Windows Analysis Report
https://www.flipsnack.com/FADA7B77C6F/new-flipbook/full-view.html

Overview

General Information

Sample URL:	https://www.flipsnack.com/FADA7B77C6F/new-flipbook/full-view.html
Analysis ID:	1391070
Infos:

Detection

HTMLPhisher

Score:	76
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus / Scanner detection for submitted sample

Phishing site detected (based on favicon image match)

Yara detected HtmlPhish10

Phishing site detected (based on OCR NLP Model)

Phishing site detected (based on image similarity)

Phishing site detected (based on logo match)

Creates files inside the system directory

Found iframes

HTML body contains low number of good links

HTML page contains hidden URLs or javascript code

HTML title does not match URL

Invalid T&C link found

Stores files to the Windows start menu directory

Classification

Signatures

AV Detection

Antivirus / Scanner detection for submitted sample

Source: https://www.flipsnack.com/FADA7B77C6F/new-flipbook/full-view.html

SlashNext: detection malicious, Label: Credential Stealing type: Phishing & Social Engineering

Phishing

Phishing site detected (based on favicon image match)

Source: https://q1uad.com	Matcher: Template: cloudflare matched with high similarity
Source: https://82nxtirnj1.q1uad.com/CRA1rix15f/	Matcher: Template: cloudflare matched with high similarity

Yara detected HtmlPhish10

Source: Yara match

File source: 3.12.pages.csv, type: HTML

Phishing site detected (based on OCR NLP Model)

Source: Chrome DOM

ML Model on OCR Text: Matched 97.8% probability on "New Documents Received You have received 1 PDF Document 2-12-24 VIEW DOCUMENT 00 "

Phishing site detected (based on image similarity)

Source: https://82nxtirnj1.q1uad.com/CRA1rix15f/

Matcher: Found strong image similarity, brand: MICROSOFT

Phishing site detected (based on logo match)

Source: https://82nxtirnj1.q1uad.com/CRA1rix15f/	Matcher: Template: microsoft matched
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/maan4/0x4AAAAAAARTVxgciW021I2z/auto/normal	Matcher: Template: microsoft matched
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/maan4/0x4AAAAAAARTVxgciW021I2z/auto/normal	Matcher: Template: microsoft matched

Found iframes

Source: https://82nxtirnj1.q1uad.com/CRA1rix15f/

HTTP Parser: Iframe src: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/maan4/0x4AAAAAAARTVxgciW021I2z/auto/normal

HTML body contains low number of good links

Source: https://82nxtirnj1.q1uad.com/CRA1rix15f/

HTTP Parser: Number of links: 0

HTML page contains hidden URLs or javascript code

Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/maan4/0x4AAAAAAARTVxgciW021I2z/auto/normal

HTTP Parser: Base64 decoded: http://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/maan4/0x4AAAAAAARTVxgciW021I2z/auto/normal

HTML title does not match URL

Source: https://82nxtirnj1.q1uad.com/CRA1rix15f/

HTTP Parser: Title: Sign in to your Microsoft account does not match URL

Invalid T&C link found

Source: https://82nxtirnj1.q1uad.com/CRA1rix15f/	HTTP Parser: Invalid link: Terms of use
Source: https://82nxtirnj1.q1uad.com/CRA1rix15f/	HTTP Parser: Invalid link: Privacy & cookies

Source: https://82nxtirnj1.q1uad.com/CRA1rix15f/

HTTP Parser: <input type="password" .../> found

Source: https://player.flipsnack.com/?hash=RkFEQTdCNzdDNkYrYzVlcmxmbTFjaQ%3D%3D&forceWidget=1&t=1707748963	HTTP Parser: No favicon
Source: https://player.flipsnack.com/?hash=RkFEQTdCNzdDNkYrYzVlcmxmbTFjaQ%3D%3D&forceWidget=1&t=1707748963	HTTP Parser: No favicon
Source: https://player.flipsnack.com/?hash=RkFEQTdCNzdDNkYrYzVlcmxmbTFjaQ%3D%3D&forceWidget=1&t=1707748963	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/maan4/0x4AAAAAAARTVxgciW021I2z/auto/normal	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/maan4/0x4AAAAAAARTVxgciW021I2z/auto/normal	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/maan4/0x4AAAAAAARTVxgciW021I2z/auto/normal	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/maan4/0x4AAAAAAARTVxgciW021I2z/auto/normal	HTTP Parser: No favicon

Source: https://82nxtirnj1.q1uad.com/CRA1rix15f/

HTTP Parser: No <meta name="author".. found

Source: https://82nxtirnj1.q1uad.com/CRA1rix15f/

HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 23.36.68.63:443 -> 192.168.2.16:49751 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.36.68.63:443 -> 192.168.2.16:49752 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.127.169.103:443 -> 192.168.2.16:49755 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.127.169.103:443 -> 192.168.2.16:49824 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 23.36.68.63
Source: unknown	TCP traffic detected without corresponding DNS query: 23.36.68.63
Source: unknown	TCP traffic detected without corresponding DNS query: 23.36.68.63
Source: unknown	TCP traffic detected without corresponding DNS query: 23.36.68.63
Source: unknown	TCP traffic detected without corresponding DNS query: 23.36.68.63
Source: unknown	TCP traffic detected without corresponding DNS query: 23.36.68.63
Source: unknown	TCP traffic detected without corresponding DNS query: 23.36.68.63
Source: unknown	TCP traffic detected without corresponding DNS query: 23.36.68.63
Source: unknown	TCP traffic detected without corresponding DNS query: 23.36.68.63
Source: unknown	TCP traffic detected without corresponding DNS query: 23.36.68.63
Source: unknown	TCP traffic detected without corresponding DNS query: 23.36.68.63
Source: unknown	TCP traffic detected without corresponding DNS query: 23.36.68.63
Source: unknown	TCP traffic detected without corresponding DNS query: 23.36.68.63
Source: unknown	TCP traffic detected without corresponding DNS query: 23.36.68.63
Source: unknown	TCP traffic detected without corresponding DNS query: 23.36.68.63
Source: unknown	TCP traffic detected without corresponding DNS query: 23.36.68.63
Source: unknown	TCP traffic detected without corresponding DNS query: 23.36.68.63
Source: unknown	TCP traffic detected without corresponding DNS query: 23.36.68.63
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108

