Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://www.flipsnack.com/FADA7B77C6F/new-flipbook/full-view.html

Overview

General Information

Sample URL:https://www.flipsnack.com/FADA7B77C6F/new-flipbook/full-view.html
Analysis ID:1391070
Infos:

Detection

HTMLPhisher
Score:76
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Phishing site detected (based on favicon image match)
Yara detected HtmlPhish10
Phishing site detected (based on OCR NLP Model)
Phishing site detected (based on image similarity)
Phishing site detected (based on logo match)
Creates files inside the system directory
Found iframes
HTML body contains low number of good links
HTML page contains hidden URLs or javascript code
HTML title does not match URL
Invalid T&C link found
Stores files to the Windows start menu directory

Classification

  • System is w10x64_ra
  • chrome.exe (PID: 1316 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://www.flipsnack.com/FADA7B77C6F/new-flipbook/full-view.html MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 5892 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2180 --field-trial-handle=1864,i,15981583137618620932,16344699914782195313,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup
No configs have been found
SourceRuleDescriptionAuthorStrings
3.12.pages.csvJoeSecurity_HtmlPhish_10Yara detected HtmlPhish_10Joe Security
    No Sigma rule has matched
    No Snort rule has matched

    Click to jump to signature section

    Show All Signature Results

    AV Detection

    barindex
    Source: https://www.flipsnack.com/FADA7B77C6F/new-flipbook/full-view.htmlSlashNext: detection malicious, Label: Credential Stealing type: Phishing & Social Engineering

