8.8.8.8:53

8.8.8.8:53

172.67.171.93:80

GET /bforslund@montrose-env.com HTTP/1.1
Host: bsif64.farmboyusa.com
Connection: keep-alive
DNT: 1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

HTTP/1.1 301 Moved Permanently
Date: Mon, 06 Jan 2025 17:26:42 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 06 Jan 2025 18:26:42 GMT
Location: https://bsif64.farmboyusa.com/bforslund@montrose-env.com
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9xMKslcj7CRziR%2FXG8NqOzZQR25WAmXPjDgm3DTjNiqsO4RWwQQHA4o9Hgqjk1AK2z5NFfF7s5eH6ionfcVgctDQcY6k3Zfk5jwsjI5S3b1jsXtjF01qEXsZN7YqbYoCXxNitaFfZWE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8fdd6a23e85c77a2-LHR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=48677&min_rtt=48677&rtt_var=24338&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=479&delivery_rate=0&cwnd=242&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

172.67.171.93:443

GET /bforslund@montrose-env.com HTTP/2.0
host: bsif64.farmboyusa.com
dnt: 1
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 302
date: Mon, 06 Jan 2025 17:26:43 GMT
content-type: text/html; charset=utf-8
location: https://login-microsoftonline.bossdesk.org/pjdsuJPvysi3649X03NiVt6BiCA7E1zbecFqJ5SFycLOn35LnVZpS4M6feAghFWcpd3DOKIafqJjM7tzHdqIo4To51lxa6XtaWCUhFWY3k1izNycaTN7pULmOUVF5SsJmb#C0Y0JnVxanNkdDBENCYxMyYxMyZCMSZDNCY6MyY5MyZpdGJJb3BqdWJkcE1ob2p0VmVicG1mczEzJkU0JjEzJmVicG1vcC94cGVvangxMyYxMyYxMyYxMyZCMSZFOCYxMyYxMyYxMyYxMyZCMSZDNCYzMyZucGQvd29mLmZ0cHN1b3BuQWVvdm10c3BnYzMzJjEzJkU0JjEzJml0Ymkvb3BqdWJkcG0veHBlb2p4MTMmMTMmMTMmMTMmMTMmMTMmQjEmQzgmMTMmRjQmRTQmMTMmOjMmOTMmMTMmRTQmMTMmaXRiSW9wanViZHBNaG9qdFZlYnBtZnMxMyZ1dG9wZDEzJjEzJjEzJjEzJkIxJkY0JjMzJnVxanNkdGJ3YmszMyZFNCZob2JtMTMmdXFqc2R0RDQmMTMmQjEmRjQmdXFqc2R0MEQ0JjEzJkY0JjMzJnRrL2JpZHVxYmQwbnBkL3tmc2J2a2dmanQveHh4MDBCNCZ0cXV1aTMzJkU0JmRzdDEzJnVxanNkdEQ0Jgs
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: 0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X6mS43zHAs4KwfLhyPO3iaazUEA%2BwmlvuRT8ne0Gaj%2BLqyodF20y3IWwXwUR7j%2FCvWMW7AVW22mDRL9iDN9sgF7udP5Vh6POMkwpVRWmDTcEGzO8lXLQ683l%2BFBeIuYENZiD7Hr%2BxpU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fdd6a250e3594f0-LHR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=47533&min_rtt=46931&rtt_var=13826&sent=6&recv=8&lost=0&retrans=0&sent_bytes=2823&recv_bytes=1186&delivery_rate=57829&cwnd=252&unsent_bytes=0&cid=15eb3b58ba407cb1&ts=357&x=0"