Source: global traffic	HTTP traffic detected: GET /FADA7B77C6F/new-flipbook/full-view.html HTTP/1.1Host: www.flipsnack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=117.0.5938.132&lang=en-US&acceptformat=crx3,puff&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26brand%3DONGR%26ping%3Dr%253D-1%2526e%253D1 HTTP/1.1Host: clients2.google.comConnection: keep-aliveX-Goog-Update-Interactivity: fgX-Goog-Update-AppId: nmmhkkegccagdldgiimedpiccmgmiedaX-Goog-Update-Updater: chromecrx-117.0.5938.132Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /public/build/bootstrap4.css HTTP/1.1Host: www.flipsnack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.flipsnack.com/FADA7B77C6F/new-flipbook/full-view.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /public/build/site-base.js HTTP/1.1Host: www.flipsnack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.flipsnack.com/FADA7B77C6F/new-flipbook/full-view.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /public/build/genericv2.js HTTP/1.1Host: www.flipsnack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.flipsnack.com/FADA7B77C6F/new-flipbook/full-view.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /public/build/public-profile.js HTTP/1.1Host: www.flipsnack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.flipsnack.com/FADA7B77C6F/new-flipbook/full-view.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /site/fonts/visbycf-heavy.woff2 HTTP/1.1Host: cdn.flipsnack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.flipsnack.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /site/fonts/roboto-v20-latin-300.woff2 HTTP/1.1Host: cdn.flipsnack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.flipsnack.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /site/fonts/roboto-v20-latin-300italic.woff2 HTTP/1.1Host: cdn.flipsnack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.flipsnack.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /site/fonts/roboto-v20-latin-regular.woff2 HTTP/1.1Host: cdn.flipsnack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.flipsnack.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /site/fonts/roboto-v20-latin-italic.woff2 HTTP/1.1Host: cdn.flipsnack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.flipsnack.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /site/fonts/roboto-v20-latin-500.woff2 HTTP/1.1Host: cdn.flipsnack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.flipsnack.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /site/fonts/roboto-v20-latin-700.woff2 HTTP/1.1Host: cdn.flipsnack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.flipsnack.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /site/images/down-arrow.gz.svg HTTP/1.1Host: cdn.flipsnack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v2/showCookiePolicy?page=public-profile HTTP/1.1Host: api.flipsnack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.flipsnack.comSec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /?hash=RkFEQTdCNzdDNkYrYzVlcmxmbTFjaQ%3D%3D&forceWidget=1&t=1707748963 HTTP/1.1Host: player.flipsnack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /site/images/down-arrow.gz.svg HTTP/1.1Host: cdn.flipsnack.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: fs_tags_en=%7B%221707765473342%22%3A%22%2FFADA7B77C6F%2Fnew-flipbook%2Ffull-view.html%2Cen%22%7D
Source: global traffic	HTTP traffic detected: GET /reader.gz.js HTTP/1.1Host: player.flipsnack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://player.flipsnack.com/?hash=RkFEQTdCNzdDNkYrYzVlcmxmbTFjaQ%3D%3D&forceWidget=1&t=1707748963Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: fs_tags_en=%7B%221707765473342%22%3A%22%2FFADA7B77C6F%2Fnew-flipbook%2Ffull-view.html%2Cen%22%7D
Source: global traffic	HTTP traffic detected: GET /handleUnsupportedBrowsers.gz.js HTTP/1.1Host: player.flipsnack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://player.flipsnack.com/?hash=RkFEQTdCNzdDNkYrYzVlcmxmbTFjaQ%3D%3D&forceWidget=1&t=1707748963Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: fs_tags_en=%7B%221707765473342%22%3A%22%2FFADA7B77C6F%2Fnew-flipbook%2Ffull-view.html%2Cen%22%7D
Source: global traffic	HTTP traffic detected: GET /v2/showCookiePolicy?page=public-profile HTTP/1.1Host: api.flipsnack.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: fs_tags_en=%7B%221707765473342%22%3A%22%2FFADA7B77C6F%2Fnew-flipbook%2Ffull-view.html%2Cen%22%7D
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.flipsnack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.flipsnack.com/FADA7B77C6F/new-flipbook/full-view.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: fs_tags_en=%7B%221707765473342%22%3A%22%2FFADA7B77C6F%2Fnew-flipbook%2Ffull-view.html%2Cen%22%7D
Source: global traffic	HTTP traffic detected: GET /authorization?hash=RkFEQTdCNzdDNkYrYzVlcmxmbTFjaQ== HTTP/1.1Host: content-private.flipsnack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://player.flipsnack.comSec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://player.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.flipsnack.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: fs_tags_en=%7B%221707765473342%22%3A%22%2FFADA7B77C6F%2Fnew-flipbook%2Ffull-view.html%2Cen%22%7D
Source: global traffic	HTTP traffic detected: GET /FADA7B77C6F/collections/c5erlfm1ci/data.json?Signature=Ldi29kOlixSZfit1%7Ey7FSSNzVIV0xTL365E-rfAXr6fc3bvPZ6zSu1GsUorWNpTPcA0c%7EVonds2WcVZrcEB5wI6aB1ibH%7EEMRCRVDjjaLWGYTDco-wJiIOwtV7GvWi6olv9Fc%7EGNkSi5GCjvdI8zcmCCV9yh-MYv%7ERWinHj4%7EdOdbzFG9Z24FoGUpFBt6P7hxP8RYd%7EzYpoIWGCvLpzcKClC5-LyH9KCKGTYKFUDQd6-u0X0fHXMXK1ozp%7ECidEf3qQGkCwlmpQ24ENfdYrTo0vcFYAxHoZ-QHJrNBfFDReh2k2JeenoavKFRXWIXtbltfxgPudhPBx9CjazuZLOAQ__&Policy=eyJTdGF0ZW1lbnQiOlt7IlJlc291cmNlIjoiaHR0cHM6Ly9kM3U3MnRuajcwMWV1aS5jbG91ZGZyb250Lm5ldC9GQURBN0I3N0M2Ri9jb2xsZWN0aW9ucy9jNWVybGZtMWNpLyoiLCJDb25kaXRpb24iOnsiRGF0ZUxlc3NUaGFuIjp7IkFXUzpFcG9jaFRpbWUiOjE3MDc3NjU1OTZ9fX1dfQ__&Key-Pair-Id=KKS5Y1MBXEN2R HTTP/1.1Host: d3u72tnj701eui.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://player.flipsnack.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://player.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /authorization?hash=RkFEQTdCNzdDNkYrYzVlcmxmbTFjaQ== HTTP/1.1Host: content-private.flipsnack.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: fs_tags_en=%7B%221707765473342%22%3A%22%2FFADA7B77C6F%2Fnew-flipbook%2Ffull-view.html%2Cen%22%7D
Source: global traffic	HTTP traffic detected: GET /FADA7B77C6F/collections/c5erlfm1ci/data.json?Signature=Ldi29kOlixSZfit1%7Ey7FSSNzVIV0xTL365E-rfAXr6fc3bvPZ6zSu1GsUorWNpTPcA0c%7EVonds2WcVZrcEB5wI6aB1ibH%7EEMRCRVDjjaLWGYTDco-wJiIOwtV7GvWi6olv9Fc%7EGNkSi5GCjvdI8zcmCCV9yh-MYv%7ERWinHj4%7EdOdbzFG9Z24FoGUpFBt6P7hxP8RYd%7EzYpoIWGCvLpzcKClC5-LyH9KCKGTYKFUDQd6-u0X0fHXMXK1ozp%7ECidEf3qQGkCwlmpQ24ENfdYrTo0vcFYAxHoZ-QHJrNBfFDReh2k2JeenoavKFRXWIXtbltfxgPudhPBx9CjazuZLOAQ__&Policy=eyJTdGF0ZW1lbnQiOlt7IlJlc291cmNlIjoiaHR0cHM6Ly9kM3U3MnRuajcwMWV1aS5jbG91ZGZyb250Lm5ldC9GQURBN0I3N0M2Ri9jb2xsZWN0aW9ucy9jNWVybGZtMWNpLyoiLCJDb25kaXRpb24iOnsiRGF0ZUxlc3NUaGFuIjp7IkFXUzpFcG9jaFRpbWUiOjE3MDc3NjU1OTZ9fX1dfQ__&Key-Pair-Id=KKS5Y1MBXEN2R HTTP/1.1Host: d3u72tnj701eui.cloudfront.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /css/fonts/Roboto-Bold.ttf HTTP/1.1Host: d1fpu6k62r548q.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://player.flipsnack.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://player.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /css/fonts/Roboto-Regular.ttf HTTP/1.1Host: d1fpu6k62r548q.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://player.flipsnack.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://player.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /library/fonts/fbf553490-1230-4c9c-970c-dc73de115be3 HTTP/1.1Host: d1fpu6k62r548q.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://player.flipsnack.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://player.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /library/fonts/fd23e9fea-b25a-4b78-85c1-9f4effe686be HTTP/1.1Host: d1fpu6k62r548q.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://player.flipsnack.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://player.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /library/fonts/f7fb99437-bc80-4e24-afd9-0ef76944a227 HTTP/1.1Host: d1fpu6k62r548q.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://player.flipsnack.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://player.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /756737886395/flip-sts?Action=SendMessage&MessageBody=%7B%22ih%22%3A%220283ad6deb44463282f7eba038e86fca%22%2C%22ch%22%3A%22c5erlfm1ci%22%2C%22cih%22%3A%224ba182db41a8d27e7e0152i142517236%22%2C%22e%22%3A%5B%7B%22eid%22%3A1%7D%5D%2C%22ts%22%3A1707765476%7D HTTP/1.1Host: sqs.us-east-1.amazonaws.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://player.flipsnack.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://player.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /756737886395/flip-sts?Action=SendMessage&MessageBody=%7B%22ih%22%3A%220283ad6deb44463282f7eba038e86fca%22%2C%22ch%22%3A%22c5erlfm1ci%22%2C%22cih%22%3A%224ba182db41a8d27e7e0152i142517236%22%2C%22e%22%3A%5B%7B%22eid%22%3A6%2C%22pid%22%3A%22GaxzXKpzylBrtQw_%22%7D%5D%2C%22ts%22%3A1707765476%7D HTTP/1.1Host: sqs.us-east-1.amazonaws.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://player.flipsnack.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://player.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /756737886395/flip-sts?Action=SendMessage&MessageBody=%7B%22ih%22%3A%220283ad6deb44463282f7eba038e86fca%22%2C%22ch%22%3A%22c5erlfm1ci%22%2C%22cih%22%3A%224ba182db41a8d27e7e0152i142517236%22%2C%22e%22%3A%5B%7B%22eid%22%3A1%7D%5D%2C%22ts%22%3A1707765476%7D HTTP/1.1Host: sqs.us-east-1.amazonaws.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /756737886395/flip-sts?Action=SendMessage&MessageBody=%7B%22ih%22%3A%220283ad6deb44463282f7eba038e86fca%22%2C%22ch%22%3A%22c5erlfm1ci%22%2C%22cih%22%3A%224ba182db41a8d27e7e0152i142517236%22%2C%22e%22%3A%5B%7B%22eid%22%3A6%2C%22pid%22%3A%22GaxzXKpzylBrtQw_%22%7D%5D%2C%22ts%22%3A1707765476%7D HTTP/1.1Host: sqs.us-east-1.amazonaws.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /756737886395/flip-sts?Action=SendMessage&MessageBody=%7B%22ih%22%3A%220283ad6deb44463282f7eba038e86fca%22%2C%22ch%22%3A%22c5erlfm1ci%22%2C%22cih%22%3A%224ba182db41a8d27e7e0152i142517236%22%2C%22e%22%3A%5B%7B%22eid%22%3A2%2C%22d%22%3A0%2C%22s%22%3A0%7D%2C%7B%22eid%22%3A9%2C%22pageIndex%22%3A0%7D%5D%2C%22ts%22%3A1707765478%7D HTTP/1.1Host: sqs.us-east-1.amazonaws.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://player.flipsnack.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://player.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /756737886395/flip-sts?Action=SendMessage&MessageBody=%7B%22ih%22%3A%220283ad6deb44463282f7eba038e86fca%22%2C%22ch%22%3A%22c5erlfm1ci%22%2C%22cih%22%3A%224ba182db41a8d27e7e0152i142517236%22%2C%22e%22%3A%5B%7B%22eid%22%3A2%2C%22d%22%3A0%2C%22s%22%3A0%7D%2C%7B%22eid%22%3A9%2C%22pageIndex%22%3A0%7D%5D%2C%22ts%22%3A1707765478%7D HTTP/1.1Host: sqs.us-east-1.amazonaws.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /756737886395/flip-sts?Action=SendMessage&MessageBody=%7B%22ih%22%3A%220283ad6deb44463282f7eba038e86fca%22%2C%22ch%22%3A%22c5erlfm1ci%22%2C%22cih%22%3A%224ba182db41a8d27e7e0152i142517236%22%2C%22e%22%3A%5B%7B%22eid%22%3A3%2C%22t%22%3A5007%7D%2C%7B%22eid%22%3A10%2C%22pid%22%3A%22GaxzXKpzylBrtQw_%22%2C%22t%22%3A5007%7D%5D%2C%22ts%22%3A1707765481%7D HTTP/1.1Host: sqs.us-east-1.amazonaws.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://player.flipsnack.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://player.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /CRA1rix15f/ HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://player.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /756737886395/flip-sts?Action=SendMessage&MessageBody=%7B%22ih%22%3A%220283ad6deb44463282f7eba038e86fca%22%2C%22ch%22%3A%22c5erlfm1ci%22%2C%22cih%22%3A%224ba182db41a8d27e7e0152i142517236%22%2C%22e%22%3A%5B%7B%22eid%22%3A7%2C%22elid%22%3A5%2C%22pid%22%3A%22GaxzXKpzylBrtQw_%22%7D%5D%2C%22ts%22%3A1707765482%7D HTTP/1.1Host: sqs.us-east-1.amazonaws.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://player.flipsnack.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://player.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /756737886395/flip-sts?Action=SendMessage&MessageBody=%7B%22ih%22%3A%220283ad6deb44463282f7eba038e86fca%22%2C%22ch%22%3A%22c5erlfm1ci%22%2C%22cih%22%3A%224ba182db41a8d27e7e0152i142517236%22%2C%22e%22%3A%5B%7B%22eid%22%3A3%2C%22t%22%3A5007%7D%2C%7B%22eid%22%3A10%2C%22pid%22%3A%22GaxzXKpzylBrtQw_%22%2C%22t%22%3A5007%7D%5D%2C%22ts%22%3A1707765481%7D HTTP/1.1Host: sqs.us-east-1.amazonaws.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /756737886395/flip-sts?Action=SendMessage&MessageBody=%7B%22ih%22%3A%220283ad6deb44463282f7eba038e86fca%22%2C%22ch%22%3A%22c5erlfm1ci%22%2C%22cih%22%3A%224ba182db41a8d27e7e0152i142517236%22%2C%22e%22%3A%5B%7B%22eid%22%3A7%2C%22elid%22%3A5%2C%22pid%22%3A%22GaxzXKpzylBrtQw_%22%7D%5D%2C%22ts%22%3A1707765482%7D HTTP/1.1Host: sqs.us-east-1.amazonaws.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /CRA1rix15f/myscr731481.js HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://82nxtirnj1.q1uad.com/CRA1rix15f/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /jquery-3.6.0.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://82nxtirnj1.q1uad.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/api.js?render=explicit HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://82nxtirnj1.q1uad.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/b/a990e557/api.js?render=explicit HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://82nxtirnj1.q1uad.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=VPWhO5pYBrwwGp2&MD=HetDcHbA HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /web6/assets/js/pages-head-top-web.min.js?cb=1707765480000 HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://82nxtirnj1.q1uad.com/CRA1rix15f/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /web6/assets/js/pages-head-web.min.js?cb=36 HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://82nxtirnj1.q1uad.com/CRA1rix15f/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /4.6.0/socket.io.min.js HTTP/1.1Host: cdn.socket.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://82nxtirnj1.q1uad.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/maan4/0x4AAAAAAARTVxgciW021I2z/auto/normal HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://82nxtirnj1.q1uad.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/maan4/0x4AAAAAAARTVxgciW021I2z/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=85472d0cba267ba2 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/maan4/0x4AAAAAAARTVxgciW021I2z/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /web6/assets/cloudfavicon.ico HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://82nxtirnj1.q1uad.com/CRA1rix15f/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/188599553:1707761284:t35egqV8oiwBr-fcwNypp56HyrUC8YuAQ06QaNMI4Yw/85472d0cba267ba2/7faf2e30711334a HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /web6/assets/cloudfavicon.ico HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/85472d0cba267ba2/1707765492216/vpaMIviRrH04L-R HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/maan4/0x4AAAAAAARTVxgciW021I2z/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/85472d0cba267ba2/1707765492216/vpaMIviRrH04L-R HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/pat/85472d0cba267ba2/1707765492220/8bc209de43f7e6dc6a1f5591bb317a734b7989731d016204f0c1facc8bee6958/2HuYEMxeYf5W5fe HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/maan4/0x4AAAAAAARTVxgciW021I2z/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/188599553:1707761284:t35egqV8oiwBr-fcwNypp56HyrUC8YuAQ06QaNMI4Yw/85472d0cba267ba2/7faf2e30711334a HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/188599553:1707761284:t35egqV8oiwBr-fcwNypp56HyrUC8YuAQ06QaNMI4Yw/85472d0cba267ba2/7faf2e30711334a HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /web6/assets/pages/nsix.css?cb=1707765487934 HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://82nxtirnj1.q1uad.com/CRA1rix15f/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /web6/assets/css/pages.min.css?cb=36 HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://82nxtirnj1.q1uad.com/CRA1rix15f/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /web6/assets/css/pages-godaddy.css?cb=36 HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://82nxtirnj1.q1uad.com/CRA1rix15f/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /web6/assets/fonts/GDSherpa-bold.woff2 HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://82nxtirnj1.q1uad.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://82nxtirnj1.q1uad.com/CRA1rix15f/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /web6/assets/fonts/GDSherpa-bold.woff HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://82nxtirnj1.q1uad.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://82nxtirnj1.q1uad.com/CRA1rix15f/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /web6/assets/fonts/GDSherpa-regular.woff2 HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://82nxtirnj1.q1uad.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://82nxtirnj1.q1uad.com/CRA1rix15f/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /web6/assets/fonts/GDSherpa-regular.woff HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://82nxtirnj1.q1uad.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://82nxtirnj1.q1uad.com/CRA1rix15f/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /web6/assets/fonts/GDSherpa-vf.woff2 HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://82nxtirnj1.q1uad.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://82nxtirnj1.q1uad.com/CRA1rix15f/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /web6/assets/fonts/GDSherpa-vf2.woff2 HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://82nxtirnj1.q1uad.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://82nxtirnj1.q1uad.com/CRA1rix15f/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /web6/validatecaptcha HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IkQxTlhVYzRkRXNVMDZyQjV6ZGgvSHc9PSIsInZhbHVlIjoiYXA0eVlVNUpGN000WCtYd1dLeTZydWlxRkxXeGhHa2dzU2hnaVBUUkx2ZHJHdzFjakVObHRjb0pUZktIMGtyb2VLdHBSWjlLUkNrcWRXUGV6UUx4ZEo4czNKclUrOVg1RVU3R29vYjNWT3cvMk9YSGx0NzNHRmIzU1F6MWxSZVkiLCJtYWMiOiIwYzBhZWVmNjNkMjIxYjUwMmJkZjI1Y2RiYzE1MjA4ZjcxYWI3NDllODQ5YzQ0ZmI1ZmIwZDYwMjFmMjczM2YzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjVUT1hvc3FqZERwQ0VxUGFYWFU1RUE9PSIsInZhbHVlIjoiaDhXNmJOc2JuY3ZXcWVPeTZ2d1NSN0ppM3IyMzJkTngyNFcwZHZpcWRkYUZ3V3VNY0hnSlVXVTVZZUZKY1E3bktLK2pJWVIvZURKWmhWQUd3dEo5dis4dWpWUTBnSHVLNzAwM3E5Um8rQ2ZDVzJYaThPV1I1YVRKeFk2eU1BNHoiLCJtYWMiOiIwNzc1MWI1MGMzYTljMDgyOGM2ZDUxZjViOTA0NGUzNjRiODRhYWRjMWVhZjc1MzIzODIwODVlZmM0ZWQxOTBlIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET //web6socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://82nxtirnj1.q1uad.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IkQxTlhVYzRkRXNVMDZyQjV6ZGgvSHc9PSIsInZhbHVlIjoiYXA0eVlVNUpGN000WCtYd1dLeTZydWlxRkxXeGhHa2dzU2hnaVBUUkx2ZHJHdzFjakVObHRjb0pUZktIMGtyb2VLdHBSWjlLUkNrcWRXUGV6UUx4ZEo4czNKclUrOVg1RVU3R29vYjNWT3cvMk9YSGx0NzNHRmIzU1F6MWxSZVkiLCJtYWMiOiIwYzBhZWVmNjNkMjIxYjUwMmJkZjI1Y2RiYzE1MjA4ZjcxYWI3NDllODQ5YzQ0ZmI1ZmIwZDYwMjFmMjczM2YzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjVUT1hvc3FqZERwQ0VxUGFYWFU1RUE9PSIsInZhbHVlIjoiaDhXNmJOc2JuY3ZXcWVPeTZ2d1NSN0ppM3IyMzJkTngyNFcwZHZpcWRkYUZ3V3VNY0hnSlVXVTVZZUZKY1E3bktLK2pJWVIvZURKWmhWQUd3dEo5dis4dWpWUTBnSHVLNzAwM3E5Um8rQ2ZDVzJYaThPV1I1YVRKeFk2eU1BNHoiLCJtYWMiOiIwNzc1MWI1MGMzYTljMDgyOGM2ZDUxZjViOTA0NGUzNjRiODRhYWRjMWVhZjc1MzIzODIwODVlZmM0ZWQxOTBlIiwidGFnIjoiIn0%3DSec-WebSocket-Key: rN7PqZcNuG7OrWFFk4JdYg==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /web6/info HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IkpRRFRCTkxnb0JoQXhDVi9sbkk0YlE9PSIsInZhbHVlIjoiclVZR1k4WEFCVTEzajZEcU91aGFmdUJZTGpQNlh6SVhLZXlsc2F2TXlRdGU2aGF4V1NpWExTWUJJendxVkdnNDY3Nnk1TjZsU0xPNmZjMnlpcTVSdXpEUStGTTBJOEwyL3dqYTc3WmR5czZKbnlwdFJpSWcydy92MkxoVGhMMG0iLCJtYWMiOiJjNzNmNDNhMjIyNDgzYjhmMmM4YzU5NDU4MzQ1MDAyNzA5ZDdkYmQ1NTYzZGMyYzg4YjM4ZWJjYmFmYzAzY2U2IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ild5UkprQ1hZazgzeUVFYS9zYkpHREE9PSIsInZhbHVlIjoia1R6RzRTQ0pyZy9TZWVwaVFEa1BIQ1RWaDhlQWU2TlZyc2kvRkxjQm9QVnJjOVN6bGZKaGVFQVUyMGVmU2tKbXFGS2k2UVl2dlp4aFZGOC8wVkp2ZmpFK2VNd0d6MUlTTG1zY3djSHlNUk5xSmt1emhrQ2xSQUhpSTFHZFluVWEiLCJtYWMiOiI2YWFjNmY0NjA4YzA3MzM3ZjVlOTljY2YxOGExOTYxYmZjMDE0ZDgxYjYyNTUxY2IzODNiNWMzZjhlMmRjNDg0IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /web6/assets/officelogo.png HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://82nxtirnj1.q1uad.com/web6/assets/pages/nsix.css?cb=1707765487934Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InJOc3gzclpvMkNuUkk1R3d6UjU4N1E9PSIsInZhbHVlIjoiYUgxUitHRDVWRHRrTlVYUUl1cmxUcHRLaVpEbkNRc2xUNFltdnNOQVJTc290UDNEeFNTTmN5dEg1ZVFHSE55Rnlvc1pyaUtUeHdqSmE4OG1ReWFzckhNa3gvcnZ6aUgyVmVWaUdmN254UHhyU0doNUF5Z1Y5NU5iSHJHN3oycWUiLCJtYWMiOiJhNDM4YjlmMmJiZDIzMmY2ZmE2MzhmMDIyMjYzZmNiOWM5MjNhMTUzZWMwMTk1MGJiNjNmYTgxZGU5NDBmOGFjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNLL1doUG4vRmluTzU0Um1GZlUvN0E9PSIsInZhbHVlIjoidk94cFZoZlZ5Ty9JdlF2WnE4bkl2SnpiZnFrSFQzNkZkakJyK1FCZG5mM1Brem5QVVh4RjRUbmpjemMzT1hSRytQWjFSQUlSMTlVcDUvbmorWEFxQjAzTmFmbnBqWktRaXlrZWFpa2VzYmN0dnVIdTRrU0pPRGsrZnZCWE83WlMiLCJtYWMiOiI3Y2IyMDRiNDM3MWM3ODIyMjU5M2E2MWZlYWQwNTdjNjE1Y2E2NDdkNzBmZTgzMmNkNDA4NmM2NmE3OTczZjg0IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/maan4/0x4AAAAAAARTVxgciW021I2z/auto/normal HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://82nxtirnj1.q1uad.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /web6/assets/js/pages.min.js?cb=36 HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://82nxtirnj1.q1uad.com/CRA1rix15f/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InJOc3gzclpvMkNuUkk1R3d6UjU4N1E9PSIsInZhbHVlIjoiYUgxUitHRDVWRHRrTlVYUUl1cmxUcHRLaVpEbkNRc2xUNFltdnNOQVJTc290UDNEeFNTTmN5dEg1ZVFHSE55Rnlvc1pyaUtUeHdqSmE4OG1ReWFzckhNa3gvcnZ6aUgyVmVWaUdmN254UHhyU0doNUF5Z1Y5NU5iSHJHN3oycWUiLCJtYWMiOiJhNDM4YjlmMmJiZDIzMmY2ZmE2MzhmMDIyMjYzZmNiOWM5MjNhMTUzZWMwMTk1MGJiNjNmYTgxZGU5NDBmOGFjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNLL1doUG4vRmluTzU0Um1GZlUvN0E9PSIsInZhbHVlIjoidk94cFZoZlZ5Ty9JdlF2WnE4bkl2SnpiZnFrSFQzNkZkakJyK1FCZG5mM1Brem5QVVh4RjRUbmpjemMzT1hSRytQWjFSQUlSMTlVcDUvbmorWEFxQjAzTmFmbnBqWktRaXlrZWFpa2VzYmN0dnVIdTRrU0pPRGsrZnZCWE83WlMiLCJtYWMiOiI3Y2IyMDRiNDM3MWM3ODIyMjU5M2E2MWZlYWQwNTdjNjE1Y2E2NDdkNzBmZTgzMmNkNDA4NmM2NmE3OTczZjg0IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /web6/assets/back.png HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://82nxtirnj1.q1uad.com/CRA1rix15f/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InJOc3gzclpvMkNuUkk1R3d6UjU4N1E9PSIsInZhbHVlIjoiYUgxUitHRDVWRHRrTlVYUUl1cmxUcHRLaVpEbkNRc2xUNFltdnNOQVJTc290UDNEeFNTTmN5dEg1ZVFHSE55Rnlvc1pyaUtUeHdqSmE4OG1ReWFzckhNa3gvcnZ6aUgyVmVWaUdmN254UHhyU0doNUF5Z1Y5NU5iSHJHN3oycWUiLCJtYWMiOiJhNDM4YjlmMmJiZDIzMmY2ZmE2MzhmMDIyMjYzZmNiOWM5MjNhMTUzZWMwMTk1MGJiNjNmYTgxZGU5NDBmOGFjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNLL1doUG4vRmluTzU0Um1GZlUvN0E9PSIsInZhbHVlIjoidk94cFZoZlZ5Ty9JdlF2WnE4bkl2SnpiZnFrSFQzNkZkakJyK1FCZG5mM1Brem5QVVh4RjRUbmpjemMzT1hSRytQWjFSQUlSMTlVcDUvbmorWEFxQjAzTmFmbnBqWktRaXlrZWFpa2VzYmN0dnVIdTRrU0pPRGsrZnZCWE83WlMiLCJtYWMiOiI3Y2IyMDRiNDM3MWM3ODIyMjU5M2E2MWZlYWQwNTdjNjE1Y2E2NDdkNzBmZTgzMmNkNDA4NmM2NmE3OTczZjg0IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /web6/assets/key.png HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://82nxtirnj1.q1uad.com/CRA1rix15f/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InJOc3gzclpvMkNuUkk1R3d6UjU4N1E9PSIsInZhbHVlIjoiYUgxUitHRDVWRHRrTlVYUUl1cmxUcHRLaVpEbkNRc2xUNFltdnNOQVJTc290UDNEeFNTTmN5dEg1ZVFHSE55Rnlvc1pyaUtUeHdqSmE4OG1ReWFzckhNa3gvcnZ6aUgyVmVWaUdmN254UHhyU0doNUF5Z1Y5NU5iSHJHN3oycWUiLCJtYWMiOiJhNDM4YjlmMmJiZDIzMmY2ZmE2MzhmMDIyMjYzZmNiOWM5MjNhMTUzZWMwMTk1MGJiNjNmYTgxZGU5NDBmOGFjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNLL1doUG4vRmluTzU0Um1GZlUvN0E9PSIsInZhbHVlIjoidk94cFZoZlZ5Ty9JdlF2WnE4bkl2SnpiZnFrSFQzNkZkakJyK1FCZG5mM1Brem5QVVh4RjRUbmpjemMzT1hSRytQWjFSQUlSMTlVcDUvbmorWEFxQjAzTmFmbnBqWktRaXlrZWFpa2VzYmN0dnVIdTRrU0pPRGsrZnZCWE83WlMiLCJtYWMiOiI3Y2IyMDRiNDM3MWM3ODIyMjU5M2E2MWZlYWQwNTdjNjE1Y2E2NDdkNzBmZTgzMmNkNDA4NmM2NmE3OTczZjg0IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /web6/assets/godaddy-logo.png HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://82nxtirnj1.q1uad.com/CRA1rix15f/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InJOc3gzclpvMkNuUkk1R3d6UjU4N1E9PSIsInZhbHVlIjoiYUgxUitHRDVWRHRrTlVYUUl1cmxUcHRLaVpEbkNRc2xUNFltdnNOQVJTc290UDNEeFNTTmN5dEg1ZVFHSE55Rnlvc1pyaUtUeHdqSmE4OG1ReWFzckhNa3gvcnZ6aUgyVmVWaUdmN254UHhyU0doNUF5Z1Y5NU5iSHJHN3oycWUiLCJtYWMiOiJhNDM4YjlmMmJiZDIzMmY2ZmE2MzhmMDIyMjYzZmNiOWM5MjNhMTUzZWMwMTk1MGJiNjNmYTgxZGU5NDBmOGFjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNLL1doUG4vRmluTzU0Um1GZlUvN0E9PSIsInZhbHVlIjoidk94cFZoZlZ5Ty9JdlF2WnE4bkl2SnpiZnFrSFQzNkZkakJyK1FCZG5mM1Brem5QVVh4RjRUbmpjemMzT1hSRytQWjFSQUlSMTlVcDUvbmorWEFxQjAzTmFmbnBqWktRaXlrZWFpa2VzYmN0dnVIdTRrU0pPRGsrZnZCWE83WlMiLCJtYWMiOiI3Y2IyMDRiNDM3MWM3ODIyMjU5M2E2MWZlYWQwNTdjNjE1Y2E2NDdkNzBmZTgzMmNkNDA4NmM2NmE3OTczZjg0IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/close_790189870c9543725dc3f5a15fb25e46.svg HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://82nxtirnj1.q1uad.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/picker_verify_fluent_authenticator_59892f1e05e3adf9fd2f71b42d92a27f.svg HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://82nxtirnj1.q1uad.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/picker_verify_call_c2616792e1950f83fdef6e72dab97293.svg HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://82nxtirnj1.q1uad.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://82nxtirnj1.q1uad.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/picker_verify_email_958962caa7cf6b75cd412e9e3b687b22.svg HTTP/1.1Host: logincdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://82nxtirnj1.q1uad.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=85472d70f9e044e1 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/maan4/0x4AAAAAAARTVxgciW021I2z/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /web6/assets/godaddy-left.png HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://82nxtirnj1.q1uad.com/CRA1rix15f/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InJOc3gzclpvMkNuUkk1R3d6UjU4N1E9PSIsInZhbHVlIjoiYUgxUitHRDVWRHRrTlVYUUl1cmxUcHRLaVpEbkNRc2xUNFltdnNOQVJTc290UDNEeFNTTmN5dEg1ZVFHSE55Rnlvc1pyaUtUeHdqSmE4OG1ReWFzckhNa3gvcnZ6aUgyVmVWaUdmN254UHhyU0doNUF5Z1Y5NU5iSHJHN3oycWUiLCJtYWMiOiJhNDM4YjlmMmJiZDIzMmY2ZmE2MzhmMDIyMjYzZmNiOWM5MjNhMTUzZWMwMTk1MGJiNjNmYTgxZGU5NDBmOGFjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNLL1doUG4vRmluTzU0Um1GZlUvN0E9PSIsInZhbHVlIjoidk94cFZoZlZ5Ty9JdlF2WnE4bkl2SnpiZnFrSFQzNkZkakJyK1FCZG5mM1Brem5QVVh4RjRUbmpjemMzT1hSRytQWjFSQUlSMTlVcDUvbmorWEFxQjAzTmFmbnBqWktRaXlrZWFpa2VzYmN0dnVIdTRrU0pPRGsrZnZCWE83WlMiLCJtYWMiOiI3Y2IyMDRiNDM3MWM3ODIyMjU5M2E2MWZlYWQwNTdjNjE1Y2E2NDdkNzBmZTgzMmNkNDA4NmM2NmE3OTczZjg0IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/close_790189870c9543725dc3f5a15fb25e46.svg HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/picker_verify_fluent_authenticator_59892f1e05e3adf9fd2f71b42d92a27f.svg HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/picker_verify_call_c2616792e1950f83fdef6e72dab97293.svg HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/picker_verify_email_958962caa7cf6b75cd412e9e3b687b22.svg HTTP/1.1Host: logincdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /web6/assets/officelogo.png HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InJOc3gzclpvMkNuUkk1R3d6UjU4N1E9PSIsInZhbHVlIjoiYUgxUitHRDVWRHRrTlVYUUl1cmxUcHRLaVpEbkNRc2xUNFltdnNOQVJTc290UDNEeFNTTmN5dEg1ZVFHSE55Rnlvc1pyaUtUeHdqSmE4OG1ReWFzckhNa3gvcnZ6aUgyVmVWaUdmN254UHhyU0doNUF5Z1Y5NU5iSHJHN3oycWUiLCJtYWMiOiJhNDM4YjlmMmJiZDIzMmY2ZmE2MzhmMDIyMjYzZmNiOWM5MjNhMTUzZWMwMTk1MGJiNjNmYTgxZGU5NDBmOGFjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNLL1doUG4vRmluTzU0Um1GZlUvN0E9PSIsInZhbHVlIjoidk94cFZoZlZ5Ty9JdlF2WnE4bkl2SnpiZnFrSFQzNkZkakJyK1FCZG5mM1Brem5QVVh4RjRUbmpjemMzT1hSRytQWjFSQUlSMTlVcDUvbmorWEFxQjAzTmFmbnBqWktRaXlrZWFpa2VzYmN0dnVIdTRrU0pPRGsrZnZCWE83WlMiLCJtYWMiOiI3Y2IyMDRiNDM3MWM3ODIyMjU5M2E2MWZlYWQwNTdjNjE1Y2E2NDdkNzBmZTgzMmNkNDA4NmM2NmE3OTczZjg0IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /web6/assets/godaddy-microsoftlogo.png HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://82nxtirnj1.q1uad.com/CRA1rix15f/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InJOc3gzclpvMkNuUkk1R3d6UjU4N1E9PSIsInZhbHVlIjoiYUgxUitHRDVWRHRrTlVYUUl1cmxUcHRLaVpEbkNRc2xUNFltdnNOQVJTc290UDNEeFNTTmN5dEg1ZVFHSE55Rnlvc1pyaUtUeHdqSmE4OG1ReWFzckhNa3gvcnZ6aUgyVmVWaUdmN254UHhyU0doNUF5Z1Y5NU5iSHJHN3oycWUiLCJtYWMiOiJhNDM4YjlmMmJiZDIzMmY2ZmE2MzhmMDIyMjYzZmNiOWM5MjNhMTUzZWMwMTk1MGJiNjNmYTgxZGU5NDBmOGFjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNLL1doUG4vRmluTzU0Um1GZlUvN0E9PSIsInZhbHVlIjoidk94cFZoZlZ5Ty9JdlF2WnE4bkl2SnpiZnFrSFQzNkZkakJyK1FCZG5mM1Brem5QVVh4RjRUbmpjemMzT1hSRytQWjFSQUlSMTlVcDUvbmorWEFxQjAzTmFmbnBqWktRaXlrZWFpa2VzYmN0dnVIdTRrU0pPRGsrZnZCWE83WlMiLCJtYWMiOiI3Y2IyMDRiNDM3MWM3ODIyMjU5M2E2MWZlYWQwNTdjNjE1Y2E2NDdkNzBmZTgzMmNkNDA4NmM2NmE3OTczZjg0IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /web6/assets/back.png HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InJOc3gzclpvMkNuUkk1R3d6UjU4N1E9PSIsInZhbHVlIjoiYUgxUitHRDVWRHRrTlVYUUl1cmxUcHRLaVpEbkNRc2xUNFltdnNOQVJTc290UDNEeFNTTmN5dEg1ZVFHSE55Rnlvc1pyaUtUeHdqSmE4OG1ReWFzckhNa3gvcnZ6aUgyVmVWaUdmN254UHhyU0doNUF5Z1Y5NU5iSHJHN3oycWUiLCJtYWMiOiJhNDM4YjlmMmJiZDIzMmY2ZmE2MzhmMDIyMjYzZmNiOWM5MjNhMTUzZWMwMTk1MGJiNjNmYTgxZGU5NDBmOGFjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNLL1doUG4vRmluTzU0Um1GZlUvN0E9PSIsInZhbHVlIjoidk94cFZoZlZ5Ty9JdlF2WnE4bkl2SnpiZnFrSFQzNkZkakJyK1FCZG5mM1Brem5QVVh4RjRUbmpjemMzT1hSRytQWjFSQUlSMTlVcDUvbmorWEFxQjAzTmFmbnBqWktRaXlrZWFpa2VzYmN0dnVIdTRrU0pPRGsrZnZCWE83WlMiLCJtYWMiOiI3Y2IyMDRiNDM3MWM3ODIyMjU5M2E2MWZlYWQwNTdjNjE1Y2E2NDdkNzBmZTgzMmNkNDA4NmM2NmE3OTczZjg0IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /web6/info HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InJOc3gzclpvMkNuUkk1R3d6UjU4N1E9PSIsInZhbHVlIjoiYUgxUitHRDVWRHRrTlVYUUl1cmxUcHRLaVpEbkNRc2xUNFltdnNOQVJTc290UDNEeFNTTmN5dEg1ZVFHSE55Rnlvc1pyaUtUeHdqSmE4OG1ReWFzckhNa3gvcnZ6aUgyVmVWaUdmN254UHhyU0doNUF5Z1Y5NU5iSHJHN3oycWUiLCJtYWMiOiJhNDM4YjlmMmJiZDIzMmY2ZmE2MzhmMDIyMjYzZmNiOWM5MjNhMTUzZWMwMTk1MGJiNjNmYTgxZGU5NDBmOGFjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNLL1doUG4vRmluTzU0Um1GZlUvN0E9PSIsInZhbHVlIjoidk94cFZoZlZ5Ty9JdlF2WnE4bkl2SnpiZnFrSFQzNkZkakJyK1FCZG5mM1Brem5QVVh4RjRUbmpjemMzT1hSRytQWjFSQUlSMTlVcDUvbmorWEFxQjAzTmFmbnBqWktRaXlrZWFpa2VzYmN0dnVIdTRrU0pPRGsrZnZCWE83WlMiLCJtYWMiOiI3Y2IyMDRiNDM3MWM3ODIyMjU5M2E2MWZlYWQwNTdjNjE1Y2E2NDdkNzBmZTgzMmNkNDA4NmM2NmE3OTczZjg0IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /web6/assets/key.png HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InJOc3gzclpvMkNuUkk1R3d6UjU4N1E9PSIsInZhbHVlIjoiYUgxUitHRDVWRHRrTlVYUUl1cmxUcHRLaVpEbkNRc2xUNFltdnNOQVJTc290UDNEeFNTTmN5dEg1ZVFHSE55Rnlvc1pyaUtUeHdqSmE4OG1ReWFzckhNa3gvcnZ6aUgyVmVWaUdmN254UHhyU0doNUF5Z1Y5NU5iSHJHN3oycWUiLCJtYWMiOiJhNDM4YjlmMmJiZDIzMmY2ZmE2MzhmMDIyMjYzZmNiOWM5MjNhMTUzZWMwMTk1MGJiNjNmYTgxZGU5NDBmOGFjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNLL1doUG4vRmluTzU0Um1GZlUvN0E9PSIsInZhbHVlIjoidk94cFZoZlZ5Ty9JdlF2WnE4bkl2SnpiZnFrSFQzNkZkakJyK1FCZG5mM1Brem5QVVh4RjRUbmpjemMzT1hSRytQWjFSQUlSMTlVcDUvbmorWEFxQjAzTmFmbnBqWktRaXlrZWFpa2VzYmN0dnVIdTRrU0pPRGsrZnZCWE83WlMiLCJtYWMiOiI3Y2IyMDRiNDM3MWM3ODIyMjU5M2E2MWZlYWQwNTdjNjE1Y2E2NDdkNzBmZTgzMmNkNDA4NmM2NmE3OTczZjg0IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /adfs/portal/logo/logo.png HTTP/1.1Host: adfs.heart.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://82nxtirnj1.q1uad.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /adfs/portal/logo/logo.png HTTP/1.1Host: adfs.heart.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /web6/assets/godaddy-left.png HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InJOc3gzclpvMkNuUkk1R3d6UjU4N1E9PSIsInZhbHVlIjoiYUgxUitHRDVWRHRrTlVYUUl1cmxUcHRLaVpEbkNRc2xUNFltdnNOQVJTc290UDNEeFNTTmN5dEg1ZVFHSE55Rnlvc1pyaUtUeHdqSmE4OG1ReWFzckhNa3gvcnZ6aUgyVmVWaUdmN254UHhyU0doNUF5Z1Y5NU5iSHJHN3oycWUiLCJtYWMiOiJhNDM4YjlmMmJiZDIzMmY2ZmE2MzhmMDIyMjYzZmNiOWM5MjNhMTUzZWMwMTk1MGJiNjNmYTgxZGU5NDBmOGFjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNLL1doUG4vRmluTzU0Um1GZlUvN0E9PSIsInZhbHVlIjoidk94cFZoZlZ5Ty9JdlF2WnE4bkl2SnpiZnFrSFQzNkZkakJyK1FCZG5mM1Brem5QVVh4RjRUbmpjemMzT1hSRytQWjFSQUlSMTlVcDUvbmorWEFxQjAzTmFmbnBqWktRaXlrZWFpa2VzYmN0dnVIdTRrU0pPRGsrZnZCWE83WlMiLCJtYWMiOiI3Y2IyMDRiNDM3MWM3ODIyMjU5M2E2MWZlYWQwNTdjNjE1Y2E2NDdkNzBmZTgzMmNkNDA4NmM2NmE3OTczZjg0IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /web6/assets/godaddy-logo.png HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InJOc3gzclpvMkNuUkk1R3d6UjU4N1E9PSIsInZhbHVlIjoiYUgxUitHRDVWRHRrTlVYUUl1cmxUcHRLaVpEbkNRc2xUNFltdnNOQVJTc290UDNEeFNTTmN5dEg1ZVFHSE55Rnlvc1pyaUtUeHdqSmE4OG1ReWFzckhNa3gvcnZ6aUgyVmVWaUdmN254UHhyU0doNUF5Z1Y5NU5iSHJHN3oycWUiLCJtYWMiOiJhNDM4YjlmMmJiZDIzMmY2ZmE2MzhmMDIyMjYzZmNiOWM5MjNhMTUzZWMwMTk1MGJiNjNmYTgxZGU5NDBmOGFjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNLL1doUG4vRmluTzU0Um1GZlUvN0E9PSIsInZhbHVlIjoidk94cFZoZlZ5Ty9JdlF2WnE4bkl2SnpiZnFrSFQzNkZkakJyK1FCZG5mM1Brem5QVVh4RjRUbmpjemMzT1hSRytQWjFSQUlSMTlVcDUvbmorWEFxQjAzTmFmbnBqWktRaXlrZWFpa2VzYmN0dnVIdTRrU0pPRGsrZnZCWE83WlMiLCJtYWMiOiI3Y2IyMDRiNDM3MWM3ODIyMjU5M2E2MWZlYWQwNTdjNjE1Y2E2NDdkNzBmZTgzMmNkNDA4NmM2NmE3OTczZjg0IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /web6/assets/godaddy-microsoftlogo.png HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InJOc3gzclpvMkNuUkk1R3d6UjU4N1E9PSIsInZhbHVlIjoiYUgxUitHRDVWRHRrTlVYUUl1cmxUcHRLaVpEbkNRc2xUNFltdnNOQVJTc290UDNEeFNTTmN5dEg1ZVFHSE55Rnlvc1pyaUtUeHdqSmE4OG1ReWFzckhNa3gvcnZ6aUgyVmVWaUdmN254UHhyU0doNUF5Z1Y5NU5iSHJHN3oycWUiLCJtYWMiOiJhNDM4YjlmMmJiZDIzMmY2ZmE2MzhmMDIyMjYzZmNiOWM5MjNhMTUzZWMwMTk1MGJiNjNmYTgxZGU5NDBmOGFjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNLL1doUG4vRmluTzU0Um1GZlUvN0E9PSIsInZhbHVlIjoidk94cFZoZlZ5Ty9JdlF2WnE4bkl2SnpiZnFrSFQzNkZkakJyK1FCZG5mM1Brem5QVVh4RjRUbmpjemMzT1hSRytQWjFSQUlSMTlVcDUvbmorWEFxQjAzTmFmbnBqWktRaXlrZWFpa2VzYmN0dnVIdTRrU0pPRGsrZnZCWE83WlMiLCJtYWMiOiI3Y2IyMDRiNDM3MWM3ODIyMjU5M2E2MWZlYWQwNTdjNjE1Y2E2NDdkNzBmZTgzMmNkNDA4NmM2NmE3OTczZjg0IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET //web6socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://82nxtirnj1.q1uad.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InJOc3gzclpvMkNuUkk1R3d6UjU4N1E9PSIsInZhbHVlIjoiYUgxUitHRDVWRHRrTlVYUUl1cmxUcHRLaVpEbkNRc2xUNFltdnNOQVJTc290UDNEeFNTTmN5dEg1ZVFHSE55Rnlvc1pyaUtUeHdqSmE4OG1ReWFzckhNa3gvcnZ6aUgyVmVWaUdmN254UHhyU0doNUF5Z1Y5NU5iSHJHN3oycWUiLCJtYWMiOiJhNDM4YjlmMmJiZDIzMmY2ZmE2MzhmMDIyMjYzZmNiOWM5MjNhMTUzZWMwMTk1MGJiNjNmYTgxZGU5NDBmOGFjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNLL1doUG4vRmluTzU0Um1GZlUvN0E9PSIsInZhbHVlIjoidk94cFZoZlZ5Ty9JdlF2WnE4bkl2SnpiZnFrSFQzNkZkakJyK1FCZG5mM1Brem5QVVh4RjRUbmpjemMzT1hSRytQWjFSQUlSMTlVcDUvbmorWEFxQjAzTmFmbnBqWktRaXlrZWFpa2VzYmN0dnVIdTRrU0pPRGsrZnZCWE83WlMiLCJtYWMiOiI3Y2IyMDRiNDM3MWM3ODIyMjU5M2E2MWZlYWQwNTdjNjE1Y2E2NDdkNzBmZTgzMmNkNDA4NmM2NmE3OTczZjg0IiwidGFnIjoiIn0%3DSec-WebSocket-Key: h0syBXKugv1h/nCv0d9uzQ==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET //web6socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://82nxtirnj1.q1uad.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InJOc3gzclpvMkNuUkk1R3d6UjU4N1E9PSIsInZhbHVlIjoiYUgxUitHRDVWRHRrTlVYUUl1cmxUcHRLaVpEbkNRc2xUNFltdnNOQVJTc290UDNEeFNTTmN5dEg1ZVFHSE55Rnlvc1pyaUtUeHdqSmE4OG1ReWFzckhNa3gvcnZ6aUgyVmVWaUdmN254UHhyU0doNUF5Z1Y5NU5iSHJHN3oycWUiLCJtYWMiOiJhNDM4YjlmMmJiZDIzMmY2ZmE2MzhmMDIyMjYzZmNiOWM5MjNhMTUzZWMwMTk1MGJiNjNmYTgxZGU5NDBmOGFjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNLL1doUG4vRmluTzU0Um1GZlUvN0E9PSIsInZhbHVlIjoidk94cFZoZlZ5Ty9JdlF2WnE4bkl2SnpiZnFrSFQzNkZkakJyK1FCZG5mM1Brem5QVVh4RjRUbmpjemMzT1hSRytQWjFSQUlSMTlVcDUvbmorWEFxQjAzTmFmbnBqWktRaXlrZWFpa2VzYmN0dnVIdTRrU0pPRGsrZnZCWE83WlMiLCJtYWMiOiI3Y2IyMDRiNDM3MWM3ODIyMjU5M2E2MWZlYWQwNTdjNjE1Y2E2NDdkNzBmZTgzMmNkNDA4NmM2NmE3OTczZjg0IiwidGFnIjoiIn0%3DSec-WebSocket-Key: 7UcTY3qBAATKauncyJUdoQ==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=VPWhO5pYBrwwGp2&MD=HetDcHbA HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /4.6.0/socket.io.min.js.map HTTP/1.1Host: cdn.socket.ioConnection: keep-aliveSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET //web6socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://82nxtirnj1.q1uad.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InJOc3gzclpvMkNuUkk1R3d6UjU4N1E9PSIsInZhbHVlIjoiYUgxUitHRDVWRHRrTlVYUUl1cmxUcHRLaVpEbkNRc2xUNFltdnNOQVJTc290UDNEeFNTTmN5dEg1ZVFHSE55Rnlvc1pyaUtUeHdqSmE4OG1ReWFzckhNa3gvcnZ6aUgyVmVWaUdmN254UHhyU0doNUF5Z1Y5NU5iSHJHN3oycWUiLCJtYWMiOiJhNDM4YjlmMmJiZDIzMmY2ZmE2MzhmMDIyMjYzZmNiOWM5MjNhMTUzZWMwMTk1MGJiNjNmYTgxZGU5NDBmOGFjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNLL1doUG4vRmluTzU0Um1GZlUvN0E9PSIsInZhbHVlIjoidk94cFZoZlZ5Ty9JdlF2WnE4bkl2SnpiZnFrSFQzNkZkakJyK1FCZG5mM1Brem5QVVh4RjRUbmpjemMzT1hSRytQWjFSQUlSMTlVcDUvbmorWEFxQjAzTmFmbnBqWktRaXlrZWFpa2VzYmN0dnVIdTRrU0pPRGsrZnZCWE83WlMiLCJtYWMiOiI3Y2IyMDRiNDM3MWM3ODIyMjU5M2E2MWZlYWQwNTdjNjE1Y2E2NDdkNzBmZTgzMmNkNDA4NmM2NmE3OTczZjg0IiwidGFnIjoiIn0%3DSec-WebSocket-Key: crK+Dp0NpUgOlzpXVm/Pog==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits

Source: chromecache_142.1.dr	String found in binary or memory: eval("var MOBILE_VIEW_WIDTH = 991;\nvar MOBILE_VIEW_HEIGHT = 768;\nvar carousel = $('#carousel');\nvar extraItems = $('#extra-items');\nvar navigation = $('#carousel-navigation').children();\nvar requestTrialModalContent = $('#requestTrialModalContent');\nvar linkToRequestTrialModal = $('#linkToRequestTrialModal');\nvar youtubeVideoModal = $('#youtubeVideoModal');\nvar youtubeVideoModalContent = $('#youtubeVideoModalContent');\nvar cookieModal = $('#cookieNotification');\nvar isMobile = window.innerWidth <= MOBILE_VIEW_WIDTH \|\| window.innerHeight <= MOBILE_VIEW_HEIGHT;\nvar selectedTab = 'upload';\nvar selectNextItem = function selectNextItem() {\n var children = carousel.children();\n var lastChild = $(children[children.length - 1]);\n lastChild.css({\n opacity: 0,\n transform: 'translateY(-60px) scale(.9)'\n });\n lastChild.insertBefore(children[0]);\n setTimeout(function () {\n lastChild.removeAttr('style');\n }, 1);\n};\nvar setImgSrc = function setImgSrc() {\n carousel.children().each(function (index, el) {\n var img = $(el).find('img');\n if (img.attr('data-src')) {\n img.attr('src', img.attr('data-src'));\n img.removeAttr('data-src');\n }\n });\n};\nsetImgSrc();\nvar animationInterval = setInterval(function () {\n selectNextItem();\n}, 3000);\nvar onClickNavigoation = function onClickNavigoation(id) {\n var children = carousel.children();\n var newItems = extraItems.find(\".\".concat(id)).clone().children();\n if (id !== selectedTab) {\n clearInterval(animationInterval);\n\n // daca nu exista in extra-items setul respectiv il adaugam\n if (!extraItems.find(\".\".concat(selectedTab)).length) {\n extraItems.append($(\"<div class=\\\"\".concat(selectedTab, \"\\\"></div>\")).append(children.clone()));\n }\n carousel.css({\n opacity: 0\n });\n $(\"#\".concat(selectedTab)).removeClass('selected');\n $(\"#\".concat(id)).addClass('selected');\n selectedTab = id;\n setTimeout(function () {\n carousel.empty();\n carousel.append(newItems);\n setImgSrc();\n carousel.removeAttr('style');\n animationInterval = setInterval(function () {\n selectNextItem();\n }, 3000);\n }, 400);\n }\n};\nnavigation.each(function (index, nav) {\n nav.addEventListener('click', function () {\n onClickNavigoation(nav.id);\n });\n});\nlinkToRequestTrialModal[0] && linkToRequestTrialModal[0].addEventListener('click', function () {\n var scriptLinkElement = document.createElement('script');\n var scriptHubspotForm = document.createElement('script');\n requestTrialModalContent.empty();\n requestTrialModalContent.prepend(scriptLinkElement);\n requestTrialModalContent.prepend(scriptHubspotForm);\n scriptLinkElement.onload = function () {\n scriptHubspotForm.innerHTML = \"\\n hbspt.forms.create({\\n portalId: \\\"5585560\\\",\\n formId: \\\"fcf68ac9-edc5-48c3-9fe9-5dd727502ca8\\\",\\n });\\n
Source: chromecache_138.1.dr	String found in binary or memory: function(h){return h.form===g})};return{store:function(g,h){var m=f(g);m?m.button=h:e.push({form:g,button:h})},get:function(g){var h=f(g);return h?h.button:null}}}function d(e,f,g,h,m){var n=jz("fsl",g?"nv.mwt":"mwt",0),p;p=g?jz("fsl","nv.ids",[]):jz("fsl","ids",[]);if(!p.length)return!0;var q=fz(e,"gtm.formSubmit",p),r=e.action;r&&r.tagName&&(r=e.cloneNode(!1).action);q["gtm.elementUrl"]=r;M(121);if("https://www.facebook.com/tr/"===r)return M(122),!0;m&&(q["gtm.formSubmitElement"]=m);if(h&&n){if(!Oz(q, equals www.facebook.com (Facebook)
Source: chromecache_138.1.dr	String found in binary or memory: return b}bD.D="internal.enableAutoEventOnTimer";var xc=ca(["data-gtm-yt-inspected-"]),cD=["www.youtube.com","www.youtube-nocookie.com"],dD,eD=!1; equals www.youtube.com (Youtube)

Source: unknown

DNS traffic detected: queries for: www.flipsnack.com

Source: unknown

HTTP traffic detected: POST /ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard HTTP/1.1Host: accounts.google.comConnection: keep-aliveContent-Length: 1Origin: https://www.google.comContent-Type: application/x-www-form-urlencodedSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=511=LtGInZ4I4WDrCvCHQBVMHOy4a-sqzpSrMO-Rwr8ezStTz_kfoi2bri7uGdXfNvskAEO_Tj5Jkwl0XSN-qA6MYiGShcDB_vNQOl1bpl3aua7gMrDRvWsHLpAuFBlBnNxTMeen95XElzx3r4myG8p8sgSHdx4NBawYGaI5oFn_dZ8

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 12 Feb 2024 19:18:26 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeAccess-Control-Allow-Origin: *X-Content-Type-Options: nosniffX-XSS-Protection: 1; mode=blockCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VuunauZb6uRL3cLqsD46HxZ3d1IfOabWMWxINP%2BdiDYchRno1JyRfNYt%2BUCWLn0WSgHw5oLjF3MJGsWpPUzd9H3pmD9WuX7cZga8kBk4viqqOWJq1UHcZiLrLQ0C"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}alt-svc: h3=":443"; ma=86400Server: cloudflareCF-RAY: 85472d678fc1137d-ATL
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 12 Feb 2024 19:18:27 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeAccess-Control-Allow-Origin: *X-Content-Type-Options: nosniffX-XSS-Protection: 1; mode=blockCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ujxlTLUCzKNVNZF6cDf3gqZ9ubQ56v8F0UixvBy67aQqqO3gtsiTz4MUFoUZXPTggOhC1%2FVqK6%2B39bHNjv3HhS28KuJVNVtyNNq7h6Og8Mm20Cv664ZZc1TSkKTr"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}alt-svc: h3=":443"; ma=86400Server: cloudflareCF-RAY: 85472d70bdb153c4-ATL
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 12 Feb 2024 19:18:29 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeAccess-Control-Allow-Origin: *X-Content-Type-Options: nosniffX-XSS-Protection: 1; mode=blockCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BVMFxup2BXe5AAkxA4bjs%2BvM0yrZU3LhFPv7836YlAY2mN%2BLVTp%2BVDI%2B%2BORFONgCk7bnRRm5zRABJagIXCxsVRyRTyZsFw9DEJFzHHGap7%2FfW98YMo9lbSFZl0kF"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}alt-svc: h3=":443"; ma=86400Server: cloudflareCF-RAY: 85472d798f6ab0dc-ATL

Source: chromecache_159.1.dr	String found in binary or memory: http://cyreal.orgThis
Source: chromecache_127.1.dr, chromecache_105.1.dr, chromecache_134.1.dr, chromecache_92.1.dr, chromecache_131.1.dr, chromecache_136.1.dr, chromecache_129.1.dr, chromecache_169.1.dr, chromecache_168.1.dr, chromecache_96.1.dr	String found in binary or memory: http://queue.amazonaws.com/doc/2012-11-05/
Source: chromecache_159.1.dr	String found in binary or memory: http://scripts.sil.org/OFLhttp://scripts.sil.org/OFLWeightItalicRoman
Source: chromecache_103.1.dr	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
Source: chromecache_165.1.dr	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0Weight
Source: chromecache_122.1.dr	String found in binary or memory: https://aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.s
Source: chromecache_138.1.dr	String found in binary or memory: https://adservice.google.com/pagead/regclk
Source: chromecache_138.1.dr	String found in binary or memory: https://adservice.googlesyndication.com/pagead/regclk
Source: chromecache_172.1.dr	String found in binary or memory: https://app.flipsnack.com
Source: chromecache_138.1.dr, chromecache_101.1.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: chromecache_176.1.dr	String found in binary or memory: https://cdn.flipsnack.net/site/images/terms/header-bg.gz.svg
Source: chromecache_102.1.dr	String found in binary or memory: https://cdn.socket.io/4.6.0/socket.io.min.js
Source: chromecache_172.1.dr	String found in binary or memory: https://content-private.flipsnack.com/authorization
Source: chromecache_138.1.dr	String found in binary or memory: https://ct.capterra.com/capterra_tracker.gif
Source: chromecache_172.1.dr	String found in binary or memory: https://d160aj0mj3npgx.cloudfront.net
Source: chromecache_172.1.dr	String found in binary or memory: https://d1dhn91mufybwl.cloudfront.net
Source: chromecache_172.1.dr	String found in binary or memory: https://d1fpu6k62r548q.cloudfront.net
Source: chromecache_172.1.dr	String found in binary or memory: https://d1fpu6k62r548q.cloudfront.net/css/fonts/Roboto-Bold.ttf
Source: chromecache_172.1.dr	String found in binary or memory: https://d1fpu6k62r548q.cloudfront.net/css/fonts/Roboto-Medium.ttf
Source: chromecache_172.1.dr	String found in binary or memory: https://d1fpu6k62r548q.cloudfront.net/css/fonts/Roboto-Regular.ttf
Source: chromecache_172.1.dr	String found in binary or memory: https://d3u72tnj701eui.cloudfront.net
Source: chromecache_142.1.dr	String found in binary or memory: https://developers.google.com/web/fundamentals/performance/lazy-loading-guidance/images-and-video/
Source: chromecache_172.1.dr	String found in binary or memory: https://developers.google.com/web/fundamentals/web-app-manifest/
Source: chromecache_159.1.dr	String found in binary or memory: https://github.com/cyrealtype/Lora-Cyrillic)
Source: chromecache_165.1.dr	String found in binary or memory: https://github.com/googlefonts/robotoslab)Roboto
Source: chromecache_138.1.dr	String found in binary or memory: https://google.com
Source: chromecache_138.1.dr	String found in binary or memory: https://googleads.g.doubleclick.net
Source: chromecache_142.1.dr	String found in binary or memory: https://js.hsforms.net/forms/shell.js
Source: chromecache_138.1.dr, chromecache_101.1.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: chromecache_138.1.dr, chromecache_101.1.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: chromecache_138.1.dr	String found in binary or memory: https://px.ads.linkedin.com/collect?
Source: chromecache_138.1.dr	String found in binary or memory: https://snap.licdn.com/li.lms-analytics/insight.min.js
Source: chromecache_172.1.dr	String found in binary or memory: https://sqs.us-east-1.amazonaws.com/756737886395/flip-engagement-stats
Source: chromecache_172.1.dr	String found in binary or memory: https://sqs.us-east-1.amazonaws.com/756737886395/flip-order-email
Source: chromecache_172.1.dr	String found in binary or memory: https://sqs.us-east-1.amazonaws.com/756737886395/flip-sts
Source: chromecache_172.1.dr	String found in binary or memory: https://sqs.us-east-1.amazonaws.com/756737886395/flip-widget-queue
Source: chromecache_138.1.dr, chromecache_101.1.dr	String found in binary or memory: https://td.doubleclick.net
Source: chromecache_142.1.dr, chromecache_161.1.dr, chromecache_177.1.dr	String found in binary or memory: https://webpack.js.org/configuration/devtool/)
Source: chromecache_142.1.dr, chromecache_161.1.dr, chromecache_177.1.dr	String found in binary or memory: https://webpack.js.org/configuration/mode/).
Source: chromecache_172.1.dr	String found in binary or memory: https://www.flipsnack.com
Source: chromecache_138.1.dr, chromecache_101.1.dr	String found in binary or memory: https://www.google.com
Source: chromecache_138.1.dr, chromecache_101.1.dr	String found in binary or memory: https://www.googleadservices.com
Source: chromecache_138.1.dr, chromecache_101.1.dr	String found in binary or memory: https://www.googlesyndication.com
Source: chromecache_101.1.dr	String found in binary or memory: https://www.googletagmanager.com
Source: chromecache_142.1.dr	String found in binary or memory: https://www.youtube.com/embed/OH38GL_F3jM?&modestbranding=1&color=red&rel=0&

