Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    840s
  • max time network
    845s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06/01/2025, 17:26 UTC

General

  • Target

    http://bsif64.farmboyusa.com/bforslund@montrose-env.com

Score
7/10

Malware Config

Signatures

  • A potential corporate email address has been identified in the URL: bforslund@montrose-env.com
  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 10 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 11 IoCs
  • Suspicious use of FindShellTrayWindow 25 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument http://bsif64.farmboyusa.com/bforslund@montrose-env.com
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:2384
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fffa5c046f8,0x7fffa5c04708,0x7fffa5c04718
      2⤵
        PID:5044
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2232,7824391110095271290,803145996269428826,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2212 /prefetch:2
        2⤵
          PID:4540
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2232,7824391110095271290,803145996269428826,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2236 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:2124
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2232,7824391110095271290,803145996269428826,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2856 /prefetch:8
          2⤵
            PID:744
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,7824391110095271290,803145996269428826,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3212 /prefetch:1
            2⤵
              PID:3688
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,7824391110095271290,803145996269428826,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3240 /prefetch:1
              2⤵
                PID:3680
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,7824391110095271290,803145996269428826,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4732 /prefetch:1
                2⤵
                  PID:2168
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,7824391110095271290,803145996269428826,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5084 /prefetch:1
                  2⤵
                    PID:3960
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,7824391110095271290,803145996269428826,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4812 /prefetch:1
                    2⤵
                      PID:4432
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,7824391110095271290,803145996269428826,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3448 /prefetch:1
                      2⤵
                        PID:1312
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,7824391110095271290,803145996269428826,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5940 /prefetch:1
                        2⤵
                          PID:1892
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,7824391110095271290,803145996269428826,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5672 /prefetch:1
                          2⤵
                            PID:4852
                          • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2232,7824391110095271290,803145996269428826,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6296 /prefetch:8
                            2⤵
                              PID:3712
                            • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2232,7824391110095271290,803145996269428826,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6296 /prefetch:8
                              2⤵
                              • Suspicious behavior: EnumeratesProcesses
                              PID:1716
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,7824391110095271290,803145996269428826,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5692 /prefetch:1
                              2⤵
                                PID:3144
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,7824391110095271290,803145996269428826,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6312 /prefetch:1
                                2⤵
                                  PID:4860
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,7824391110095271290,803145996269428826,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6056 /prefetch:1
                                  2⤵
                                    PID:4684
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2232,7824391110095271290,803145996269428826,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2120 /prefetch:2
                                    2⤵
                                    • Suspicious behavior: EnumeratesProcesses
                                    PID:1808
                                • C:\Windows\System32\CompPkgSrv.exe
                                  C:\Windows\System32\CompPkgSrv.exe -Embedding
                                  1⤵
                                    PID:2092
                                  • C:\Windows\System32\CompPkgSrv.exe
                                    C:\Windows\System32\CompPkgSrv.exe -Embedding
                                    1⤵
                                      PID:1776