172.67.171.93:443

GET /A/bforslund@montrose-env.com HTTP/2.0
host: swy8r6.farmboyusa.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
referer: https://login-microsoftonline.bossdesk.org/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 302
date: Mon, 06 Jan 2025 17:26:51 GMT
content-type: text/html; charset=utf-8
location: https://login-microsoftonline.bossdesk.org/ZipXFcJzO2hlYLKZxcoqgknkAxhhYVzUhyvzp5lWH4fHTK1DRYUdXCqVnWIcDZUOalUNmzA9tgnmi1F1NZg2Lojfsg1cpOyoyILX5rssaAZ1M6xSRGlEWzmJMXUdPyVYIu#C0Y0JnVxanNkdDBENCYxMyYxMyZCMSZDNCY6MyY5MyZpdGJJb3BqdWJkcE1ob2p0VmVicG1mczEzJkU0JjEzJmVicG1vcC94cGVvangxMyYxMyYxMyYxMyZCMSZFOCYxMyYxMyYxMyYxMyZCMSZDNCYzMyZucGQvd29mLmZ0cHN1b3BuQWVvdm10c3BnYzMzJjEzJkU0JjEzJml0Ymkvb3BqdWJkcG0veHBlb2p4MTMmMTMmMTMmMTMmMTMmMTMmQjEmQzgmMTMmRjQmRTQmMTMmOjMmOTMmMTMmRTQmMTMmaXRiSW9wanViZHBNaG9qdFZlYnBtZnMxMyZ1dG9wZDEzJjEzJjEzJjEzJkIxJkY0JjMzJnVxanNkdGJ3YmszMyZFNCZob2JtMTMmdXFqc2R0RDQmMTMmQjEmRjQmdXFqc2R0MEQ0JjEzJkY0JjMzJnRrL3lmZW9qMG5wZC97ZnNidmtnZmp0L3h4eDAwQjQmdHF1dWkzMyZFNCZkc3QxMyZ1cWpzZHRENCYL
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: 0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qeci6Zsqm1yLZBV38vf4eYQHA%2BMcHLzjsga6QhTuSsfbP565kTd0dp4%2Fxp6qj5s0TnMl8HGDqaF%2BomqIoUR%2Bt623ufHTslXklXM0XvSlReDjh%2BlxuCgJS3Bsp7s%2BsdJ%2FEgh5fOyMBPY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fdd6a5c5ff394f0-LHR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=47450&min_rtt=46931&rtt_var=7921&sent=11&recv=11&lost=0&retrans=0&sent_bytes=5734&recv_bytes=1319&delivery_rate=114951&cwnd=256&unsent_bytes=0&cid=15eb3b58ba407cb1&ts=9227&x=0"

8.8.8.8:53

172.66.47.10:443

GET /pjdsuJPvysi3649X03NiVt6BiCA7E1zbecFqJ5SFycLOn35LnVZpS4M6feAghFWcpd3DOKIafqJjM7tzHdqIo4To51lxa6XtaWCUhFWY3k1izNycaTN7pULmOUVF5SsJmb HTTP/2.0
host: login-microsoftonline.bossdesk.org
dnt: 1
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 200
date: Mon, 06 Jan 2025 17:26:43 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qpc28hZj%2BOdvqqpSOD3MUYrFj8%2FwRD9cFZJpU5m%2BraCCEaRbV1io4i8AxTSudrAYo%2F3KxIBqqm%2FPyqw2XU6t8xdaratb6%2FsLbNIzOBGvkTFjQOOEforPJbm2291pu0Vxz3lTvtDb3g%2Fm4JNTqXQaOfdiLd7p"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fdd6a285d7f8873-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=47187&min_rtt=47138&rtt_var=13355&sent=6&recv=8&lost=0&retrans=0&sent_bytes=2819&recv_bytes=1279&delivery_rate=57563&cwnd=252&unsent_bytes=0&cid=55cde6b76dc4b964&ts=176&x=0"

172.66.47.10:443

GET /favicon.ico HTTP/2.0
host: login-microsoftonline.bossdesk.org
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://login-microsoftonline.bossdesk.org/pjdsuJPvysi3649X03NiVt6BiCA7E1zbecFqJ5SFycLOn35LnVZpS4M6feAghFWcpd3DOKIafqJjM7tzHdqIo4To51lxa6XtaWCUhFWY3k1izNycaTN7pULmOUVF5SsJmb
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 200
date: Mon, 06 Jan 2025 17:26:44 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZdbjVRc8DCrmQ%2FDNmm5e5NXGnIy6VqPGTWdhuGeNBZFKL%2BRZcRBkh0BxX2tuX%2FQkfV3JpIu89PKlCIsXTkiux0DjT4It%2FtgGlvz%2FyRZ0oNPqiBp9dfMNRKNuq1QPFnUynA2kokgL4XLinFkVfzWBALqE3BfZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fdd6a329a368873-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=53750&min_rtt=47138&rtt_var=20425&sent=10&recv=11&lost=0&retrans=0&sent_bytes=3919&recv_bytes=1540&delivery_rate=57563&cwnd=255&unsent_bytes=0&cid=55cde6b76dc4b964&ts=1744&x=0"