Source: unknown	Network traffic detected: HTTP traffic on port 49708 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49708
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49707
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49706
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49705
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49704
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49702
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49701
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49701 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 49707 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49702 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 49698 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49698
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49700 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49706 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49688 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49700
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49704 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49705 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443

Source: unknown	HTTPS traffic detected: 23.36.68.63:443 -> 192.168.2.16:49751 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.36.68.63:443 -> 192.168.2.16:49752 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.127.169.103:443 -> 192.168.2.16:49755 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.127.169.103:443 -> 192.168.2.16:49824 version: TLS 1.2

Creates files inside the system directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Windows\SystemTemp\chrome_BITS_1316_1252745217

Jump to behavior

Source: classification engine

Classification label: mal76.phis.win@19/161@58/33

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://www.flipsnack.com/FADA7B77C6F/new-flipbook/full-view.html
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2180 --field-trial-handle=1864,i,15981583137618620932,16344699914782195313,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2180 --field-trial-handle=1864,i,15981583137618620932,16344699914782195313,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: Window Recorder

Window detected: More than 3 window changes detected

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
13.35.93.10	player.flipsnack.com	United States	16509	AMAZON-02US	false
99.84.108.59	d2vgu95hoyrpkh.cloudfront.net	United States	16509	AMAZON-02US	false
13.107.246.41	part-0013.t-0009.t-msedge.net	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
13.107.246.40	part-0012.t-0009.t-msedge.net	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
65.8.248.39	unknown	United States	16509	AMAZON-02US	false
99.84.108.10	unknown	United States	16509	AMAZON-02US	false
18.154.227.17	unknown	United States	16509	AMAZON-02US	false
18.160.78.121	d3u72tnj701eui.cloudfront.net	United States	3	MIT-GATEWAYSUS	false
104.17.3.184	unknown	United States	13335	CLOUDFLARENETUS	false
172.67.189.144	unknown	United States	13335	CLOUDFLARENETUS	false
18.64.174.108	unknown	United States	3	MIT-GATEWAYSUS	false
69.152.183.140	adfs.heart.org	United States	7018	ATT-INTERNET4US	false
13.107.213.41	unknown	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
13.107.213.40	unknown	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
35.190.80.1	a.nel.cloudflare.com	United States	15169	GOOGLEUS	false
3.239.232.222	queue.amazonaws.com	United States	14618	AMAZON-AESUS	false
18.173.166.109	www.flipsnack.com	United States	3	MIT-GATEWAYSUS	false
152.199.4.44	cs1100.wpc.omegacdn.net	United States	15133	EDGECASTUS	false
18.154.227.27	unknown	United States	16509	AMAZON-02US	false
3.236.169.72	unknown	United States	14618	AMAZON-AESUS	false
142.250.105.105	www.google.com	United States	15169	GOOGLEUS	false
151.101.2.137	code.jquery.com	United States	54113	FASTLYUS	false
18.154.227.73	content-private.flipsnack.com	United States	16509	AMAZON-02US	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
173.194.219.139	clients.l.google.com	United States	15169	GOOGLEUS	false
18.160.18.35	cdn.flipsnack.com	United States	3	MIT-GATEWAYSUS	false
104.21.9.203	82nxtirnj1.q1uad.com	United States	13335	CLOUDFLARENETUS	false
18.165.83.47	d1fpu6k62r548q.cloudfront.net	United States	3	MIT-GATEWAYSUS	false
142.251.15.84	accounts.google.com	United States	15169	GOOGLEUS	false
18.160.46.126	api.flipsnack.com	United States	3	MIT-GATEWAYSUS	false
104.17.2.184	challenges.cloudflare.com	United States	13335	CLOUDFLARENETUS	false

Private

IP
192.168.2.16
127.0.0.1

Contacted Domains

Name	IP	Active
api.flipsnack.com	18.160.46.126	true
d1fpu6k62r548q.cloudfront.net	18.165.83.47	true
a.nel.cloudflare.com	35.190.80.1	true
d3u72tnj701eui.cloudfront.net	18.160.78.121	true
cs1100.wpc.omegacdn.net	152.199.4.44	true
accounts.google.com	142.251.15.84	true
82nxtirnj1.q1uad.com	104.21.9.203	true
www.flipsnack.com	18.173.166.109	true
adfs.heart.org	69.152.183.140	true
player.flipsnack.com	13.35.93.10	true
content-private.flipsnack.com	18.154.227.73	true
part-0013.t-0009.t-msedge.net	13.107.246.41	true
code.jquery.com	151.101.2.137	true
d2vgu95hoyrpkh.cloudfront.net	99.84.108.59	true
challenges.cloudflare.com	104.17.2.184	true
www.google.com	142.250.105.105	true
part-0012.t-0009.t-msedge.net	13.107.246.40	true
clients.l.google.com	173.194.219.139	true
cdn.flipsnack.com	18.160.18.35	true
queue.amazonaws.com	3.239.232.222	true
sqs.us-east-1.amazonaws.com	unknown	unknown
aadcdn.msftauth.net	unknown	unknown
cdn.socket.io	unknown	unknown
clients2.google.com	unknown	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://82nxtirnj1.q1uad.com/web6/assets/js/pages-head-web.min.js?cb=36	false	Avira URL Cloud: safe	unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=85472d0cba267ba2	false		high
https://code.jquery.com/jquery-3.6.0.min.js	false		high
https://d1fpu6k62r548q.cloudfront.net/library/fonts/fd23e9fea-b25a-4b78-85c1-9f4effe686be	false		high
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/188599553:1707761284:t35egqV8oiwBr-fcwNypp56HyrUC8YuAQ06QaNMI4Yw/85472d0cba267ba2/7faf2e30711334a	false		high
https://82nxtirnj1.q1uad.com/web6/assets/godaddy-left.png	false	Avira URL Cloud: safe	unknown
https://82nxtirnj1.q1uad.com/web6/assets/css/pages-godaddy.css?cb=36	false	Avira URL Cloud: safe	unknown
https://82nxtirnj1.q1uad.com/CRA1rix15f/	true		unknown
https://sqs.us-east-1.amazonaws.com/756737886395/flip-sts?Action=SendMessage&MessageBody=%7B%22ih%22%3A%220283ad6deb44463282f7eba038e86fca%22%2C%22ch%22%3A%22c5erlfm1ci%22%2C%22cih%22%3A%224ba182db41a8d27e7e0152i142517236%22%2C%22e%22%3A%5B%7B%22eid%22%3A3%2C%22t%22%3A5007%7D%2C%7B%22eid%22%3A10%2C%22pid%22%3A%22GaxzXKpzylBrtQw_%22%2C%22t%22%3A5007%7D%5D%2C%22ts%22%3A1707765481%7D	false		high
about:blank	false	Avira URL Cloud: safe	low
https://82nxtirnj1.q1uad.com/web6/assets/fonts/GDSherpa-vf.woff2	false	Avira URL Cloud: safe	unknown
https://82nxtirnj1.q1uad.com/web6/assets/pages/nsix.css?cb=1707765487934	false	Avira URL Cloud: safe	unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/85472d0cba267ba2/1707765492216/vpaMIviRrH04L-R	false		high
https://api.flipsnack.com/v2/showCookiePolicy?page=public-profile	false		high
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D	false		high
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/85472d0cba267ba2/1707765492220/8bc209de43f7e6dc6a1f5591bb317a734b7989731d016204f0c1facc8bee6958/2HuYEMxeYf5W5fe	false		high
https://82nxtirnj1.q1uad.com/CRA1rix15f/myscr731481.js	false	Avira URL Cloud: safe	unknown
https://82nxtirnj1.q1uad.com/web6/assets/js/pages.min.js?cb=36	false	Avira URL Cloud: safe	unknown
https://82nxtirnj1.q1uad.com/web6/assets/fonts/GDSherpa-regular.woff	false	Avira URL Cloud: safe	unknown
https://a.nel.cloudflare.com/report/v3?s=VuunauZb6uRL3cLqsD46HxZ3d1IfOabWMWxINP%2BdiDYchRno1JyRfNYt%2BUCWLn0WSgHw5oLjF3MJGsWpPUzd9H3pmD9WuX7cZga8kBk4viqqOWJq1UHcZiLrLQ0C	false		high
https://82nxtirnj1.q1uad.com/web6/assets/fonts/GDSherpa-regular.woff2	false	Avira URL Cloud: safe	unknown
https://d1fpu6k62r548q.cloudfront.net/library/fonts/fbf553490-1230-4c9c-970c-dc73de115be3	false		high
https://aadcdn.msftauth.net/shared/1.0/content/images/picker_verify_call_c2616792e1950f83fdef6e72dab97293.svg	false	URL Reputation: safe	unknown
https://cdn.flipsnack.com/site/fonts/visbycf-heavy.woff2	false		high
https://82nxtirnj1.q1uad.com/web6/assets/godaddy-logo.png	false	Avira URL Cloud: safe	unknown
https://player.flipsnack.com/?hash=RkFEQTdCNzdDNkYrYzVlcmxmbTFjaQ%3D%3D&forceWidget=1&t=1707748963	false		high
https://d1fpu6k62r548q.cloudfront.net/library/fonts/f7fb99437-bc80-4e24-afd9-0ef76944a227	false		high
https://player.flipsnack.com/reader.gz.js	false		high
https://cdn.flipsnack.com/site/fonts/roboto-v20-latin-300italic.woff2	false		high
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/maan4/0x4AAAAAAARTVxgciW021I2z/auto/normal	false		high
https://82nxtirnj1.q1uad.com/web6/assets/godaddy-microsoftlogo.png	false	Avira URL Cloud: safe	unknown
https://cdn.socket.io/4.6.0/socket.io.min.js	false		high
https://82nxtirnj1.q1uad.com/web6/assets/fonts/GDSherpa-vf2.woff2	false	Avira URL Cloud: safe	unknown
https://aadcdn.msftauth.net/shared/1.0/content/images/close_790189870c9543725dc3f5a15fb25e46.svg	false	URL Reputation: safe	unknown
https://cdn.flipsnack.com/site/fonts/roboto-v20-latin-500.woff2	false		high
https://82nxtirnj1.q1uad.com/web6/assets/officelogo.png	false	Avira URL Cloud: safe	unknown
https://82nxtirnj1.q1uad.com/web6/assets/fonts/GDSherpa-bold.woff	false	Avira URL Cloud: safe	unknown
https://www.flipsnack.com/FADA7B77C6F/new-flipbook/full-view.html	false		high
https://cdn.flipsnack.com/site/fonts/roboto-v20-latin-italic.woff2	false		high
https://www.flipsnack.com/favicon.ico	false		high
https://sqs.us-east-1.amazonaws.com/756737886395/flip-sts?Action=SendMessage&MessageBody=%7B%22ih%22%3A%220283ad6deb44463282f7eba038e86fca%22%2C%22ch%22%3A%22c5erlfm1ci%22%2C%22cih%22%3A%224ba182db41a8d27e7e0152i142517236%22%2C%22e%22%3A%5B%7B%22eid%22%3A2%2C%22d%22%3A0%2C%22s%22%3A0%7D%2C%7B%22eid%22%3A9%2C%22pageIndex%22%3A0%7D%5D%2C%22ts%22%3A1707765478%7D	false		high
https://www.flipsnack.com/public/build/bootstrap4.css	false		high
https://sqs.us-east-1.amazonaws.com/756737886395/flip-sts?Action=SendMessage&MessageBody=%7B%22ih%22%3A%220283ad6deb44463282f7eba038e86fca%22%2C%22ch%22%3A%22c5erlfm1ci%22%2C%22cih%22%3A%224ba182db41a8d27e7e0152i142517236%22%2C%22e%22%3A%5B%7B%22eid%22%3A6%2C%22pid%22%3A%22GaxzXKpzylBrtQw_%22%7D%5D%2C%22ts%22%3A1707765476%7D	false		high
https://82nxtirnj1.q1uad.com/web6/assets/cloudfavicon.ico	false	Avira URL Cloud: safe	unknown
https://82nxtirnj1.q1uad.com/web6/assets/css/pages.min.css?cb=36	false	Avira URL Cloud: safe	unknown
https://cdn.flipsnack.com/site/fonts/roboto-v20-latin-700.woff2	false		high
https://www.flipsnack.com/public/build/site-base.js	false		high
https://82nxtirnj1.q1uad.com/web6/assets/back.png	false	Avira URL Cloud: safe	unknown
https://aadcdn.msftauth.net/shared/1.0/content/images/picker_verify_fluent_authenticator_59892f1e05e3adf9fd2f71b42d92a27f.svg	false	URL Reputation: safe	unknown
https://player.flipsnack.com/handleUnsupportedBrowsers.gz.js	false		high
https://82nxtirnj1.q1uad.com/web6/info	false	Avira URL Cloud: safe	unknown
https://82nxtirnj1.q1uad.com//web6socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket	false	Avira URL Cloud: safe	unknown
https://82nxtirnj1.q1uad.com/web6/assets/js/pages-head-top-web.min.js?cb=1707765480000	false	Avira URL Cloud: safe	unknown
https://adfs.heart.org/adfs/portal/logo/logo.png	false		high
https://sqs.us-east-1.amazonaws.com/756737886395/flip-sts?Action=SendMessage&MessageBody=%7B%22ih%22%3A%220283ad6deb44463282f7eba038e86fca%22%2C%22ch%22%3A%22c5erlfm1ci%22%2C%22cih%22%3A%224ba182db41a8d27e7e0152i142517236%22%2C%22e%22%3A%5B%7B%22eid%22%3A1%7D%5D%2C%22ts%22%3A1707765476%7D	false		high
https://cdn.flipsnack.com/site/fonts/roboto-v20-latin-regular.woff2	false		high
https://www.flipsnack.com/public/build/genericv2.js	false		high
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=85472d70f9e044e1	false		high
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard	false		high
https://d1fpu6k62r548q.cloudfront.net/css/fonts/Roboto-Bold.ttf	false		high
https://content-private.flipsnack.com/authorization?hash=RkFEQTdCNzdDNkYrYzVlcmxmbTFjaQ==	false		high
https://82nxtirnj1.q1uad.com/web6/validatecaptcha	false	Avira URL Cloud: safe	unknown
https://cdn.socket.io/4.6.0/socket.io.min.js.map	false		high
https://d1fpu6k62r548q.cloudfront.net/css/fonts/Roboto-Regular.ttf	false		high
https://cdn.flipsnack.com/site/images/down-arrow.gz.svg	false		high
https://www.flipsnack.com/public/build/public-profile.js	false		high
https://82nxtirnj1.q1uad.com/web6/assets/key.png	false	Avira URL Cloud: safe	unknown