                                    Network

                                    • flag-us
                                      DNS
                                      8.8.8.8.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      8.8.8.8.in-addr.arpa
                                      IN PTR
                                      Response
                                      8.8.8.8.in-addr.arpa
                                      IN PTR
                                      dnsgoogle
                                    • flag-us
                                      DNS
                                      bsif64.farmboyusa.com
                                      msedge.exe
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      bsif64.farmboyusa.com
                                      IN A
                                      Response
                                      bsif64.farmboyusa.com
                                      IN A
                                      172.67.171.93
                                      bsif64.farmboyusa.com
                                      IN A
                                      104.21.29.51
                                    • flag-us
                                      GET
                                      http://bsif64.farmboyusa.com/bforslund@montrose-env.com
                                      msedge.exe
                                      Remote address:
                                      172.67.171.93:80
                                      Request
                                      GET /bforslund@montrose-env.com HTTP/1.1
                                      Host: bsif64.farmboyusa.com
                                      Connection: keep-alive
                                      DNT: 1
                                      Upgrade-Insecure-Requests: 1
                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                      Accept-Encoding: gzip, deflate
                                      Accept-Language: en-US,en;q=0.9
                                      Response
                                      HTTP/1.1 301 Moved Permanently
                                      Date: Mon, 06 Jan 2025 17:26:42 GMT
                                      Content-Type: text/html
                                      Content-Length: 167
                                      Connection: keep-alive
                                      Cache-Control: max-age=3600
                                      Expires: Mon, 06 Jan 2025 18:26:42 GMT
                                      Location: https://bsif64.farmboyusa.com/bforslund@montrose-env.com
                                      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9xMKslcj7CRziR%2FXG8NqOzZQR25WAmXPjDgm3DTjNiqsO4RWwQQHA4o9Hgqjk1AK2z5NFfF7s5eH6ionfcVgctDQcY6k3Zfk5jwsjI5S3b1jsXtjF01qEXsZN7YqbYoCXxNitaFfZWE%3D"}],"group":"cf-nel","max_age":604800}
                                      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                      Vary: Accept-Encoding
                                      Server: cloudflare
                                      CF-RAY: 8fdd6a23e85c77a2-LHR
                                      alt-svc: h3=":443"; ma=86400
                                      server-timing: cfL4;desc="?proto=TCP&rtt=48677&min_rtt=48677&rtt_var=24338&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=479&delivery_rate=0&cwnd=242&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
                                    • flag-us
                                      GET
                                      https://bsif64.farmboyusa.com/bforslund@montrose-env.com
                                      msedge.exe
                                      Remote address:
                                      172.67.171.93:443
                                      Request
                                      GET /bforslund@montrose-env.com HTTP/2.0
                                      host: bsif64.farmboyusa.com
                                      dnt: 1
                                      upgrade-insecure-requests: 1
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                      sec-fetch-site: none
                                      sec-fetch-mode: navigate
                                      sec-fetch-user: ?1
                                      sec-fetch-dest: document
                                      sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                      sec-ch-ua-mobile: ?0
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                      Response
                                      HTTP/2.0 302
                                      date: Mon, 06 Jan 2025 17:26:43 GMT
                                      content-type: text/html; charset=utf-8
                                      location: https://login-microsoftonline.bossdesk.org/pjdsuJPvysi3649X03NiVt6BiCA7E1zbecFqJ5SFycLOn35LnVZpS4M6feAghFWcpd3DOKIafqJjM7tzHdqIo4To51lxa6XtaWCUhFWY3k1izNycaTN7pULmOUVF5SsJmb#C0Y0JnVxanNkdDBENCYxMyYxMyZCMSZDNCY6MyY5MyZpdGJJb3BqdWJkcE1ob2p0VmVicG1mczEzJkU0JjEzJmVicG1vcC94cGVvangxMyYxMyYxMyYxMyZCMSZFOCYxMyYxMyYxMyYxMyZCMSZDNCYzMyZucGQvd29mLmZ0cHN1b3BuQWVvdm10c3BnYzMzJjEzJkU0JjEzJml0Ymkvb3BqdWJkcG0veHBlb2p4MTMmMTMmMTMmMTMmMTMmMTMmQjEmQzgmMTMmRjQmRTQmMTMmOjMmOTMmMTMmRTQmMTMmaXRiSW9wanViZHBNaG9qdFZlYnBtZnMxMyZ1dG9wZDEzJjEzJjEzJjEzJkIxJkY0JjMzJnVxanNkdGJ3YmszMyZFNCZob2JtMTMmdXFqc2R0RDQmMTMmQjEmRjQmdXFqc2R0MEQ0JjEzJkY0JjMzJnRrL2JpZHVxYmQwbnBkL3tmc2J2a2dmanQveHh4MDBCNCZ0cXV1aTMzJkU0JmRzdDEzJnVxanNkdEQ0Jgs
                                      cache-control: no-store, no-cache, must-revalidate, max-age=0
                                      pragma: no-cache
                                      expires: 0
                                      cf-cache-status: DYNAMIC
                                      report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X6mS43zHAs4KwfLhyPO3iaazUEA%2BwmlvuRT8ne0Gaj%2BLqyodF20y3IWwXwUR7j%2FCvWMW7AVW22mDRL9iDN9sgF7udP5Vh6POMkwpVRWmDTcEGzO8lXLQ683l%2BFBeIuYENZiD7Hr%2BxpU%3D"}],"group":"cf-nel","max_age":604800}
                                      nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                      server: cloudflare
                                      cf-ray: 8fdd6a250e3594f0-LHR
                                      alt-svc: h3=":443"; ma=86400
                                      server-timing: cfL4;desc="?proto=TCP&rtt=47533&min_rtt=46931&rtt_var=13826&sent=6&recv=8&lost=0&retrans=0&sent_bytes=2823&recv_bytes=1186&delivery_rate=57829&cwnd=252&unsent_bytes=0&cid=15eb3b58ba407cb1&ts=357&x=0"
                                    • flag-us
                                      GET
                                      https://swy8r6.farmboyusa.com/A/bforslund@montrose-env.com
                                      msedge.exe
                                      Remote address:
                                      172.67.171.93:443
                                      Request
                                      GET /A/bforslund@montrose-env.com HTTP/2.0
                                      host: swy8r6.farmboyusa.com
                                      sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                      sec-ch-ua-mobile: ?0
                                      upgrade-insecure-requests: 1
                                      dnt: 1
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                      sec-fetch-site: cross-site
                                      sec-fetch-mode: navigate
                                      sec-fetch-user: ?1
                                      sec-fetch-dest: document
                                      referer: https://login-microsoftonline.bossdesk.org/
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                      Response
                                      HTTP/2.0 302
                                      date: Mon, 06 Jan 2025 17:26:51 GMT
                                      content-type: text/html; charset=utf-8
                                      location: https://login-microsoftonline.bossdesk.org/ZipXFcJzO2hlYLKZxcoqgknkAxhhYVzUhyvzp5lWH4fHTK1DRYUdXCqVnWIcDZUOalUNmzA9tgnmi1F1NZg2Lojfsg1cpOyoyILX5rssaAZ1M6xSRGlEWzmJMXUdPyVYIu#C0Y0JnVxanNkdDBENCYxMyYxMyZCMSZDNCY6MyY5MyZpdGJJb3BqdWJkcE1ob2p0VmVicG1mczEzJkU0JjEzJmVicG1vcC94cGVvangxMyYxMyYxMyYxMyZCMSZFOCYxMyYxMyYxMyYxMyZCMSZDNCYzMyZucGQvd29mLmZ0cHN1b3BuQWVvdm10c3BnYzMzJjEzJkU0JjEzJml0Ymkvb3BqdWJkcG0veHBlb2p4MTMmMTMmMTMmMTMmMTMmMTMmQjEmQzgmMTMmRjQmRTQmMTMmOjMmOTMmMTMmRTQmMTMmaXRiSW9wanViZHBNaG9qdFZlYnBtZnMxMyZ1dG9wZDEzJjEzJjEzJjEzJkIxJkY0JjMzJnVxanNkdGJ3YmszMyZFNCZob2JtMTMmdXFqc2R0RDQmMTMmQjEmRjQmdXFqc2R0MEQ0JjEzJkY0JjMzJnRrL3lmZW9qMG5wZC97ZnNidmtnZmp0L3h4eDAwQjQmdHF1dWkzMyZFNCZkc3QxMyZ1cWpzZHRENCYL
                                      cache-control: no-store, no-cache, must-revalidate, max-age=0
                                      pragma: no-cache
                                      expires: 0
                                      cf-cache-status: DYNAMIC
                                      report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qeci6Zsqm1yLZBV38vf4eYQHA%2BMcHLzjsga6QhTuSsfbP565kTd0dp4%2Fxp6qj5s0TnMl8HGDqaF%2BomqIoUR%2Bt623ufHTslXklXM0XvSlReDjh%2BlxuCgJS3Bsp7s%2BsdJ%2FEgh5fOyMBPY%3D"}],"group":"cf-nel","max_age":604800}
                                      nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                      server: cloudflare
                                      cf-ray: 8fdd6a5c5ff394f0-LHR
                                      alt-svc: h3=":443"; ma=86400
                                      server-timing: cfL4;desc="?proto=TCP&rtt=47450&min_rtt=46931&rtt_var=7921&sent=11&recv=11&lost=0&retrans=0&sent_bytes=5734&recv_bytes=1319&delivery_rate=114951&cwnd=256&unsent_bytes=0&cid=15eb3b58ba407cb1&ts=9227&x=0"
                                    • flag-us
                                      DNS
                                      login-microsoftonline.bossdesk.org
                                      msedge.exe
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      login-microsoftonline.bossdesk.org
                                      IN A
                                      Response
                                      login-microsoftonline.bossdesk.org
                                      IN CNAME
                                      mate1313.pages.dev
                                      mate1313.pages.dev
                                      IN A
                                      172.66.47.10
                                      mate1313.pages.dev
                                      IN A
                                      172.66.44.246
                                    • flag-us
                                      GET
                                      https://login-microsoftonline.bossdesk.org/pjdsuJPvysi3649X03NiVt6BiCA7E1zbecFqJ5SFycLOn35LnVZpS4M6feAghFWcpd3DOKIafqJjM7tzHdqIo4To51lxa6XtaWCUhFWY3k1izNycaTN7pULmOUVF5SsJmb
                                      msedge.exe
                                      Remote address:
                                      172.66.47.10:443
                                      Request
                                      GET /pjdsuJPvysi3649X03NiVt6BiCA7E1zbecFqJ5SFycLOn35LnVZpS4M6feAghFWcpd3DOKIafqJjM7tzHdqIo4To51lxa6XtaWCUhFWY3k1izNycaTN7pULmOUVF5SsJmb HTTP/2.0
                                      host: login-microsoftonline.bossdesk.org
                                      dnt: 1
                                      upgrade-insecure-requests: 1
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                      sec-fetch-site: none
                                      sec-fetch-mode: navigate
                                      sec-fetch-user: ?1
                                      sec-fetch-dest: document
                                      sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                      sec-ch-ua-mobile: ?0
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                      Response
                                      HTTP/2.0 200
                                      date: Mon, 06 Jan 2025 17:26:43 GMT
                                      content-type: text/html; charset=utf-8
                                      access-control-allow-origin: *
                                      cache-control: public, max-age=0, must-revalidate
                                      referrer-policy: strict-origin-when-cross-origin
                                      x-content-type-options: nosniff
                                      report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qpc28hZj%2BOdvqqpSOD3MUYrFj8%2FwRD9cFZJpU5m%2BraCCEaRbV1io4i8AxTSudrAYo%2F3KxIBqqm%2FPyqw2XU6t8xdaratb6%2FsLbNIzOBGvkTFjQOOEforPJbm2291pu0Vxz3lTvtDb3g%2Fm4JNTqXQaOfdiLd7p"}],"group":"cf-nel","max_age":604800}
                                      nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                      vary: Accept-Encoding
                                      server: cloudflare
                                      cf-ray: 8fdd6a285d7f8873-LHR
                                      content-encoding: br
                                      alt-svc: h3=":443"; ma=86400
                                      server-timing: cfL4;desc="?proto=TCP&rtt=47187&min_rtt=47138&rtt_var=13355&sent=6&recv=8&lost=0&retrans=0&sent_bytes=2819&recv_bytes=1279&delivery_rate=57563&cwnd=252&unsent_bytes=0&cid=55cde6b76dc4b964&ts=176&x=0"
                                    • flag-us
                                      GET
                                      https://login-microsoftonline.bossdesk.org/favicon.ico
                                      msedge.exe
                                      Remote address:
                                      172.66.47.10:443
                                      Request
                                      GET /favicon.ico HTTP/2.0
                                      host: login-microsoftonline.bossdesk.org
                                      sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                      dnt: 1
                                      sec-ch-ua-mobile: ?0
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                      sec-fetch-site: same-origin
                                      sec-fetch-mode: no-cors
                                      sec-fetch-dest: image
                                      referer: https://login-microsoftonline.bossdesk.org/pjdsuJPvysi3649X03NiVt6BiCA7E1zbecFqJ5SFycLOn35LnVZpS4M6feAghFWcpd3DOKIafqJjM7tzHdqIo4To51lxa6XtaWCUhFWY3k1izNycaTN7pULmOUVF5SsJmb
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                      Response
                                      HTTP/2.0 200
                                      date: Mon, 06 Jan 2025 17:26:44 GMT
                                      content-type: text/html; charset=utf-8
                                      access-control-allow-origin: *
                                      cache-control: public, max-age=0, must-revalidate
                                      referrer-policy: strict-origin-when-cross-origin
                                      x-content-type-options: nosniff
                                      report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZdbjVRc8DCrmQ%2FDNmm5e5NXGnIy6VqPGTWdhuGeNBZFKL%2BRZcRBkh0BxX2tuX%2FQkfV3JpIu89PKlCIsXTkiux0DjT4It%2FtgGlvz%2FyRZ0oNPqiBp9dfMNRKNuq1QPFnUynA2kokgL4XLinFkVfzWBALqE3BfZ"}],"group":"cf-nel","max_age":604800}
                                      nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                      vary: Accept-Encoding
                                      server: cloudflare
                                      cf-ray: 8fdd6a329a368873-LHR
                                      content-encoding: br
                                      alt-svc: h3=":443"; ma=86400
                                      server-timing: cfL4;desc="?proto=TCP&rtt=53750&min_rtt=47138&rtt_var=20425&sent=10&recv=11&lost=0&retrans=0&sent_bytes=3919&recv_bytes=1540&delivery_rate=57563&cwnd=255&unsent_bytes=0&cid=55cde6b76dc4b964&ts=1744&x=0"
                                    • flag-us
                                      GET
                                      https://login-microsoftonline.bossdesk.org/ZipXFcJzO2hlYLKZxcoqgknkAxhhYVzUhyvzp5lWH4fHTK1DRYUdXCqVnWIcDZUOalUNmzA9tgnmi1F1NZg2Lojfsg1cpOyoyILX5rssaAZ1M6xSRGlEWzmJMXUdPyVYIu
                                      msedge.exe
                                      Remote address:
                                      172.66.47.10:443
                                      Request
                                      GET /ZipXFcJzO2hlYLKZxcoqgknkAxhhYVzUhyvzp5lWH4fHTK1DRYUdXCqVnWIcDZUOalUNmzA9tgnmi1F1NZg2Lojfsg1cpOyoyILX5rssaAZ1M6xSRGlEWzmJMXUdPyVYIu HTTP/2.0
                                      host: login-microsoftonline.bossdesk.org
                                      upgrade-insecure-requests: 1
                                      dnt: 1
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                      sec-fetch-site: cross-site
                                      sec-fetch-mode: navigate
                                      sec-fetch-user: ?1
                                      sec-fetch-dest: document
                                      sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                      sec-ch-ua-mobile: ?0
                                      referer: https://login-microsoftonline.bossdesk.org/
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                      Response
                                      HTTP/2.0 200
                                      date: Mon, 06 Jan 2025 17:26:51 GMT
                                      content-type: text/html; charset=utf-8
                                      access-control-allow-origin: *
                                      cache-control: public, max-age=0, must-revalidate
                                      referrer-policy: strict-origin-when-cross-origin
                                      x-content-type-options: nosniff
                                      report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yhSX4nh0N4vW2LHkODGN6Cqhwv7Ruk4%2B1Fk4ustw91h4ToymunCB0lxykteURBSFMtai7m%2B5fhOrD1ljAHYjpKnzvPIjOqwZl8dv0dNfY75V%2FSftxGzXg%2BI1L8627QIa1nOrHbQpWxbLzxw0iSiPxD3AA%2BgS"}],"group":"cf-nel","max_age":604800}
                                      nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                      vary: Accept-Encoding