172.66.47.10:443

GET /ZipXFcJzO2hlYLKZxcoqgknkAxhhYVzUhyvzp5lWH4fHTK1DRYUdXCqVnWIcDZUOalUNmzA9tgnmi1F1NZg2Lojfsg1cpOyoyILX5rssaAZ1M6xSRGlEWzmJMXUdPyVYIu HTTP/2.0
host: login-microsoftonline.bossdesk.org
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
referer: https://login-microsoftonline.bossdesk.org/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 200
date: Mon, 06 Jan 2025 17:26:51 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yhSX4nh0N4vW2LHkODGN6Cqhwv7Ruk4%2B1Fk4ustw91h4ToymunCB0lxykteURBSFMtai7m%2B5fhOrD1ljAHYjpKnzvPIjOqwZl8dv0dNfY75V%2FSftxGzXg%2BI1L8627QIa1nOrHbQpWxbLzxw0iSiPxD3AA%2BgS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fdd6a5eac508873-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=52712&min_rtt=47138&rtt_var=13288&sent=15&recv=14&lost=0&retrans=0&sent_bytes=4791&recv_bytes=1740&delivery_rate=109889&cwnd=257&unsent_bytes=0&cid=55cde6b76dc4b964&ts=8803&x=0"

172.66.47.10:443

GET /favicon.ico HTTP/2.0
host: login-microsoftonline.bossdesk.org
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://login-microsoftonline.bossdesk.org/ZipXFcJzO2hlYLKZxcoqgknkAxhhYVzUhyvzp5lWH4fHTK1DRYUdXCqVnWIcDZUOalUNmzA9tgnmi1F1NZg2Lojfsg1cpOyoyILX5rssaAZ1M6xSRGlEWzmJMXUdPyVYIu
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 200
date: Mon, 06 Jan 2025 17:26:52 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k8DCv9RIIm0j1xm%2Bfdb8BL3P7SsjhBq4naWE87MjKPEUN6d6iYDugAOdjS5CSNSJZxbJLD7msnZqw7qgSQiLlKTYGsOP%2B4zSiLxnbGEcAxKTngrGiiKLq7ysNXwiFUn%2B6dAoCxYkDf%2F2FkJpKG1lzUaoJnVI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fdd6a63baae8873-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=52273&min_rtt=47138&rtt_var=8190&sent=20&recv=17&lost=0&retrans=0&sent_bytes=5661&recv_bytes=1938&delivery_rate=109889&cwnd=257&unsent_bytes=0&cid=55cde6b76dc4b964&ts=9626&x=0"

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

172.66.47.10:443

GET /captcha.js HTTP/2.0
host: www.siefjuarez.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
intervention: <https://permanently-removed.invalid/feature/5718547946799104>; level="warning"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://login-microsoftonline.bossdesk.org/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 200
date: Mon, 06 Jan 2025 17:26:43 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"f2eb4e339d876432bf78458ccdbb6aa9"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SuLtIAVk1jh%2Fa9Z6M9lq2dzxs0bkEtM%2BCUAiYsQ7l6brgko2NdR5TIMShuKhgYdWzUl1WEl0nUys%2Bgcta5X2YRGGYIoxQlnLFmmYVb6pX%2BCNDF2N3UYXYaphCryF2ZX9hxCAa3k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fdd6a2b6be9f654-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=48843&min_rtt=46845&rtt_var=18994&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2805&recv_bytes=1121&delivery_rate=57935&cwnd=251&unsent_bytes=0&cid=53cc2478d0b92978&ts=99&x=0"

172.66.47.10:443

GET /index.js HTTP/2.0
host: www.siefjuarez.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
intervention: <https://permanently-removed.invalid/feature/5718547946799104>; level="warning"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://login-microsoftonline.bossdesk.org/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 200
date: Mon, 06 Jan 2025 17:26:52 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"3d5cf3216d60da009da3b889449eaaea"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zAU9Zcoo4DRnAFh0ssSh65iijUVIiLhXb79Uui6O9IcgNfd%2B54Am5twsyE%2FZLDEuDuavf0DsKx6AG1Ld6Eq%2FM%2FMUVk9CIacZL5rE2fD0SktuEuL9rQvSTd5I38tytp%2BVqOecbwI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fdd6a6138a0f654-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=58266&min_rtt=46845&rtt_var=14480&sent=25&recv=23&lost=0&retrans=0&sent_bytes=16204&recv_bytes=1212&delivery_rate=296618&cwnd=257&unsent_bytes=0&cid=53cc2478d0b92978&ts=8695&x=0"