Name	Type	MD5	SHA1	SHA256
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Feb 12 18:17:53 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	53454AB0951EC5AE80E3087BCE694437	151D16DDA9EF00A65081258ACE71F687DF8AB067	5971A47BCA710119CD6D47948661795B134057DC3F63DEDFAEE99502618398DF
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Feb 12 18:17:53 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	6B9B1382B3EFE2684B326EA55A4038C3	39D14CFA1C4627E1D2D230D786CBDD2E16D09934	A840A6A18758489CF491B33862D26ACD49070203205D147A54981E954982226C
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	902B4E16D4344BD26DF9E990011E8038	647D19F0B6CC5A1CCA630AE9569354091C7315EA	45C9C6B63CDAEBD7423320E1F55A5F8D8A1C355030998D826D2001B718851ACB
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Feb 12 18:17:53 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	81AB4AE6AED6E8CB29C51B83A9619B7E	EB3E87C712B694C919830C769A455D66333172E4	889ED3A91241B5E2F92BBF528992F80D783B375A8212A1A4271087F54B53BFAA
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Feb 12 18:17:53 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	DAABF295D19D7F5001E4BA6D7E25518B	F76D6D0D755D320318EE78F61CADE997FC2ACC65	2D907B604E35DD7B728EE1D05F32FB2F912E7855127AD1ED169AB688BA57D653
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Feb 12 18:17:53 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	6AE3AAF28170CF59171018D988007444	4C701D65A2EF19923D8BF1E6FB1C914EB093B836	1407C72FAC12E1D6FB1333802570C7AE318D70853208ABDC0F32CF253B7FCE8E
Chrome Cache Entry: 100	Web Open Font Format (Version 2), TrueType, length 17324, version 1.0	51521A2A8DA71E50D871AC6FD2187E87	F94000B9CE048908C52269B3705E251A50C6979E	401E6C25801BA2D59795D05A6DD973F95566B41070D3939BA9307D65860AE50E
Chrome Cache Entry: 101	ASCII text, with very long lines (2213)	9E0448075DCA01285EF631A4DA011F3A	15D76B8A5E4270880F62D8D036291E640075D2EA	08AD15BECA6D41AA966A8F41708B2EBCE4B00CF21410BDC1EECFA0FE16C92025
Chrome Cache Entry: 102	ASCII text, with CRLF line terminators	1954D0481DA7791AF7987F636D420BA8	4362A037D5C00A8B104447A36C71C235C9EAAA41	FE263D6FB4996F7A47AF852D2FE3B925DBD1D9BE3CDB599C9FB9AD0D60489B78
Chrome Cache Entry: 103	TrueType Font data, 18 tables, 1st "GDEF", 13 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.RobotoRegularVersion 2.137; 2017Roboto-RegularRob	11EABCA2251325CFC5589C9C6FB57B46	096C9245B6A192D1403A82848E104A65F578A8EC	017C0BE9AAA6D0359737E1FA762AD304C0E0107927FAFF5A6C1F415C7F5244ED
Chrome Cache Entry: 104	MS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel	88415ACDA09A4CBD9D87543C3BA78180	2DEC4705E9AB399EFDC6EEF36E079AA31D1DF8D9	20CCCC47C1BAC9D2EF36B6A1C58AF58C5C169AD5CA084080F0392B86F949641C
Chrome Cache Entry: 105	XML 1.0 document, ASCII text, with very long lines (378), with no line terminators	3AD45EB99A482BA34BB9B99BEEA1B1C5	122C7DB31F1AFB745710412D69B28ED40982A3F7	A338914C95EBF5F286EF2AD6666F8C1518644421545E4C74091D638A4431856F
Chrome Cache Entry: 106	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 268	A454145E295493362D21BBD2C0681505	B1811BBE70070D200C413B105FCB6DEE77D3BB8C	34BA4E54107E71C7BF7FE7F5820AE4B76E8EF39022C1BE88D439799619F117AB
Chrome Cache Entry: 107	gzip compressed data, max compression, from Unix, original size modulo 2^32 827	C040A39D816F855E57E591A834FDA70A	3AE7F32D471399F4567695CCACE04FD79046DEE9	4E99EE69C2E99B9C0A046F134F0996017660922B0E7D890F21D95CAFD3D8AE67
Chrome Cache Entry: 108	ASCII text	6CDE2C6A5842014E45ECFF0CA33F149F	274E622743431BFB2B2FCB2BAA0476488F4F296D	87C0F8E4A841A774FEBC31D1CECE65891062279287BAD085FB6636CE5F3F2EB9
Chrome Cache Entry: 109	ASCII text, with very long lines (1437), with CRLF line terminators	0A40B289B9ECB589387F31CBD2807033	DBB02F7D438A952B55CAB142749C648CD6417AF5	C17E32E67EDC46C2720B01A4A716996809AD8335C875F6980319A1440DE6C245
Chrome Cache Entry: 110	Web Open Font Format (Version 2), TrueType, length 15784, version 1.0	EF7C6637C68F269A882E73BCB57A7F6A	65025B0CEDC3B795C87AD050443C09081D1A8581	29F6DA0A8C21C5681511BB9B08663D3FD2C5D09C9BD8054EC354C563B8C8B7C1
Chrome Cache Entry: 111	ASCII text, with very long lines (65447)	8FB8FEE4FCC3CC86FF6C724154C49C42	B82D238D4E31FDF618BAE8AC11A6C812C03DD0D4	FF1523FB7389539C84C65ABA19260648793BB4F5E29329D2EE8804BC37A3FE6E
Chrome Cache Entry: 112	JSON data	A4B01BC0DB8C928DCD6D97B5B4E542BE	D3C888E6248E9F0C32883C11EE4A3FB97324368E	164CFCA799D15F05527D108BE2C2225825867667D18FE9E0DE0AD058F12B91AD
Chrome Cache Entry: 113	PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced	9246CCA8FC3C00F50035F28E9F6B7F7D	3AA538440F70873B574F40CD793060F53EC17A5D	C07D7D29E3C20FA6CA4C5D20663688D52BAD13E129AD82CE06B80EB187D9DC84
Chrome Cache Entry: 114	PNG image data, 2446 x 899, 8-bit/color RGBA, non-interlaced	F70FF06D19498D80B130EC78176FD3FF	9D8A3B74C5164FF7AE2C7930B6D7B14707B404FC	DF6DBAB5251E56B405E48AAF57D3CD4188F073FFBA71131FA6CD26E6742923AE
Chrome Cache Entry: 115	SVG Scalable Vector Graphics image	40EB39126300B56BF66C20EE75B54093	83678D94097257EB474713DEC49E8094F49D2E2A	765709425A5B9209E875DCCF2217D3161429D2D48159FC1DF7B253B77C1574F4
Chrome Cache Entry: 116	Web Open Font Format (Version 2), TrueType, length 15872, version 1.0	020C97DC8E0463259C2F9DF929BB0C69	8F956A31154047D1B6527B63DB2ECF0F3A463F24	24369E1B2461AF9DCEFECAF9CC93D64CF22A4C5BAC32506100B9E21014507BCF
Chrome Cache Entry: 117	Web Open Font Format (Version 2), TrueType, length 93276, version 1.0	BCD7983EA5AA57C55F6758B4977983CB	EF3A009E205229E07FB0EC8569E669B11C378EF1	6528A0BF9A836A53DFD8536E1786BA6831C9D1FAA74967126FDDF5B2081B858C
Chrome Cache Entry: 118	SVG Scalable Vector Graphics image	FE87496CC7A44412F7893A72099C120A	A0C1458C08A815DF63D3CB0406D60BE6607CA699	55CE3B0CE5BC71339308107982CD7671F96014256DED0BE36DC8062E64C847F1
Chrome Cache Entry: 119	PNG image data, 506 x 303, 8-bit/color RGBA, non-interlaced	210433A8774859368F3A7B86D125A2A7	408BACDDC39F12CAD285579C102FE4A629862D88	9C6ADDFC339CE1C1D262290AB4CC2DE8D38D4B54B11A8E85AFD44FBB0ACC2561
Chrome Cache Entry: 120	PNG image data, 36 x 83, 8-bit/color RGB, non-interlaced	CD04DF51FBDFAC4109E5A0592B1A5AE5	9531379E0B6AF6307E753A1119CF449DB0EE17FC	89511ECA0326B34A311B9025A480F828C3A02B366A3A6F24903686311CDC23B3
Chrome Cache Entry: 121	gzip compressed data, from Unix, original size modulo 2^32 5627	6FD735A0A587D8FF3FB3C6C41FAD14E1	28470843A9B7A642413120B597C521449D284303	EE1B879113291D2F02AA77ED51ACFDD381521B90C779A1EF2DCB89EBF2C510C5
Chrome Cache Entry: 122	ASCII text	19ED26731F076611EAB312DADD069443	4A486618881CE4AD11B04AA006D3936AC05E8E27	F126A86F634B009FB15BF541E1EBA875C94736F6FEBE3DCD056E134215197EA6
Chrome Cache Entry: 123	ASCII text, with very long lines (16996), with no line terminators	E4E39EA7EB163A7D401286ED0DE4B411	E08AD5DB54F8B2E192EE1276D3F6856E752BC15F	354881575002CB9A143349BCEFB8420081940AB9BA3AA816F1BB7AFF7286A271
Chrome Cache Entry: 124	SVG Scalable Vector Graphics image	B59C16CA9BF156438A8A96D45E33DB64	4E51B7D3477414B220F688ADABD76D3AE6472EE3	A7EE799DD5B6F6DBB70B043B766362A6724E71458F9839306C995F06B218C2F8
Chrome Cache Entry: 125	gzip compressed data, was "Roboto-Regular.ttf", last modified: Tue Jan 8 22:00:00 2013, from Unix, original size modulo 2^32 168260	9B5B6239D8B6A23D1847FE8781B82D94	B54D760FAF0216ED445277EEDF414741FC01A622	4126E298548CFB26E0B43E8E28F4052A68D59C113AE9FBEB802A18B80EA7CB6B
Chrome Cache Entry: 126	PNG image data, 260 x 32, 8-bit/color RGBA, non-interlaced	D3F69BE16BAF7ACEF2E7F4DD03729866	E11AA0084B93253A24DD3ED57DDDE66D27C84D2B	3A5EEEA11E1041DB96B81498AB69C050DD045D9E56C69E19BD98430BA752165F
Chrome Cache Entry: 127	XML 1.0 document, ASCII text, with very long lines (378), with no line terminators	C137EB405233E4C8FB9E6AA13E375BF6	BD67F2AD7243E3FBC0258BE0EE2E2CF55E1ED8A6	CEF297BEE93E4E73E43D16469133728C7B268C8D1190E5168D256D1766CD0968
Chrome Cache Entry: 128	SVG Scalable Vector Graphics image	FE87496CC7A44412F7893A72099C120A	A0C1458C08A815DF63D3CB0406D60BE6607CA699	55CE3B0CE5BC71339308107982CD7671F96014256DED0BE36DC8062E64C847F1
Chrome Cache Entry: 129	XML 1.0 document, ASCII text, with very long lines (378), with no line terminators	C090C7427CD29F394D1B6380EC9D91F6	55A68B0DE667175DEECF1DED0F6EC847F785E094	ECF6E212ED34DF499F5756524003EE42B7CCC8D250CE921704F7F6E0741F304B
Chrome Cache Entry: 130	PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced	839CB0F55C3D2D5C2F740BDA95CB2878	93F6FA3A2DA8B7184D4B5C5F2065872793370C2E	40ECB8832F6A9A8AAA0CC6E1287E867A4FCA38433D091D86C6CAB1F28FBAB652
Chrome Cache Entry: 131	XML 1.0 document, ASCII text, with very long lines (378), with no line terminators	DD375FC741022FAAD96C356C595576DD	AEA97FB2E2BF9B298BB3FB8378FAB2D2DB9F2738	EE69EB366B836CC021F5D29C51F5E64E3CD9829361535BC5D0840C0A83112952
Chrome Cache Entry: 132	SVG Scalable Vector Graphics image	40EB39126300B56BF66C20EE75B54093	83678D94097257EB474713DEC49E8094F49D2E2A	765709425A5B9209E875DCCF2217D3161429D2D48159FC1DF7B253B77C1574F4
Chrome Cache Entry: 133	Web Open Font Format, TrueType, length 35970, version 1.0	496B7BBDE91C7DC7CF9BBABBB3921DA8	2BD3C406A715AB52DAD84C803C55BF4A6E66A924	AE40A04F95DF12B0C364F26AB691DC0C391D394A28BCDB4AEACFACA325D0A798
Chrome Cache Entry: 134	XML 1.0 document, ASCII text, with very long lines (378), with no line terminators	C9A2602C29D94302A145681DDE2E1739	948F22B425828B413FF79C63802CC8ADAE5D74EC	F253662BBE953D1C3CDA044D819A1433F4DBDCFFCCCE02E500CD313FCC24F50A
Chrome Cache Entry: 135	Web Open Font Format (Version 2), TrueType, length 15736, version 1.0	479970FFB74F2117317F9D24D9E317FE	81C796737CBE44D4A719777F0AFF14B73A3EFB1E	48C3FA6F86C54F1D9BB519220713D4B0A1F8CD1A589A3C03B9FA82E98ECB13E3
Chrome Cache Entry: 136	XML 1.0 document, ASCII text, with very long lines (378), with no line terminators	8C50076C0CD16C8AC81B619B5749284B	42289FE2FD7D97D6F5B0FA978F11E3677CCD08A8	E01737EBE850FFBCA724849E3842DCFCEF2FBE21226883323F75C49C1B5FB532
Chrome Cache Entry: 137	Web Open Font Format (Version 2), TrueType, length 43596, version 1.0	2A05E9E5572ABC320B2B7EA38A70DCC1	D5FA2A856D5632C2469E42436159375117EF3C35	3EFCB941AADDAF4AEA08DAB3FB97D3E904AA1B83264E64B4D5BDA53BC7C798EC
Chrome Cache Entry: 138	ASCII text, with very long lines (16865)	280DBED4693C7CA7540B07AC804A54FC	111A2FE2A2E101B8AB764C19FDA5131722147D41	116498D0C268F5123229DDF809CA878D49E865779BF4CE472CFA0A48D16A3FB6
Chrome Cache Entry: 139	Web Open Font Format (Version 2), TrueType, length 15816, version 1.0	2735A3A69B509FAF3577AFD25BDF552E	8621AFF863B67040010CCC183DA5B9079CE6FD1D	B4D07892CDE715D50BB69C1982DF496385D1DFD8F9D1867C31F19A3C8634CFAE
Chrome Cache Entry: 140	JSON data	684F5A3B7333D8120003A938623194CE	908C0AFF1577404AD35EF105DA2B611EF96C25CD	11A09D7A871C0EB73139C231C36F2273F5DA8A473914B68C1F3E8F363EEA9A32
Chrome Cache Entry: 141	ASCII text, with very long lines (38991)	1E5A2D024954A14A3025F684AAF44595	94DDCC9DD65C22897E52BD4FD808DCE4703FB275	FB567040ABFBA5705EF438233DA6CA0DF44FC81CEACFFE1B5D8E1F3FFABC33FB
Chrome Cache Entry: 142	Unicode text, UTF-8 text, with very long lines (43610)	E7D77DFC5C0A37FF0897C5438753C1DF	C918389C9A492A683C27FACB30919CB19226249A	50B97CDD9F13BB15BA4718109FC8AEF7F21BE7BC2014D15A60AE8DAAEBE93209
Chrome Cache Entry: 143	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1864	0E176276362B94279A4492511BFCBD98	389FE6B51F62254BB98939896B8C89EBEFFE2A02	9A2C174AE45CAC057822844211156A5ED293E65C5F69E1D211A7206472C5C80C
Chrome Cache Entry: 144	MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel	95F9C034C2AA65A6A237F1801CD249E3	52AA88D11EF1CB8C8420D60F7BD33B24C4EE7501	CA5A2BA7F902E5466F6D952D98BDB3B3011DD6B81892B146C83DCA945B556D3A
Chrome Cache Entry: 145	Web Open Font Format, TrueType, length 36696, version 1.0	A69E9AB8AFDD7486EC0749C551051FF2	C34E6AA327B536FB48D1FE03577A47C7EE2231B8	FD78A1913DB912221B8EAD1E62FAD47D1FF0A9FA6CD88D3B128A721AD91D2FAF
Chrome Cache Entry: 146	PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced	547988BAC5584B4608466D761E16F370	C11BB71049702528402A31027F200184910A7E23	70E32B2DB3F079BB0295A85A0DB15ED9E5926294DD947938D6CFA595F5AB18B4
Chrome Cache Entry: 147	Web Open Font Format (Version 2), TrueType, length 28584, version 1.66	17081510F3A6F2F619EC8C6F244523C7	87F34B2A1532C50F2A424C345D03FE028DB35635	2C7292014E2EF00374AEB63691D9F23159A010455784EE0B274BA7DB2BCCA956
Chrome Cache Entry: 148	PNG image data, 506 x 303, 8-bit/color RGBA, non-interlaced	210433A8774859368F3A7B86D125A2A7	408BACDDC39F12CAD285579C102FE4A629862D88	9C6ADDFC339CE1C1D262290AB4CC2DE8D38D4B54B11A8E85AFD44FBB0ACC2561
Chrome Cache Entry: 149	Web Open Font Format (Version 2), TrueType, length 17448, version 1.0	14286F3BA79C6627433572DFA925202E	EDB767C89455FFC08C331BC7F9769281CC889620	9E02524EBECD813FC4BCB40336BB2B033871B1FDCBD234229DEE4189DC44850D
Chrome Cache Entry: 150	PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced	9246CCA8FC3C00F50035F28E9F6B7F7D	3AA538440F70873B574F40CD793060F53EC17A5D	C07D7D29E3C20FA6CA4C5D20663688D52BAD13E129AD82CE06B80EB187D9DC84
Chrome Cache Entry: 151	MS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel	88415ACDA09A4CBD9D87543C3BA78180	2DEC4705E9AB399EFDC6EEF36E079AA31D1DF8D9	20CCCC47C1BAC9D2EF36B6A1C58AF58C5C169AD5CA084080F0392B86F949641C
Chrome Cache Entry: 152	gzip compressed data, was "Roboto-Bold.ttf", last modified: Tue Jan 8 22:00:00 2013, from Unix, original size modulo 2^32 167336	9DE7A4AADE0C697C2DB1960023AFD922	826D6B3E156EABFD80A51077FAA35377F1253647	3CB32250543CB87C607B778B3ADEA5B6730DACA653D8820A0AD820F33507B71B
Chrome Cache Entry: 153	gzip compressed data, was "optimised.svg", last modified: Mon Jun 14 06:59:49 2021, from Unix, original size modulo 2^32 130	54AA09986F5F7088E31562C59D1E9014	FB8B5A04D8905702CF48844A2EB52C23BD75EBB1	58C126DEDB20DB4E11BD75C72AD79F87D5741C7715B4BE904F0231036DF9866F
Chrome Cache Entry: 154	gzip compressed data, max compression, from Unix, original size modulo 2^32 9075280	5E426975BE73A968965495E41EB97AA3	B6497C03349D90F8B3CA8B16E7EA4B98621AAD4C	55D4494E0438C0914078F3425D9F7956B8FB0903FDF76C05CC56D7E799A0E269
Chrome Cache Entry: 155	SVG Scalable Vector Graphics image	B59C16CA9BF156438A8A96D45E33DB64	4E51B7D3477414B220F688ADABD76D3AE6472EE3	A7EE799DD5B6F6DBB70B043B766362A6724E71458F9839306C995F06B218C2F8
Chrome Cache Entry: 156	PNG image data, 36 x 83, 8-bit/color RGB, non-interlaced	CD04DF51FBDFAC4109E5A0592B1A5AE5	9531379E0B6AF6307E753A1119CF449DB0EE17FC	89511ECA0326B34A311B9025A480F828C3A02B366A3A6F24903686311CDC23B3
Chrome Cache Entry: 157	Web Open Font Format (Version 2), TrueType, length 28000, version 1.66	A4BCA6C95FED0D0C5CC46CF07710DCEC	73B56E33B82B42921DB8702A33EFD0F2B2EC9794	5A51D246AF54D903F67F07F2BD820CE77736F8D08C5F1602DB07469D96DBF77F
Chrome Cache Entry: 158	JSON data	1622AA41848901D571E2AD3F58BB28AC	E2EEFAA5F897E3C7D32DF28C78EEAD0D2D41BA66	F91488C9902D1140C6AC65B545116A3646D58BF18599E62B7FAF2AB18782B061
Chrome Cache Entry: 159	TrueType Font data, 16 tables, 1st "GDEF", 18 names, Microsoft, language 0x409, Copyright 2011 The Lora Project Authors (https://github.com/cyrealtype/Lora-Cyrillic), with Rese	C684A3DE5C014A61D5139D5B97DA99FC	BBC3AE9F737E778681D2C5A7377124817B000627	359501180B779548AD4E1CA74F38B08474350C38BED64AD69B278837D179E792
Chrome Cache Entry: 160	PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced	547988BAC5584B4608466D761E16F370	C11BB71049702528402A31027F200184910A7E23	70E32B2DB3F079BB0295A85A0DB15ED9E5926294DD947938D6CFA595F5AB18B4
Chrome Cache Entry: 161	ASCII text, with very long lines (7002)	F61B776C79639F491CAE22AF62938FFF	AA0742828825FC30283B21AB78F89411D5884119	8B40DA5C691353E6D7E7AD02BE299FE1982D242C94D49D1149F62D74410025FC
Chrome Cache Entry: 162	HTML document, ASCII text, with very long lines (18368), with no line terminators	7868BD3413A2C1F410E1A91A321E1A21	F862E452E034C8ABA8475CC05CE03F0ED4477323	19D579BE8FBA42FAA84899A6CF82BCB80C667EB42F43DB16A7D7B0C7FC54EF19
Chrome Cache Entry: 163	gzip compressed data, from Unix, original size modulo 2^32 5627	6FD735A0A587D8FF3FB3C6C41FAD14E1	28470843A9B7A642413120B597C521449D284303	EE1B879113291D2F02AA77ED51ACFDD381521B90C779A1EF2DCB89EBF2C510C5
Chrome Cache Entry: 164	PNG image data, 260 x 32, 8-bit/color RGBA, non-interlaced	D3F69BE16BAF7ACEF2E7F4DD03729866	E11AA0084B93253A24DD3ED57DDDE66D27C84D2B	3A5EEEA11E1041DB96B81498AB69C050DD045D9E56C69E19BD98430BA752165F
Chrome Cache Entry: 165	TrueType Font data, 18 tables, 1st "GDEF", 15 names, Microsoft, language 0x409, Copyright 2018 The Roboto Slab Project Authors (https://github.com/googlefonts/robotoslab)Roboto	B3954DB228CA7701BF36469CF6C31C57	754AEAAA905A371B03DBB4EBD6ED73F7BDCE0CA5	78C93B6FCDF866D41132F80B560C4CB0C56F356BDBC3699D4AEC557F61728B9D
Chrome Cache Entry: 166	PNG image data, 2446 x 899, 8-bit/color RGBA, non-interlaced	F70FF06D19498D80B130EC78176FD3FF	9D8A3B74C5164FF7AE2C7930B6D7B14707B404FC	DF6DBAB5251E56B405E48AAF57D3CD4188F073FFBA71131FA6CD26E6742923AE
Chrome Cache Entry: 167	PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced	839CB0F55C3D2D5C2F740BDA95CB2878	93F6FA3A2DA8B7184D4B5C5F2065872793370C2E	40ECB8832F6A9A8AAA0CC6E1287E867A4FCA38433D091D86C6CAB1F28FBAB652
Chrome Cache Entry: 168	XML 1.0 document, ASCII text, with very long lines (378), with no line terminators	F31ECDCD093E2351BE32B14B63D9A1B8	0D16373694D02FA80B101934C861B6B4F2B7D614	EF94FA3A27CB092A03EDE22D596CEA374821ADD544D3AEDC45EB919F3FF89CC4
Chrome Cache Entry: 169	XML 1.0 document, ASCII text, with very long lines (378), with no line terminators	BBCBD8E7131444B0E084CB37CCD04732	0E1D724654331BC2432EC0B98F54D87CB881AED6	AA8AC1DDD9BD4B4BA2CA91D7EBC898DC95147E7D7478DA773095CD9E284D0321
Chrome Cache Entry: 170	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1864	0E176276362B94279A4492511BFCBD98	389FE6B51F62254BB98939896B8C89EBEFFE2A02	9A2C174AE45CAC057822844211156A5ED293E65C5F69E1D211A7206472C5C80C
Chrome Cache Entry: 171	JSON data	1622AA41848901D571E2AD3F58BB28AC	E2EEFAA5F897E3C7D32DF28C78EEAD0D2D41BA66	F91488C9902D1140C6AC65B545116A3646D58BF18599E62B7FAF2AB18782B061
Chrome Cache Entry: 172	HTML document, ASCII text	A3175D73A35F1790B6D95F12DBAF42ED	70C418A2C042DC84D7607A21A995DCF99E8FB255	117559579C69D5C2AABDB3C33E619C27430BEA4B653D02A0C75798A88F670CE3
Chrome Cache Entry: 173	PNG image data, 2160 x 443, 8-bit/color RGBA, non-interlaced	DB783743CD246FF4D77F4A3694285989	B9466716904457641B7831868B47162D8D378D41	5913B1EC0FC58AB2BEC576804B9E9B566A584EA3D21A1BF74A7B40051A447FDC
Chrome Cache Entry: 174	JSON data	A4B01BC0DB8C928DCD6D97B5B4E542BE	D3C888E6248E9F0C32883C11EE4A3FB97324368E	164CFCA799D15F05527D108BE2C2225825867667D18FE9E0DE0AD058F12B91AD
Chrome Cache Entry: 175	MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel	95F9C034C2AA65A6A237F1801CD249E3	52AA88D11EF1CB8C8420D60F7BD33B24C4EE7501	CA5A2BA7F902E5466F6D952D98BDB3B3011DD6B81892B146C83DCA945B556D3A
Chrome Cache Entry: 176	Unicode text, UTF-8 text, with very long lines (717)	E6A8E95D17270BF08673A15086FF91B2	63F257E76C5019FA80736215CE5C16F2C17E785F	2BCAB0C7EF7AF30C14747237FB4C9101C496614428CF85B098EE50FE39D61ACD
Chrome Cache Entry: 177	ASCII text, with very long lines (63031)	9B3A767BF1D7017F94587437460385FE	031518BBC8E19A81BCFE41F543AE4CC218174FFE	C63DD2E22422B269C393152E1AAF1BC1BE6A8304ACE5E395BC0DD7898084CF44
Chrome Cache Entry: 178	ASCII text, with very long lines (45667)	80F5B8C6A9EEAC15DE93E5A112036A06	F7174635137D37581B11937FC90E9CB325077BCE	0401DE33701F1CAD16ECF952899D23990B6437D0A5B7335524EDF6BDFB932542
Chrome Cache Entry: 179	Web Open Font Format (Version 2), TrueType, length 16096, version 1.0	3DB14775CA381F833AB0DDAE90712FA1	C6EB34CD198EE1CDCBA7C7738B693E30DF925CD2	36EABA3A9B145E16C743C929705EA23D7AAE636B30ADA3ACEBC119EE6A030C66
Chrome Cache Entry: 90	ASCII text, with no line terminators	DB062A34B230B42D0E50E12980B7AD0A	5A43FE2BFE0F83DA71A22DB99B0C637F8ACAC3EF	7F74DA43E9F04FEEBB4DCC9628DF1ACA01817809270B5FB34674A6CA0A0BE558
Chrome Cache Entry: 91	gzip compressed data, was "optimised.svg", last modified: Mon Jun 14 06:59:49 2021, from Unix, original size modulo 2^32 130	54AA09986F5F7088E31562C59D1E9014	FB8B5A04D8905702CF48844A2EB52C23BD75EBB1	58C126DEDB20DB4E11BD75C72AD79F87D5741C7715B4BE904F0231036DF9866F
Chrome Cache Entry: 92	XML 1.0 document, ASCII text, with very long lines (378), with no line terminators	CA0A8592AAFDC76054744FC86C5098C4	562EBD2D81E2268E52C38D2D6319F86B33DA09EB	9F733F0E11237AF579136C2EF990BF43E9E667294023F8362C48A6AA13789863
Chrome Cache Entry: 93	PNG image data, 2160 x 443, 8-bit/color RGBA, non-interlaced	DB783743CD246FF4D77F4A3694285989	B9466716904457641B7831868B47162D8D378D41	5913B1EC0FC58AB2BEC576804B9E9B566A584EA3D21A1BF74A7B40051A447FDC
Chrome Cache Entry: 94	PNG image data, 108 x 24, 8-bit/color RGBA, non-interlaced	333EE830E5AB72C41DD9126A27B4D878	12D8D66EBB3076F3D6069E133C3212F97C8774E1	8702292CBC365E9F0488143E2B309B85EFE09C61FD2E0A2E21C53735A309313C
Chrome Cache Entry: 95	HTML document, ASCII text, with CRLF line terminators	6EA443AD91118A16B3CBE86D48E5B6E2	7FFB83AB0FB135FE0175BE072CDF1F86BEF401AE	73746D1254A62F7D4F70B642E9389AD0E894E81E5FFF446955560F4A95EEA86A
Chrome Cache Entry: 96	XML 1.0 document, ASCII text, with very long lines (378), with no line terminators	B702C6AB6470D36D5E75A52648F86E67	C7412D8B03FC548E462E633029B071A7B98598D0	2FA50EF879AD9D951326C82EEEA556A713A71258810EC40521A7C16807F5068C
Chrome Cache Entry: 97	PNG image data, 108 x 24, 8-bit/color RGBA, non-interlaced	333EE830E5AB72C41DD9126A27B4D878	12D8D66EBB3076F3D6069E133C3212F97C8774E1	8702292CBC365E9F0488143E2B309B85EFE09C61FD2E0A2E21C53735A309313C
Chrome Cache Entry: 98	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 268	A454145E295493362D21BBD2C0681505	B1811BBE70070D200C413B105FCB6DEE77D3BB8C	34BA4E54107E71C7BF7FE7F5820AE4B76E8EF39022C1BE88D439799619F117AB
Chrome Cache Entry: 99	Unicode text, UTF-8 text, with very long lines (65534), with no line terminators	183084543D3F8BD265A12607453BE437	43080C73185B72BADF05B751589D169A5C20EB9B	B2D8C3FA549E7D10C8884BC4F7E5D4A1CCD69146D7BA59CAB3BEEA855DA75DD3

AV Detection

Antivirus / Scanner detection for submitted sample

Source: https://www.flipsnack.com/FADA7B77C6F/new-flipbook/full-view.html

SlashNext: detection malicious, Label: Credential Stealing type: Phishing & Social Engineering

Phishing

Phishing site detected (based on favicon image match)

Source: https://q1uad.com	Matcher: Template: cloudflare matched with high similarity
Source: https://82nxtirnj1.q1uad.com/CRA1rix15f/	Matcher: Template: cloudflare matched with high similarity

Yara detected HtmlPhish10

Source: Yara match

File source: 3.12.pages.csv, type: HTML

Phishing site detected (based on OCR NLP Model)

Source: Chrome DOM

ML Model on OCR Text: Matched 97.8% probability on "New Documents Received You have received 1 PDF Document 2-12-24 VIEW DOCUMENT 00 "