                                      server: cloudflare
                                      cf-ray: 8fdd6a5eac508873-LHR
                                      content-encoding: br
                                      alt-svc: h3=":443"; ma=86400
                                      server-timing: cfL4;desc="?proto=TCP&rtt=52712&min_rtt=47138&rtt_var=13288&sent=15&recv=14&lost=0&retrans=0&sent_bytes=4791&recv_bytes=1740&delivery_rate=109889&cwnd=257&unsent_bytes=0&cid=55cde6b76dc4b964&ts=8803&x=0"
                                    • flag-us
                                      GET
                                      https://login-microsoftonline.bossdesk.org/favicon.ico
                                      msedge.exe
                                      Remote address:
                                      172.66.47.10:443
                                      Request
                                      GET /favicon.ico HTTP/2.0
                                      host: login-microsoftonline.bossdesk.org
                                      sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                      dnt: 1
                                      sec-ch-ua-mobile: ?0
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                      sec-fetch-site: same-origin
                                      sec-fetch-mode: no-cors
                                      sec-fetch-dest: image
                                      referer: https://login-microsoftonline.bossdesk.org/ZipXFcJzO2hlYLKZxcoqgknkAxhhYVzUhyvzp5lWH4fHTK1DRYUdXCqVnWIcDZUOalUNmzA9tgnmi1F1NZg2Lojfsg1cpOyoyILX5rssaAZ1M6xSRGlEWzmJMXUdPyVYIu
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                      Response
                                      HTTP/2.0 200
                                      date: Mon, 06 Jan 2025 17:26:52 GMT
                                      content-type: text/html; charset=utf-8
                                      access-control-allow-origin: *
                                      cache-control: public, max-age=0, must-revalidate
                                      referrer-policy: strict-origin-when-cross-origin
                                      x-content-type-options: nosniff
                                      report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k8DCv9RIIm0j1xm%2Bfdb8BL3P7SsjhBq4naWE87MjKPEUN6d6iYDugAOdjS5CSNSJZxbJLD7msnZqw7qgSQiLlKTYGsOP%2B4zSiLxnbGEcAxKTngrGiiKLq7ysNXwiFUn%2B6dAoCxYkDf%2F2FkJpKG1lzUaoJnVI"}],"group":"cf-nel","max_age":604800}
                                      nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                      vary: Accept-Encoding
                                      server: cloudflare
                                      cf-ray: 8fdd6a63baae8873-LHR
                                      content-encoding: br
                                      alt-svc: h3=":443"; ma=86400
                                      server-timing: cfL4;desc="?proto=TCP&rtt=52273&min_rtt=47138&rtt_var=8190&sent=20&recv=17&lost=0&retrans=0&sent_bytes=5661&recv_bytes=1938&delivery_rate=109889&cwnd=257&unsent_bytes=0&cid=55cde6b76dc4b964&ts=9626&x=0"
                                    • flag-us
                                      DNS
                                      228.249.119.40.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      228.249.119.40.in-addr.arpa
                                      IN PTR
                                      Response
                                    • flag-us
                                      DNS
                                      93.171.67.172.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      93.171.67.172.in-addr.arpa
                                      IN PTR
                                      Response
                                    • flag-us
                                      DNS
                                      73.159.190.20.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      73.159.190.20.in-addr.arpa
                                      IN PTR
                                      Response
                                    • flag-us
                                      DNS
                                      172.210.232.199.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      172.210.232.199.in-addr.arpa
                                      IN PTR
                                      Response
                                    • flag-us
                                      DNS
                                      95.221.229.192.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      95.221.229.192.in-addr.arpa
                                      IN PTR
                                      Response
                                    • flag-us
                                      DNS
                                      www.siefjuarez.com
                                      msedge.exe
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      www.siefjuarez.com
                                      IN A
                                      Response
                                      www.siefjuarez.com
                                      IN CNAME
                                      mate1313.pages.dev
                                      mate1313.pages.dev
                                      IN A
                                      172.66.47.10
                                      mate1313.pages.dev
                                      IN A
                                      172.66.44.246
                                    • flag-us
                                      GET
                                      https://www.siefjuarez.com/captcha.js
                                      msedge.exe
                                      Remote address:
                                      172.66.47.10:443
                                      Request
                                      GET /captcha.js HTTP/2.0
                                      host: www.siefjuarez.com
                                      sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                      dnt: 1
                                      sec-ch-ua-mobile: ?0
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      intervention: <https://permanently-removed.invalid/feature/5718547946799104>; level="warning"
                                      accept: */*
                                      sec-fetch-site: cross-site
                                      sec-fetch-mode: no-cors
                                      sec-fetch-dest: script
                                      referer: https://login-microsoftonline.bossdesk.org/
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                      Response
                                      HTTP/2.0 200
                                      date: Mon, 06 Jan 2025 17:26:43 GMT
                                      content-type: text/javascript; charset=utf-8
                                      access-control-allow-origin: *
                                      cache-control: public, max-age=0, must-revalidate
                                      etag: W/"f2eb4e339d876432bf78458ccdbb6aa9"
                                      referrer-policy: strict-origin-when-cross-origin
                                      x-content-type-options: nosniff
                                      report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SuLtIAVk1jh%2Fa9Z6M9lq2dzxs0bkEtM%2BCUAiYsQ7l6brgko2NdR5TIMShuKhgYdWzUl1WEl0nUys%2Bgcta5X2YRGGYIoxQlnLFmmYVb6pX%2BCNDF2N3UYXYaphCryF2ZX9hxCAa3k%3D"}],"group":"cf-nel","max_age":604800}
                                      nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                      vary: Accept-Encoding
                                      server: cloudflare
                                      cf-ray: 8fdd6a2b6be9f654-LHR
                                      content-encoding: br
                                      alt-svc: h3=":443"; ma=86400
                                      server-timing: cfL4;desc="?proto=TCP&rtt=48843&min_rtt=46845&rtt_var=18994&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2805&recv_bytes=1121&delivery_rate=57935&cwnd=251&unsent_bytes=0&cid=53cc2478d0b92978&ts=99&x=0"
                                    • flag-us
                                      GET
                                      https://www.siefjuarez.com/index.js
                                      msedge.exe
                                      Remote address:
                                      172.66.47.10:443
                                      Request
                                      GET /index.js HTTP/2.0
                                      host: www.siefjuarez.com
                                      sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                      dnt: 1
                                      sec-ch-ua-mobile: ?0
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      intervention: <https://permanently-removed.invalid/feature/5718547946799104>; level="warning"
                                      accept: */*
                                      sec-fetch-site: cross-site
                                      sec-fetch-mode: no-cors
                                      sec-fetch-dest: script
                                      referer: https://login-microsoftonline.bossdesk.org/
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                      Response
                                      HTTP/2.0 200
                                      date: Mon, 06 Jan 2025 17:26:52 GMT
                                      content-type: text/javascript; charset=utf-8
                                      access-control-allow-origin: *
                                      cache-control: public, max-age=0, must-revalidate
                                      etag: W/"3d5cf3216d60da009da3b889449eaaea"
                                      referrer-policy: strict-origin-when-cross-origin
                                      x-content-type-options: nosniff
                                      report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zAU9Zcoo4DRnAFh0ssSh65iijUVIiLhXb79Uui6O9IcgNfd%2B54Am5twsyE%2FZLDEuDuavf0DsKx6AG1Ld6Eq%2FM%2FMUVk9CIacZL5rE2fD0SktuEuL9rQvSTd5I38tytp%2BVqOecbwI%3D"}],"group":"cf-nel","max_age":604800}
                                      nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                      vary: Accept-Encoding
                                      server: cloudflare
                                      cf-ray: 8fdd6a6138a0f654-LHR
                                      content-encoding: br
                                      alt-svc: h3=":443"; ma=86400
                                      server-timing: cfL4;desc="?proto=TCP&rtt=58266&min_rtt=46845&rtt_var=14480&sent=25&recv=23&lost=0&retrans=0&sent_bytes=16204&recv_bytes=1212&delivery_rate=296618&cwnd=257&unsent_bytes=0&cid=53cc2478d0b92978&ts=8695&x=0"
                                    • flag-us
                                      DNS
                                      challenges.cloudflare.com
                                      msedge.exe
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      challenges.cloudflare.com
                                      IN A
                                      Response
                                      challenges.cloudflare.com
                                      IN A
                                      104.18.95.41
                                      challenges.cloudflare.com
                                      IN A
                                      104.18.94.41
                                    • flag-us
                                      DNS
                                      js.hcaptcha.com
                                      msedge.exe
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      js.hcaptcha.com
                                      IN A
                                      Response
                                      js.hcaptcha.com
                                      IN A
                                      104.19.230.21
                                      js.hcaptcha.com
                                      IN A
                                      104.19.229.21
                                    • flag-us
                                      DNS
                                      findicons.com
                                      msedge.exe
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      findicons.com
                                      IN A
                                      Response
                                      findicons.com
                                      IN A
                                      13.249.9.96
                                      findicons.com
                                      IN A
                                      13.249.9.31
                                      findicons.com
                                      IN A
                                      13.249.9.79
                                      findicons.com
                                      IN A
                                      13.249.9.113
                                    • flag-us
                                      GET
                                      https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback
                                      msedge.exe
                                      Remote address:
                                      104.18.95.41:443
                                      Request
                                      GET /turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP/2.0
                                      host: challenges.cloudflare.com
                                      sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                      dnt: 1
                                      sec-ch-ua-mobile: ?0
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      accept: */*
                                      sec-fetch-site: cross-site
                                      sec-fetch-mode: no-cors
                                      sec-fetch-dest: script
                                      referer: https://login-microsoftonline.bossdesk.org/
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                      Response
                                      HTTP/2.0 302
                                      date: Mon, 06 Jan 2025 17:26:44 GMT
                                      content-length: 0
                                      access-control-allow-origin: *
                                      cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=300, public
                                      cross-origin-resource-policy: cross-origin
                                      location: /turnstile/v0/g/849bfe45bf45/api.js
                                      vary: Accept-Encoding
                                      server: cloudflare
                                      cf-ray: 8fdd6a2d3adbef46-LHR
                                      alt-svc: h3=":443"; ma=86400
                                    • flag-us
                                      GET
                                      https://challenges.cloudflare.com/turnstile/v0/g/849bfe45bf45/api.js
                                      msedge.exe
                                      Remote address:
                                      104.18.95.41:443
                                      Request
                                      GET /turnstile/v0/g/849bfe45bf45/api.js HTTP/2.0
                                      host: challenges.cloudflare.com
                                      sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                      dnt: 1
                                      sec-ch-ua-mobile: ?0
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      accept: */*
                                      sec-fetch-site: cross-site
                                      sec-fetch-mode: no-cors
                                      sec-fetch-dest: script
                                      referer: https://login-microsoftonline.bossdesk.org/
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                      Response
                                      HTTP/2.0 200
                                      date: Mon, 06 Jan 2025 17:26:44 GMT
                                      content-type: application/javascript; charset=UTF-8
                                      last-modified: Thu, 02 Jan 2025 13:52:36 GMT
                                      cache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
                                      access-control-allow-origin: *
                                      cross-origin-resource-policy: cross-origin
                                      vary: Accept-Encoding
                                      server: cloudflare
                                      cf-ray: 8fdd6a2f8a4bef46-LHR
                                      content-encoding: br
                                      alt-svc: h3=":443"; ma=86400
                                    • flag-us
                                      GET
                                      https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/e1cua/0x4AAAAAAA2FHkcYSBQqAh4m/auto/fbE/normal/auto/
                                      msedge.exe
                                      Remote address:
                                      104.18.95.41:443
                                      Request
                                      GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/e1cua/0x4AAAAAAA2FHkcYSBQqAh4m/auto/fbE/normal/auto/ HTTP/2.0
                                      host: challenges.cloudflare.com
                                      sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                      sec-ch-ua-mobile: ?0
                                      upgrade-insecure-requests: 1
                                      dnt: 1
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                      sec-fetch-site: cross-site
                                      sec-fetch-mode: navigate
                                      sec-fetch-dest: iframe
                                      referer: https://login-microsoftonline.bossdesk.org/
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                      Response
                                      HTTP/2.0 200
