginpage-theme.e0d37a504604ef874bad26435d62011f.css

msedge.exe

Remote address:

108.156.39.22:443

Request

GET /assets/loginpage/css/loginpage-theme.e0d37a504604ef874bad26435d62011f.css HTTP/2.0
host: ok4static.oktacdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://fsbtv.contempi.su/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/css
server: nginx
last-modified: Thu, 14 Mar 2024 00:03:58 GMT
x-amz-meta-sha1sum: 4301f0d2b729ae22adece657d79eccaa25f429b1
strict-transport-security: max-age=315360000; includeSubDomains
access-control-allow-origin: *
content-encoding: gzip
date: Wed, 14 Aug 2024 18:49:29 GMT
expires: Thu, 14 Aug 2025 18:49:29 GMT
cache-control: max-age=31536000
cache-control: public,max-age=31536000,s-maxage=1814400
etag: W/"e0d37a504604ef874bad26435d62011f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 17a77a72dc1e9981253a822e540e37c2.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: SXgfLGkSc2S8JM23lWj2uvdVqp3dMx37zEmkXiPr_RDAyEsjDPW-EA==
age: 682120
GET

https://ok4static.oktacdn.com/fs/bcg/4/gfsh9pi7jcWKJKMAs1t7

msedge.exe

Remote address:

108.156.39.22:443

Request

GET /fs/bcg/4/gfsh9pi7jcWKJKMAs1t7 HTTP/2.0
host: ok4static.oktacdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://fsbtv.contempi.su/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/png
content-length: 10796
date: Fri, 09 Aug 2024 01:45:10 GMT
server: nginx
last-modified: Tue, 23 Feb 2021 04:20:08 GMT
etag: "12bdacc832185d0367ecc23fd24c86ce"
expires: Sat, 09 Aug 2025 01:45:10 GMT
cache-control: max-age=31536000
cache-control: public,max-age=31536000,s-maxage=1814400
strict-transport-security: max-age=315360000; includeSubDomains
access-control-allow-origin: *
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 17a77a72dc1e9981253a822e540e37c2.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: x1wsrH3yWFwnVWhkpOu-rr6whXvZ3c8pvofNmAINuB1hN3ceqQEcCw==
age: 1175579
DNS

133.111.199.185.in-addr.arpa

Remote address:

8.8.8.8:53

Request

133.111.199.185.in-addr.arpa

IN PTR

Response

133.111.199.185.in-addr.arpa

IN PTR

cdn-185-199-111-133githubcom
DNS

6.39.156.108.in-addr.arpa

Remote address:

8.8.8.8:53

Request

6.39.156.108.in-addr.arpa

IN PTR

Response

6.39.156.108.in-addr.arpa

IN PTR

server-108-156-39-6lhr50r cloudfrontnet
DNS

22.39.156.108.in-addr.arpa

Remote address:

8.8.8.8:53

Request

22.39.156.108.in-addr.arpa

IN PTR

Response

22.39.156.108.in-addr.arpa

IN PTR

server-108-156-39-22lhr50r cloudfrontnet
DNS

163.214.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

163.214.58.216.in-addr.arpa

IN PTR

Response

163.214.58.216.in-addr.arpa

IN PTR

par10s42-in-f31e100net

163.214.58.216.in-addr.arpa

IN PTR

mad01s26-in-f3�H

163.214.58.216.in-addr.arpa

IN PTR

mad01s26-in-f163�H
DNS

get.geojs.io

msedge.exe

Remote address:

8.8.8.8:53

Request

get.geojs.io

IN A

Response

get.geojs.io

IN A

172.67.70.233

get.geojs.io

IN A

104.26.0.100

get.geojs.io

IN A

104.26.1.100
GET

https://get.geojs.io/v1/ip/geo.json

msedge.exe

Remote address:

172.67.70.233:443

Request

GET /v1/ip/geo.json HTTP/2.0
host: get.geojs.io
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
accept: application/json, text/javascript, */*; q=0.01
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
origin: https://fsbtv.contempi.su
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://fsbtv.contempi.su/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 22 Aug 2024 16:18:11 GMT
content-type: application/json
x-request-id: e52254280eba8d886436a4d143c4b73b-ASH
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-origin: *
access-control-allow-methods: GET
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
geojs-backend: ash-01
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2KFpMkcuPzHm8wD1XPJxCrgkLmb65nHWUYgRS941tBX1%2BjNI2HT%2FAVArgtsprCA0zZj%2BuqivQbSJqlkawdeFjZ76xZdN5yIWZb4blYN9e8O0e4TrUeRltdpqCXrDFA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8b742d667bd94083-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
DNS

j8cl0.vanishment.ru

msedge.exe

Remote address:

8.8.8.8:53

Request

j8cl0.vanishment.ru

IN A

Response

j8cl0.vanishment.ru

IN A

104.21.29.197

j8cl0.vanishment.ru

IN A

172.67.149.187
POST

https://j8cl0.vanishment.ru/pgqSpevKkLpKCSqbZAOCKWrxkJMiQPJESEICOAAVEBYBTGESXZOPLrsIippUnKwJcQxk2yyzXNwx40

msedge.exe

Remote address:

104.21.29.197:443

Request

POST /pgqSpevKkLpKCSqbZAOCKWrxkJMiQPJESEICOAAVEBYBTGESXZOPLrsIippUnKwJcQxk2yyzXNwx40 HTTP/2.0
host: j8cl0.vanishment.ru
content-length: 105
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
accept: */*
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/x-www-form-urlencoded; charset=UTF-8
origin: https://fsbtv.contempi.su
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://fsbtv.contempi.su/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 22 Aug 2024 16:18:12 GMT
content-type: text/plain; charset=utf-8
vary: Origin
access-control-allow-origin: https://fsbtv.contempi.su
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o%2BlklCS%2FTQLfz1pfP7C5HB%2Fi705BeDVC2YByA94GytT5zZdRZtxlkKmcsbrcx8Ka3yzrcUUMN%2BYRr%2BXVhttz%2FQRSRdpJjxQszEp8vQgQv5MPSMtzSRhtO8zctgAyYZK1Ws1yg%2FG6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8b742d686d7e4197-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
DNS

197.29.21.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

197.29.21.104.in-addr.arpa

IN PTR

Response
DNS

233.70.67.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

233.70.67.172.in-addr.arpa

IN PTR

Response
DNS

aadcdn.msauthimages.net

msedge.exe

Remote address:

8.8.8.8:53

Request

aadcdn.msauthimages.net

IN A

Response

aadcdn.msauthimages.net

IN CNAME

aadcdn.azureedge.net

aadcdn.azureedge.net

IN CNAME

aadcdn.ec.azureedge.net

aadcdn.ec.azureedge.net

IN CNAME

scdn3514c.wpc.9e730.upsiloncdn.net

scdn3514c.wpc.9e730.upsiloncdn.net

IN CNAME

sni1gl.wpc.upsiloncdn.net

sni1gl.wpc.upsiloncdn.net

IN A

152.199.21.175
GET

https://aadcdn.msauthimages.net/dbd5a2dd-ky1fsvtwwf9l1f4d-1aclepm6iuer1ikbu8qz04t2iw/logintenantbranding/0/illustration?ts=637901416725467375

msedge.exe

Remote address:

152.199.21.175:443

Request

GET /dbd5a2dd-ky1fsvtwwf9l1f4d-1aclepm6iuer1ikbu8qz04t2iw/logintenantbranding/0/illustration?ts=637901416725467375 HTTP/2.0
host: aadcdn.msauthimages.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://fsbtv.contempi.su/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
content-md5: yNPZq2aIqAi1VoCk0QS/ww==
content-type: image/*
date: Thu, 22 Aug 2024 16:18:13 GMT
etag: 0x8DA47F57230F992
last-modified: Mon, 06 Jun 2022 19:47:53 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-content-type-options: nosniff
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 4efc094a-101e-0010-1aae-f4868a000000
x-ms-version: 2009-09-19
content-length: 5047
GET

https://aadcdn.msauthimages.net/dbd5a2dd-ky1fsvtwwf9l1f4d-1aclepm6iuer1ikbu8qz04t2iw/logintenantbranding/0/bannerlogo?ts=637901416731811961

msedge.exe

Remote address:

152.199.21.175:443

Request

GET /dbd5a2dd-ky1fsvtwwf9l1f4d-1aclepm6iuer1ikbu8qz04t2iw/logintenantbranding/0/bannerlogo?ts=637901416731811961 HTTP/2.0
host: aadcdn.msauthimages.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://fsbtv.contempi.su/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
content-md5: aCaYU4NCceM8rY/erFTc0Q==
content-type: image/*
date: Thu, 22 Aug 2024 16:18:13 GMT
etag: 0x8DA47F571CF3942
last-modified: Mon, 06 Jun 2022 19:47:52 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-content-type-options: nosniff
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 436f21fd-d01e-0030-5dae-f4fd2d000000
x-ms-version: 2009-09-19
content-length: 50466
DNS

175.21.199.152.in-addr.arpa

Remote address:

8.8.8.8:53

Request

175.21.199.152.in-addr.arpa

IN PTR

Response
DNS

26.165.165.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

26.165.165.52.in-addr.arpa

IN PTR

Response
DNS

198.187.3.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

198.187.3.20.in-addr.arpa

IN PTR

Response
DNS

44.56.20.217.in-addr.arpa

Remote address:

8.8.8.8:53

Request

44.56.20.217.in-addr.arpa

IN PTR

Response

167.212.17.236:443

https://doportal.documentmailbox.com/RedirectTarget.aspx?Action=EmailRedirect&BrandingID=ConEdison&IdToken=4D0C767D-6C2F-11EB-812C-1C98EC1A1CCA&CheckSum=09205b8aVN92kl1vdHb01e516f6&TargetUrl=https://dynamictech.co.ke/g63b/Acfn/98676/

tls, http

msedge.exe

2.0kB
4.5kB
10
10

HTTP Request

GET https://doportal.documentmailbox.com/RedirectTarget.aspx?Action=EmailRedirect&BrandingID=ConEdison&IdToken=4D0C767D-6C2F-11EB-812C-1C98EC1A1CCA&CheckSum=09205b8aVN92kl1vdHb01e516f6&TargetUrl=https://dynamictech.co.ke/g63b/Acfn/98676/

HTTP Response

302
150.171.28.10:443

https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=c3b02a944f674db48cf482142a847316&localId=w:BB8B17D4-59B3-6ACA-B6DD-FE09489D2C70&deviceId=6896205358085503&anid=

tls, http2

2.0kB
9.3kB
21
19

HTTP Request

GET https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=c3b02a944f674db48cf482142a847316&localId=w:BB8B17D4-59B3-6ACA-B6DD-FE09489D2C70&deviceId=6896205358085503&anid=

HTTP Response

204

HTTP Request

GET https://g.bing.com/neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=c3b02a944f674db48cf482142a847316&localId=w:BB8B17D4-59B3-6ACA-B6DD-FE09489D2C70&deviceId=6896205358085503&anid=

HTTP Response

204

HTTP Request

GET https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=c3b02a944f674db48cf482142a847316&localId=w:BB8B17D4-59B3-6ACA-B6DD-FE09489D2C70&deviceId=6896205358085503&anid=

HTTP Response

204
192.185.171.234:443

https://dynamictech.co.ke/favicon.ico

tls, http2

msedge.exe

2.4kB
7.3kB
19
22

HTTP Request

GET https://dynamictech.co.ke/g63b/Acfn/98676/

HTTP Response

200

HTTP Request

GET https://dynamictech.co.ke/0/index.xml

HTTP Response

200

HTTP Request

GET https://dynamictech.co.ke/0/index.xslt

HTTP Response

200

HTTP Request

GET https://dynamictech.co.ke/favicon.ico
192.185.171.234:443

dynamictech.co.ke

tls, http2

msedge.exe

913 B
4.1kB
7
8
104.21.55.27:443

https://fsbtv.contempi.su/rvkPhMg4X6h5ngxu6yJ7YWMgocxYulAlFhPqxPgaErzn3dslBymz8wdEtb

tls, http2

msedge.exe

25.0kB
566.9kB
326
558

HTTP Request

GET https://fsbtv.contempi.su/DJuy2C6F/

HTTP Response

200

HTTP Request

GET https://fsbtv.contempi.su/favicon.ico

HTTP Response

404

HTTP Request

POST https://fsbtv.contempi.su/clx7eS8pK1GVOJPP4dHNuarOoPa6pbD2Ghpd

HTTP Response

200

HTTP Request

GET https://fsbtv.contempi.su/DJuy2C6F/

HTTP Response

200

HTTP Request

GET https://fsbtv.contempi.su/DJuy2C6F/?aDcfo@acfn.com

HTTP Response

302

HTTP Request

GET https://fsbtv.contempi.su/mxqxpuzhtczeukcyueislqrdnmuhnapo6689250660031690988124331668524956xtgppvwolh3wj5wikxeld333g2ptsc7rxn?xsbkvhcxfzjlmocpcyvpnrjsretgegby2717374538688782003044210682881066d9gowf9tbf3cb8k8ouw2tmqcoyce1tu306

HTTP Response

200

HTTP Request

GET https://fsbtv.contempi.su/347Ds3PA9icRkcdwoa8911

HTTP Request

GET https://fsbtv.contempi.su/aba9mxy6FXoaIWrsjIgh24

HTTP Request

GET https://fsbtv.contempi.su/pq8Tk403hu340SJUuv40

HTTP Request

GET https://fsbtv.contempi.su/12sWJ0YWJx56O4bop50

HTTP Request

GET https://fsbtv.contempi.su/78KFrt2VUEr9LXtR674jo9Tx2st60

HTTP Request

GET https://fsbtv.contempi.su/45tVyWIy7e3hydbabw37Q63iMcvw70

HTTP Request

GET https://fsbtv.contempi.su/89tTX3SP4cn3680cAeftRt8ykDab74

HTTP Request

GET https://fsbtv.contempi.su/efD9TamDa6gtksfI99EJH56hElxD8OKlomn100

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://fsbtv.contempi.su/56PN3L2NgPL4a4ZrsmkMVNaJooikliRQAneVPx967102

HTTP Request

GET https://fsbtv.contempi.su/dePwgKGp7peUBhHXJ0CNxJoeaTHy5NP7dCJdjTA6tYnqIzneOpQvgp9K4mnJ86U45zjIgDDcgBKv7mkyuRRVrcrOBx9Np6pl0F5KaNqbnN6A01Kcd665