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

104.18.95.41:443

GET /turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP/2.0
host: challenges.cloudflare.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://login-microsoftonline.bossdesk.org/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 302
date: Mon, 06 Jan 2025 17:26:44 GMT
content-length: 0
access-control-allow-origin: *
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=300, public
cross-origin-resource-policy: cross-origin
location: /turnstile/v0/g/849bfe45bf45/api.js
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fdd6a2d3adbef46-LHR
alt-svc: h3=":443"; ma=86400

104.18.95.41:443

GET /turnstile/v0/g/849bfe45bf45/api.js HTTP/2.0
host: challenges.cloudflare.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://login-microsoftonline.bossdesk.org/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 200
date: Mon, 06 Jan 2025 17:26:44 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 02 Jan 2025 13:52:36 GMT
cache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fdd6a2f8a4bef46-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400

104.18.95.41:443

GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/e1cua/0x4AAAAAAA2FHkcYSBQqAh4m/auto/fbE/normal/auto/ HTTP/2.0
host: challenges.cloudflare.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://login-microsoftonline.bossdesk.org/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 200
date: Mon, 06 Jan 2025 17:26:44 GMT
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
origin-agent-cluster: ?1
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
referrer-policy: same-origin
document-policy: js-profiling
server: cloudflare
cf-ray: 8fdd6a2ffbbbef46-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400

104.18.95.41:443

GET /cdn-cgi/challenge-platform/h/g/cmg/1 HTTP/2.0
host: challenges.cloudflare.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/e1cua/0x4AAAAAAA2FHkcYSBQqAh4m/auto/fbE/normal/auto/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 200
date: Mon, 06 Jan 2025 17:26:44 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: cloudflare
cf-ray: 8fdd6a310edaef46-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400

104.18.95.41:443

GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8fdd6a2ffbbbef46&lang=auto HTTP/2.0
host: challenges.cloudflare.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/e1cua/0x4AAAAAAA2FHkcYSBQqAh4m/auto/fbE/normal/auto/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 200
date: Mon, 06 Jan 2025 17:26:44 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 8fdd6a30feb8ef46-LHR
alt-svc: h3=":443"; ma=86400

104.18.95.41:443

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/2028460678:1736180298:xklaS1tEciMCtYc_DCkr0RBH8StEcCXn0PrAnm8WhUI/8fdd6a2ffbbbef46/l02HiWhp8hszLg08SP6MG_VZ2AdNVne8ixn.Fxj84Gg-1736184404-1.1.1.1-nHkosFtuXCaQTC00bbvaZHGWAdG1GV6YpHPc5WQ9Z4SI_VV.Arg_0LRDtl0e98wD HTTP/2.0
host: challenges.cloudflare.com
content-length: 3854
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
cf-chl-retryattempt: 0
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
cf-challenge: l02HiWhp8hszLg08SP6MG_VZ2AdNVne8ixn.Fxj84Gg-1736184404-1.1.1.1-nHkosFtuXCaQTC00bbvaZHGWAdG1GV6YpHPc5WQ9Z4SI_VV.Arg_0LRDtl0e98wD
content-type: application/x-www-form-urlencoded
accept: */*
origin: https://challenges.cloudflare.com
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/e1cua/0x4AAAAAAA2FHkcYSBQqAh4m/auto/fbE/normal/auto/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 200
date: Mon, 06 Jan 2025 17:26:44 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: Bbx5DmEzWdVTXY2X5qVS+gTF6yUqWJ69iBpB6idT2WCwD6LC/lwwr+O+pGjOnyHdaiZ4RPrqLi/KrPCxzFOLJkznTsU1BH30xXPbDQJlCHQRoYa8oiTUA7zYBVvln3mAC3ipXC8KX4ouwc2SVUefzVW8JTF7uLLfo4fcKMimGHG6TSkT1FDkzgiHSKz6y3MeEj2vrcXnWfc4Kid5OLqR/3pPr7qMOIiOKhO+k6qNngzRj88G/Gm4qgdOhoYCiLzE9Mn+VN8E7FygUSDhOqLyt04+TeIyeFDyRHRZwsrXuo4/TxnGpDoCa9QtD6cmW6cUT+fDJCWNMQlInuxqNmI364HoRumKbA4ZAxvrI1LTJSTjXt+elGr14sGOHslvh9tcT6E8JxZmXw4fQRRPx57+uOx8idThgRiTfcnijLu6JTaOf4UQ/PGayWfkqfFvW71VHkkW537BrZdHcogMImnswZBOykeC$DZwprQ5XouMWhz0i
server: cloudflare
cf-ray: 8fdd6a328b65ef46-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400