                                      date: Mon, 06 Jan 2025 17:26:44 GMT
                                      content-type: text/html; charset=UTF-8
                                      cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
                                      permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
                                      content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
                                      cross-origin-embedder-policy: require-corp
                                      cross-origin-opener-policy: same-origin
                                      cross-origin-resource-policy: cross-origin
                                      origin-agent-cluster: ?1
                                      accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
                                      critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
                                      referrer-policy: same-origin
                                      document-policy: js-profiling
                                      server: cloudflare
                                      cf-ray: 8fdd6a2ffbbbef46-LHR
                                      content-encoding: br
                                      alt-svc: h3=":443"; ma=86400
                                    • flag-us
                                      GET
                                      https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1
                                      msedge.exe
                                      Remote address:
                                      104.18.95.41:443
                                      Request
                                      GET /cdn-cgi/challenge-platform/h/g/cmg/1 HTTP/2.0
                                      host: challenges.cloudflare.com
                                      sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                      dnt: 1
                                      sec-ch-ua-mobile: ?0
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                      sec-fetch-site: same-origin
                                      sec-fetch-mode: no-cors
                                      sec-fetch-dest: image
                                      referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/e1cua/0x4AAAAAAA2FHkcYSBQqAh4m/auto/fbE/normal/auto/
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                      Response
                                      HTTP/2.0 200
                                      date: Mon, 06 Jan 2025 17:26:44 GMT
                                      content-type: application/javascript; charset=UTF-8
                                      cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
                                      server: cloudflare
                                      cf-ray: 8fdd6a310edaef46-LHR
                                      content-encoding: br
                                      alt-svc: h3=":443"; ma=86400
                                    • flag-us
                                      GET
                                      https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8fdd6a2ffbbbef46&lang=auto
                                      msedge.exe
                                      Remote address:
                                      104.18.95.41:443
                                      Request
                                      GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8fdd6a2ffbbbef46&lang=auto HTTP/2.0
                                      host: challenges.cloudflare.com
                                      sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                      dnt: 1
                                      sec-ch-ua-mobile: ?0
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      accept: */*
                                      sec-fetch-site: same-origin
                                      sec-fetch-mode: no-cors
                                      sec-fetch-dest: script
                                      referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/e1cua/0x4AAAAAAA2FHkcYSBQqAh4m/auto/fbE/normal/auto/
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                      Response
                                      HTTP/2.0 200
                                      date: Mon, 06 Jan 2025 17:26:44 GMT
                                      content-type: image/png
                                      content-length: 61
                                      cache-control: max-age=2629800, public
                                      server: cloudflare
                                      cf-ray: 8fdd6a30feb8ef46-LHR
                                      alt-svc: h3=":443"; ma=86400
                                    • flag-us
                                      POST
                                      https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/2028460678:1736180298:xklaS1tEciMCtYc_DCkr0RBH8StEcCXn0PrAnm8WhUI/8fdd6a2ffbbbef46/l02HiWhp8hszLg08SP6MG_VZ2AdNVne8ixn.Fxj84Gg-1736184404-1.1.1.1-nHkosFtuXCaQTC00bbvaZHGWAdG1GV6YpHPc5WQ9Z4SI_VV.Arg_0LRDtl0e98wD
                                      msedge.exe
                                      Remote address:
                                      104.18.95.41:443
                                      Request
                                      POST /cdn-cgi/challenge-platform/h/g/flow/ov1/2028460678:1736180298:xklaS1tEciMCtYc_DCkr0RBH8StEcCXn0PrAnm8WhUI/8fdd6a2ffbbbef46/l02HiWhp8hszLg08SP6MG_VZ2AdNVne8ixn.Fxj84Gg-1736184404-1.1.1.1-nHkosFtuXCaQTC00bbvaZHGWAdG1GV6YpHPc5WQ9Z4SI_VV.Arg_0LRDtl0e98wD HTTP/2.0
                                      host: challenges.cloudflare.com
                                      content-length: 3854
                                      sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                      dnt: 1
                                      cf-chl-retryattempt: 0
                                      sec-ch-ua-mobile: ?0
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      cf-challenge: l02HiWhp8hszLg08SP6MG_VZ2AdNVne8ixn.Fxj84Gg-1736184404-1.1.1.1-nHkosFtuXCaQTC00bbvaZHGWAdG1GV6YpHPc5WQ9Z4SI_VV.Arg_0LRDtl0e98wD
                                      content-type: application/x-www-form-urlencoded
                                      accept: */*
                                      origin: https://challenges.cloudflare.com
                                      sec-fetch-site: same-origin
                                      sec-fetch-mode: cors
                                      sec-fetch-dest: empty
                                      referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/e1cua/0x4AAAAAAA2FHkcYSBQqAh4m/auto/fbE/normal/auto/
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                      Response
                                      HTTP/2.0 200
                                      date: Mon, 06 Jan 2025 17:26:44 GMT
                                      content-type: text/plain; charset=UTF-8
                                      cf-chl-gen: Bbx5DmEzWdVTXY2X5qVS+gTF6yUqWJ69iBpB6idT2WCwD6LC/lwwr+O+pGjOnyHdaiZ4RPrqLi/KrPCxzFOLJkznTsU1BH30xXPbDQJlCHQRoYa8oiTUA7zYBVvln3mAC3ipXC8KX4ouwc2SVUefzVW8JTF7uLLfo4fcKMimGHG6TSkT1FDkzgiHSKz6y3MeEj2vrcXnWfc4Kid5OLqR/3pPr7qMOIiOKhO+k6qNngzRj88G/Gm4qgdOhoYCiLzE9Mn+VN8E7FygUSDhOqLyt04+TeIyeFDyRHRZwsrXuo4/TxnGpDoCa9QtD6cmW6cUT+fDJCWNMQlInuxqNmI364HoRumKbA4ZAxvrI1LTJSTjXt+elGr14sGOHslvh9tcT6E8JxZmXw4fQRRPx57+uOx8idThgRiTfcnijLu6JTaOf4UQ/PGayWfkqfFvW71VHkkW537BrZdHcogMImnswZBOykeC$DZwprQ5XouMWhz0i
                                      server: cloudflare
                                      cf-ray: 8fdd6a328b65ef46-LHR
                                      content-encoding: br
                                      alt-svc: h3=":443"; ma=86400
                                    • flag-us
                                      GET
                                      https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/8fdd6a2ffbbbef46/1736184404899/3Hkje4f1dIXXJ-B
                                      msedge.exe
                                      Remote address:
                                      104.18.95.41:443
                                      Request
                                      GET /cdn-cgi/challenge-platform/h/g/i/8fdd6a2ffbbbef46/1736184404899/3Hkje4f1dIXXJ-B HTTP/2.0
                                      host: challenges.cloudflare.com
                                      sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                      dnt: 1
                                      sec-ch-ua-mobile: ?0
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                      sec-fetch-site: same-origin
                                      sec-fetch-mode: no-cors
                                      sec-fetch-dest: image
                                      referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/e1cua/0x4AAAAAAA2FHkcYSBQqAh4m/auto/fbE/normal/auto/
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                      Response
                                      HTTP/2.0 200
                                      date: Mon, 06 Jan 2025 17:26:46 GMT
                                      content-type: image/png
                                      content-length: 61
                                      server: cloudflare
                                      cf-ray: 8fdd6a3a0c8fef46-LHR
                                      alt-svc: h3=":443"; ma=86400
                                    • flag-us
                                      GET
                                      https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/8fdd6a2ffbbbef46/1736184404900/1edb60493e3595cc042976429fb35ff7677fa6db5097e38289d191f6af14d224/cuXWAmBLjaHQ4f9
                                      msedge.exe
                                      Remote address:
                                      104.18.95.41:443
                                      Request
                                      GET /cdn-cgi/challenge-platform/h/g/pat/8fdd6a2ffbbbef46/1736184404900/1edb60493e3595cc042976429fb35ff7677fa6db5097e38289d191f6af14d224/cuXWAmBLjaHQ4f9 HTTP/2.0
                                      host: challenges.cloudflare.com
                                      cache-control: max-age=0
                                      sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                      dnt: 1
                                      sec-ch-ua-mobile: ?0
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      accept: */*
                                      sec-fetch-site: same-origin
                                      sec-fetch-mode: cors
                                      sec-fetch-dest: empty
                                      referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/e1cua/0x4AAAAAAA2FHkcYSBQqAh4m/auto/fbE/normal/auto/
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                      Response
                                      HTTP/2.0 401
                                      date: Mon, 06 Jan 2025 17:26:46 GMT
                                      content-type: text/plain; charset=utf-8
                                      content-length: 1
                                      www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gHttgST41lcwEKXZCn7Nf92d_pttQl-OCidGR9q8U0iQAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAscjm_UO_k901rNdCKgLw5bvI4i6M_jDNCIXpfs2LRbtxwLOrUyplqVvML_hVlB5tIDMuj0ihhaOFHose-Y0_UjQnNUGE_vol46VvGgscTMtTjU4xINriap8AMTIygvljEBt6my-nBwkUGhY3U9v5iKC-eWR5bTfvrqFsuIVxafkSfhHqDXB4KLGNjvOOV71GGJ9x4yxA-C2OcULZ1uDDKuvAaMhuiWdF6OzSTXruP9yPg1vmuteavOW1re0YDbCbtK16PhHdSzWym7v_FrvId-2zf26j50FlTd_vl_DcKNDVCgWDoU0uX3cU6V3rSQoVXREEqPr-2ywSGru8ZuXRoQIDAQAB", max-age=20, PrivateToken challenge="AAIAHXNhdC5wYXQtaXNzdWVyLmNsb3VkZmxhcmUuY29tIB7bYEk-NZXMBCl2Qp-zX_dnf6bbUJfjgonRkfavFNIkABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAsLS4HBnLGydwK-bLQGRCaoyMsrXBRrDgQVmxS06j3UF0nYSd6GdTGCKIu1WV60eg-tJtTttfEVq7wHVQf4vzjYBidmCh88ebzxKv2GB6PESSodf5MsEup9xd5dxpkYScgL1CCJq89kRrOQ_CS61bvkL_oGyZf4ffqG5THgaOsopqj8dFLH6_SMy9yf8EgMYqpyjxfKsD-1_qb1m1DRjJEKPWKIGwmHXIKQJUqsxZFm4_Inwkxx7QMpVP4GyqlTxFVz7stWwJRSkMLHjEM_IWLUYfPhuwIUVqmRjGsY1n8flA1bRfxaWHNDxoi25-M2BKTP9NkNNJBbTKErhrZ9LGywIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIB7bYEk-NZXMBCl2Qp-zX_dnf6bbUJfjgonRkfavFNIkABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA0Bg4_P76wfMEmDzHK9N8yyWImWxay1z7HPRnKoNyIW_Kt8Rk4JPinNDLa3LlBgTYMoR4v3RICP4X4zaAzY3cxkst6Rpr-Py-3J7VIv4tDxbhYpyAJpzUm3uLOHmGHY_CoipSic72M1Fa_ltrFceiOzvXMAMmq9kyyOOtf9OkrAyjZjlUWJke61DQJEIuvkzoa1TZ0vzYhu0Tk_PmJkQB7g-FiJne2dp-7uJFizTT0oatWJgKSOcI9bZpT__32BhyfyCjE-1JMrNXglwYWKaIdnnmWh-1b9zPsCSav_GOwSPUyhyqOykRladYl-k7vKxZJ2AtvfObQaF5muLp21p9sQIDAQAB", max-age=20
                                      server: cloudflare
                                      cf-ray: 8fdd6a3b793fef46-LHR
                                      alt-svc: h3=":443"; ma=86400
                                    • flag-us
                                      POST
                                      https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/2028460678:1736180298:xklaS1tEciMCtYc_DCkr0RBH8StEcCXn0PrAnm8WhUI/8fdd6a2ffbbbef46/l02HiWhp8hszLg08SP6MG_VZ2AdNVne8ixn.Fxj84Gg-1736184404-1.1.1.1-nHkosFtuXCaQTC00bbvaZHGWAdG1GV6YpHPc5WQ9Z4SI_VV.Arg_0LRDtl0e98wD
                                      msedge.exe
                                      Remote address:
                                      104.18.95.41:443
                                      Request
                                      POST /cdn-cgi/challenge-platform/h/g/flow/ov1/2028460678:1736180298:xklaS1tEciMCtYc_DCkr0RBH8StEcCXn0PrAnm8WhUI/8fdd6a2ffbbbef46/l02HiWhp8hszLg08SP6MG_VZ2AdNVne8ixn.Fxj84Gg-1736184404-1.1.1.1-nHkosFtuXCaQTC00bbvaZHGWAdG1GV6YpHPc5WQ9Z4SI_VV.Arg_0LRDtl0e98wD HTTP/2.0
                                      host: challenges.cloudflare.com
                                      content-length: 30266
                                      sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                      dnt: 1
                                      cf-chl-retryattempt: 0
                                      sec-ch-ua-mobile: ?0
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      cf-challenge: l02HiWhp8hszLg08SP6MG_VZ2AdNVne8ixn.Fxj84Gg-1736184404-1.1.1.1-nHkosFtuXCaQTC00bbvaZHGWAdG1GV6YpHPc5WQ9Z4SI_VV.Arg_0LRDtl0e98wD
                                      content-type: application/x-www-form-urlencoded
                                      accept: */*
                                      origin: https://challenges.cloudflare.com
                                      sec-fetch-site: same-origin
                                      sec-fetch-mode: cors
                                      sec-fetch-dest: empty
                                      referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/e1cua/0x4AAAAAAA2FHkcYSBQqAh4m/auto/fbE/normal/auto/
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                      Response
                                      HTTP/2.0 200
                                      date: Mon, 06 Jan 2025 17:26:46 GMT
                                      content-type: text/plain; charset=UTF-8
                                      cf-chl-gen: E7CuZryjXm8k6RP4e8ZXPtoydOD9qZUtBp7OAuOH1JBwNv/4ZlDgjfdf+Y6UQF+611c=$JVT2oRwoi+f8KN4/
                                      server: cloudflare
                                      cf-ray: 8fdd6a3d6f97ef46-LHR
                                      content-encoding: br
                                      alt-svc: h3=":443"; ma=86400
                                    • flag-us
                                      POST
                                      https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/2028460678:1736180298:xklaS1tEciMCtYc_DCkr0RBH8StEcCXn0PrAnm8WhUI/8fdd6a2ffbbbef46/l02HiWhp8hszLg08SP6MG_VZ2AdNVne8ixn.Fxj84Gg-1736184404-1.1.1.1-nHkosFtuXCaQTC00bbvaZHGWAdG1GV6YpHPc5WQ9Z4SI_VV.Arg_0LRDtl0e98wD
                                      msedge.exe
                                      Remote address:
                                      104.18.95.41:443
                                      Request
                                      POST /cdn-cgi/challenge-platform/h/g/flow/ov1/2028460678:1736180298:xklaS1tEciMCtYc_DCkr0RBH8StEcCXn0PrAnm8WhUI/8fdd6a2ffbbbef46/l02HiWhp8hszLg08SP6MG_VZ2AdNVne8ixn.Fxj84Gg-1736184404-1.1.1.1-nHkosFtuXCaQTC00bbvaZHGWAdG1GV6YpHPc5WQ9Z4SI_VV.Arg_0LRDtl0e98wD HTTP/2.0
                                      host: challenges.cloudflare.com
                                      content-length: 32568
                                      sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                      dnt: 1
                                      cf-chl-retryattempt: 0
                                      sec-ch-ua-mobile: ?0
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      cf-challenge: l02HiWhp8hszLg08SP6MG_VZ2AdNVne8ixn.Fxj84Gg-1736184404-1.1.1.1-nHkosFtuXCaQTC00bbvaZHGWAdG1GV6YpHPc5WQ9Z4SI_VV.Arg_0LRDtl0e98wD
                                      content-type: application/x-www-form-urlencoded
                                      accept: */*
                                      origin: https://challenges.cloudflare.com
                                      sec-fetch-site: same-origin
                                      sec-fetch-mode: cors
                                      sec-fetch-dest: empty
                                      referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/e1cua/0x4AAAAAAA2FHkcYSBQqAh4m/auto/fbE/normal/auto/
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                      Response
                                      HTTP/2.0 200
                                      date: Mon, 06 Jan 2025 17:26:50 GMT
                                      content-type: text/html; charset=UTF-8
                                      cf-chl-out-s: 5wT/z/cy1xam+iIn5OiDllIiincovFwaKCHYB/rwuazTZmhzCz5Qn8K5fLrhamajZGW28//hD8u5u1JBafUKx462La9HRV9gjMNGAx+dFsEj21Z1OuOAb6xfaR/p7Lo8XYuI21SicC/VDRp+skpGkKZg0dNSLV+HzRZMRkxs4HaOC2EqAyvFdWZnhXELPJwcP0pbuY5brP/BxMqFEvem6l3Qwyjcq97nw53IbHP+YS8nhCzIPVErZeNE5uCFj0NIPy6WhCj6r7xil0cIgRB1YDq6nogJdt3EWqXzTnvchYpsCwtoCjUNz6jAl4pUM4XdWwgvugtVnu5aiK/dJy+LyjWonWx2uxrfukONMgpmPv7DuQPDAMtdympKdHRecg5P/QoVjazWNSGzocv4ewknGpPDwwSbXPVlP4REUerDK2AhUO/NPfj6TNC2zCdnu1qrk+wgPkkQrrwpWLZBuajMQDWczLOmim+qeWLHCvKrtmyR7k8x6J8kmNTpIiJ1dd9mw2SuAwBRurpjNp07Lae0FuHOLCv5zO1XmqBpbUNYlBFHoQGZaDAPue9QVXjm4389ti/D8YHjjdRsv/3SmHMfNpYhVobR2Z4LaCzlTKMmHlte7SnQrcSvQ8ViiReVp1a6tQ+4tHAF0lx1DXCh9ZFWyxxUe3rg/9gRsBtxwGRJsrhJN2cvvVoLvMtwPNu72+saFWnXjhbFKp3b0PKirYnwhOoQ5mvu2FfBPaMm4hyD3m867e/ItSsMmxpX3UBFp6agpWPrSuG9QrI38TnEBQjuqHWyazzzV9r2Qi/pbE8CJHGU6bHZk6+EoBx9GARz4WLXn1zWownlorpbpWbae/nF21IREUSO/CyTyQbRb6jsNwLWN+NNJsvlfOD272EE3F7CN5GOXZJa0+ZCXFiY5uHb/p0PZrZNdY9wNR8kWvmsrgYwmeMmF4/e9R6vNkQ9axLIZLzNF6DxEqVVJodkJp7X7KRh6vTAXOLjaWDAT3bpOlcNYKofLDdh/mGss2aCjr31+VY0bISL9hRFpewEGhyaZouaIETJ+iPBSfh1DeKbqly25Tn5nr6qkuLT+jMWoijv9ODFSH1d8wIW8q999G5VV35qLfAahYID$R3qF0iZ8yLww+6Kx