HTTP Request

GET https://fsbtv.contempi.su/uvI3CtR5Surtlf5F2aITuEwkoDNQR8qrZIDZi4bne1k5p12130

HTTP Request

GET https://fsbtv.contempi.su/qrS0DrTAZlMuHjtV8nsViOXfUTghzfNjqenOnVt45140

HTTP Request

GET https://fsbtv.contempi.su/mnCgaNsRq14MxM7d8MolklYZqHoOUBBMdorNj90143

HTTP Request

GET https://fsbtv.contempi.su/ijLAJrwMnIeqkX68PJocgoxqwpFcdsgc44mzTAzKh68Na56170

HTTP Request

GET https://fsbtv.contempi.su/wxlSizymGI7YgQwAs1795pAZpiqLWVi1Obnz9CNQrsQQ5AJo1qY6hhUZO33sab180

HTTP Request

GET https://fsbtv.contempi.su/rs1knMQFQ5EK5V19h75YbG9FOkHSoqbSijpaew61Qgo0mQOSs9T8p5S9XSLIyz20ef193

HTTP Request

GET https://fsbtv.contempi.su/ghfBeIxfIREmlzumBUTim94ORzMRfklkprxVo3vcY5A6aZE3qZ9TYylef206

HTTP Request

GET https://fsbtv.contempi.su/opMnwd6tKZDr6ncBghLlSqMi33KGJUZgcuJNTgnQV5DAbbJuvmQOXA9jjn4qWJLDsBmo4vQef240

HTTP Request

GET https://fsbtv.contempi.su/uvFRaRwxOneUXrxB9Un9JY0ZONghzKX0HQgDEZOd6zMT156I7j845zpjWp1N5oxg6haF7J0G7ajRkef253

HTTP Request

GET https://fsbtv.contempi.su/klsmji7EPdlaLGYp9EUiPPktT0yvGhwP2g117Bx6qTxoEGmG0m2fMS9mm5IYr3eFGziT43QwdnKqLC8em9noQSbrPOMacjVUDTm0onka9TIP7YI6zIEpyjnogkS8r5LKgEaFJWoVuO27Upg10tvrDFNJayz655

HTTP Request

GET https://fsbtv.contempi.su/klMhVkVZewmNqTNFG3dMgQmE4DovDPlr3jW1hEcAbKYg3BqrEZ0ouVoCdGpwRDjDBPJ1ab230

HTTP Request

POST https://fsbtv.contempi.su/rvkPhMg4X6h5ngxu6yJ7YWMgocxYulAlFhPqxPgaErzn3dslBymz8wdEtb

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

POST https://fsbtv.contempi.su/rvkPhMg4X6h5ngxu6yJ7YWMgocxYulAlFhPqxPgaErzn3dslBymz8wdEtb

HTTP Response

200
104.21.55.27:443

fsbtv.contempi.su

tls

msedge.exe

897 B
2.5kB
7
5
104.21.23.73:443

https://cjby.maktated.ru/uxoenhflfzktgnqmmpgprfesJpMvjJBSOVXZDUZGCSUUETHSPTJQPNPMILVYDYEBUUVUHTUIEUSFKLE

tls, http2

msedge.exe

1.6kB
3.7kB
10
10

HTTP Request

GET https://cjby.maktated.ru/uxoenhflfzktgnqmmpgprfesJpMvjJBSOVXZDUZGCSUUETHSPTJQPNPMILVYDYEBUUVUHTUIEUSFKLE

HTTP Response

200
35.190.80.1:443

https://a.nel.cloudflare.com/report/v4?s=2YLl5pe67gTyPl23EGYXYaPHhcpfQ9BzoyEVCE5QRNcdfRB%2FOmrdAuQIHP%2FAgAIrAsfQZcJnTOPh9b50ZYI%2Bcszn%2BFfABRzXdTOTX7zo7opFQC8Fk3331ytUvKa%2Bdg%3D%3D

tls, http2

msedge.exe

2.6kB
4.7kB
15
17

HTTP Request

OPTIONS https://a.nel.cloudflare.com/report/v4?s=2YLl5pe67gTyPl23EGYXYaPHhcpfQ9BzoyEVCE5QRNcdfRB%2FOmrdAuQIHP%2FAgAIrAsfQZcJnTOPh9b50ZYI%2Bcszn%2BFfABRzXdTOTX7zo7opFQC8Fk3331ytUvKa%2Bdg%3D%3D

HTTP Request

POST https://a.nel.cloudflare.com/report/v4?s=2YLl5pe67gTyPl23EGYXYaPHhcpfQ9BzoyEVCE5QRNcdfRB%2FOmrdAuQIHP%2FAgAIrAsfQZcJnTOPh9b50ZYI%2Bcszn%2BFfABRzXdTOTX7zo7opFQC8Fk3331ytUvKa%2Bdg%3D%3D
104.18.95.41:443