104.18.95.41:443

GET /cdn-cgi/challenge-platform/h/g/i/8fdd6a2ffbbbef46/1736184404899/3Hkje4f1dIXXJ-B HTTP/2.0
host: challenges.cloudflare.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/e1cua/0x4AAAAAAA2FHkcYSBQqAh4m/auto/fbE/normal/auto/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 200
date: Mon, 06 Jan 2025 17:26:46 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 8fdd6a3a0c8fef46-LHR
alt-svc: h3=":443"; ma=86400

104.18.95.41:443

GET /cdn-cgi/challenge-platform/h/g/pat/8fdd6a2ffbbbef46/1736184404900/1edb60493e3595cc042976429fb35ff7677fa6db5097e38289d191f6af14d224/cuXWAmBLjaHQ4f9 HTTP/2.0
host: challenges.cloudflare.com
cache-control: max-age=0
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/e1cua/0x4AAAAAAA2FHkcYSBQqAh4m/auto/fbE/normal/auto/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 401
date: Mon, 06 Jan 2025 17:26:46 GMT
content-type: text/plain; charset=utf-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gHttgST41lcwEKXZCn7Nf92d_pttQl-OCidGR9q8U0iQAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAscjm_UO_k901rNdCKgLw5bvI4i6M_jDNCIXpfs2LRbtxwLOrUyplqVvML_hVlB5tIDMuj0ihhaOFHose-Y0_UjQnNUGE_vol46VvGgscTMtTjU4xINriap8AMTIygvljEBt6my-nBwkUGhY3U9v5iKC-eWR5bTfvrqFsuIVxafkSfhHqDXB4KLGNjvOOV71GGJ9x4yxA-C2OcULZ1uDDKuvAaMhuiWdF6OzSTXruP9yPg1vmuteavOW1re0YDbCbtK16PhHdSzWym7v_FrvId-2zf26j50FlTd_vl_DcKNDVCgWDoU0uX3cU6V3rSQoVXREEqPr-2ywSGru8ZuXRoQIDAQAB", max-age=20, PrivateToken challenge="AAIAHXNhdC5wYXQtaXNzdWVyLmNsb3VkZmxhcmUuY29tIB7bYEk-NZXMBCl2Qp-zX_dnf6bbUJfjgonRkfavFNIkABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAsLS4HBnLGydwK-bLQGRCaoyMsrXBRrDgQVmxS06j3UF0nYSd6GdTGCKIu1WV60eg-tJtTttfEVq7wHVQf4vzjYBidmCh88ebzxKv2GB6PESSodf5MsEup9xd5dxpkYScgL1CCJq89kRrOQ_CS61bvkL_oGyZf4ffqG5THgaOsopqj8dFLH6_SMy9yf8EgMYqpyjxfKsD-1_qb1m1DRjJEKPWKIGwmHXIKQJUqsxZFm4_Inwkxx7QMpVP4GyqlTxFVz7stWwJRSkMLHjEM_IWLUYfPhuwIUVqmRjGsY1n8flA1bRfxaWHNDxoi25-M2BKTP9NkNNJBbTKErhrZ9LGywIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIB7bYEk-NZXMBCl2Qp-zX_dnf6bbUJfjgonRkfavFNIkABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA0Bg4_P76wfMEmDzHK9N8yyWImWxay1z7HPRnKoNyIW_Kt8Rk4JPinNDLa3LlBgTYMoR4v3RICP4X4zaAzY3cxkst6Rpr-Py-3J7VIv4tDxbhYpyAJpzUm3uLOHmGHY_CoipSic72M1Fa_ltrFceiOzvXMAMmq9kyyOOtf9OkrAyjZjlUWJke61DQJEIuvkzoa1TZ0vzYhu0Tk_PmJkQB7g-FiJne2dp-7uJFizTT0oatWJgKSOcI9bZpT__32BhyfyCjE-1JMrNXglwYWKaIdnnmWh-1b9zPsCSav_GOwSPUyhyqOykRladYl-k7vKxZJ2AtvfObQaF5muLp21p9sQIDAQAB", max-age=20
server: cloudflare
cf-ray: 8fdd6a3b793fef46-LHR
alt-svc: h3=":443"; ma=86400