Phishing site detected (based on image similarity)

Source: https://82nxtirnj1.q1uad.com/CRA1rix15f/

Matcher: Found strong image similarity, brand: MICROSOFT

Phishing site detected (based on logo match)

Source: https://82nxtirnj1.q1uad.com/CRA1rix15f/	Matcher: Template: microsoft matched
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/maan4/0x4AAAAAAARTVxgciW021I2z/auto/normal	Matcher: Template: microsoft matched
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/maan4/0x4AAAAAAARTVxgciW021I2z/auto/normal	Matcher: Template: microsoft matched

Found iframes

Source: https://82nxtirnj1.q1uad.com/CRA1rix15f/

HTTP Parser: Iframe src: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/maan4/0x4AAAAAAARTVxgciW021I2z/auto/normal

HTML body contains low number of good links

Source: https://82nxtirnj1.q1uad.com/CRA1rix15f/

HTTP Parser: Number of links: 0

HTML page contains hidden URLs or javascript code

Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/maan4/0x4AAAAAAARTVxgciW021I2z/auto/normal

HTTP Parser: Base64 decoded: http://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/maan4/0x4AAAAAAARTVxgciW021I2z/auto/normal

HTML title does not match URL

Source: https://82nxtirnj1.q1uad.com/CRA1rix15f/

HTTP Parser: Title: Sign in to your Microsoft account does not match URL

Invalid T&C link found

Source: https://82nxtirnj1.q1uad.com/CRA1rix15f/	HTTP Parser: Invalid link: Terms of use
Source: https://82nxtirnj1.q1uad.com/CRA1rix15f/	HTTP Parser: Invalid link: Privacy & cookies

Source: https://82nxtirnj1.q1uad.com/CRA1rix15f/

HTTP Parser: <input type="password" .../> found

Source: https://player.flipsnack.com/?hash=RkFEQTdCNzdDNkYrYzVlcmxmbTFjaQ%3D%3D&forceWidget=1&t=1707748963	HTTP Parser: No favicon
Source: https://player.flipsnack.com/?hash=RkFEQTdCNzdDNkYrYzVlcmxmbTFjaQ%3D%3D&forceWidget=1&t=1707748963	HTTP Parser: No favicon
Source: https://player.flipsnack.com/?hash=RkFEQTdCNzdDNkYrYzVlcmxmbTFjaQ%3D%3D&forceWidget=1&t=1707748963	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/maan4/0x4AAAAAAARTVxgciW021I2z/auto/normal	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/maan4/0x4AAAAAAARTVxgciW021I2z/auto/normal	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/maan4/0x4AAAAAAARTVxgciW021I2z/auto/normal	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/maan4/0x4AAAAAAARTVxgciW021I2z/auto/normal	HTTP Parser: No favicon

Source: https://82nxtirnj1.q1uad.com/CRA1rix15f/

HTTP Parser: No <meta name="author".. found

Source: https://82nxtirnj1.q1uad.com/CRA1rix15f/

HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 23.36.68.63:443 -> 192.168.2.16:49751 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.36.68.63:443 -> 192.168.2.16:49752 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.127.169.103:443 -> 192.168.2.16:49755 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.127.169.103:443 -> 192.168.2.16:49824 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 23.36.68.63
Source: unknown	TCP traffic detected without corresponding DNS query: 23.36.68.63
Source: unknown	TCP traffic detected without corresponding DNS query: 23.36.68.63
Source: unknown	TCP traffic detected without corresponding DNS query: 23.36.68.63
Source: unknown	TCP traffic detected without corresponding DNS query: 23.36.68.63
Source: unknown	TCP traffic detected without corresponding DNS query: 23.36.68.63
Source: unknown	TCP traffic detected without corresponding DNS query: 23.36.68.63
Source: unknown	TCP traffic detected without corresponding DNS query: 23.36.68.63
Source: unknown	TCP traffic detected without corresponding DNS query: 23.36.68.63
Source: unknown	TCP traffic detected without corresponding DNS query: 23.36.68.63
Source: unknown	TCP traffic detected without corresponding DNS query: 23.36.68.63
Source: unknown	TCP traffic detected without corresponding DNS query: 23.36.68.63
Source: unknown	TCP traffic detected without corresponding DNS query: 23.36.68.63
Source: unknown	TCP traffic detected without corresponding DNS query: 23.36.68.63
Source: unknown	TCP traffic detected without corresponding DNS query: 23.36.68.63
Source: unknown	TCP traffic detected without corresponding DNS query: 23.36.68.63
Source: unknown	TCP traffic detected without corresponding DNS query: 23.36.68.63
Source: unknown	TCP traffic detected without corresponding DNS query: 23.36.68.63
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 40.127.169.103
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108