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/152058687:1724340571:J8xnZp8CmZNrVkrnRGf3Yo2LBeb7N7t8HBNYqU6HDIA/8b742d11a8ec52db/d060b9c2466881b

tls, http2

msedge.exe

75.5kB
233.7kB
177
242

HTTP Request

GET https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit

HTTP Response

302

HTTP Request

GET https://challenges.cloudflare.com/turnstile/v0/b/6790c32b9fc9/api.js

HTTP Response

200

HTTP Request

GET https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/cvbog/0x4AAAAAAAfEHa2Vg0cZiqSU/auto/fbE/normal/auto/

HTTP Response

200

HTTP Request

GET https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/cgqGdwECWZ0l%2BqhlK11yd%2Bx5hS12pvhB1sHMXO%2F%2F%2F3U%3D

HTTP Request

GET https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8b742d11a8ec52db&lang=auto

HTTP Response

200

HTTP Response

200

HTTP Request

POST https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/152058687:1724340571:J8xnZp8CmZNrVkrnRGf3Yo2LBeb7N7t8HBNYqU6HDIA/8b742d11a8ec52db/d060b9c2466881b

HTTP Response

200

HTTP Request

GET https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/8b742d11a8ec52db/1724343478398/c327dcba4f5183c28c73ab6382a037e5c5caf68dbe9f854758923938d72fa9f4/syon28gxAum6ICX

HTTP Response

401

HTTP Request

GET https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/8b742d11a8ec52db/1724343478413/BOuc0MIziggQ3rk

HTTP Response

200

HTTP Request

POST https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/152058687:1724340571:J8xnZp8CmZNrVkrnRGf3Yo2LBeb7N7t8HBNYqU6HDIA/8b742d11a8ec52db/d060b9c2466881b

HTTP Response

200

HTTP Request

POST https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/152058687:1724340571:J8xnZp8CmZNrVkrnRGf3Yo2LBeb7N7t8HBNYqU6HDIA/8b742d11a8ec52db/d060b9c2466881b

HTTP Response

200
151.101.194.137:443

https://code.jquery.com/jquery-3.6.0.min.js

tls, http2

msedge.exe

2.6kB
37.2kB
32
34

HTTP Request

GET https://code.jquery.com/jquery-3.6.0.min.js

HTTP Response

200
104.17.25.14:443

https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js

tls, http2

msedge.exe

2.0kB
18.7kB
19
21

HTTP Request

GET https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js

HTTP Response

200
173.222.211.58:80

http://apps.identrust.com/roots/dstrootcax3.p7c

http

msedge.exe

324 B
1.6kB
4
4

HTTP Request

GET http://apps.identrust.com/roots/dstrootcax3.p7c

HTTP Response

200
142.250.179.68:443

https://www.google.com/recaptcha/api.js

tls, http2

msedge.exe

1.8kB
7.4kB
14
14

HTTP Request

GET https://www.google.com/recaptcha/api.js
18.245.187.80:443

https://cdn.socket.io/4.6.0/socket.io.min.js

tls, http2

msedge.exe

2.1kB
21.4kB
21
23

HTTP Request

GET https://cdn.socket.io/4.6.0/socket.io.min.js

HTTP Response

200
20.26.156.215:443

https://github.com/fent/randexp.js/releases/download/v0.4.3/randexp.min.js

tls, http2

msedge.exe

1.8kB
8.4kB
13
12

HTTP Request

GET https://github.com/fent/randexp.js/releases/download/v0.4.3/randexp.min.js

HTTP Response

302
185.199.111.133:443

objects.githubusercontent.com

tls

msedge.exe

848 B
625 B
5
4
185.199.111.133:443

https://objects.githubusercontent.com/github-production-release-asset-2e65be/2925284/11f3acf8-4ccb-11e6-8ce4-c179c0a212de?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20240822%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240822T161808Z&X-Amz-Expires=300&X-Amz-Signature=1f2e79a923ecc0dbd3e30b370e596c1c95894fd5e4f09ce802c92787aed937b3&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=2925284&response-content-disposition=attachment%3B%20filename%3Drandexp.min.js&response-content-type=application%2Foctet-stream

tls, http2

msedge.exe

2.1kB
16.2kB
14
20

HTTP Request

GET https://objects.githubusercontent.com/github-production-release-asset-2e65be/2925284/11f3acf8-4ccb-11e6-8ce4-c179c0a212de?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20240822%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240822T161808Z&X-Amz-Expires=300&X-Amz-Signature=1f2e79a923ecc0dbd3e30b370e596c1c95894fd5e4f09ce802c92787aed937b3&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=2925284&response-content-disposition=attachment%3B%20filename%3Drandexp.min.js&response-content-type=application%2Foctet-stream

HTTP Response

200
108.156.39.22:443

https://ok4static.oktacdn.com/fs/bcg/4/gfsh9pi7jcWKJKMAs1t7

tls, http2

msedge.exe

3.7kB
59.1kB
51
49

HTTP Request

GET https://ok4static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.18.0/css/okta-sign-in.min.css