104.18.95.41:443

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/2028460678:1736180298:xklaS1tEciMCtYc_DCkr0RBH8StEcCXn0PrAnm8WhUI/8fdd6a2ffbbbef46/l02HiWhp8hszLg08SP6MG_VZ2AdNVne8ixn.Fxj84Gg-1736184404-1.1.1.1-nHkosFtuXCaQTC00bbvaZHGWAdG1GV6YpHPc5WQ9Z4SI_VV.Arg_0LRDtl0e98wD HTTP/2.0
host: challenges.cloudflare.com
content-length: 30266
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
cf-chl-retryattempt: 0
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
cf-challenge: l02HiWhp8hszLg08SP6MG_VZ2AdNVne8ixn.Fxj84Gg-1736184404-1.1.1.1-nHkosFtuXCaQTC00bbvaZHGWAdG1GV6YpHPc5WQ9Z4SI_VV.Arg_0LRDtl0e98wD
content-type: application/x-www-form-urlencoded
accept: */*
origin: https://challenges.cloudflare.com
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/e1cua/0x4AAAAAAA2FHkcYSBQqAh4m/auto/fbE/normal/auto/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 200
date: Mon, 06 Jan 2025 17:26:46 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: E7CuZryjXm8k6RP4e8ZXPtoydOD9qZUtBp7OAuOH1JBwNv/4ZlDgjfdf+Y6UQF+611c=$JVT2oRwoi+f8KN4/
server: cloudflare
cf-ray: 8fdd6a3d6f97ef46-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400

104.18.95.41:443

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/2028460678:1736180298:xklaS1tEciMCtYc_DCkr0RBH8StEcCXn0PrAnm8WhUI/8fdd6a2ffbbbef46/l02HiWhp8hszLg08SP6MG_VZ2AdNVne8ixn.Fxj84Gg-1736184404-1.1.1.1-nHkosFtuXCaQTC00bbvaZHGWAdG1GV6YpHPc5WQ9Z4SI_VV.Arg_0LRDtl0e98wD HTTP/2.0
host: challenges.cloudflare.com
content-length: 32568
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
cf-chl-retryattempt: 0
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
cf-challenge: l02HiWhp8hszLg08SP6MG_VZ2AdNVne8ixn.Fxj84Gg-1736184404-1.1.1.1-nHkosFtuXCaQTC00bbvaZHGWAdG1GV6YpHPc5WQ9Z4SI_VV.Arg_0LRDtl0e98wD
content-type: application/x-www-form-urlencoded
accept: */*
origin: https://challenges.cloudflare.com
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/e1cua/0x4AAAAAAA2FHkcYSBQqAh4m/auto/fbE/normal/auto/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 200
date: Mon, 06 Jan 2025 17:26:50 GMT
content-type: text/html; charset=UTF-8
cf-chl-out-s: 5wT/z/cy1xam+iIn5OiDllIiincovFwaKCHYB/rwuazTZmhzCz5Qn8K5fLrhamajZGW28//hD8u5u1JBafUKx462La9HRV9gjMNGAx+dFsEj21Z1OuOAb6xfaR/p7Lo8XYuI21SicC/VDRp+skpGkKZg0dNSLV+HzRZMRkxs4HaOC2EqAyvFdWZnhXELPJwcP0pbuY5brP/BxMqFEvem6l3Qwyjcq97nw53IbHP+YS8nhCzIPVErZeNE5uCFj0NIPy6WhCj6r7xil0cIgRB1YDq6nogJdt3EWqXzTnvchYpsCwtoCjUNz6jAl4pUM4XdWwgvugtVnu5aiK/dJy+LyjWonWx2uxrfukONMgpmPv7DuQPDAMtdympKdHRecg5P/QoVjazWNSGzocv4ewknGpPDwwSbXPVlP4REUerDK2AhUO/NPfj6TNC2zCdnu1qrk+wgPkkQrrwpWLZBuajMQDWczLOmim+qeWLHCvKrtmyR7k8x6J8kmNTpIiJ1dd9mw2SuAwBRurpjNp07Lae0FuHOLCv5zO1XmqBpbUNYlBFHoQGZaDAPue9QVXjm4389ti/D8YHjjdRsv/3SmHMfNpYhVobR2Z4LaCzlTKMmHlte7SnQrcSvQ8ViiReVp1a6tQ+4tHAF0lx1DXCh9ZFWyxxUe3rg/9gRsBtxwGRJsrhJN2cvvVoLvMtwPNu72+saFWnXjhbFKp3b0PKirYnwhOoQ5mvu2FfBPaMm4hyD3m867e/ItSsMmxpX3UBFp6agpWPrSuG9QrI38TnEBQjuqHWyazzzV9r2Qi/pbE8CJHGU6bHZk6+EoBx9GARz4WLXn1zWownlorpbpWbae/nF21IREUSO/CyTyQbRb6jsNwLWN+NNJsvlfOD272EE3F7CN5GOXZJa0+ZCXFiY5uHb/p0PZrZNdY9wNR8kWvmsrgYwmeMmF4/e9R6vNkQ9axLIZLzNF6DxEqVVJodkJp7X7KRh6vTAXOLjaWDAT3bpOlcNYKofLDdh/mGss2aCjr31+VY0bISL9hRFpewEGhyaZouaIETJ+iPBSfh1DeKbqly25Tn5nr6qkuLT+jMWoijv9ODFSH1d8wIW8q999G5VV35qLfAahYID$R3qF0iZ8yLww+6Kx
cf-chl-out: S9UYYah/3Wa+LjCcYEMpFRRey0s26ApKJNLy0JFeFQjCdFhFR5oI5zedD9+xBBGXcUSDwH+w++GnAgFDuODhqZOopG4tMdpED8SwGm44Rw==$KCtPAcQdTxsXOrJ/
server: cloudflare
cf-ray: 8fdd6a54fdc7ef46-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400