Source: global traffic	HTTP traffic detected: GET /FADA7B77C6F/new-flipbook/full-view.html HTTP/1.1Host: www.flipsnack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=117.0.5938.132&lang=en-US&acceptformat=crx3,puff&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26brand%3DONGR%26ping%3Dr%253D-1%2526e%253D1 HTTP/1.1Host: clients2.google.comConnection: keep-aliveX-Goog-Update-Interactivity: fgX-Goog-Update-AppId: nmmhkkegccagdldgiimedpiccmgmiedaX-Goog-Update-Updater: chromecrx-117.0.5938.132Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /public/build/bootstrap4.css HTTP/1.1Host: www.flipsnack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.flipsnack.com/FADA7B77C6F/new-flipbook/full-view.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /public/build/site-base.js HTTP/1.1Host: www.flipsnack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.flipsnack.com/FADA7B77C6F/new-flipbook/full-view.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /public/build/genericv2.js HTTP/1.1Host: www.flipsnack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.flipsnack.com/FADA7B77C6F/new-flipbook/full-view.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /public/build/public-profile.js HTTP/1.1Host: www.flipsnack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.flipsnack.com/FADA7B77C6F/new-flipbook/full-view.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /site/fonts/visbycf-heavy.woff2 HTTP/1.1Host: cdn.flipsnack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.flipsnack.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /site/fonts/roboto-v20-latin-300.woff2 HTTP/1.1Host: cdn.flipsnack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.flipsnack.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /site/fonts/roboto-v20-latin-300italic.woff2 HTTP/1.1Host: cdn.flipsnack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.flipsnack.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /site/fonts/roboto-v20-latin-regular.woff2 HTTP/1.1Host: cdn.flipsnack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.flipsnack.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /site/fonts/roboto-v20-latin-italic.woff2 HTTP/1.1Host: cdn.flipsnack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.flipsnack.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /site/fonts/roboto-v20-latin-500.woff2 HTTP/1.1Host: cdn.flipsnack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.flipsnack.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /site/fonts/roboto-v20-latin-700.woff2 HTTP/1.1Host: cdn.flipsnack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.flipsnack.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /site/images/down-arrow.gz.svg HTTP/1.1Host: cdn.flipsnack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v2/showCookiePolicy?page=public-profile HTTP/1.1Host: api.flipsnack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.flipsnack.comSec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /?hash=RkFEQTdCNzdDNkYrYzVlcmxmbTFjaQ%3D%3D&forceWidget=1&t=1707748963 HTTP/1.1Host: player.flipsnack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /site/images/down-arrow.gz.svg HTTP/1.1Host: cdn.flipsnack.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: fs_tags_en=%7B%221707765473342%22%3A%22%2FFADA7B77C6F%2Fnew-flipbook%2Ffull-view.html%2Cen%22%7D
Source: global traffic	HTTP traffic detected: GET /reader.gz.js HTTP/1.1Host: player.flipsnack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://player.flipsnack.com/?hash=RkFEQTdCNzdDNkYrYzVlcmxmbTFjaQ%3D%3D&forceWidget=1&t=1707748963Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: fs_tags_en=%7B%221707765473342%22%3A%22%2FFADA7B77C6F%2Fnew-flipbook%2Ffull-view.html%2Cen%22%7D
Source: global traffic	HTTP traffic detected: GET /handleUnsupportedBrowsers.gz.js HTTP/1.1Host: player.flipsnack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://player.flipsnack.com/?hash=RkFEQTdCNzdDNkYrYzVlcmxmbTFjaQ%3D%3D&forceWidget=1&t=1707748963Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: fs_tags_en=%7B%221707765473342%22%3A%22%2FFADA7B77C6F%2Fnew-flipbook%2Ffull-view.html%2Cen%22%7D
Source: global traffic	HTTP traffic detected: GET /v2/showCookiePolicy?page=public-profile HTTP/1.1Host: api.flipsnack.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: fs_tags_en=%7B%221707765473342%22%3A%22%2FFADA7B77C6F%2Fnew-flipbook%2Ffull-view.html%2Cen%22%7D
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.flipsnack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.flipsnack.com/FADA7B77C6F/new-flipbook/full-view.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: fs_tags_en=%7B%221707765473342%22%3A%22%2FFADA7B77C6F%2Fnew-flipbook%2Ffull-view.html%2Cen%22%7D
Source: global traffic	HTTP traffic detected: GET /authorization?hash=RkFEQTdCNzdDNkYrYzVlcmxmbTFjaQ== HTTP/1.1Host: content-private.flipsnack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://player.flipsnack.comSec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://player.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.flipsnack.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: fs_tags_en=%7B%221707765473342%22%3A%22%2FFADA7B77C6F%2Fnew-flipbook%2Ffull-view.html%2Cen%22%7D
Source: global traffic	HTTP traffic detected: GET /FADA7B77C6F/collections/c5erlfm1ci/data.json?Signature=Ldi29kOlixSZfit1%7Ey7FSSNzVIV0xTL365E-rfAXr6fc3bvPZ6zSu1GsUorWNpTPcA0c%7EVonds2WcVZrcEB5wI6aB1ibH%7EEMRCRVDjjaLWGYTDco-wJiIOwtV7GvWi6olv9Fc%7EGNkSi5GCjvdI8zcmCCV9yh-MYv%7ERWinHj4%7EdOdbzFG9Z24FoGUpFBt6P7hxP8RYd%7EzYpoIWGCvLpzcKClC5-LyH9KCKGTYKFUDQd6-u0X0fHXMXK1ozp%7ECidEf3qQGkCwlmpQ24ENfdYrTo0vcFYAxHoZ-QHJrNBfFDReh2k2JeenoavKFRXWIXtbltfxgPudhPBx9CjazuZLOAQ__&Policy=eyJTdGF0ZW1lbnQiOlt7IlJlc291cmNlIjoiaHR0cHM6Ly9kM3U3MnRuajcwMWV1aS5jbG91ZGZyb250Lm5ldC9GQURBN0I3N0M2Ri9jb2xsZWN0aW9ucy9jNWVybGZtMWNpLyoiLCJDb25kaXRpb24iOnsiRGF0ZUxlc3NUaGFuIjp7IkFXUzpFcG9jaFRpbWUiOjE3MDc3NjU1OTZ9fX1dfQ__&Key-Pair-Id=KKS5Y1MBXEN2R HTTP/1.1Host: d3u72tnj701eui.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://player.flipsnack.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://player.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /authorization?hash=RkFEQTdCNzdDNkYrYzVlcmxmbTFjaQ== HTTP/1.1Host: content-private.flipsnack.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: fs_tags_en=%7B%221707765473342%22%3A%22%2FFADA7B77C6F%2Fnew-flipbook%2Ffull-view.html%2Cen%22%7D
Source: global traffic	HTTP traffic detected: GET /FADA7B77C6F/collections/c5erlfm1ci/data.json?Signature=Ldi29kOlixSZfit1%7Ey7FSSNzVIV0xTL365E-rfAXr6fc3bvPZ6zSu1GsUorWNpTPcA0c%7EVonds2WcVZrcEB5wI6aB1ibH%7EEMRCRVDjjaLWGYTDco-wJiIOwtV7GvWi6olv9Fc%7EGNkSi5GCjvdI8zcmCCV9yh-MYv%7ERWinHj4%7EdOdbzFG9Z24FoGUpFBt6P7hxP8RYd%7EzYpoIWGCvLpzcKClC5-LyH9KCKGTYKFUDQd6-u0X0fHXMXK1ozp%7ECidEf3qQGkCwlmpQ24ENfdYrTo0vcFYAxHoZ-QHJrNBfFDReh2k2JeenoavKFRXWIXtbltfxgPudhPBx9CjazuZLOAQ__&Policy=eyJTdGF0ZW1lbnQiOlt7IlJlc291cmNlIjoiaHR0cHM6Ly9kM3U3MnRuajcwMWV1aS5jbG91ZGZyb250Lm5ldC9GQURBN0I3N0M2Ri9jb2xsZWN0aW9ucy9jNWVybGZtMWNpLyoiLCJDb25kaXRpb24iOnsiRGF0ZUxlc3NUaGFuIjp7IkFXUzpFcG9jaFRpbWUiOjE3MDc3NjU1OTZ9fX1dfQ__&Key-Pair-Id=KKS5Y1MBXEN2R HTTP/1.1Host: d3u72tnj701eui.cloudfront.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /css/fonts/Roboto-Bold.ttf HTTP/1.1Host: d1fpu6k62r548q.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://player.flipsnack.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://player.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /css/fonts/Roboto-Regular.ttf HTTP/1.1Host: d1fpu6k62r548q.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://player.flipsnack.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://player.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /library/fonts/fbf553490-1230-4c9c-970c-dc73de115be3 HTTP/1.1Host: d1fpu6k62r548q.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://player.flipsnack.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://player.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /library/fonts/fd23e9fea-b25a-4b78-85c1-9f4effe686be HTTP/1.1Host: d1fpu6k62r548q.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://player.flipsnack.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://player.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /library/fonts/f7fb99437-bc80-4e24-afd9-0ef76944a227 HTTP/1.1Host: d1fpu6k62r548q.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://player.flipsnack.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://player.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /756737886395/flip-sts?Action=SendMessage&MessageBody=%7B%22ih%22%3A%220283ad6deb44463282f7eba038e86fca%22%2C%22ch%22%3A%22c5erlfm1ci%22%2C%22cih%22%3A%224ba182db41a8d27e7e0152i142517236%22%2C%22e%22%3A%5B%7B%22eid%22%3A1%7D%5D%2C%22ts%22%3A1707765476%7D HTTP/1.1Host: sqs.us-east-1.amazonaws.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://player.flipsnack.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://player.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /756737886395/flip-sts?Action=SendMessage&MessageBody=%7B%22ih%22%3A%220283ad6deb44463282f7eba038e86fca%22%2C%22ch%22%3A%22c5erlfm1ci%22%2C%22cih%22%3A%224ba182db41a8d27e7e0152i142517236%22%2C%22e%22%3A%5B%7B%22eid%22%3A6%2C%22pid%22%3A%22GaxzXKpzylBrtQw_%22%7D%5D%2C%22ts%22%3A1707765476%7D HTTP/1.1Host: sqs.us-east-1.amazonaws.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://player.flipsnack.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://player.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /756737886395/flip-sts?Action=SendMessage&MessageBody=%7B%22ih%22%3A%220283ad6deb44463282f7eba038e86fca%22%2C%22ch%22%3A%22c5erlfm1ci%22%2C%22cih%22%3A%224ba182db41a8d27e7e0152i142517236%22%2C%22e%22%3A%5B%7B%22eid%22%3A1%7D%5D%2C%22ts%22%3A1707765476%7D HTTP/1.1Host: sqs.us-east-1.amazonaws.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /756737886395/flip-sts?Action=SendMessage&MessageBody=%7B%22ih%22%3A%220283ad6deb44463282f7eba038e86fca%22%2C%22ch%22%3A%22c5erlfm1ci%22%2C%22cih%22%3A%224ba182db41a8d27e7e0152i142517236%22%2C%22e%22%3A%5B%7B%22eid%22%3A6%2C%22pid%22%3A%22GaxzXKpzylBrtQw_%22%7D%5D%2C%22ts%22%3A1707765476%7D HTTP/1.1Host: sqs.us-east-1.amazonaws.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /756737886395/flip-sts?Action=SendMessage&MessageBody=%7B%22ih%22%3A%220283ad6deb44463282f7eba038e86fca%22%2C%22ch%22%3A%22c5erlfm1ci%22%2C%22cih%22%3A%224ba182db41a8d27e7e0152i142517236%22%2C%22e%22%3A%5B%7B%22eid%22%3A2%2C%22d%22%3A0%2C%22s%22%3A0%7D%2C%7B%22eid%22%3A9%2C%22pageIndex%22%3A0%7D%5D%2C%22ts%22%3A1707765478%7D HTTP/1.1Host: sqs.us-east-1.amazonaws.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://player.flipsnack.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://player.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /756737886395/flip-sts?Action=SendMessage&MessageBody=%7B%22ih%22%3A%220283ad6deb44463282f7eba038e86fca%22%2C%22ch%22%3A%22c5erlfm1ci%22%2C%22cih%22%3A%224ba182db41a8d27e7e0152i142517236%22%2C%22e%22%3A%5B%7B%22eid%22%3A2%2C%22d%22%3A0%2C%22s%22%3A0%7D%2C%7B%22eid%22%3A9%2C%22pageIndex%22%3A0%7D%5D%2C%22ts%22%3A1707765478%7D HTTP/1.1Host: sqs.us-east-1.amazonaws.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /756737886395/flip-sts?Action=SendMessage&MessageBody=%7B%22ih%22%3A%220283ad6deb44463282f7eba038e86fca%22%2C%22ch%22%3A%22c5erlfm1ci%22%2C%22cih%22%3A%224ba182db41a8d27e7e0152i142517236%22%2C%22e%22%3A%5B%7B%22eid%22%3A3%2C%22t%22%3A5007%7D%2C%7B%22eid%22%3A10%2C%22pid%22%3A%22GaxzXKpzylBrtQw_%22%2C%22t%22%3A5007%7D%5D%2C%22ts%22%3A1707765481%7D HTTP/1.1Host: sqs.us-east-1.amazonaws.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://player.flipsnack.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://player.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /CRA1rix15f/ HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://player.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /756737886395/flip-sts?Action=SendMessage&MessageBody=%7B%22ih%22%3A%220283ad6deb44463282f7eba038e86fca%22%2C%22ch%22%3A%22c5erlfm1ci%22%2C%22cih%22%3A%224ba182db41a8d27e7e0152i142517236%22%2C%22e%22%3A%5B%7B%22eid%22%3A7%2C%22elid%22%3A5%2C%22pid%22%3A%22GaxzXKpzylBrtQw_%22%7D%5D%2C%22ts%22%3A1707765482%7D HTTP/1.1Host: sqs.us-east-1.amazonaws.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://player.flipsnack.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://player.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /756737886395/flip-sts?Action=SendMessage&MessageBody=%7B%22ih%22%3A%220283ad6deb44463282f7eba038e86fca%22%2C%22ch%22%3A%22c5erlfm1ci%22%2C%22cih%22%3A%224ba182db41a8d27e7e0152i142517236%22%2C%22e%22%3A%5B%7B%22eid%22%3A3%2C%22t%22%3A5007%7D%2C%7B%22eid%22%3A10%2C%22pid%22%3A%22GaxzXKpzylBrtQw_%22%2C%22t%22%3A5007%7D%5D%2C%22ts%22%3A1707765481%7D HTTP/1.1Host: sqs.us-east-1.amazonaws.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /756737886395/flip-sts?Action=SendMessage&MessageBody=%7B%22ih%22%3A%220283ad6deb44463282f7eba038e86fca%22%2C%22ch%22%3A%22c5erlfm1ci%22%2C%22cih%22%3A%224ba182db41a8d27e7e0152i142517236%22%2C%22e%22%3A%5B%7B%22eid%22%3A7%2C%22elid%22%3A5%2C%22pid%22%3A%22GaxzXKpzylBrtQw_%22%7D%5D%2C%22ts%22%3A1707765482%7D HTTP/1.1Host: sqs.us-east-1.amazonaws.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /CRA1rix15f/myscr731481.js HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://82nxtirnj1.q1uad.com/CRA1rix15f/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /jquery-3.6.0.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://82nxtirnj1.q1uad.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/api.js?render=explicit HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://82nxtirnj1.q1uad.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/b/a990e557/api.js?render=explicit HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://82nxtirnj1.q1uad.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=VPWhO5pYBrwwGp2&MD=HetDcHbA HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /web6/assets/js/pages-head-top-web.min.js?cb=1707765480000 HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://82nxtirnj1.q1uad.com/CRA1rix15f/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /web6/assets/js/pages-head-web.min.js?cb=36 HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://82nxtirnj1.q1uad.com/CRA1rix15f/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /4.6.0/socket.io.min.js HTTP/1.1Host: cdn.socket.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://82nxtirnj1.q1uad.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/maan4/0x4AAAAAAARTVxgciW021I2z/auto/normal HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://82nxtirnj1.q1uad.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/maan4/0x4AAAAAAARTVxgciW021I2z/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=85472d0cba267ba2 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/maan4/0x4AAAAAAARTVxgciW021I2z/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /web6/assets/cloudfavicon.ico HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://82nxtirnj1.q1uad.com/CRA1rix15f/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/188599553:1707761284:t35egqV8oiwBr-fcwNypp56HyrUC8YuAQ06QaNMI4Yw/85472d0cba267ba2/7faf2e30711334a HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /web6/assets/cloudfavicon.ico HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/85472d0cba267ba2/1707765492216/vpaMIviRrH04L-R HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/maan4/0x4AAAAAAARTVxgciW021I2z/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/85472d0cba267ba2/1707765492216/vpaMIviRrH04L-R HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/pat/85472d0cba267ba2/1707765492220/8bc209de43f7e6dc6a1f5591bb317a734b7989731d016204f0c1facc8bee6958/2HuYEMxeYf5W5fe HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/maan4/0x4AAAAAAARTVxgciW021I2z/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/188599553:1707761284:t35egqV8oiwBr-fcwNypp56HyrUC8YuAQ06QaNMI4Yw/85472d0cba267ba2/7faf2e30711334a HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/188599553:1707761284:t35egqV8oiwBr-fcwNypp56HyrUC8YuAQ06QaNMI4Yw/85472d0cba267ba2/7faf2e30711334a HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /web6/assets/pages/nsix.css?cb=1707765487934 HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://82nxtirnj1.q1uad.com/CRA1rix15f/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /web6/assets/css/pages.min.css?cb=36 HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://82nxtirnj1.q1uad.com/CRA1rix15f/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /web6/assets/css/pages-godaddy.css?cb=36 HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://82nxtirnj1.q1uad.com/CRA1rix15f/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /web6/assets/fonts/GDSherpa-bold.woff2 HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://82nxtirnj1.q1uad.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://82nxtirnj1.q1uad.com/CRA1rix15f/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /web6/assets/fonts/GDSherpa-bold.woff HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://82nxtirnj1.q1uad.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://82nxtirnj1.q1uad.com/CRA1rix15f/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /web6/assets/fonts/GDSherpa-regular.woff2 HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://82nxtirnj1.q1uad.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://82nxtirnj1.q1uad.com/CRA1rix15f/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /web6/assets/fonts/GDSherpa-regular.woff HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://82nxtirnj1.q1uad.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://82nxtirnj1.q1uad.com/CRA1rix15f/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /web6/assets/fonts/GDSherpa-vf.woff2 HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://82nxtirnj1.q1uad.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://82nxtirnj1.q1uad.com/CRA1rix15f/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /web6/assets/fonts/GDSherpa-vf2.woff2 HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://82nxtirnj1.q1uad.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://82nxtirnj1.q1uad.com/CRA1rix15f/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /web6/validatecaptcha HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IkQxTlhVYzRkRXNVMDZyQjV6ZGgvSHc9PSIsInZhbHVlIjoiYXA0eVlVNUpGN000WCtYd1dLeTZydWlxRkxXeGhHa2dzU2hnaVBUUkx2ZHJHdzFjakVObHRjb0pUZktIMGtyb2VLdHBSWjlLUkNrcWRXUGV6UUx4ZEo4czNKclUrOVg1RVU3R29vYjNWT3cvMk9YSGx0NzNHRmIzU1F6MWxSZVkiLCJtYWMiOiIwYzBhZWVmNjNkMjIxYjUwMmJkZjI1Y2RiYzE1MjA4ZjcxYWI3NDllODQ5YzQ0ZmI1ZmIwZDYwMjFmMjczM2YzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjVUT1hvc3FqZERwQ0VxUGFYWFU1RUE9PSIsInZhbHVlIjoiaDhXNmJOc2JuY3ZXcWVPeTZ2d1NSN0ppM3IyMzJkTngyNFcwZHZpcWRkYUZ3V3VNY0hnSlVXVTVZZUZKY1E3bktLK2pJWVIvZURKWmhWQUd3dEo5dis4dWpWUTBnSHVLNzAwM3E5Um8rQ2ZDVzJYaThPV1I1YVRKeFk2eU1BNHoiLCJtYWMiOiIwNzc1MWI1MGMzYTljMDgyOGM2ZDUxZjViOTA0NGUzNjRiODRhYWRjMWVhZjc1MzIzODIwODVlZmM0ZWQxOTBlIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET //web6socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://82nxtirnj1.q1uad.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IkQxTlhVYzRkRXNVMDZyQjV6ZGgvSHc9PSIsInZhbHVlIjoiYXA0eVlVNUpGN000WCtYd1dLeTZydWlxRkxXeGhHa2dzU2hnaVBUUkx2ZHJHdzFjakVObHRjb0pUZktIMGtyb2VLdHBSWjlLUkNrcWRXUGV6UUx4ZEo4czNKclUrOVg1RVU3R29vYjNWT3cvMk9YSGx0NzNHRmIzU1F6MWxSZVkiLCJtYWMiOiIwYzBhZWVmNjNkMjIxYjUwMmJkZjI1Y2RiYzE1MjA4ZjcxYWI3NDllODQ5YzQ0ZmI1ZmIwZDYwMjFmMjczM2YzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjVUT1hvc3FqZERwQ0VxUGFYWFU1RUE9PSIsInZhbHVlIjoiaDhXNmJOc2JuY3ZXcWVPeTZ2d1NSN0ppM3IyMzJkTngyNFcwZHZpcWRkYUZ3V3VNY0hnSlVXVTVZZUZKY1E3bktLK2pJWVIvZURKWmhWQUd3dEo5dis4dWpWUTBnSHVLNzAwM3E5Um8rQ2ZDVzJYaThPV1I1YVRKeFk2eU1BNHoiLCJtYWMiOiIwNzc1MWI1MGMzYTljMDgyOGM2ZDUxZjViOTA0NGUzNjRiODRhYWRjMWVhZjc1MzIzODIwODVlZmM0ZWQxOTBlIiwidGFnIjoiIn0%3DSec-WebSocket-Key: rN7PqZcNuG7OrWFFk4JdYg==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /web6/info HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IkpRRFRCTkxnb0JoQXhDVi9sbkk0YlE9PSIsInZhbHVlIjoiclVZR1k4WEFCVTEzajZEcU91aGFmdUJZTGpQNlh6SVhLZXlsc2F2TXlRdGU2aGF4V1NpWExTWUJJendxVkdnNDY3Nnk1TjZsU0xPNmZjMnlpcTVSdXpEUStGTTBJOEwyL3dqYTc3WmR5czZKbnlwdFJpSWcydy92MkxoVGhMMG0iLCJtYWMiOiJjNzNmNDNhMjIyNDgzYjhmMmM4YzU5NDU4MzQ1MDAyNzA5ZDdkYmQ1NTYzZGMyYzg4YjM4ZWJjYmFmYzAzY2U2IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ild5UkprQ1hZazgzeUVFYS9zYkpHREE9PSIsInZhbHVlIjoia1R6RzRTQ0pyZy9TZWVwaVFEa1BIQ1RWaDhlQWU2TlZyc2kvRkxjQm9QVnJjOVN6bGZKaGVFQVUyMGVmU2tKbXFGS2k2UVl2dlp4aFZGOC8wVkp2ZmpFK2VNd0d6MUlTTG1zY3djSHlNUk5xSmt1emhrQ2xSQUhpSTFHZFluVWEiLCJtYWMiOiI2YWFjNmY0NjA4YzA3MzM3ZjVlOTljY2YxOGExOTYxYmZjMDE0ZDgxYjYyNTUxY2IzODNiNWMzZjhlMmRjNDg0IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /web6/assets/officelogo.png HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://82nxtirnj1.q1uad.com/web6/assets/pages/nsix.css?cb=1707765487934Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InJOc3gzclpvMkNuUkk1R3d6UjU4N1E9PSIsInZhbHVlIjoiYUgxUitHRDVWRHRrTlVYUUl1cmxUcHRLaVpEbkNRc2xUNFltdnNOQVJTc290UDNEeFNTTmN5dEg1ZVFHSE55Rnlvc1pyaUtUeHdqSmE4OG1ReWFzckhNa3gvcnZ6aUgyVmVWaUdmN254UHhyU0doNUF5Z1Y5NU5iSHJHN3oycWUiLCJtYWMiOiJhNDM4YjlmMmJiZDIzMmY2ZmE2MzhmMDIyMjYzZmNiOWM5MjNhMTUzZWMwMTk1MGJiNjNmYTgxZGU5NDBmOGFjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNLL1doUG4vRmluTzU0Um1GZlUvN0E9PSIsInZhbHVlIjoidk94cFZoZlZ5Ty9JdlF2WnE4bkl2SnpiZnFrSFQzNkZkakJyK1FCZG5mM1Brem5QVVh4RjRUbmpjemMzT1hSRytQWjFSQUlSMTlVcDUvbmorWEFxQjAzTmFmbnBqWktRaXlrZWFpa2VzYmN0dnVIdTRrU0pPRGsrZnZCWE83WlMiLCJtYWMiOiI3Y2IyMDRiNDM3MWM3ODIyMjU5M2E2MWZlYWQwNTdjNjE1Y2E2NDdkNzBmZTgzMmNkNDA4NmM2NmE3OTczZjg0IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/maan4/0x4AAAAAAARTVxgciW021I2z/auto/normal HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://82nxtirnj1.q1uad.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /web6/assets/js/pages.min.js?cb=36 HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://82nxtirnj1.q1uad.com/CRA1rix15f/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InJOc3gzclpvMkNuUkk1R3d6UjU4N1E9PSIsInZhbHVlIjoiYUgxUitHRDVWRHRrTlVYUUl1cmxUcHRLaVpEbkNRc2xUNFltdnNOQVJTc290UDNEeFNTTmN5dEg1ZVFHSE55Rnlvc1pyaUtUeHdqSmE4OG1ReWFzckhNa3gvcnZ6aUgyVmVWaUdmN254UHhyU0doNUF5Z1Y5NU5iSHJHN3oycWUiLCJtYWMiOiJhNDM4YjlmMmJiZDIzMmY2ZmE2MzhmMDIyMjYzZmNiOWM5MjNhMTUzZWMwMTk1MGJiNjNmYTgxZGU5NDBmOGFjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNLL1doUG4vRmluTzU0Um1GZlUvN0E9PSIsInZhbHVlIjoidk94cFZoZlZ5Ty9JdlF2WnE4bkl2SnpiZnFrSFQzNkZkakJyK1FCZG5mM1Brem5QVVh4RjRUbmpjemMzT1hSRytQWjFSQUlSMTlVcDUvbmorWEFxQjAzTmFmbnBqWktRaXlrZWFpa2VzYmN0dnVIdTRrU0pPRGsrZnZCWE83WlMiLCJtYWMiOiI3Y2IyMDRiNDM3MWM3ODIyMjU5M2E2MWZlYWQwNTdjNjE1Y2E2NDdkNzBmZTgzMmNkNDA4NmM2NmE3OTczZjg0IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /web6/assets/back.png HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://82nxtirnj1.q1uad.com/CRA1rix15f/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InJOc3gzclpvMkNuUkk1R3d6UjU4N1E9PSIsInZhbHVlIjoiYUgxUitHRDVWRHRrTlVYUUl1cmxUcHRLaVpEbkNRc2xUNFltdnNOQVJTc290UDNEeFNTTmN5dEg1ZVFHSE55Rnlvc1pyaUtUeHdqSmE4OG1ReWFzckhNa3gvcnZ6aUgyVmVWaUdmN254UHhyU0doNUF5Z1Y5NU5iSHJHN3oycWUiLCJtYWMiOiJhNDM4YjlmMmJiZDIzMmY2ZmE2MzhmMDIyMjYzZmNiOWM5MjNhMTUzZWMwMTk1MGJiNjNmYTgxZGU5NDBmOGFjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNLL1doUG4vRmluTzU0Um1GZlUvN0E9PSIsInZhbHVlIjoidk94cFZoZlZ5Ty9JdlF2WnE4bkl2SnpiZnFrSFQzNkZkakJyK1FCZG5mM1Brem5QVVh4RjRUbmpjemMzT1hSRytQWjFSQUlSMTlVcDUvbmorWEFxQjAzTmFmbnBqWktRaXlrZWFpa2VzYmN0dnVIdTRrU0pPRGsrZnZCWE83WlMiLCJtYWMiOiI3Y2IyMDRiNDM3MWM3ODIyMjU5M2E2MWZlYWQwNTdjNjE1Y2E2NDdkNzBmZTgzMmNkNDA4NmM2NmE3OTczZjg0IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /web6/assets/key.png HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://82nxtirnj1.q1uad.com/CRA1rix15f/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InJOc3gzclpvMkNuUkk1R3d6UjU4N1E9PSIsInZhbHVlIjoiYUgxUitHRDVWRHRrTlVYUUl1cmxUcHRLaVpEbkNRc2xUNFltdnNOQVJTc290UDNEeFNTTmN5dEg1ZVFHSE55Rnlvc1pyaUtUeHdqSmE4OG1ReWFzckhNa3gvcnZ6aUgyVmVWaUdmN254UHhyU0doNUF5Z1Y5NU5iSHJHN3oycWUiLCJtYWMiOiJhNDM4YjlmMmJiZDIzMmY2ZmE2MzhmMDIyMjYzZmNiOWM5MjNhMTUzZWMwMTk1MGJiNjNmYTgxZGU5NDBmOGFjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNLL1doUG4vRmluTzU0Um1GZlUvN0E9PSIsInZhbHVlIjoidk94cFZoZlZ5Ty9JdlF2WnE4bkl2SnpiZnFrSFQzNkZkakJyK1FCZG5mM1Brem5QVVh4RjRUbmpjemMzT1hSRytQWjFSQUlSMTlVcDUvbmorWEFxQjAzTmFmbnBqWktRaXlrZWFpa2VzYmN0dnVIdTRrU0pPRGsrZnZCWE83WlMiLCJtYWMiOiI3Y2IyMDRiNDM3MWM3ODIyMjU5M2E2MWZlYWQwNTdjNjE1Y2E2NDdkNzBmZTgzMmNkNDA4NmM2NmE3OTczZjg0IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /web6/assets/godaddy-logo.png HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://82nxtirnj1.q1uad.com/CRA1rix15f/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InJOc3gzclpvMkNuUkk1R3d6UjU4N1E9PSIsInZhbHVlIjoiYUgxUitHRDVWRHRrTlVYUUl1cmxUcHRLaVpEbkNRc2xUNFltdnNOQVJTc290UDNEeFNTTmN5dEg1ZVFHSE55Rnlvc1pyaUtUeHdqSmE4OG1ReWFzckhNa3gvcnZ6aUgyVmVWaUdmN254UHhyU0doNUF5Z1Y5NU5iSHJHN3oycWUiLCJtYWMiOiJhNDM4YjlmMmJiZDIzMmY2ZmE2MzhmMDIyMjYzZmNiOWM5MjNhMTUzZWMwMTk1MGJiNjNmYTgxZGU5NDBmOGFjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNLL1doUG4vRmluTzU0Um1GZlUvN0E9PSIsInZhbHVlIjoidk94cFZoZlZ5Ty9JdlF2WnE4bkl2SnpiZnFrSFQzNkZkakJyK1FCZG5mM1Brem5QVVh4RjRUbmpjemMzT1hSRytQWjFSQUlSMTlVcDUvbmorWEFxQjAzTmFmbnBqWktRaXlrZWFpa2VzYmN0dnVIdTRrU0pPRGsrZnZCWE83WlMiLCJtYWMiOiI3Y2IyMDRiNDM3MWM3ODIyMjU5M2E2MWZlYWQwNTdjNjE1Y2E2NDdkNzBmZTgzMmNkNDA4NmM2NmE3OTczZjg0IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/close_790189870c9543725dc3f5a15fb25e46.svg HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://82nxtirnj1.q1uad.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/picker_verify_fluent_authenticator_59892f1e05e3adf9fd2f71b42d92a27f.svg HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://82nxtirnj1.q1uad.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/picker_verify_call_c2616792e1950f83fdef6e72dab97293.svg HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://82nxtirnj1.q1uad.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://82nxtirnj1.q1uad.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/picker_verify_email_958962caa7cf6b75cd412e9e3b687b22.svg HTTP/1.1Host: logincdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://82nxtirnj1.q1uad.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=85472d70f9e044e1 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/maan4/0x4AAAAAAARTVxgciW021I2z/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /web6/assets/godaddy-left.png HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://82nxtirnj1.q1uad.com/CRA1rix15f/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InJOc3gzclpvMkNuUkk1R3d6UjU4N1E9PSIsInZhbHVlIjoiYUgxUitHRDVWRHRrTlVYUUl1cmxUcHRLaVpEbkNRc2xUNFltdnNOQVJTc290UDNEeFNTTmN5dEg1ZVFHSE55Rnlvc1pyaUtUeHdqSmE4OG1ReWFzckhNa3gvcnZ6aUgyVmVWaUdmN254UHhyU0doNUF5Z1Y5NU5iSHJHN3oycWUiLCJtYWMiOiJhNDM4YjlmMmJiZDIzMmY2ZmE2MzhmMDIyMjYzZmNiOWM5MjNhMTUzZWMwMTk1MGJiNjNmYTgxZGU5NDBmOGFjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNLL1doUG4vRmluTzU0Um1GZlUvN0E9PSIsInZhbHVlIjoidk94cFZoZlZ5Ty9JdlF2WnE4bkl2SnpiZnFrSFQzNkZkakJyK1FCZG5mM1Brem5QVVh4RjRUbmpjemMzT1hSRytQWjFSQUlSMTlVcDUvbmorWEFxQjAzTmFmbnBqWktRaXlrZWFpa2VzYmN0dnVIdTRrU0pPRGsrZnZCWE83WlMiLCJtYWMiOiI3Y2IyMDRiNDM3MWM3ODIyMjU5M2E2MWZlYWQwNTdjNjE1Y2E2NDdkNzBmZTgzMmNkNDA4NmM2NmE3OTczZjg0IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/close_790189870c9543725dc3f5a15fb25e46.svg HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/picker_verify_fluent_authenticator_59892f1e05e3adf9fd2f71b42d92a27f.svg HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/picker_verify_call_c2616792e1950f83fdef6e72dab97293.svg HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/picker_verify_email_958962caa7cf6b75cd412e9e3b687b22.svg HTTP/1.1Host: logincdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /web6/assets/officelogo.png HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InJOc3gzclpvMkNuUkk1R3d6UjU4N1E9PSIsInZhbHVlIjoiYUgxUitHRDVWRHRrTlVYUUl1cmxUcHRLaVpEbkNRc2xUNFltdnNOQVJTc290UDNEeFNTTmN5dEg1ZVFHSE55Rnlvc1pyaUtUeHdqSmE4OG1ReWFzckhNa3gvcnZ6aUgyVmVWaUdmN254UHhyU0doNUF5Z1Y5NU5iSHJHN3oycWUiLCJtYWMiOiJhNDM4YjlmMmJiZDIzMmY2ZmE2MzhmMDIyMjYzZmNiOWM5MjNhMTUzZWMwMTk1MGJiNjNmYTgxZGU5NDBmOGFjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNLL1doUG4vRmluTzU0Um1GZlUvN0E9PSIsInZhbHVlIjoidk94cFZoZlZ5Ty9JdlF2WnE4bkl2SnpiZnFrSFQzNkZkakJyK1FCZG5mM1Brem5QVVh4RjRUbmpjemMzT1hSRytQWjFSQUlSMTlVcDUvbmorWEFxQjAzTmFmbnBqWktRaXlrZWFpa2VzYmN0dnVIdTRrU0pPRGsrZnZCWE83WlMiLCJtYWMiOiI3Y2IyMDRiNDM3MWM3ODIyMjU5M2E2MWZlYWQwNTdjNjE1Y2E2NDdkNzBmZTgzMmNkNDA4NmM2NmE3OTczZjg0IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /web6/assets/godaddy-microsoftlogo.png HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://82nxtirnj1.q1uad.com/CRA1rix15f/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InJOc3gzclpvMkNuUkk1R3d6UjU4N1E9PSIsInZhbHVlIjoiYUgxUitHRDVWRHRrTlVYUUl1cmxUcHRLaVpEbkNRc2xUNFltdnNOQVJTc290UDNEeFNTTmN5dEg1ZVFHSE55Rnlvc1pyaUtUeHdqSmE4OG1ReWFzckhNa3gvcnZ6aUgyVmVWaUdmN254UHhyU0doNUF5Z1Y5NU5iSHJHN3oycWUiLCJtYWMiOiJhNDM4YjlmMmJiZDIzMmY2ZmE2MzhmMDIyMjYzZmNiOWM5MjNhMTUzZWMwMTk1MGJiNjNmYTgxZGU5NDBmOGFjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNLL1doUG4vRmluTzU0Um1GZlUvN0E9PSIsInZhbHVlIjoidk94cFZoZlZ5Ty9JdlF2WnE4bkl2SnpiZnFrSFQzNkZkakJyK1FCZG5mM1Brem5QVVh4RjRUbmpjemMzT1hSRytQWjFSQUlSMTlVcDUvbmorWEFxQjAzTmFmbnBqWktRaXlrZWFpa2VzYmN0dnVIdTRrU0pPRGsrZnZCWE83WlMiLCJtYWMiOiI3Y2IyMDRiNDM3MWM3ODIyMjU5M2E2MWZlYWQwNTdjNjE1Y2E2NDdkNzBmZTgzMmNkNDA4NmM2NmE3OTczZjg0IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /web6/assets/back.png HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InJOc3gzclpvMkNuUkk1R3d6UjU4N1E9PSIsInZhbHVlIjoiYUgxUitHRDVWRHRrTlVYUUl1cmxUcHRLaVpEbkNRc2xUNFltdnNOQVJTc290UDNEeFNTTmN5dEg1ZVFHSE55Rnlvc1pyaUtUeHdqSmE4OG1ReWFzckhNa3gvcnZ6aUgyVmVWaUdmN254UHhyU0doNUF5Z1Y5NU5iSHJHN3oycWUiLCJtYWMiOiJhNDM4YjlmMmJiZDIzMmY2ZmE2MzhmMDIyMjYzZmNiOWM5MjNhMTUzZWMwMTk1MGJiNjNmYTgxZGU5NDBmOGFjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNLL1doUG4vRmluTzU0Um1GZlUvN0E9PSIsInZhbHVlIjoidk94cFZoZlZ5Ty9JdlF2WnE4bkl2SnpiZnFrSFQzNkZkakJyK1FCZG5mM1Brem5QVVh4RjRUbmpjemMzT1hSRytQWjFSQUlSMTlVcDUvbmorWEFxQjAzTmFmbnBqWktRaXlrZWFpa2VzYmN0dnVIdTRrU0pPRGsrZnZCWE83WlMiLCJtYWMiOiI3Y2IyMDRiNDM3MWM3ODIyMjU5M2E2MWZlYWQwNTdjNjE1Y2E2NDdkNzBmZTgzMmNkNDA4NmM2NmE3OTczZjg0IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /web6/info HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InJOc3gzclpvMkNuUkk1R3d6UjU4N1E9PSIsInZhbHVlIjoiYUgxUitHRDVWRHRrTlVYUUl1cmxUcHRLaVpEbkNRc2xUNFltdnNOQVJTc290UDNEeFNTTmN5dEg1ZVFHSE55Rnlvc1pyaUtUeHdqSmE4OG1ReWFzckhNa3gvcnZ6aUgyVmVWaUdmN254UHhyU0doNUF5Z1Y5NU5iSHJHN3oycWUiLCJtYWMiOiJhNDM4YjlmMmJiZDIzMmY2ZmE2MzhmMDIyMjYzZmNiOWM5MjNhMTUzZWMwMTk1MGJiNjNmYTgxZGU5NDBmOGFjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNLL1doUG4vRmluTzU0Um1GZlUvN0E9PSIsInZhbHVlIjoidk94cFZoZlZ5Ty9JdlF2WnE4bkl2SnpiZnFrSFQzNkZkakJyK1FCZG5mM1Brem5QVVh4RjRUbmpjemMzT1hSRytQWjFSQUlSMTlVcDUvbmorWEFxQjAzTmFmbnBqWktRaXlrZWFpa2VzYmN0dnVIdTRrU0pPRGsrZnZCWE83WlMiLCJtYWMiOiI3Y2IyMDRiNDM3MWM3ODIyMjU5M2E2MWZlYWQwNTdjNjE1Y2E2NDdkNzBmZTgzMmNkNDA4NmM2NmE3OTczZjg0IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /web6/assets/key.png HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InJOc3gzclpvMkNuUkk1R3d6UjU4N1E9PSIsInZhbHVlIjoiYUgxUitHRDVWRHRrTlVYUUl1cmxUcHRLaVpEbkNRc2xUNFltdnNOQVJTc290UDNEeFNTTmN5dEg1ZVFHSE55Rnlvc1pyaUtUeHdqSmE4OG1ReWFzckhNa3gvcnZ6aUgyVmVWaUdmN254UHhyU0doNUF5Z1Y5NU5iSHJHN3oycWUiLCJtYWMiOiJhNDM4YjlmMmJiZDIzMmY2ZmE2MzhmMDIyMjYzZmNiOWM5MjNhMTUzZWMwMTk1MGJiNjNmYTgxZGU5NDBmOGFjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNLL1doUG4vRmluTzU0Um1GZlUvN0E9PSIsInZhbHVlIjoidk94cFZoZlZ5Ty9JdlF2WnE4bkl2SnpiZnFrSFQzNkZkakJyK1FCZG5mM1Brem5QVVh4RjRUbmpjemMzT1hSRytQWjFSQUlSMTlVcDUvbmorWEFxQjAzTmFmbnBqWktRaXlrZWFpa2VzYmN0dnVIdTRrU0pPRGsrZnZCWE83WlMiLCJtYWMiOiI3Y2IyMDRiNDM3MWM3ODIyMjU5M2E2MWZlYWQwNTdjNjE1Y2E2NDdkNzBmZTgzMmNkNDA4NmM2NmE3OTczZjg0IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /adfs/portal/logo/logo.png HTTP/1.1Host: adfs.heart.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://82nxtirnj1.q1uad.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /adfs/portal/logo/logo.png HTTP/1.1Host: adfs.heart.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /web6/assets/godaddy-left.png HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InJOc3gzclpvMkNuUkk1R3d6UjU4N1E9PSIsInZhbHVlIjoiYUgxUitHRDVWRHRrTlVYUUl1cmxUcHRLaVpEbkNRc2xUNFltdnNOQVJTc290UDNEeFNTTmN5dEg1ZVFHSE55Rnlvc1pyaUtUeHdqSmE4OG1ReWFzckhNa3gvcnZ6aUgyVmVWaUdmN254UHhyU0doNUF5Z1Y5NU5iSHJHN3oycWUiLCJtYWMiOiJhNDM4YjlmMmJiZDIzMmY2ZmE2MzhmMDIyMjYzZmNiOWM5MjNhMTUzZWMwMTk1MGJiNjNmYTgxZGU5NDBmOGFjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNLL1doUG4vRmluTzU0Um1GZlUvN0E9PSIsInZhbHVlIjoidk94cFZoZlZ5Ty9JdlF2WnE4bkl2SnpiZnFrSFQzNkZkakJyK1FCZG5mM1Brem5QVVh4RjRUbmpjemMzT1hSRytQWjFSQUlSMTlVcDUvbmorWEFxQjAzTmFmbnBqWktRaXlrZWFpa2VzYmN0dnVIdTRrU0pPRGsrZnZCWE83WlMiLCJtYWMiOiI3Y2IyMDRiNDM3MWM3ODIyMjU5M2E2MWZlYWQwNTdjNjE1Y2E2NDdkNzBmZTgzMmNkNDA4NmM2NmE3OTczZjg0IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /web6/assets/godaddy-logo.png HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InJOc3gzclpvMkNuUkk1R3d6UjU4N1E9PSIsInZhbHVlIjoiYUgxUitHRDVWRHRrTlVYUUl1cmxUcHRLaVpEbkNRc2xUNFltdnNOQVJTc290UDNEeFNTTmN5dEg1ZVFHSE55Rnlvc1pyaUtUeHdqSmE4OG1ReWFzckhNa3gvcnZ6aUgyVmVWaUdmN254UHhyU0doNUF5Z1Y5NU5iSHJHN3oycWUiLCJtYWMiOiJhNDM4YjlmMmJiZDIzMmY2ZmE2MzhmMDIyMjYzZmNiOWM5MjNhMTUzZWMwMTk1MGJiNjNmYTgxZGU5NDBmOGFjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNLL1doUG4vRmluTzU0Um1GZlUvN0E9PSIsInZhbHVlIjoidk94cFZoZlZ5Ty9JdlF2WnE4bkl2SnpiZnFrSFQzNkZkakJyK1FCZG5mM1Brem5QVVh4RjRUbmpjemMzT1hSRytQWjFSQUlSMTlVcDUvbmorWEFxQjAzTmFmbnBqWktRaXlrZWFpa2VzYmN0dnVIdTRrU0pPRGsrZnZCWE83WlMiLCJtYWMiOiI3Y2IyMDRiNDM3MWM3ODIyMjU5M2E2MWZlYWQwNTdjNjE1Y2E2NDdkNzBmZTgzMmNkNDA4NmM2NmE3OTczZjg0IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /web6/assets/godaddy-microsoftlogo.png HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InJOc3gzclpvMkNuUkk1R3d6UjU4N1E9PSIsInZhbHVlIjoiYUgxUitHRDVWRHRrTlVYUUl1cmxUcHRLaVpEbkNRc2xUNFltdnNOQVJTc290UDNEeFNTTmN5dEg1ZVFHSE55Rnlvc1pyaUtUeHdqSmE4OG1ReWFzckhNa3gvcnZ6aUgyVmVWaUdmN254UHhyU0doNUF5Z1Y5NU5iSHJHN3oycWUiLCJtYWMiOiJhNDM4YjlmMmJiZDIzMmY2ZmE2MzhmMDIyMjYzZmNiOWM5MjNhMTUzZWMwMTk1MGJiNjNmYTgxZGU5NDBmOGFjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNLL1doUG4vRmluTzU0Um1GZlUvN0E9PSIsInZhbHVlIjoidk94cFZoZlZ5Ty9JdlF2WnE4bkl2SnpiZnFrSFQzNkZkakJyK1FCZG5mM1Brem5QVVh4RjRUbmpjemMzT1hSRytQWjFSQUlSMTlVcDUvbmorWEFxQjAzTmFmbnBqWktRaXlrZWFpa2VzYmN0dnVIdTRrU0pPRGsrZnZCWE83WlMiLCJtYWMiOiI3Y2IyMDRiNDM3MWM3ODIyMjU5M2E2MWZlYWQwNTdjNjE1Y2E2NDdkNzBmZTgzMmNkNDA4NmM2NmE3OTczZjg0IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET //web6socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://82nxtirnj1.q1uad.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InJOc3gzclpvMkNuUkk1R3d6UjU4N1E9PSIsInZhbHVlIjoiYUgxUitHRDVWRHRrTlVYUUl1cmxUcHRLaVpEbkNRc2xUNFltdnNOQVJTc290UDNEeFNTTmN5dEg1ZVFHSE55Rnlvc1pyaUtUeHdqSmE4OG1ReWFzckhNa3gvcnZ6aUgyVmVWaUdmN254UHhyU0doNUF5Z1Y5NU5iSHJHN3oycWUiLCJtYWMiOiJhNDM4YjlmMmJiZDIzMmY2ZmE2MzhmMDIyMjYzZmNiOWM5MjNhMTUzZWMwMTk1MGJiNjNmYTgxZGU5NDBmOGFjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNLL1doUG4vRmluTzU0Um1GZlUvN0E9PSIsInZhbHVlIjoidk94cFZoZlZ5Ty9JdlF2WnE4bkl2SnpiZnFrSFQzNkZkakJyK1FCZG5mM1Brem5QVVh4RjRUbmpjemMzT1hSRytQWjFSQUlSMTlVcDUvbmorWEFxQjAzTmFmbnBqWktRaXlrZWFpa2VzYmN0dnVIdTRrU0pPRGsrZnZCWE83WlMiLCJtYWMiOiI3Y2IyMDRiNDM3MWM3ODIyMjU5M2E2MWZlYWQwNTdjNjE1Y2E2NDdkNzBmZTgzMmNkNDA4NmM2NmE3OTczZjg0IiwidGFnIjoiIn0%3DSec-WebSocket-Key: h0syBXKugv1h/nCv0d9uzQ==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET //web6socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://82nxtirnj1.q1uad.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InJOc3gzclpvMkNuUkk1R3d6UjU4N1E9PSIsInZhbHVlIjoiYUgxUitHRDVWRHRrTlVYUUl1cmxUcHRLaVpEbkNRc2xUNFltdnNOQVJTc290UDNEeFNTTmN5dEg1ZVFHSE55Rnlvc1pyaUtUeHdqSmE4OG1ReWFzckhNa3gvcnZ6aUgyVmVWaUdmN254UHhyU0doNUF5Z1Y5NU5iSHJHN3oycWUiLCJtYWMiOiJhNDM4YjlmMmJiZDIzMmY2ZmE2MzhmMDIyMjYzZmNiOWM5MjNhMTUzZWMwMTk1MGJiNjNmYTgxZGU5NDBmOGFjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNLL1doUG4vRmluTzU0Um1GZlUvN0E9PSIsInZhbHVlIjoidk94cFZoZlZ5Ty9JdlF2WnE4bkl2SnpiZnFrSFQzNkZkakJyK1FCZG5mM1Brem5QVVh4RjRUbmpjemMzT1hSRytQWjFSQUlSMTlVcDUvbmorWEFxQjAzTmFmbnBqWktRaXlrZWFpa2VzYmN0dnVIdTRrU0pPRGsrZnZCWE83WlMiLCJtYWMiOiI3Y2IyMDRiNDM3MWM3ODIyMjU5M2E2MWZlYWQwNTdjNjE1Y2E2NDdkNzBmZTgzMmNkNDA4NmM2NmE3OTczZjg0IiwidGFnIjoiIn0%3DSec-WebSocket-Key: 7UcTY3qBAATKauncyJUdoQ==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=VPWhO5pYBrwwGp2&MD=HetDcHbA HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /4.6.0/socket.io.min.js.map HTTP/1.1Host: cdn.socket.ioConnection: keep-aliveSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET //web6socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://82nxtirnj1.q1uad.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InJOc3gzclpvMkNuUkk1R3d6UjU4N1E9PSIsInZhbHVlIjoiYUgxUitHRDVWRHRrTlVYUUl1cmxUcHRLaVpEbkNRc2xUNFltdnNOQVJTc290UDNEeFNTTmN5dEg1ZVFHSE55Rnlvc1pyaUtUeHdqSmE4OG1ReWFzckhNa3gvcnZ6aUgyVmVWaUdmN254UHhyU0doNUF5Z1Y5NU5iSHJHN3oycWUiLCJtYWMiOiJhNDM4YjlmMmJiZDIzMmY2ZmE2MzhmMDIyMjYzZmNiOWM5MjNhMTUzZWMwMTk1MGJiNjNmYTgxZGU5NDBmOGFjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNLL1doUG4vRmluTzU0Um1GZlUvN0E9PSIsInZhbHVlIjoidk94cFZoZlZ5Ty9JdlF2WnE4bkl2SnpiZnFrSFQzNkZkakJyK1FCZG5mM1Brem5QVVh4RjRUbmpjemMzT1hSRytQWjFSQUlSMTlVcDUvbmorWEFxQjAzTmFmbnBqWktRaXlrZWFpa2VzYmN0dnVIdTRrU0pPRGsrZnZCWE83WlMiLCJtYWMiOiI3Y2IyMDRiNDM3MWM3ODIyMjU5M2E2MWZlYWQwNTdjNjE1Y2E2NDdkNzBmZTgzMmNkNDA4NmM2NmE3OTczZjg0IiwidGFnIjoiIn0%3DSec-WebSocket-Key: crK+Dp0NpUgOlzpXVm/Pog==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits

Source: chromecache_142.1.dr	String found in binary or memory: eval("var MOBILE_VIEW_WIDTH = 991;\nvar MOBILE_VIEW_HEIGHT = 768;\nvar carousel = $('#carousel');\nvar extraItems = $('#extra-items');\nvar navigation = $('#carousel-navigation').children();\nvar requestTrialModalContent = $('#requestTrialModalContent');\nvar linkToRequestTrialModal = $('#linkToRequestTrialModal');\nvar youtubeVideoModal = $('#youtubeVideoModal');\nvar youtubeVideoModalContent = $('#youtubeVideoModalContent');\nvar cookieModal = $('#cookieNotification');\nvar isMobile = window.innerWidth <= MOBILE_VIEW_WIDTH \|\| window.innerHeight <= MOBILE_VIEW_HEIGHT;\nvar selectedTab = 'upload';\nvar selectNextItem = function selectNextItem() {\n var children = carousel.children();\n var lastChild = $(children[children.length - 1]);\n lastChild.css({\n opacity: 0,\n transform: 'translateY(-60px) scale(.9)'\n });\n lastChild.insertBefore(children[0]);\n setTimeout(function () {\n lastChild.removeAttr('style');\n }, 1);\n};\nvar setImgSrc = function setImgSrc() {\n carousel.children().each(function (index, el) {\n var img = $(el).find('img');\n if (img.attr('data-src')) {\n img.attr('src', img.attr('data-src'));\n img.removeAttr('data-src');\n }\n });\n};\nsetImgSrc();\nvar animationInterval = setInterval(function () {\n selectNextItem();\n}, 3000);\nvar onClickNavigoation = function onClickNavigoation(id) {\n var children = carousel.children();\n var newItems = extraItems.find(\".\".concat(id)).clone().children();\n if (id !== selectedTab) {\n clearInterval(animationInterval);\n\n // daca nu exista in extra-items setul respectiv il adaugam\n if (!extraItems.find(\".\".concat(selectedTab)).length) {\n extraItems.append($(\"<div class=\\\"\".concat(selectedTab, \"\\\"></div>\")).append(children.clone()));\n }\n carousel.css({\n opacity: 0\n });\n $(\"#\".concat(selectedTab)).removeClass('selected');\n $(\"#\".concat(id)).addClass('selected');\n selectedTab = id;\n setTimeout(function () {\n carousel.empty();\n carousel.append(newItems);\n setImgSrc();\n carousel.removeAttr('style');\n animationInterval = setInterval(function () {\n selectNextItem();\n }, 3000);\n }, 400);\n }\n};\nnavigation.each(function (index, nav) {\n nav.addEventListener('click', function () {\n onClickNavigoation(nav.id);\n });\n});\nlinkToRequestTrialModal[0] && linkToRequestTrialModal[0].addEventListener('click', function () {\n var scriptLinkElement = document.createElement('script');\n var scriptHubspotForm = document.createElement('script');\n requestTrialModalContent.empty();\n requestTrialModalContent.prepend(scriptLinkElement);\n requestTrialModalContent.prepend(scriptHubspotForm);\n scriptLinkElement.onload = function () {\n scriptHubspotForm.innerHTML = \"\\n hbspt.forms.create({\\n portalId: \\\"5585560\\\",\\n formId: \\\"fcf68ac9-edc5-48c3-9fe9-5dd727502ca8\\\",\\n });\\n
Source: chromecache_138.1.dr	String found in binary or memory: function(h){return h.form===g})};return{store:function(g,h){var m=f(g);m?m.button=h:e.push({form:g,button:h})},get:function(g){var h=f(g);return h?h.button:null}}}function d(e,f,g,h,m){var n=jz("fsl",g?"nv.mwt":"mwt",0),p;p=g?jz("fsl","nv.ids",[]):jz("fsl","ids",[]);if(!p.length)return!0;var q=fz(e,"gtm.formSubmit",p),r=e.action;r&&r.tagName&&(r=e.cloneNode(!1).action);q["gtm.elementUrl"]=r;M(121);if("https://www.facebook.com/tr/"===r)return M(122),!0;m&&(q["gtm.formSubmitElement"]=m);if(h&&n){if(!Oz(q, equals www.facebook.com (Facebook)
Source: chromecache_138.1.dr	String found in binary or memory: return b}bD.D="internal.enableAutoEventOnTimer";var xc=ca(["data-gtm-yt-inspected-"]),cD=["www.youtube.com","www.youtube-nocookie.com"],dD,eD=!1; equals www.youtube.com (Youtube)

Source: unknown

DNS traffic detected: queries for: www.flipsnack.com

Source: unknown

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 12 Feb 2024 19:18:26 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeAccess-Control-Allow-Origin: *X-Content-Type-Options: nosniffX-XSS-Protection: 1; mode=blockCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VuunauZb6uRL3cLqsD46HxZ3d1IfOabWMWxINP%2BdiDYchRno1JyRfNYt%2BUCWLn0WSgHw5oLjF3MJGsWpPUzd9H3pmD9WuX7cZga8kBk4viqqOWJq1UHcZiLrLQ0C"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}alt-svc: h3=":443"; ma=86400Server: cloudflareCF-RAY: 85472d678fc1137d-ATL
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 12 Feb 2024 19:18:27 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeAccess-Control-Allow-Origin: *X-Content-Type-Options: nosniffX-XSS-Protection: 1; mode=blockCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ujxlTLUCzKNVNZF6cDf3gqZ9ubQ56v8F0UixvBy67aQqqO3gtsiTz4MUFoUZXPTggOhC1%2FVqK6%2B39bHNjv3HhS28KuJVNVtyNNq7h6Og8Mm20Cv664ZZc1TSkKTr"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}alt-svc: h3=":443"; ma=86400Server: cloudflareCF-RAY: 85472d70bdb153c4-ATL
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 12 Feb 2024 19:18:29 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeAccess-Control-Allow-Origin: *X-Content-Type-Options: nosniffX-XSS-Protection: 1; mode=blockCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BVMFxup2BXe5AAkxA4bjs%2BvM0yrZU3LhFPv7836YlAY2mN%2BLVTp%2BVDI%2B%2BORFONgCk7bnRRm5zRABJagIXCxsVRyRTyZsFw9DEJFzHHGap7%2FfW98YMo9lbSFZl0kF"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}alt-svc: h3=":443"; ma=86400Server: cloudflareCF-RAY: 85472d798f6ab0dc-ATL

Source: chromecache_159.1.dr	String found in binary or memory: http://cyreal.orgThis
Source: chromecache_127.1.dr, chromecache_105.1.dr, chromecache_134.1.dr, chromecache_92.1.dr, chromecache_131.1.dr, chromecache_136.1.dr, chromecache_129.1.dr, chromecache_169.1.dr, chromecache_168.1.dr, chromecache_96.1.dr	String found in binary or memory: http://queue.amazonaws.com/doc/2012-11-05/
Source: chromecache_159.1.dr	String found in binary or memory: http://scripts.sil.org/OFLhttp://scripts.sil.org/OFLWeightItalicRoman
Source: chromecache_103.1.dr	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
Source: chromecache_165.1.dr	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0Weight
Source: chromecache_122.1.dr	String found in binary or memory: https://aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.s
Source: chromecache_138.1.dr	String found in binary or memory: https://adservice.google.com/pagead/regclk
Source: chromecache_138.1.dr	String found in binary or memory: https://adservice.googlesyndication.com/pagead/regclk
Source: chromecache_172.1.dr	String found in binary or memory: https://app.flipsnack.com
Source: chromecache_138.1.dr, chromecache_101.1.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: chromecache_176.1.dr	String found in binary or memory: https://cdn.flipsnack.net/site/images/terms/header-bg.gz.svg
Source: chromecache_102.1.dr	String found in binary or memory: https://cdn.socket.io/4.6.0/socket.io.min.js
Source: chromecache_172.1.dr	String found in binary or memory: https://content-private.flipsnack.com/authorization
Source: chromecache_138.1.dr	String found in binary or memory: https://ct.capterra.com/capterra_tracker.gif
Source: chromecache_172.1.dr	String found in binary or memory: https://d160aj0mj3npgx.cloudfront.net
Source: chromecache_172.1.dr	String found in binary or memory: https://d1dhn91mufybwl.cloudfront.net
Source: chromecache_172.1.dr	String found in binary or memory: https://d1fpu6k62r548q.cloudfront.net
Source: chromecache_172.1.dr	String found in binary or memory: https://d1fpu6k62r548q.cloudfront.net/css/fonts/Roboto-Bold.ttf
Source: chromecache_172.1.dr	String found in binary or memory: https://d1fpu6k62r548q.cloudfront.net/css/fonts/Roboto-Medium.ttf
Source: chromecache_172.1.dr	String found in binary or memory: https://d1fpu6k62r548q.cloudfront.net/css/fonts/Roboto-Regular.ttf
Source: chromecache_172.1.dr	String found in binary or memory: https://d3u72tnj701eui.cloudfront.net
Source: chromecache_142.1.dr	String found in binary or memory: https://developers.google.com/web/fundamentals/performance/lazy-loading-guidance/images-and-video/
Source: chromecache_172.1.dr	String found in binary or memory: https://developers.google.com/web/fundamentals/web-app-manifest/
Source: chromecache_159.1.dr	String found in binary or memory: https://github.com/cyrealtype/Lora-Cyrillic)
Source: chromecache_165.1.dr	String found in binary or memory: https://github.com/googlefonts/robotoslab)Roboto
Source: chromecache_138.1.dr	String found in binary or memory: https://google.com
Source: chromecache_138.1.dr	String found in binary or memory: https://googleads.g.doubleclick.net
Source: chromecache_142.1.dr	String found in binary or memory: https://js.hsforms.net/forms/shell.js
Source: chromecache_138.1.dr, chromecache_101.1.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: chromecache_138.1.dr, chromecache_101.1.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: chromecache_138.1.dr	String found in binary or memory: https://px.ads.linkedin.com/collect?
Source: chromecache_138.1.dr	String found in binary or memory: https://snap.licdn.com/li.lms-analytics/insight.min.js
Source: chromecache_172.1.dr	String found in binary or memory: https://sqs.us-east-1.amazonaws.com/756737886395/flip-engagement-stats
Source: chromecache_172.1.dr	String found in binary or memory: https://sqs.us-east-1.amazonaws.com/756737886395/flip-order-email
Source: chromecache_172.1.dr	String found in binary or memory: https://sqs.us-east-1.amazonaws.com/756737886395/flip-sts
Source: chromecache_172.1.dr	String found in binary or memory: https://sqs.us-east-1.amazonaws.com/756737886395/flip-widget-queue
Source: chromecache_138.1.dr, chromecache_101.1.dr	String found in binary or memory: https://td.doubleclick.net
Source: chromecache_142.1.dr, chromecache_161.1.dr, chromecache_177.1.dr	String found in binary or memory: https://webpack.js.org/configuration/devtool/)
Source: chromecache_142.1.dr, chromecache_161.1.dr, chromecache_177.1.dr	String found in binary or memory: https://webpack.js.org/configuration/mode/).
Source: chromecache_172.1.dr	String found in binary or memory: https://www.flipsnack.com
Source: chromecache_138.1.dr, chromecache_101.1.dr	String found in binary or memory: https://www.google.com
Source: chromecache_138.1.dr, chromecache_101.1.dr	String found in binary or memory: https://www.googleadservices.com
Source: chromecache_138.1.dr, chromecache_101.1.dr	String found in binary or memory: https://www.googlesyndication.com
Source: chromecache_101.1.dr	String found in binary or memory: https://www.googletagmanager.com
Source: chromecache_142.1.dr	String found in binary or memory: https://www.youtube.com/embed/OH38GL_F3jM?&modestbranding=1&color=red&rel=0&

Source: unknown	Network traffic detected: HTTP traffic on port 49708 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49708
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49707
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49706
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49705
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49704
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49702
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49701
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49701 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 49707 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49702 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 49698 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49698
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49700 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49706 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49688 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49700
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49704 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49705 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443

Source: unknown	HTTPS traffic detected: 23.36.68.63:443 -> 192.168.2.16:49751 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.36.68.63:443 -> 192.168.2.16:49752 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.127.169.103:443 -> 192.168.2.16:49755 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.127.169.103:443 -> 192.168.2.16:49824 version: TLS 1.2

Creates files inside the system directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Windows\SystemTemp\chrome_BITS_1316_1252745217

Jump to behavior

Source: classification engine

Classification label: mal76.phis.win@19/161@58/33

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://www.flipsnack.com/FADA7B77C6F/new-flipbook/full-view.html
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2180 --field-trial-handle=1864,i,15981583137618620932,16344699914782195313,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2180 --field-trial-handle=1864,i,15981583137618620932,16344699914782195313,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: Window Recorder

Window detected: More than 3 window changes detected

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

ID:	1391070
Product:	CloudBasic
Start time:	20:17:24
Start date:	12.02.2024
Cookbook:	defaultwindowsinteractivecookbook.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Windows Analysis Report
https://www.flipsnack.com/FADA7B77C6F/new-flipbook/full-view.html

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Boot Survival

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report https://www.flipsnack.com/FADA7B77C6F/new-flipbook/full-view.html

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Boot Survival

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
https://www.flipsnack.com/FADA7B77C6F/new-flipbook/full-view.html