HTTP Request

GET https://ok4static.oktacdn.com/assets/loginpage/css/loginpage-theme.e0d37a504604ef874bad26435d62011f.css

HTTP Request

GET https://ok4static.oktacdn.com/fs/bcg/4/gfsh9pi7jcWKJKMAs1t7

HTTP Response

200

HTTP Response

200

HTTP Response

200
108.156.39.22:443

ok4static.oktacdn.com

tls

msedge.exe

885 B
4.3kB
8
6
108.156.39.22:443

ok4static.oktacdn.com

tls

msedge.exe

885 B
4.3kB
8
6
172.67.70.233:443

https://get.geojs.io/v1/ip/geo.json

tls, http2

msedge.exe

1.6kB
4.1kB
10
9

HTTP Request

GET https://get.geojs.io/v1/ip/geo.json

HTTP Response

200
104.21.29.197:443

https://j8cl0.vanishment.ru/pgqSpevKkLpKCSqbZAOCKWrxkJMiQPJESEICOAAVEBYBTGESXZOPLrsIippUnKwJcQxk2yyzXNwx40

tls, http2

msedge.exe

1.8kB
4.5kB
12
11

HTTP Request

POST https://j8cl0.vanishment.ru/pgqSpevKkLpKCSqbZAOCKWrxkJMiQPJESEICOAAVEBYBTGESXZOPLrsIippUnKwJcQxk2yyzXNwx40

HTTP Response

200
152.199.21.175:443

https://aadcdn.msauthimages.net/dbd5a2dd-ky1fsvtwwf9l1f4d-1aclepm6iuer1ikbu8qz04t2iw/logintenantbranding/0/bannerlogo?ts=637901416731811961

tls, http2

msedge.exe

3.5kB
65.5kB
36
58

HTTP Request

GET https://aadcdn.msauthimages.net/dbd5a2dd-ky1fsvtwwf9l1f4d-1aclepm6iuer1ikbu8qz04t2iw/logintenantbranding/0/illustration?ts=637901416725467375

HTTP Request

GET https://aadcdn.msauthimages.net/dbd5a2dd-ky1fsvtwwf9l1f4d-1aclepm6iuer1ikbu8qz04t2iw/logintenantbranding/0/bannerlogo?ts=637901416731811961