104.19.230.21:443

GET /1/api.js HTTP/2.0
host: js.hcaptcha.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://login-microsoftonline.bossdesk.org/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 200
date: Mon, 06 Jan 2025 17:26:44 GMT
content-type: application/javascript
content-length: 48184
content-encoding: gzip
cache-control: max-age=300
etag: "180b69f6bf96d221e8ae6e915712d32f"
vary: accept-encoding
vary: Origin
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
accept-ranges: bytes
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
server: cloudflare
cf-ray: 8fdd6a2d48796442-LHR

104.19.230.21:443

GET /captcha/v1/b4956db/static/hcaptcha.html HTTP/2.0
host: newassets.hcaptcha.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://login-microsoftonline.bossdesk.org/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 200
date: Mon, 06 Jan 2025 17:26:44 GMT
content-type: text/html
cache-control: max-age=3600
vary: accept-encoding
vary: Origin
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: report-uri https://sentry.hcaptcha.com/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1;
server: cloudflare
cf-ray: 8fdd6a2e293a6442-LHR
content-encoding: br

104.19.230.21:443

POST /checksiteconfig?v=b4956db&host=login-microsoftonline.bossdesk.org&sitekey=234adb2f-52ba-4697-82fa-abecbb14b173&sc=1&swa=1&spst=0 HTTP/2.0
host: api2.hcaptcha.com
content-length: 0
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
accept: application/json
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain
origin: https://newassets.hcaptcha.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://newassets.hcaptcha.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 200
date: Mon, 06 Jan 2025 17:26:44 GMT
content-type: application/json
content-length: 772
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://newassets.hcaptcha.com
vary: Origin, Accept-Encoding
content-encoding: gzip
cf-cache-status: DYNAMIC
set-cookie: __cflb=0H28vk2VKwPbLoawFiy4sSqK1JbQoGkPQSsCrbBoVQR; SameSite=None; Secure; path=/; expires=Mon, 06-Jan-25 17:56:44 GMT; HttpOnly
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8fdd6a2fbaa26442-LHR
alt-svc: h3=":443"; ma=86400

104.19.230.21:443

GET /c/fe8bf5a16a9db504f8aba2aec3f8f5eb2c013bd8a80f6268abbae03fe760d754/hsw.js HTTP/2.0
host: newassets.hcaptcha.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://newassets.hcaptcha.com/captcha/v1/b4956db/static/hcaptcha.html
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 200
date: Mon, 06 Jan 2025 17:26:44 GMT
content-type: application/javascript
content-encoding: gzip
cache-control: max-age=3024000
etag: W/"b231d6ca7477c9dc56545e2dfec383bc"
vary: accept-encoding
vary: Origin
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8fdd6a304b516442-LHR

13.249.9.96:443

GET /files/icons/2796/metro_uinvert_dock/64/microsoft_new_logo_alt.png HTTP/2.0
host: findicons.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://login-microsoftonline.bossdesk.org/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 301
content-length: 0
location: https://images.freeimages.com/fic/images/icons/2796/metro_uinvert_dock/64/microsoft_new_logo_alt.png?ref=findicons
server: CloudFront
date: Fri, 03 Jan 2025 02:41:54 GMT
x-cache: Hit from cloudfront
via: 1.1 3d31b9207a0bab7982999e9846baee80.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG53-C1
x-amz-cf-id: S3umlH-BC2gvVPOur42CYQzOk3vHuJrcvruVo8g9Re4eSzRJ4YnMuw==
age: 312290