                                      cf-chl-out: S9UYYah/3Wa+LjCcYEMpFRRey0s26ApKJNLy0JFeFQjCdFhFR5oI5zedD9+xBBGXcUSDwH+w++GnAgFDuODhqZOopG4tMdpED8SwGm44Rw==$KCtPAcQdTxsXOrJ/
                                      server: cloudflare
                                      cf-ray: 8fdd6a54fdc7ef46-LHR
                                      content-encoding: br
                                      alt-svc: h3=":443"; ma=86400
                                    • flag-us
                                      GET
                                      https://js.hcaptcha.com/1/api.js
                                      msedge.exe
                                      Remote address:
                                      104.19.230.21:443
                                      Request
                                      GET /1/api.js HTTP/2.0
                                      host: js.hcaptcha.com
                                      sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                      dnt: 1
                                      sec-ch-ua-mobile: ?0
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      accept: */*
                                      sec-fetch-site: cross-site
                                      sec-fetch-mode: no-cors
                                      sec-fetch-dest: script
                                      referer: https://login-microsoftonline.bossdesk.org/
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                      Response
                                      HTTP/2.0 200
                                      date: Mon, 06 Jan 2025 17:26:44 GMT
                                      content-type: application/javascript
                                      content-length: 48184
                                      content-encoding: gzip
                                      cache-control: max-age=300
                                      etag: "180b69f6bf96d221e8ae6e915712d32f"
                                      vary: accept-encoding
                                      vary: Origin
                                      alt-svc: h3=":443"; ma=86400
                                      cf-cache-status: HIT
                                      accept-ranges: bytes
                                      strict-transport-security: max-age=31536000; includeSubDomains; preload
                                      x-content-type-options: nosniff
                                      age: 0
                                      cross-origin-resource-policy: cross-origin
                                      server: cloudflare
                                      cf-ray: 8fdd6a2d48796442-LHR
                                    • flag-us
                                      GET
                                      https://newassets.hcaptcha.com/captcha/v1/b4956db/static/hcaptcha.html
                                      msedge.exe
                                      Remote address:
                                      104.19.230.21:443
                                      Request
                                      GET /captcha/v1/b4956db/static/hcaptcha.html HTTP/2.0
                                      host: newassets.hcaptcha.com
                                      sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                      sec-ch-ua-mobile: ?0
                                      upgrade-insecure-requests: 1
                                      dnt: 1
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                      sec-fetch-site: cross-site
                                      sec-fetch-mode: navigate
                                      sec-fetch-dest: iframe
                                      referer: https://login-microsoftonline.bossdesk.org/
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                      Response
                                      HTTP/2.0 200
                                      date: Mon, 06 Jan 2025 17:26:44 GMT
                                      content-type: text/html
                                      cache-control: max-age=3600
                                      vary: accept-encoding
                                      vary: Origin
                                      alt-svc: h3=":443"; ma=86400
                                      cf-cache-status: HIT
                                      strict-transport-security: max-age=31536000; includeSubDomains; preload
                                      x-content-type-options: nosniff
                                      content-security-policy: report-uri https://sentry.hcaptcha.com/api/6/security/?sentry_key=30910f52569b4c17b1081ead2dae43b4&sentry_environment=prod&sentry_release=csp1;
                                      server: cloudflare
                                      cf-ray: 8fdd6a2e293a6442-LHR
                                      content-encoding: br
                                    • flag-us
                                      POST
                                      https://api2.hcaptcha.com/checksiteconfig?v=b4956db&host=login-microsoftonline.bossdesk.org&sitekey=234adb2f-52ba-4697-82fa-abecbb14b173&sc=1&swa=1&spst=0
                                      msedge.exe
                                      Remote address:
                                      104.19.230.21:443
                                      Request
                                      POST /checksiteconfig?v=b4956db&host=login-microsoftonline.bossdesk.org&sitekey=234adb2f-52ba-4697-82fa-abecbb14b173&sc=1&swa=1&spst=0 HTTP/2.0
                                      host: api2.hcaptcha.com
                                      content-length: 0
                                      sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                      accept: application/json
                                      dnt: 1
                                      sec-ch-ua-mobile: ?0
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      content-type: text/plain
                                      origin: https://newassets.hcaptcha.com
                                      sec-fetch-site: same-site
                                      sec-fetch-mode: cors
                                      sec-fetch-dest: empty
                                      referer: https://newassets.hcaptcha.com/
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                      Response
                                      HTTP/2.0 200
                                      date: Mon, 06 Jan 2025 17:26:44 GMT
                                      content-type: application/json
                                      content-length: 772
                                      access-control-allow-credentials: true
                                      access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent
                                      access-control-allow-methods: GET, HEAD, POST, OPTIONS
                                      access-control-allow-origin: https://newassets.hcaptcha.com
                                      vary: Origin, Accept-Encoding
                                      content-encoding: gzip
                                      cf-cache-status: DYNAMIC
                                      set-cookie: __cflb=0H28vk2VKwPbLoawFiy4sSqK1JbQoGkPQSsCrbBoVQR; SameSite=None; Secure; path=/; expires=Mon, 06-Jan-25 17:56:44 GMT; HttpOnly
                                      strict-transport-security: max-age=31536000; includeSubDomains; preload
                                      x-content-type-options: nosniff
                                      server: cloudflare
                                      cf-ray: 8fdd6a2fbaa26442-LHR
                                      alt-svc: h3=":443"; ma=86400
                                    • flag-us
                                      GET
                                      https://newassets.hcaptcha.com/c/fe8bf5a16a9db504f8aba2aec3f8f5eb2c013bd8a80f6268abbae03fe760d754/hsw.js
                                      msedge.exe
                                      Remote address:
                                      104.19.230.21:443
                                      Request
                                      GET /c/fe8bf5a16a9db504f8aba2aec3f8f5eb2c013bd8a80f6268abbae03fe760d754/hsw.js HTTP/2.0
                                      host: newassets.hcaptcha.com
                                      sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                      dnt: 1
                                      sec-ch-ua-mobile: ?0
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      accept: */*
                                      sec-fetch-site: same-origin
                                      sec-fetch-mode: no-cors
                                      sec-fetch-dest: script
                                      referer: https://newassets.hcaptcha.com/captcha/v1/b4956db/static/hcaptcha.html
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                      Response
                                      HTTP/2.0 200
                                      date: Mon, 06 Jan 2025 17:26:44 GMT
                                      content-type: application/javascript
                                      content-encoding: gzip
                                      cache-control: max-age=3024000
                                      etag: W/"b231d6ca7477c9dc56545e2dfec383bc"
                                      vary: accept-encoding
                                      vary: Origin
                                      alt-svc: h3=":443"; ma=86400
                                      cf-cache-status: HIT
                                      strict-transport-security: max-age=31536000; includeSubDomains; preload
                                      x-content-type-options: nosniff
                                      server: cloudflare
                                      cf-ray: 8fdd6a304b516442-LHR
                                    • flag-fr
                                      GET
                                      https://findicons.com/files/icons/2796/metro_uinvert_dock/64/microsoft_new_logo_alt.png
                                      msedge.exe
                                      Remote address:
                                      13.249.9.96:443
                                      Request
                                      GET /files/icons/2796/metro_uinvert_dock/64/microsoft_new_logo_alt.png HTTP/2.0
                                      host: findicons.com
                                      sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                      dnt: 1
                                      sec-ch-ua-mobile: ?0
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                      sec-fetch-site: cross-site
                                      sec-fetch-mode: no-cors
                                      sec-fetch-dest: image
                                      referer: https://login-microsoftonline.bossdesk.org/
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                      Response
                                      HTTP/2.0 301
                                      content-length: 0
                                      location: https://images.freeimages.com/fic/images/icons/2796/metro_uinvert_dock/64/microsoft_new_logo_alt.png?ref=findicons
                                      server: CloudFront
                                      date: Fri, 03 Jan 2025 02:41:54 GMT
                                      x-cache: Hit from cloudfront
                                      via: 1.1 3d31b9207a0bab7982999e9846baee80.cloudfront.net (CloudFront)
                                      x-amz-cf-pop: CDG53-C1
                                      x-amz-cf-id: S3umlH-BC2gvVPOur42CYQzOk3vHuJrcvruVo8g9Re4eSzRJ4YnMuw==
                                      age: 312290
                                    • flag-us
                                      DNS
                                      crt.rootg2.amazontrust.com
                                      msedge.exe
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      crt.rootg2.amazontrust.com
                                      IN A
                                      Response
                                      crt.rootg2.amazontrust.com
                                      IN A
                                      3.164.163.127
                                      crt.rootg2.amazontrust.com
                                      IN A
                                      3.164.163.59
                                      crt.rootg2.amazontrust.com
                                      IN A
                                      3.164.163.90
                                      crt.rootg2.amazontrust.com
                                      IN A
                                      3.164.163.87
                                    • flag-us
                                      DNS
                                      newassets.hcaptcha.com
                                      msedge.exe
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      newassets.hcaptcha.com
                                      IN A
                                      Response
                                      newassets.hcaptcha.com
                                      IN A
                                      104.19.229.21
                                      newassets.hcaptcha.com
                                      IN A
                                      104.19.230.21
                                    • flag-fr
                                      GET
                                      http://crt.rootg2.amazontrust.com/rootg2.cer
                                      msedge.exe
                                      Remote address:
                                      3.164.163.127:80
                                      Request
                                      GET /rootg2.cer HTTP/1.1
                                      Connection: Keep-Alive
                                      Accept: */*
                                      User-Agent: Microsoft-CryptoAPI/10.0
                                      Host: crt.rootg2.amazontrust.com
                                      Response
                                      HTTP/1.1 200 OK
                                      Content-Type: binary/octet-stream
                                      Content-Length: 1145
                                      Connection: keep-alive
                                      Last-Modified: Thu, 02 Jan 2025 12:12:02 GMT
                                      x-amz-server-side-encryption: AES256
                                      x-amz-version-id: 8BDeZh_YQ77uc8Ttu_yUu.f3QcyIWl9E
                                      Accept-Ranges: bytes
                                      Server: AmazonS3
                                      Date: Mon, 06 Jan 2025 14:16:37 GMT
                                      ETag: "c6150925cfea5941ddc7ff2a0a506692"
                                      X-Cache: Hit from cloudfront
                                      Via: 1.1 b7c17dda962249acad4693c264f9df0e.cloudfront.net (CloudFront)
                                      X-Amz-Cf-Pop: CDG55-P3
                                      X-Amz-Cf-Id: BeWSzAnATJ3aibaFccl91pXPc0zaCjpeTRpbxI0JA1shqYT08RvOkA==
                                      Age: 11408
                                    • flag-us
                                      DNS
                                      41.95.18.104.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      41.95.18.104.in-addr.arpa
                                      IN PTR
                                      Response
                                    • flag-us
                                      DNS
                                      10.47.66.172.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      10.47.66.172.in-addr.arpa
                                      IN PTR
                                      Response
                                    • flag-us
                                      DNS
                                      96.9.249.13.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      96.9.249.13.in-addr.arpa
                                      IN PTR
                                      Response
                                      96.9.249.13.in-addr.arpa
                                      IN PTR
                                      server-13-249-9-96cdg53r cloudfrontnet
                                    • flag-us
                                      DNS
                                      21.230.19.104.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      21.230.19.104.in-addr.arpa
                                      IN PTR
                                      Response
                                    • flag-us
                                      DNS
                                      api2.hcaptcha.com
                                      msedge.exe
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      api2.hcaptcha.com
                                      IN A
                                      Response
                                      api2.hcaptcha.com
                                      IN A
                                      104.19.230.21
                                      api2.hcaptcha.com
                                      IN A
                                      104.19.229.21
                                    • flag-us
                                      DNS
                                      images.freeimages.com
                                      msedge.exe
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      images.freeimages.com
                                      IN A
                                      Response
                                      images.freeimages.com