    Phishing

    barindex
    Source: https://q1uad.comMatcher: Template: cloudflare matched with high similarity
    Source: https://82nxtirnj1.q1uad.com/CRA1rix15f/Matcher: Template: cloudflare matched with high similarity
    Source: Yara matchFile source: 3.12.pages.csv, type: HTML
    Source: Chrome DOMML Model on OCR Text: Matched 97.8% probability on "New Documents Received You have received 1 PDF Document 2-12-24 VIEW DOCUMENT 00 "
    Source: https://82nxtirnj1.q1uad.com/CRA1rix15f/Matcher: Found strong image similarity, brand: MICROSOFT
    Source: https://82nxtirnj1.q1uad.com/CRA1rix15f/Matcher: Template: microsoft matched
    Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/maan4/0x4AAAAAAARTVxgciW021I2z/auto/normalMatcher: Template: microsoft matched
    Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/maan4/0x4AAAAAAARTVxgciW021I2z/auto/normalMatcher: Template: microsoft matched
    Source: https://82nxtirnj1.q1uad.com/CRA1rix15f/HTTP Parser: Iframe src: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/maan4/0x4AAAAAAARTVxgciW021I2z/auto/normal
    Source: https://82nxtirnj1.q1uad.com/CRA1rix15f/HTTP Parser: Number of links: 0
    Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/maan4/0x4AAAAAAARTVxgciW021I2z/auto/normalHTTP Parser: Base64 decoded: http://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/maan4/0x4AAAAAAARTVxgciW021I2z/auto/normal
    Source: https://82nxtirnj1.q1uad.com/CRA1rix15f/HTTP Parser: Title: Sign in to your Microsoft account does not match URL
    Source: https://82nxtirnj1.q1uad.com/CRA1rix15f/HTTP Parser: Invalid link: Terms of use
    Source: https://82nxtirnj1.q1uad.com/CRA1rix15f/HTTP Parser: Invalid link: Privacy & cookies
    Source: https://82nxtirnj1.q1uad.com/CRA1rix15f/HTTP Parser: <input type="password" .../> found
    Source: https://player.flipsnack.com/?hash=RkFEQTdCNzdDNkYrYzVlcmxmbTFjaQ%3D%3D&forceWidget=1&t=1707748963HTTP Parser: No favicon
    Source: https://player.flipsnack.com/?hash=RkFEQTdCNzdDNkYrYzVlcmxmbTFjaQ%3D%3D&forceWidget=1&t=1707748963HTTP Parser: No favicon
    Source: https://player.flipsnack.com/?hash=RkFEQTdCNzdDNkYrYzVlcmxmbTFjaQ%3D%3D&forceWidget=1&t=1707748963HTTP Parser: No favicon
    Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/maan4/0x4AAAAAAARTVxgciW021I2z/auto/normalHTTP Parser: No favicon
    Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/maan4/0x4AAAAAAARTVxgciW021I2z/auto/normalHTTP Parser: No favicon
    Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/maan4/0x4AAAAAAARTVxgciW021I2z/auto/normalHTTP Parser: No favicon
    Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/maan4/0x4AAAAAAARTVxgciW021I2z/auto/normalHTTP Parser: No favicon
    Source: https://82nxtirnj1.q1uad.com/CRA1rix15f/HTTP Parser: No <meta name="author".. found
    Source: https://82nxtirnj1.q1uad.com/CRA1rix15f/HTTP Parser: No <meta name="copyright".. found
    Source: unknownHTTPS traffic detected: 23.36.68.63:443 -> 192.168.2.16:49751 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 23.36.68.63:443 -> 192.168.2.16:49752 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 40.127.169.103:443 -> 192.168.2.16:49755 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 40.127.169.103:443 -> 192.168.2.16:49824 version: TLS 1.2
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.200
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 23.36.68.63
    Source: unknownTCP traffic detected without corresponding DNS query: 23.36.68.63
    Source: unknownTCP traffic detected without corresponding DNS query: 23.36.68.63
    Source: unknownTCP traffic detected without corresponding DNS query: 23.36.68.63
    Source: unknownTCP traffic detected without corresponding DNS query: 23.36.68.63
    Source: unknownTCP traffic detected without corresponding DNS query: 23.36.68.63
    Source: unknownTCP traffic detected without corresponding DNS query: 23.36.68.63
    Source: unknownTCP traffic detected without corresponding DNS query: 23.36.68.63
    Source: unknownTCP traffic detected without corresponding DNS query: 23.36.68.63
    Source: unknownTCP traffic detected without corresponding DNS query: 23.36.68.63
    Source: unknownTCP traffic detected without corresponding DNS query: 23.36.68.63
    Source: unknownTCP traffic detected without corresponding DNS query: 23.36.68.63
    Source: unknownTCP traffic detected without corresponding DNS query: 23.36.68.63
    Source: unknownTCP traffic detected without corresponding DNS query: 23.36.68.63
    Source: unknownTCP traffic detected without corresponding DNS query: 23.36.68.63
    Source: unknownTCP traffic detected without corresponding DNS query: 23.36.68.63
    Source: unknownTCP traffic detected without corresponding DNS query: 23.36.68.63
    Source: unknownTCP traffic detected without corresponding DNS query: 23.36.68.63
    Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
    Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
    Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
    Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
    Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
    Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
    Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
    Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
    Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
    Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
    Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
    Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
    Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
    Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
    Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
    Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
    Source: unknownTCP traffic detected without corresponding DNS query: 40.127.169.103
    Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
    Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
    Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
    Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
    Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
    Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
    Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
    Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
    Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
    Source: global trafficHTTP traffic detected: GET /FADA7B77C6F/new-flipbook/full-view.html HTTP/1.1Host: www.flipsnack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=117.0.5938.132&lang=en-US&acceptformat=crx3,puff&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26brand%3DONGR%26ping%3Dr%253D-1%2526e%253D1 HTTP/1.1Host: clients2.google.comConnection: keep-aliveX-Goog-Update-Interactivity: fgX-Goog-Update-AppId: nmmhkkegccagdldgiimedpiccmgmiedaX-Goog-Update-Updater: chromecrx-117.0.5938.132Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /public/build/bootstrap4.css HTTP/1.1Host: www.flipsnack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.flipsnack.com/FADA7B77C6F/new-flipbook/full-view.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /public/build/site-base.js HTTP/1.1Host: www.flipsnack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.flipsnack.com/FADA7B77C6F/new-flipbook/full-view.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /public/build/genericv2.js HTTP/1.1Host: www.flipsnack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.flipsnack.com/FADA7B77C6F/new-flipbook/full-view.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /public/build/public-profile.js HTTP/1.1Host: www.flipsnack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.flipsnack.com/FADA7B77C6F/new-flipbook/full-view.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /site/fonts/visbycf-heavy.woff2 HTTP/1.1Host: cdn.flipsnack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.flipsnack.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /site/fonts/roboto-v20-latin-300.woff2 HTTP/1.1Host: cdn.flipsnack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.flipsnack.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /site/fonts/roboto-v20-latin-300italic.woff2 HTTP/1.1Host: cdn.flipsnack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.flipsnack.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /site/fonts/roboto-v20-latin-regular.woff2 HTTP/1.1Host: cdn.flipsnack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.flipsnack.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /site/fonts/roboto-v20-latin-italic.woff2 HTTP/1.1Host: cdn.flipsnack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.flipsnack.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /site/fonts/roboto-v20-latin-500.woff2 HTTP/1.1Host: cdn.flipsnack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.flipsnack.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /site/fonts/roboto-v20-latin-700.woff2 HTTP/1.1Host: cdn.flipsnack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.flipsnack.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /site/images/down-arrow.gz.svg HTTP/1.1Host: cdn.flipsnack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /v2/showCookiePolicy?page=public-profile HTTP/1.1Host: api.flipsnack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.flipsnack.comSec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /?hash=RkFEQTdCNzdDNkYrYzVlcmxmbTFjaQ%3D%3D&forceWidget=1&t=1707748963 HTTP/1.1Host: player.flipsnack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /site/images/down-arrow.gz.svg HTTP/1.1Host: cdn.flipsnack.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: fs_tags_en=%7B%221707765473342%22%3A%22%2FFADA7B77C6F%2Fnew-flipbook%2Ffull-view.html%2Cen%22%7D
    Source: global trafficHTTP traffic detected: GET /reader.gz.js HTTP/1.1Host: player.flipsnack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://player.flipsnack.com/?hash=RkFEQTdCNzdDNkYrYzVlcmxmbTFjaQ%3D%3D&forceWidget=1&t=1707748963Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: fs_tags_en=%7B%221707765473342%22%3A%22%2FFADA7B77C6F%2Fnew-flipbook%2Ffull-view.html%2Cen%22%7D
    Source: global trafficHTTP traffic detected: GET /handleUnsupportedBrowsers.gz.js HTTP/1.1Host: player.flipsnack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://player.flipsnack.com/?hash=RkFEQTdCNzdDNkYrYzVlcmxmbTFjaQ%3D%3D&forceWidget=1&t=1707748963Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: fs_tags_en=%7B%221707765473342%22%3A%22%2FFADA7B77C6F%2Fnew-flipbook%2Ffull-view.html%2Cen%22%7D
    Source: global trafficHTTP traffic detected: GET /v2/showCookiePolicy?page=public-profile HTTP/1.1Host: api.flipsnack.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: fs_tags_en=%7B%221707765473342%22%3A%22%2FFADA7B77C6F%2Fnew-flipbook%2Ffull-view.html%2Cen%22%7D
    Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.flipsnack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.flipsnack.com/FADA7B77C6F/new-flipbook/full-view.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: fs_tags_en=%7B%221707765473342%22%3A%22%2FFADA7B77C6F%2Fnew-flipbook%2Ffull-view.html%2Cen%22%7D