8.8.8.8:53

8.8.8.8:53

3.164.163.127:80

GET /rootg2.cer HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/10.0
Host: crt.rootg2.amazontrust.com

HTTP/1.1 200 OK
Content-Type: binary/octet-stream
Content-Length: 1145
Connection: keep-alive
Last-Modified: Thu, 02 Jan 2025 12:12:02 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: 8BDeZh_YQ77uc8Ttu_yUu.f3QcyIWl9E
Accept-Ranges: bytes
Server: AmazonS3
Date: Mon, 06 Jan 2025 14:16:37 GMT
ETag: "c6150925cfea5941ddc7ff2a0a506692"
X-Cache: Hit from cloudfront
Via: 1.1 b7c17dda962249acad4693c264f9df0e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG55-P3
X-Amz-Cf-Id: BeWSzAnATJ3aibaFccl91pXPc0zaCjpeTRpbxI0JA1shqYT08RvOkA==
Age: 11408

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

18.245.199.28:443

GET /fic/images/icons/2796/metro_uinvert_dock/64/microsoft_new_logo_alt.png?ref=findicons HTTP/2.0
host: images.freeimages.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://login-microsoftonline.bossdesk.org/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 200
content-type: image/png
content-length: 254
date: Mon, 08 Jul 2024 20:25:55 GMT
last-modified: Tue, 20 Dec 2022 05:17:19 GMT
etag: "57ab754695eb0a2c74201ecd6948c12f"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 80aba93d53aa5c566027db2247a3a1ee.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG55-P2
x-amz-cf-id: w4YnydmZwX0kLFU5sqE6YZcBtZUnu2W1heikQxm_FYudj07PMpif3g==
age: 15714049
x-xss-protection: 1; mode=block
x-frame-options: DENY
referrer-policy: origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

172.217.16.234:443

GET /ajax/libs/jquery/3.6.1/jquery.min.js HTTP/2.0
host: ajax.googleapis.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://login-microsoftonline.bossdesk.org/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

8.8.8.8:53

104.21.57.169:443

GET /6bc3218f-0083-4afe-aaa4-510712e1c21b/p5Qw9X8rN3.php HTTP/2.0
host: work.foundationacademy.su
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
accept: */*
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
origin: https://login-microsoftonline.bossdesk.org
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://login-microsoftonline.bossdesk.org/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 404
date: Mon, 06 Jan 2025 17:26:53 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=gke2oqvcdue45ga3q24cccohg8; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qGecYl5Ia4JfM6y773TMKWFpSRW16kSNV%2F6jxoSraWxLxy0yIH9yAJWBDKoKRJWP9ccJyJDaD4oeJAfTFsZqMM5vZOfzaoGAF8D9muo1%2BlVg%2FP303QWkAOrt%2BN6b30dcOnu07Ui7YWuAp9dH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fdd6a661f366334-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=50648&min_rtt=48088&rtt_var=15341&sent=6&recv=8&lost=0&retrans=0&sent_bytes=2822&recv_bytes=1149&delivery_rate=56438&cwnd=249&unsent_bytes=0&cid=8d239ae01d4b0133&ts=873&x=0"

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

35.190.80.1:443

OPTIONS /report/v4?s=qGecYl5Ia4JfM6y773TMKWFpSRW16kSNV%2F6jxoSraWxLxy0yIH9yAJWBDKoKRJWP9ccJyJDaD4oeJAfTFsZqMM5vZOfzaoGAF8D9muo1%2BlVg%2FP303QWkAOrt%2BN6b30dcOnu07Ui7YWuAp9dH HTTP/2.0
host: a.nel.cloudflare.com
origin: https://work.foundationacademy.su
access-control-request-method: POST
access-control-request-headers: content-type
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

35.190.80.1:443

POST /report/v4?s=qGecYl5Ia4JfM6y773TMKWFpSRW16kSNV%2F6jxoSraWxLxy0yIH9yAJWBDKoKRJWP9ccJyJDaD4oeJAfTFsZqMM5vZOfzaoGAF8D9muo1%2BlVg%2FP303QWkAOrt%2BN6b30dcOnu07Ui7YWuAp9dH HTTP/2.0
host: a.nel.cloudflare.com
content-length: 504
content-type: application/reports+json
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53