                                      IN A
                                      18.245.199.28
                                      images.freeimages.com
                                      IN A
                                      18.245.199.127
                                      images.freeimages.com
                                      IN A
                                      18.245.199.42
                                      images.freeimages.com
                                      IN A
                                      18.245.199.14
                                    • flag-fr
                                      GET
                                      https://images.freeimages.com/fic/images/icons/2796/metro_uinvert_dock/64/microsoft_new_logo_alt.png?ref=findicons
                                      msedge.exe
                                      Remote address:
                                      18.245.199.28:443
                                      Request
                                      GET /fic/images/icons/2796/metro_uinvert_dock/64/microsoft_new_logo_alt.png?ref=findicons HTTP/2.0
                                      host: images.freeimages.com
                                      sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                      dnt: 1
                                      sec-ch-ua-mobile: ?0
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                      sec-fetch-site: cross-site
                                      sec-fetch-mode: no-cors
                                      sec-fetch-dest: image
                                      referer: https://login-microsoftonline.bossdesk.org/
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                      Response
                                      HTTP/2.0 200
                                      content-type: image/png
                                      content-length: 254
                                      date: Mon, 08 Jul 2024 20:25:55 GMT
                                      last-modified: Tue, 20 Dec 2022 05:17:19 GMT
                                      etag: "57ab754695eb0a2c74201ecd6948c12f"
                                      x-amz-server-side-encryption: AES256
                                      cache-control: max-age=31536000
                                      accept-ranges: bytes
                                      server: AmazonS3
                                      x-cache: Hit from cloudfront
                                      via: 1.1 80aba93d53aa5c566027db2247a3a1ee.cloudfront.net (CloudFront)
                                      x-amz-cf-pop: CDG55-P2
                                      x-amz-cf-id: w4YnydmZwX0kLFU5sqE6YZcBtZUnu2W1heikQxm_FYudj07PMpif3g==
                                      age: 15714049
                                      x-xss-protection: 1; mode=block
                                      x-frame-options: DENY
                                      referrer-policy: origin
                                      x-content-type-options: nosniff
                                      strict-transport-security: max-age=31536000; includeSubDomains; preload
                                    • flag-us
                                      DNS
                                      127.163.164.3.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      127.163.164.3.in-addr.arpa
                                      IN PTR
                                      Response
                                      127.163.164.3.in-addr.arpa
                                      IN PTR
                                      server-3-164-163-127cdg55r cloudfrontnet
                                    • flag-us
                                      DNS
                                      28.199.245.18.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      28.199.245.18.in-addr.arpa
                                      IN PTR
                                      Response
                                      28.199.245.18.in-addr.arpa
                                      IN PTR
                                      server-18-245-199-28cdg55r cloudfrontnet
                                    • flag-us
                                      DNS
                                      50.201.222.52.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      50.201.222.52.in-addr.arpa
                                      IN PTR
                                      Response
                                      50.201.222.52.in-addr.arpa
                                      IN PTR
                                      server-52-222-201-50cdg50r cloudfrontnet
                                    • flag-us
                                      DNS
                                      swy8r6.farmboyusa.com
                                      msedge.exe
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      swy8r6.farmboyusa.com
                                      IN A
                                      Response
                                      swy8r6.farmboyusa.com
                                      IN A
                                      172.67.171.93
                                      swy8r6.farmboyusa.com
                                      IN A
                                      104.21.29.51
                                    • flag-us
                                      DNS
                                      swy8r6.farmboyusa.com
                                      msedge.exe
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      swy8r6.farmboyusa.com
                                      IN A
                                    • flag-us
                                      DNS
                                      ajax.googleapis.com
                                      msedge.exe
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      ajax.googleapis.com
                                      IN A
                                      Response
                                      ajax.googleapis.com
                                      IN A
                                      172.217.16.234
                                    • flag-gb
                                      GET
                                      https://ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js
                                      msedge.exe
                                      Remote address:
                                      172.217.16.234:443
                                      Request
                                      GET /ajax/libs/jquery/3.6.1/jquery.min.js HTTP/2.0
                                      host: ajax.googleapis.com
                                      sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                      dnt: 1
                                      sec-ch-ua-mobile: ?0
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      accept: */*
                                      sec-fetch-site: cross-site
                                      sec-fetch-mode: no-cors
                                      sec-fetch-dest: script
                                      referer: https://login-microsoftonline.bossdesk.org/
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                    • flag-us
                                      DNS
                                      work.foundationacademy.su
                                      msedge.exe
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      work.foundationacademy.su
                                      IN A
                                      Response
                                      work.foundationacademy.su
                                      IN A
                                      104.21.57.169
                                      work.foundationacademy.su
                                      IN A
                                      172.67.147.218
                                    • flag-us
                                      GET
                                      https://work.foundationacademy.su/6bc3218f-0083-4afe-aaa4-510712e1c21b/p5Qw9X8rN3.php
                                      msedge.exe
                                      Remote address:
                                      104.21.57.169:443
                                      Request
                                      GET /6bc3218f-0083-4afe-aaa4-510712e1c21b/p5Qw9X8rN3.php HTTP/2.0
                                      host: work.foundationacademy.su
                                      sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                      accept: */*
                                      dnt: 1
                                      sec-ch-ua-mobile: ?0
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      origin: https://login-microsoftonline.bossdesk.org
                                      sec-fetch-site: cross-site
                                      sec-fetch-mode: cors
                                      sec-fetch-dest: empty
                                      referer: https://login-microsoftonline.bossdesk.org/
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                      Response
                                      HTTP/2.0 404
                                      date: Mon, 06 Jan 2025 17:26:53 GMT
                                      content-type: text/html; charset=UTF-8
                                      set-cookie: PHPSESSID=gke2oqvcdue45ga3q24cccohg8; path=/
                                      expires: Thu, 19 Nov 1981 08:52:00 GMT
                                      cache-control: no-store, no-cache, must-revalidate
                                      pragma: no-cache
                                      access-control-allow-origin: *
                                      access-control-allow-methods: GET, POST, OPTIONS
                                      access-control-allow-headers: Content-Type
                                      cf-cache-status: DYNAMIC
                                      report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qGecYl5Ia4JfM6y773TMKWFpSRW16kSNV%2F6jxoSraWxLxy0yIH9yAJWBDKoKRJWP9ccJyJDaD4oeJAfTFsZqMM5vZOfzaoGAF8D9muo1%2BlVg%2FP303QWkAOrt%2BN6b30dcOnu07Ui7YWuAp9dH"}],"group":"cf-nel","max_age":604800}
                                      nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                      server: cloudflare
                                      cf-ray: 8fdd6a661f366334-LHR
                                      content-encoding: br
                                      alt-svc: h3=":443"; ma=86400
                                      server-timing: cfL4;desc="?proto=TCP&rtt=50648&min_rtt=48088&rtt_var=15341&sent=6&recv=8&lost=0&retrans=0&sent_bytes=2822&recv_bytes=1149&delivery_rate=56438&cwnd=249&unsent_bytes=0&cid=8d239ae01d4b0133&ts=873&x=0"
                                    • flag-us
                                      DNS
                                      234.16.217.172.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      234.16.217.172.in-addr.arpa
                                      IN PTR
                                      Response
                                      234.16.217.172.in-addr.arpa
                                      IN PTR
                                      lhr48s28-in-f101e100net
                                      234.16.217.172.in-addr.arpa
                                      IN PTR
                                      mad08s04-in-f10�I
                                    • flag-us
                                      DNS
                                      a.nel.cloudflare.com
                                      msedge.exe
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      a.nel.cloudflare.com
                                      IN A
                                      Response
                                      a.nel.cloudflare.com
                                      IN A
                                      35.190.80.1
                                    • flag-us
                                      DNS
                                      a.nel.cloudflare.com
                                      msedge.exe
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      a.nel.cloudflare.com
                                      IN A
                                    • flag-us
                                      DNS
                                      a.nel.cloudflare.com
                                      msedge.exe
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      a.nel.cloudflare.com
                                      IN A
                                    • flag-us
                                      DNS
                                      169.57.21.104.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      169.57.21.104.in-addr.arpa
                                      IN PTR
                                      Response
                                    • flag-us
                                      OPTIONS
                                      https://a.nel.cloudflare.com/report/v4?s=qGecYl5Ia4JfM6y773TMKWFpSRW16kSNV%2F6jxoSraWxLxy0yIH9yAJWBDKoKRJWP9ccJyJDaD4oeJAfTFsZqMM5vZOfzaoGAF8D9muo1%2BlVg%2FP303QWkAOrt%2BN6b30dcOnu07Ui7YWuAp9dH
                                      msedge.exe
                                      Remote address:
                                      35.190.80.1:443
                                      Request
                                      OPTIONS /report/v4?s=qGecYl5Ia4JfM6y773TMKWFpSRW16kSNV%2F6jxoSraWxLxy0yIH9yAJWBDKoKRJWP9ccJyJDaD4oeJAfTFsZqMM5vZOfzaoGAF8D9muo1%2BlVg%2FP303QWkAOrt%2BN6b30dcOnu07Ui7YWuAp9dH HTTP/2.0
                                      host: a.nel.cloudflare.com
                                      origin: https://work.foundationacademy.su
                                      access-control-request-method: POST
                                      access-control-request-headers: content-type
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                    • flag-us
                                      POST
                                      https://a.nel.cloudflare.com/report/v4?s=qGecYl5Ia4JfM6y773TMKWFpSRW16kSNV%2F6jxoSraWxLxy0yIH9yAJWBDKoKRJWP9ccJyJDaD4oeJAfTFsZqMM5vZOfzaoGAF8D9muo1%2BlVg%2FP303QWkAOrt%2BN6b30dcOnu07Ui7YWuAp9dH
                                      msedge.exe
                                      Remote address:
                                      35.190.80.1:443
                                      Request
                                      POST /report/v4?s=qGecYl5Ia4JfM6y773TMKWFpSRW16kSNV%2F6jxoSraWxLxy0yIH9yAJWBDKoKRJWP9ccJyJDaD4oeJAfTFsZqMM5vZOfzaoGAF8D9muo1%2BlVg%2FP303QWkAOrt%2BN6b30dcOnu07Ui7YWuAp9dH HTTP/2.0
                                      host: a.nel.cloudflare.com
                                      content-length: 504
                                      content-type: application/reports+json
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                    • flag-us
                                      DNS
                                      1.80.190.35.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      1.80.190.35.in-addr.arpa
                                      IN PTR
                                      Response
                                      1.80.190.35.in-addr.arpa
                                      IN PTR
                                      18019035bcgoogleusercontentcom
                                    • flag-us
                                      DNS
                                      1.80.190.35.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      1.80.190.35.in-addr.arpa
                                      IN PTR
                                    • flag-us
                                      DNS
                                      104.219.191.52.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      104.219.191.52.in-addr.arpa
                                      IN PTR
                                      Response
                                    • flag-us
                                      DNS
                                      212.20.149.52.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      212.20.149.52.in-addr.arpa
                                      IN PTR
                                      Response
                                    • flag-us
                                      DNS
                                      18.31.95.13.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      18.31.95.13.in-addr.arpa
                                      IN PTR
                                      Response
                                    • flag-us
                                      DNS
                                      166.190.18.2.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      166.190.18.2.in-addr.arpa
                                      IN PTR
                                      Response
                                      166.190.18.2.in-addr.arpa
                                      IN PTR
                                      a2-18-190-166deploystaticakamaitechnologiescom
                                    • flag-us
                                      DNS
                                      172.214.232.199.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      172.214.232.199.in-addr.arpa
                                      IN PTR
                                      Response
                                    • flag-us
                                      DNS
                                      11.227.111.52.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      11.227.111.52.in-addr.arpa
                                      IN PTR
                                      Response
                                    • flag-us
                                      DNS
                                      137.71.105.51.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      137.71.105.51.in-addr.arpa
                                      IN PTR
                                      Response
                                    • 172.67.171.93:80
                                      http://bsif64.farmboyusa.com/bforslund@montrose-env.com
                                      http
                                      msedge.exe
                                      1.1kB
                                      1.7kB
                                      14
                                      13