HTTP Response

200

HTTP Response

200
152.199.21.175:443

aadcdn.msauthimages.net

tls

msedge.exe

1.7kB
7.1kB
12
12

8.8.8.8:53

doportal.documentmailbox.com

dns

msedge.exe

74 B
90 B
1
1

DNS Request

doportal.documentmailbox.com

DNS Response

167.212.17.236
8.8.8.8:53

8.8.8.8.in-addr.arpa

dns

66 B
90 B
1
1

DNS Request

8.8.8.8.in-addr.arpa
8.8.8.8:53

dynamictech.co.ke

dns

msedge.exe

63 B
79 B
1
1

DNS Request

dynamictech.co.ke

DNS Response

192.185.171.234
8.8.8.8:53

23.159.190.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

23.159.190.20.in-addr.arpa
8.8.8.8:53

73.144.22.2.in-addr.arpa

dns

70 B
133 B
1
1

DNS Request

73.144.22.2.in-addr.arpa
8.8.8.8:53

236.17.212.167.in-addr.arpa

dns

73 B
153 B
1
1

DNS Request

236.17.212.167.in-addr.arpa
8.8.8.8:53

149.220.183.52.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

149.220.183.52.in-addr.arpa
8.8.8.8:53

95.221.229.192.in-addr.arpa

dns

73 B
144 B
1
1

DNS Request

95.221.229.192.in-addr.arpa
8.8.8.8:53

g.bing.com

dns

56 B
148 B
1
1

DNS Request

g.bing.com

DNS Response

150.171.28.10

150.171.27.10
8.8.8.8:53

234.171.185.192.in-addr.arpa

dns

74 B
120 B
1
1

DNS Request

234.171.185.192.in-addr.arpa
8.8.8.8:53

fsbtv.contempi.su

dns

msedge.exe

63 B
95 B
1
1

DNS Request

fsbtv.contempi.su

DNS Response

104.21.55.27

172.67.144.37
8.8.8.8:53

cjby.maktated.ru

dns

msedge.exe

62 B
94 B
1
1

DNS Request

cjby.maktated.ru

DNS Response

104.21.23.73

172.67.209.199
8.8.8.8:53

a.nel.cloudflare.com

dns

msedge.exe

66 B
82 B
1
1

DNS Request

a.nel.cloudflare.com

DNS Response

35.190.80.1
8.8.8.8:53

27.55.21.104.in-addr.arpa

dns

71 B
133 B
1
1

DNS Request

27.55.21.104.in-addr.arpa
35.190.80.1:443

a.nel.cloudflare.com

https

msedge.exe

1.7kB
3.9kB
4
6
8.8.8.8:53

code.jquery.com

dns

msedge.exe

61 B
125 B
1
1

DNS Request

code.jquery.com

DNS Response

151.101.194.137

151.101.130.137

151.101.66.137

151.101.2.137
8.8.8.8:53

challenges.cloudflare.com

dns

msedge.exe

71 B
103 B
1
1

DNS Request

challenges.cloudflare.com

DNS Response

104.18.95.41

104.18.94.41
8.8.8.8:53

cdnjs.cloudflare.com

dns

msedge.exe

66 B
98 B
1
1

DNS Request

cdnjs.cloudflare.com

DNS Response

104.17.25.14

104.17.24.14
8.8.8.8:53

apps.identrust.com

dns

msedge.exe

64 B
165 B
1
1

DNS Request

apps.identrust.com

DNS Response

173.222.211.58

173.222.211.8
8.8.8.8:53

73.23.21.104.in-addr.arpa

dns

71 B
133 B
1
1

DNS Request

73.23.21.104.in-addr.arpa
8.8.8.8:53

1.80.190.35.in-addr.arpa

dns

70 B
120 B
1
1

DNS Request

1.80.190.35.in-addr.arpa
8.8.8.8:53

41.95.18.104.in-addr.arpa

dns

71 B
133 B
1
1

DNS Request

41.95.18.104.in-addr.arpa
8.8.8.8:53

137.194.101.151.in-addr.arpa

dns

74 B
134 B
1
1

DNS Request

137.194.101.151.in-addr.arpa
8.8.8.8:53

14.25.17.104.in-addr.arpa

dns

71 B
133 B
1
1

DNS Request

14.25.17.104.in-addr.arpa
8.8.8.8:53

58.211.222.173.in-addr.arpa

dns

73 B
139 B
1
1

DNS Request

58.211.222.173.in-addr.arpa
224.0.0.251:5353

580 B
9
8.8.8.8:53

13.86.106.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

13.86.106.20.in-addr.arpa
8.8.8.8:53

cdn.socket.io

dns

msedge.exe

59 B
166 B
1
1

DNS Request

cdn.socket.io

DNS Response

18.245.187.80

18.245.187.34

18.245.187.127

18.245.187.88
8.8.8.8:53

github.com

dns

msedge.exe

56 B
72 B
1
1

DNS Request

github.com

DNS Response

20.26.156.215
8.8.8.8:53

www.google.com

dns

msedge.exe

60 B
76 B
1
1

DNS Request

www.google.com

DNS Response

142.250.179.68
8.8.8.8:53

80.187.245.18.in-addr.arpa

dns

72 B
128 B
1
1

DNS Request

80.187.245.18.in-addr.arpa
8.8.8.8:53

68.179.250.142.in-addr.arpa

dns

73 B
111 B
1
1

DNS Request

68.179.250.142.in-addr.arpa
8.8.8.8:53

215.156.26.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

215.156.26.20.in-addr.arpa
8.8.8.8:53

objects.githubusercontent.com

dns

msedge.exe

75 B
139 B
1
1

DNS Request

objects.githubusercontent.com

DNS Response

185.199.111.133

185.199.108.133

185.199.110.133

185.199.109.133
8.8.8.8:53

ok4static.oktacdn.com

dns

msedge.exe

67 B
174 B
1
1

DNS Request

ok4static.oktacdn.com

DNS Response

108.156.39.22

108.156.39.118

108.156.39.24

108.156.39.60
8.8.8.8:53

133.111.199.185.in-addr.arpa

dns

74 B
118 B
1
1

DNS Request

133.111.199.185.in-addr.arpa
8.8.8.8:53

6.39.156.108.in-addr.arpa

dns

71 B
127 B
1
1

DNS Request

6.39.156.108.in-addr.arpa
8.8.8.8:53

22.39.156.108.in-addr.arpa

dns

72 B
129 B
1
1

DNS Request

22.39.156.108.in-addr.arpa
8.8.8.8:53

163.214.58.216.in-addr.arpa

dns

73 B
171 B
1
1

DNS Request

163.214.58.216.in-addr.arpa
8.8.8.8:53

get.geojs.io

dns

msedge.exe

58 B
106 B
1
1

DNS Request

get.geojs.io

DNS Response

172.67.70.233

104.26.0.100

104.26.1.100
8.8.8.8:53

j8cl0.vanishment.ru

dns

msedge.exe

65 B
97 B
1
1

DNS Request

j8cl0.vanishment.ru

DNS Response

104.21.29.197

172.67.149.187
8.8.8.8:53

197.29.21.104.in-addr.arpa

dns

72 B
134 B
1
1

DNS Request

197.29.21.104.in-addr.arpa
8.8.8.8:53

233.70.67.172.in-addr.arpa

dns

72 B
134 B
1
1

DNS Request

233.70.67.172.in-addr.arpa
8.8.8.8:53

aadcdn.msauthimages.net

dns

msedge.exe

69 B
210 B
1
1

DNS Request

aadcdn.msauthimages.net

DNS Response

152.199.21.175
8.8.8.8:53

175.21.199.152.in-addr.arpa

dns

73 B
144 B
1
1

DNS Request

175.21.199.152.in-addr.arpa
8.8.8.8:53

26.165.165.52.in-addr.arpa

dns

72 B
146 B
1
1

DNS Request

26.165.165.52.in-addr.arpa
8.8.8.8:53

198.187.3.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

198.187.3.20.in-addr.arpa
8.8.8.8:53

44.56.20.217.in-addr.arpa

dns

71 B
131 B
1
1

DNS Request

44.56.20.217.in-addr.arpa

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
e4f80e7950cbd3bb11257d2000cb885e