                                      HTTP Request

                                      GET http://bsif64.farmboyusa.com/bforslund@montrose-env.com

                                      HTTP Response

                                      301
                                    • 172.67.171.93:80
                                      bsif64.farmboyusa.com
                                      msedge.exe
                                      190 B
                                      132 B
                                      4
                                      3
                                    • 172.67.171.93:443
                                      https://swy8r6.farmboyusa.com/A/bforslund@montrose-env.com
                                      tls, http2
                                      msedge.exe
                                      2.4kB
                                      9.7kB
                                      24
                                      28

                                      HTTP Request

                                      GET https://bsif64.farmboyusa.com/bforslund@montrose-env.com

                                      HTTP Response

                                      302

                                      HTTP Request

                                      GET https://swy8r6.farmboyusa.com/A/bforslund@montrose-env.com

                                      HTTP Response

                                      302
                                    • 172.66.47.10:443
                                      https://login-microsoftonline.bossdesk.org/favicon.ico
                                      tls, http2
                                      msedge.exe
                                      3.2kB
                                      8.1kB
                                      29
                                      36

                                      HTTP Request

                                      GET https://login-microsoftonline.bossdesk.org/pjdsuJPvysi3649X03NiVt6BiCA7E1zbecFqJ5SFycLOn35LnVZpS4M6feAghFWcpd3DOKIafqJjM7tzHdqIo4To51lxa6XtaWCUhFWY3k1izNycaTN7pULmOUVF5SsJmb

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://login-microsoftonline.bossdesk.org/favicon.ico

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://login-microsoftonline.bossdesk.org/ZipXFcJzO2hlYLKZxcoqgknkAxhhYVzUhyvzp5lWH4fHTK1DRYUdXCqVnWIcDZUOalUNmzA9tgnmi1F1NZg2Lojfsg1cpOyoyILX5rssaAZ1M6xSRGlEWzmJMXUdPyVYIu

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://login-microsoftonline.bossdesk.org/favicon.ico

                                      HTTP Response

                                      200
                                    • 172.66.47.10:443
                                      https://www.siefjuarez.com/index.js
                                      tls, http2
                                      msedge.exe
                                      3.2kB
                                      32.1kB
                                      43
                                      53

                                      HTTP Request

                                      GET https://www.siefjuarez.com/captcha.js

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://www.siefjuarez.com/index.js

                                      HTTP Response

                                      200
                                    • 104.18.95.41:443
                                      https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/2028460678:1736180298:xklaS1tEciMCtYc_DCkr0RBH8StEcCXn0PrAnm8WhUI/8fdd6a2ffbbbef46/l02HiWhp8hszLg08SP6MG_VZ2AdNVne8ixn.Fxj84Gg-1736184404-1.1.1.1-nHkosFtuXCaQTC00bbvaZHGWAdG1GV6YpHPc5WQ9Z4SI_VV.Arg_0LRDtl0e98wD
                                      tls, http2
                                      msedge.exe
                                      78.5kB
                                      217.3kB
                                      191
                                      229

                                      HTTP Request

                                      GET https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback

                                      HTTP Response

                                      302

                                      HTTP Request

                                      GET https://challenges.cloudflare.com/turnstile/v0/g/849bfe45bf45/api.js

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/e1cua/0x4AAAAAAA2FHkcYSBQqAh4m/auto/fbE/normal/auto/

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1

                                      HTTP Request

                                      GET https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8fdd6a2ffbbbef46&lang=auto

                                      HTTP Response

                                      200

                                      HTTP Response

                                      200

                                      HTTP Request

                                      POST https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/2028460678:1736180298:xklaS1tEciMCtYc_DCkr0RBH8StEcCXn0PrAnm8WhUI/8fdd6a2ffbbbef46/l02HiWhp8hszLg08SP6MG_VZ2AdNVne8ixn.Fxj84Gg-1736184404-1.1.1.1-nHkosFtuXCaQTC00bbvaZHGWAdG1GV6YpHPc5WQ9Z4SI_VV.Arg_0LRDtl0e98wD

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/8fdd6a2ffbbbef46/1736184404899/3Hkje4f1dIXXJ-B

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/8fdd6a2ffbbbef46/1736184404900/1edb60493e3595cc042976429fb35ff7677fa6db5097e38289d191f6af14d224/cuXWAmBLjaHQ4f9

                                      HTTP Response

                                      401

                                      HTTP Request

                                      POST https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/2028460678:1736180298:xklaS1tEciMCtYc_DCkr0RBH8StEcCXn0PrAnm8WhUI/8fdd6a2ffbbbef46/l02HiWhp8hszLg08SP6MG_VZ2AdNVne8ixn.Fxj84Gg-1736184404-1.1.1.1-nHkosFtuXCaQTC00bbvaZHGWAdG1GV6YpHPc5WQ9Z4SI_VV.Arg_0LRDtl0e98wD

                                      HTTP Response

                                      200

                                      HTTP Request

                                      POST https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/2028460678:1736180298:xklaS1tEciMCtYc_DCkr0RBH8StEcCXn0PrAnm8WhUI/8fdd6a2ffbbbef46/l02HiWhp8hszLg08SP6MG_VZ2AdNVne8ixn.Fxj84Gg-1736184404-1.1.1.1-nHkosFtuXCaQTC00bbvaZHGWAdG1GV6YpHPc5WQ9Z4SI_VV.Arg_0LRDtl0e98wD

                                      HTTP Response

                                      200
                                    • 104.19.230.21:443
                                      https://newassets.hcaptcha.com/c/fe8bf5a16a9db504f8aba2aec3f8f5eb2c013bd8a80f6268abbae03fe760d754/hsw.js
                                      tls, http2
                                      msedge.exe
                                      11.9kB
                                      495.0kB
                                      223
                                      385

                                      HTTP Request

                                      GET https://js.hcaptcha.com/1/api.js

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://newassets.hcaptcha.com/captcha/v1/b4956db/static/hcaptcha.html

                                      HTTP Response

                                      200

                                      HTTP Request

                                      POST https://api2.hcaptcha.com/checksiteconfig?v=b4956db&host=login-microsoftonline.bossdesk.org&sitekey=234adb2f-52ba-4697-82fa-abecbb14b173&sc=1&swa=1&spst=0

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://newassets.hcaptcha.com/c/fe8bf5a16a9db504f8aba2aec3f8f5eb2c013bd8a80f6268abbae03fe760d754/hsw.js

                                      HTTP Response

                                      200
                                    • 13.249.9.96:443
                                      https://findicons.com/files/icons/2796/metro_uinvert_dock/64/microsoft_new_logo_alt.png
                                      tls, http2
                                      msedge.exe
                                      2.0kB
                                      6.3kB
                                      18
                                      19

                                      HTTP Request

                                      GET https://findicons.com/files/icons/2796/metro_uinvert_dock/64/microsoft_new_logo_alt.png

                                      HTTP Response

                                      301
                                    • 3.164.163.127:80
                                      http://crt.rootg2.amazontrust.com/rootg2.cer
                                      http
                                      msedge.exe
                                      413 B
                                      1.9kB
                                      6
                                      5

                                      HTTP Request

                                      GET http://crt.rootg2.amazontrust.com/rootg2.cer

                                      HTTP Response

                                      200
                                    • 18.245.199.28:443
                                      https://images.freeimages.com/fic/images/icons/2796/metro_uinvert_dock/64/microsoft_new_logo_alt.png?ref=findicons
                                      tls, http2
                                      msedge.exe
                                      2.0kB
                                      6.8kB
                                      18
                                      20

                                      HTTP Request

                                      GET https://images.freeimages.com/fic/images/icons/2796/metro_uinvert_dock/64/microsoft_new_logo_alt.png?ref=findicons

                                      HTTP Response

                                      200
                                    • 172.217.16.234:443
                                      https://ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js
                                      tls, http2
                                      msedge.exe
                                      3.2kB
                                      40.3kB
                                      44
                                      42

                                      HTTP Request

                                      GET https://ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js
                                    • 104.21.57.169:443
                                      work.foundationacademy.su
                                      tls, http2
                                      msedge.exe
                                      1.4kB
                                      2.0kB
                                      17
                                      16
                                    • 104.21.57.169:443
                                      https://work.foundationacademy.su/6bc3218f-0083-4afe-aaa4-510712e1c21b/p5Qw9X8rN3.php
                                      tls, http2
                                      msedge.exe
                                      2.1kB
                                      4.9kB
                                      21
                                      22

                                      HTTP Request

                                      GET https://work.foundationacademy.su/6bc3218f-0083-4afe-aaa4-510712e1c21b/p5Qw9X8rN3.php

                                      HTTP Response

                                      404
                                    • 35.190.80.1:443
                                      https://a.nel.cloudflare.com/report/v4?s=qGecYl5Ia4JfM6y773TMKWFpSRW16kSNV%2F6jxoSraWxLxy0yIH9yAJWBDKoKRJWP9ccJyJDaD4oeJAfTFsZqMM5vZOfzaoGAF8D9muo1%2BlVg%2FP303QWkAOrt%2BN6b30dcOnu07Ui7YWuAp9dH
                                      tls, http2
                                      msedge.exe
                                      4.0kB
                                      5.6kB
                                      33
                                      33

                                      HTTP Request

                                      OPTIONS https://a.nel.cloudflare.com/report/v4?s=qGecYl5Ia4JfM6y773TMKWFpSRW16kSNV%2F6jxoSraWxLxy0yIH9yAJWBDKoKRJWP9ccJyJDaD4oeJAfTFsZqMM5vZOfzaoGAF8D9muo1%2BlVg%2FP303QWkAOrt%2BN6b30dcOnu07Ui7YWuAp9dH

                                      HTTP Request

                                      POST https://a.nel.cloudflare.com/report/v4?s=qGecYl5Ia4JfM6y773TMKWFpSRW16kSNV%2F6jxoSraWxLxy0yIH9yAJWBDKoKRJWP9ccJyJDaD4oeJAfTFsZqMM5vZOfzaoGAF8D9muo1%2BlVg%2FP303QWkAOrt%2BN6b30dcOnu07Ui7YWuAp9dH
                                    • 8.8.8.8:53
                                      8.8.8.8.in-addr.arpa
                                      dns
                                      66 B
                                      90 B
                                      1
                                      1

                                      DNS Request

                                      8.8.8.8.in-addr.arpa

                                    • 8.8.8.8:53
                                      bsif64.farmboyusa.com
                                      dns
                                      msedge.exe
                                      67 B
                                      99 B
                                      1
                                      1

                                      DNS Request

                                      bsif64.farmboyusa.com

                                      DNS Response

                                      172.67.171.93
                                      104.21.29.51

                                    • 8.8.8.8:53
                                      login-microsoftonline.bossdesk.org
                                      dns
                                      msedge.exe
                                      80 B
                                      144 B
                                      1
                                      1

                                      DNS Request

                                      login-microsoftonline.bossdesk.org

                                      DNS Response

                                      172.66.47.10
                                      172.66.44.246

                                    • 8.8.8.8:53
                                      228.249.119.40.in-addr.arpa
                                      dns
                                      73 B
                                      159 B
                                      1
                                      1

                                      DNS Request

                                      228.249.119.40.in-addr.arpa

                                    • 8.8.8.8:53
                                      93.171.67.172.in-addr.arpa
                                      dns
                                      72 B
                                      134 B
                                      1
                                      1

                                      DNS Request

                                      93.171.67.172.in-addr.arpa

                                    • 8.8.8.8:53
                                      73.159.190.20.in-addr.arpa
                                      dns
                                      72 B
                                      158 B
                                      1
                                      1

                                      DNS Request

                                      73.159.190.20.in-addr.arpa

                                    • 8.8.8.8:53
                                      172.210.232.199.in-addr.arpa
                                      dns
                                      74 B
                                      128 B
                                      1
                                      1

                                      DNS Request

                                      172.210.232.199.in-addr.arpa

                                    • 8.8.8.8:53
                                      95.221.229.192.in-addr.arpa
                                      dns
                                      73 B
                                      144 B
                                      1
                                      1

                                      DNS Request

                                      95.221.229.192.in-addr.arpa

                                    • 8.8.8.8:53
                                      www.siefjuarez.com
                                      dns
                                      msedge.exe
                                      64 B
                                      128 B
                                      1
                                      1

                                      DNS Request

                                      www.siefjuarez.com

                                      DNS Response

                                      172.66.47.10
                                      172.66.44.246

                                    • 8.8.8.8:53
                                      challenges.cloudflare.com
                                      dns
                                      msedge.exe
                                      71 B
                                      103 B
                                      1
                                      1

                                      DNS Request

                                      challenges.cloudflare.com

                                      DNS Response

                                      104.18.95.41
                                      104.18.94.41

                                    • 8.8.8.8:53
                                      js.hcaptcha.com
                                      dns
                                      msedge.exe
                                      61 B
                                      93 B
                                      1
                                      1

                                      DNS Request

                                      js.hcaptcha.com

                                      DNS Response

                                      104.19.230.21
                                      104.19.229.21

                                    • 8.8.8.8:53
                                      findicons.com
                                      dns
                                      msedge.exe
                                      59 B
                                      123 B
                                      1
                                      1

                                      DNS Request

                                      findicons.com

                                      DNS Response

                                      13.249.9.96
                                      13.249.9.31
                                      13.249.9.79
                                      13.249.9.113

                                    • 8.8.8.8:53
                                      crt.rootg2.amazontrust.com
                                      dns
                                      msedge.exe
                                      72 B
                                      136 B
                                      1
                                      1

                                      DNS Request

                                      crt.rootg2.amazontrust.com

                                      DNS Response

                                      3.164.163.127
                                      3.164.163.59
                                      3.164.163.90
                                      3.164.163.87

                                    • 8.8.8.8:53
                                      newassets.hcaptcha.com
                                      dns
                                      msedge.exe
                                      68 B
                                      100 B
                                      1
                                      1

                                      DNS Request

                                      newassets.hcaptcha.com

                                      DNS Response

                                      104.19.229.21
                                      104.19.230.21

                                    • 8.8.8.8:53
                                      41.95.18.104.in-addr.arpa
                                      dns
                                      71 B
                                      133 B
                                      1
                                      1

                                      DNS Request

                                      41.95.18.104.in-addr.arpa

                                    • 8.8.8.8:53
                                      10.47.66.172.in-addr.arpa
                                      dns
                                      71 B
                                      133 B
                                      1
                                      1

                                      DNS Request

                                      10.47.66.172.in-addr.arpa

                                    • 8.8.8.8:53
                                      96.9.249.13.in-addr.arpa
                                      dns
                                      70 B
                                      125 B
                                      1
                                      1

                                      DNS Request

                                      96.9.249.13.in-addr.arpa

                                    • 8.8.8.8:53
                                      21.230.19.104.in-addr.arpa
                                      dns
                                      72 B
                                      134 B
                                      1
                                      1

                                      DNS Request

                                      21.230.19.104.in-addr.arpa

                                    • 8.8.8.8:53
                                      api2.hcaptcha.com
                                      dns
                                      msedge.exe
                                      63 B
                                      95 B
                                      1
                                      1

                                      DNS Request

                                      api2.hcaptcha.com

                                      DNS Response

                                      104.19.230.21
                                      104.19.229.21

                                    • 8.8.8.8:53
                                      images.freeimages.com
                                      dns
                                      msedge.exe
                                      67 B
                                      131 B
                                      1
                                      1

                                      DNS Request

                                      images.freeimages.com

                                      DNS Response

                                      18.245.199.28
                                      18.245.199.127
                                      18.245.199.42
                                      18.245.199.14

                                    • 8.8.8.8:53
                                      127.163.164.3.in-addr.arpa
                                      dns
                                      72 B
                                      129 B
                                      1
                                      1

                                      DNS Request

                                      127.163.164.3.in-addr.arpa

                                    • 8.8.8.8:53
                                      28.199.245.18.in-addr.arpa
                                      dns
                                      72 B
                                      129 B
                                      1
                                      1

                                      DNS Request

                                      28.199.245.18.in-addr.arpa

                                    • 8.8.8.8:53
                                      50.201.222.52.in-addr.arpa
                                      dns
                                      72 B
                                      129 B
                                      1
                                      1

                                      DNS Request

                                      50.201.222.52.in-addr.arpa

                                    • 224.0.0.251:5353
                                      524 B
                                      8
                                    • 8.8.8.8:53
                                      swy8r6.farmboyusa.com
                                      dns
                                      msedge.exe
                                      134 B
                                      99 B
                                      2
                                      1

                                      DNS Request

                                      swy8r6.farmboyusa.com

                                      DNS Request

                                      swy8r6.farmboyusa.com

                                      DNS Response

                                      172.67.171.93
                                      104.21.29.51

                                    • 8.8.8.8:53
                                      ajax.googleapis.com
                                      dns
                                      msedge.exe
                                      65 B
                                      81 B
                                      1
                                      1

                                      DNS Request

                                      ajax.googleapis.com

                                      DNS Response

                                      172.217.16.234

                                    • 8.8.8.8:53
                                      work.foundationacademy.su
                                      dns
                                      msedge.exe
                                      71 B
                                      103 B
                                      1
                                      1

                                      DNS Request

                                      work.foundationacademy.su

                                      DNS Response

                                      104.21.57.169
                                      172.67.147.218

                                    • 8.8.8.8:53
                                      234.16.217.172.in-addr.arpa
                                      dns
                                      73 B
                                      142 B
                                      1
                                      1

                                      DNS Request

                                      234.16.217.172.in-addr.arpa

                                    • 8.8.8.8:53
                                      a.nel.cloudflare.com
                                      dns
                                      msedge.exe
                                      198 B
                                      82 B
                                      3
                                      1

                                      DNS Request

                                      a.nel.cloudflare.com

                                      DNS Request

                                      a.nel.cloudflare.com

                                      DNS Request

                                      a.nel.cloudflare.com

                                      DNS Response

                                      35.190.80.1

                                    • 8.8.8.8:53
                                      169.57.21.104.in-addr.arpa
                                      dns
                                      72 B
                                      134 B
                                      1
                                      1

                                      DNS Request

                                      169.57.21.104.in-addr.arpa

                                    • 8.8.8.8:53
                                      1.80.190.35.in-addr.arpa
                                      dns
                                      140 B
                                      120 B
                                      2
                                      1

                                      DNS Request

                                      1.80.190.35.in-addr.arpa

                                      DNS Request

                                      1.80.190.35.in-addr.arpa

                                    • 35.190.80.1:443
                                      a.nel.cloudflare.com
                                      https
                                      msedge.exe
                                      1.7kB
                                      3.8kB
                                      4
                                      6
                                    • 8.8.8.8:53
                                      104.219.191.52.in-addr.arpa
                                      dns
                                      73 B
                                      147 B
                                      1
                                      1

                                      DNS Request

                                      104.219.191.52.in-addr.arpa

                                    • 8.8.8.8:53
                                      212.20.149.52.in-addr.arpa
                                      dns
                                      72 B
                                      146 B
                                      1
                                      1

                                      DNS Request

                                      212.20.149.52.in-addr.arpa

                                    • 8.8.8.8:53
                                      18.31.95.13.in-addr.arpa
                                      dns
                                      70 B
                                      144 B
                                      1
                                      1

                                      DNS Request

                                      18.31.95.13.in-addr.arpa

                                    • 8.8.8.8:53
                                      166.190.18.2.in-addr.arpa
                                      dns
                                      71 B
                                      135 B
                                      1
                                      1

                                      DNS Request

                                      166.190.18.2.in-addr.arpa

                                    • 8.8.8.8:53
                                      172.214.232.199.in-addr.arpa
                                      dns
                                      74 B
                                      128 B
                                      1
                                      1

                                      DNS Request

                                      172.214.232.199.in-addr.arpa

                                    • 8.8.8.8:53
                                      11.227.111.52.in-addr.arpa
                                      dns
                                      72 B
                                      158 B
                                      1
                                      1

                                      DNS Request

                                      11.227.111.52.in-addr.arpa

                                    • 8.8.8.8:53
                                      137.71.105.51.in-addr.arpa
                                      dns
                                      72 B
                                      158 B
                                      1
                                      1

                                      DNS Request

                                      137.71.105.51.in-addr.arpa

                                    MITRE ATT&CK Enterprise v15

                                    Replay Monitor

                                    Loading Replay Monitor...

                                    Downloads

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                      Filesize

                                      152B

                                      MD5

                                      6960857d16aadfa79d36df8ebbf0e423

                                      SHA1

                                      e1db43bd478274366621a8c6497e270d46c6ed4f

                                      SHA256

                                      f40b812ce44e391423eb66602ac0af138a1e948aa8c4116045fef671ef21cd32

                                      SHA512

                                      6deb2a63055a643759dd0ae125fb2f68ec04a443dbf8b066a812b42352bbcfa4517382ed0910c190c986a864559c3453c772e153ee2e9432fb2de2e1e49ca7fe

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                      Filesize

                                      152B

                                      MD5

                                      f426165d1e5f7df1b7a3758c306cd4ae

                                      SHA1

                                      59ef728fbbb5c4197600f61daec48556fec651c1

                                      SHA256

                                      b68dfc21866d0abe5c75d70acc54670421fa9b26baf98af852768676a901b841

                                      SHA512

                                      8d437fcb85acb0705bf080141e7a021740901248985a76299ea8c43e46ad78fb88c738322cf302f6a550caa5e79d85b36827e9b329b1094521b17cf638c015b6

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                      Filesize

                                      216B

                                      MD5

                                      9dc3a091ab6c36eed17783c2db6551f3

                                      SHA1

                                      edd790080c16eb1027b152782a0a763f41639886

                                      SHA256

                                      3a94e0978707c35432c9f27571eb3d37b359f80a7795f1b72c822b4757362747

                                      SHA512

                                      283c8dc2bc57847781a0e26c19431744041fb91465588dc02c9ba4f5e22be916990878edbca152ce5917557e717de9668f5d82ca7bbd2a5f92ce03dec1a1a26a

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                      Filesize

                                      1KB

                                      MD5

                                      3f684c9470d1b78fcbd5c376445b309d

                                      SHA1

                                      c169d53d7e249fdca158e2cd287a112acc193966

                                      SHA256

                                      c0b855faa25dfa771c344593e12acd7bb737e902ed29fd43881df83c3c52e884

                                      SHA512

                                      9175169f0cd01c1fe3b90782020bf04ac96d77b0a37b2d22a4689759de220ea3de25c4e7e9f95f25d7c36f184e4becd709c2873d9f39167bb995ced6c48aa5c4

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                      Filesize

                                      6KB

                                      MD5

                                      20abb80e067f692c786a1cd8bf64f5d0

                                      SHA1

                                      83d5dbc471325a761964451bef9519935abc915a

                                      SHA256

                                      8633ef514be3f6199461e901074878b17aa389e30b5388fddef6093224cbad2b

                                      SHA512

                                      c49c4999ea870912a0f62eff312e49e14d24c41d7989c76a9ec4587f9d5186b5e033714d065cebc7e2647f773ea1a3de84bab212a2cde6253d1bdd6c769d0ac9

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                      Filesize

                                      5KB

                                      MD5

                                      2e06901358d674b2ba98ad39cb6ca059

                                      SHA1

                                      fd90d72e9c805a534bd0044e15a455919d033aed

                                      SHA256

                                      3919658aa82b7f97a3b09f3e298a131ee0926a55ca0528d17980b68ef6affc96

                                      SHA512

                                      a9903012bedb18c4a0776d7832529f822305fead0957523123d53f6b1cc09b272b095a16017ad611746f8194762feb0c365d9b1fb0be54a26b4cb05705c63527

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                      Filesize

                                      6KB

                                      MD5

                                      29b9ee40c57598c57a4ddadf966f1026

                                      SHA1

                                      1c388d35af364821908e021ab8b68f136faade6d

                                      SHA256

                                      f109629e870913899e9fc5398c1e10152bedae96871c0b59284a23fb23c14dd1

                                      SHA512

                                      564233b6dec65a7407d2f9cc1994d04a29cf92468fd66baf02bc60ae0dbd2f2bb9041366193ba85782524bff89a423a1448052f2076256b6681a16656cb71230

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

                                      Filesize

                                      16B

                                      MD5

                                      6752a1d65b201c13b62ea44016eb221f

                                      SHA1

                                      58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                      SHA256

                                      0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                      SHA512

                                      9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                      Filesize

                                      10KB

                                      MD5

                                      64993fcf97f8831a8f3ac18399554a65

                                      SHA1

                                      7725d909a821eb09117714d7d27c692a3a9ab5f1

                                      SHA256

                                      22e96f8e9acfb71d02f50df24169ef4ea5690dfdd7124787d5bb254d84288f91

                                      SHA512

                                      59f5e7d2ba925ecb67e24b5d66c1ce3cf14263d01fc57810d710ede359e651d5ea076dcc9631396a46c56058d545e899c314e40b229e8cf4bea6c920ca404111

                                    We care about your privacy.

                                    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.