SHA1
10ac643904d539042d8f7aa4a312b13ec2106035

SHA256
1184ee8d32d0edecddd93403fb888fad6b3e2a710d37335c3989cc529bc08124

SHA512
2b92c9807fdcd937e514d4e7e1cc7c2d3e3aa162099b7289ceac2feea72d1a4afbadf1c09b3075d470efadf9a9edd63e07ea7e7a98d22243e45b3d53473fa4f0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
2dc1a9f2f3f8c3cfe51bb29b078166c5

SHA1
eaf3c3dad3c8dc6f18dc3e055b415da78b704402

SHA256
dcb76fa365c2d9ee213b224a91cdd806d30b1e8652d72a22f2371124fa4479fa

SHA512
682061d9cc86a6e5d99d022da776fb554350fc95efbf29cd84c1db4e2b7161b76cd1de48335bcc3a25633079fb0bd412e4f4795ed6291c65e9bc28d95330bb25

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
264B

MD5
791b331518e7cba5b4767d4549f53346

SHA1
6e2cf452560738dce5260c3777ee086ae8592e7b

SHA256
e1e201443d3b76033a0ee5185ceba4476f5dbd59384a8a703328e95961d71c48

SHA512
3e62ff8179b865851e4c164ae7c6ea365a942ef8ed78be389bd182c3720ef7f48357126762fa108f98646a00dc0b59bac6f124ae74fe06e05901e711b3f14ec1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
807419ca9a4734feaf8d8563a003b048

SHA1
a723c7d60a65886ffa068711f1e900ccc85922a6

SHA256
aa10bf07b0d265bed28f2a475f3564d8ddb5e4d4ffee0ab6f3a0cc564907b631

SHA512
f10d496ae75db5ba412bd9f17bf0c7da7632db92a3fabf7f24071e40f5759c6a875ad8f3a72bad149da58b3da3b816077df125d0d9f3544adba68c66353d206c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
a7e8295c039551151f467771b930d971

SHA1
a62698a6957a6b83c9f00882f59a0113aa83fa5b

SHA256
143987240bed0139099a13ebf5a6cf11f3971972ca869563a48769f4bd2c1899

SHA512
a0c80a1353ebdd6f956c682bd98c8a951c09b13cfb16ffb101ce8cfa958a2baf56fe4699ec3472ecd8f9899722b699b95d0b0e10e3bfa2f95ff231cb40df90be

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
89d7fe44b55e13779e73f47795f3af6c

SHA1
83fa98479e22ecc223616dd5b8bf7600973d9965

SHA256
de804537e51273fad04ccd5b452c406f0b9059806e9b74bc908e7b4498501bb9

SHA512
e675d15951a24792f4bed6c68822bbe011529115241f5ba229e51ca8a6a7e49afd2c882dc86936841c8dc639e437356591286689606de8b2f6001da239bf9875

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
873B

MD5
39053656b454fb08a2e25b71b67e3eab

SHA1
496fb7a71fd60a7c78b302fed6e7330ed9b7e10a

SHA256
ba2e42cfa45e5dcaab5155782fb795b379432ac08afa4ba7fd994c73837d9067

SHA512
faea785651cf9216984d39f6338e10a5935d62b33a84001c760cabf464a56c2ac1661ebc624456c600056b3912bdaebc1ade51ed95ae706cf152da78c73457dd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe582083.TMP

Filesize
204B

MD5
a92f2ea73bb1f3baa5508ffb1a9b986e

SHA1
8b808a7298783f6cf821f77deb71b0c4e3395f36

SHA256
bde68014870d57f0776bc3b79cbaad0643f314e302da13460990bcfc1c477d64

SHA512
ec35eb8b58a8abe2de4c9913eba84696b97f2291f2432e4e786f79899a134ca091316261d99088aaca92bacaf469cdd631d9031ef7d20cabb46d36cfe9a07a8d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
96b6e2b8c04bc34059c14aeae7f8343a

SHA1
20bf1bf6c649398a0f41fc0cd36d45579bac8f54

SHA256
e935a497e8d1bde44fe4308f6a81bf978ede7e96577b7dbc35f978752c4df313

SHA512
433c36231238f1711b8c758aa4bed6ac30a644e0c5270e2691121dd7c41bbab1173b556efda6299caa3216748f38029bd82e5817299b59fa60d1f45ab513e14e

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Response