    Source: global trafficHTTP traffic detected: GET /authorization?hash=RkFEQTdCNzdDNkYrYzVlcmxmbTFjaQ== HTTP/1.1Host: content-private.flipsnack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Origin: https://player.flipsnack.comSec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://player.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.flipsnack.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: fs_tags_en=%7B%221707765473342%22%3A%22%2FFADA7B77C6F%2Fnew-flipbook%2Ffull-view.html%2Cen%22%7D
    Source: global trafficHTTP traffic detected: GET /FADA7B77C6F/collections/c5erlfm1ci/data.json?Signature=Ldi29kOlixSZfit1%7Ey7FSSNzVIV0xTL365E-rfAXr6fc3bvPZ6zSu1GsUorWNpTPcA0c%7EVonds2WcVZrcEB5wI6aB1ibH%7EEMRCRVDjjaLWGYTDco-wJiIOwtV7GvWi6olv9Fc%7EGNkSi5GCjvdI8zcmCCV9yh-MYv%7ERWinHj4%7EdOdbzFG9Z24FoGUpFBt6P7hxP8RYd%7EzYpoIWGCvLpzcKClC5-LyH9KCKGTYKFUDQd6-u0X0fHXMXK1ozp%7ECidEf3qQGkCwlmpQ24ENfdYrTo0vcFYAxHoZ-QHJrNBfFDReh2k2JeenoavKFRXWIXtbltfxgPudhPBx9CjazuZLOAQ__&Policy=eyJTdGF0ZW1lbnQiOlt7IlJlc291cmNlIjoiaHR0cHM6Ly9kM3U3MnRuajcwMWV1aS5jbG91ZGZyb250Lm5ldC9GQURBN0I3N0M2Ri9jb2xsZWN0aW9ucy9jNWVybGZtMWNpLyoiLCJDb25kaXRpb24iOnsiRGF0ZUxlc3NUaGFuIjp7IkFXUzpFcG9jaFRpbWUiOjE3MDc3NjU1OTZ9fX1dfQ__&Key-Pair-Id=KKS5Y1MBXEN2R HTTP/1.1Host: d3u72tnj701eui.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Origin: https://player.flipsnack.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://player.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /authorization?hash=RkFEQTdCNzdDNkYrYzVlcmxmbTFjaQ== HTTP/1.1Host: content-private.flipsnack.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: fs_tags_en=%7B%221707765473342%22%3A%22%2FFADA7B77C6F%2Fnew-flipbook%2Ffull-view.html%2Cen%22%7D
    Source: global trafficHTTP traffic detected: GET /FADA7B77C6F/collections/c5erlfm1ci/data.json?Signature=Ldi29kOlixSZfit1%7Ey7FSSNzVIV0xTL365E-rfAXr6fc3bvPZ6zSu1GsUorWNpTPcA0c%7EVonds2WcVZrcEB5wI6aB1ibH%7EEMRCRVDjjaLWGYTDco-wJiIOwtV7GvWi6olv9Fc%7EGNkSi5GCjvdI8zcmCCV9yh-MYv%7ERWinHj4%7EdOdbzFG9Z24FoGUpFBt6P7hxP8RYd%7EzYpoIWGCvLpzcKClC5-LyH9KCKGTYKFUDQd6-u0X0fHXMXK1ozp%7ECidEf3qQGkCwlmpQ24ENfdYrTo0vcFYAxHoZ-QHJrNBfFDReh2k2JeenoavKFRXWIXtbltfxgPudhPBx9CjazuZLOAQ__&Policy=eyJTdGF0ZW1lbnQiOlt7IlJlc291cmNlIjoiaHR0cHM6Ly9kM3U3MnRuajcwMWV1aS5jbG91ZGZyb250Lm5ldC9GQURBN0I3N0M2Ri9jb2xsZWN0aW9ucy9jNWVybGZtMWNpLyoiLCJDb25kaXRpb24iOnsiRGF0ZUxlc3NUaGFuIjp7IkFXUzpFcG9jaFRpbWUiOjE3MDc3NjU1OTZ9fX1dfQ__&Key-Pair-Id=KKS5Y1MBXEN2R HTTP/1.1Host: d3u72tnj701eui.cloudfront.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /css/fonts/Roboto-Bold.ttf HTTP/1.1Host: d1fpu6k62r548q.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://player.flipsnack.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://player.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /css/fonts/Roboto-Regular.ttf HTTP/1.1Host: d1fpu6k62r548q.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://player.flipsnack.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://player.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /library/fonts/fbf553490-1230-4c9c-970c-dc73de115be3 HTTP/1.1Host: d1fpu6k62r548q.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://player.flipsnack.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://player.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /library/fonts/fd23e9fea-b25a-4b78-85c1-9f4effe686be HTTP/1.1Host: d1fpu6k62r548q.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://player.flipsnack.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://player.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /library/fonts/f7fb99437-bc80-4e24-afd9-0ef76944a227 HTTP/1.1Host: d1fpu6k62r548q.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://player.flipsnack.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://player.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /756737886395/flip-sts?Action=SendMessage&MessageBody=%7B%22ih%22%3A%220283ad6deb44463282f7eba038e86fca%22%2C%22ch%22%3A%22c5erlfm1ci%22%2C%22cih%22%3A%224ba182db41a8d27e7e0152i142517236%22%2C%22e%22%3A%5B%7B%22eid%22%3A1%7D%5D%2C%22ts%22%3A1707765476%7D HTTP/1.1Host: sqs.us-east-1.amazonaws.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Origin: https://player.flipsnack.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://player.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /756737886395/flip-sts?Action=SendMessage&MessageBody=%7B%22ih%22%3A%220283ad6deb44463282f7eba038e86fca%22%2C%22ch%22%3A%22c5erlfm1ci%22%2C%22cih%22%3A%224ba182db41a8d27e7e0152i142517236%22%2C%22e%22%3A%5B%7B%22eid%22%3A6%2C%22pid%22%3A%22GaxzXKpzylBrtQw_%22%7D%5D%2C%22ts%22%3A1707765476%7D HTTP/1.1Host: sqs.us-east-1.amazonaws.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Origin: https://player.flipsnack.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://player.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /756737886395/flip-sts?Action=SendMessage&MessageBody=%7B%22ih%22%3A%220283ad6deb44463282f7eba038e86fca%22%2C%22ch%22%3A%22c5erlfm1ci%22%2C%22cih%22%3A%224ba182db41a8d27e7e0152i142517236%22%2C%22e%22%3A%5B%7B%22eid%22%3A1%7D%5D%2C%22ts%22%3A1707765476%7D HTTP/1.1Host: sqs.us-east-1.amazonaws.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /756737886395/flip-sts?Action=SendMessage&MessageBody=%7B%22ih%22%3A%220283ad6deb44463282f7eba038e86fca%22%2C%22ch%22%3A%22c5erlfm1ci%22%2C%22cih%22%3A%224ba182db41a8d27e7e0152i142517236%22%2C%22e%22%3A%5B%7B%22eid%22%3A6%2C%22pid%22%3A%22GaxzXKpzylBrtQw_%22%7D%5D%2C%22ts%22%3A1707765476%7D HTTP/1.1Host: sqs.us-east-1.amazonaws.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /756737886395/flip-sts?Action=SendMessage&MessageBody=%7B%22ih%22%3A%220283ad6deb44463282f7eba038e86fca%22%2C%22ch%22%3A%22c5erlfm1ci%22%2C%22cih%22%3A%224ba182db41a8d27e7e0152i142517236%22%2C%22e%22%3A%5B%7B%22eid%22%3A2%2C%22d%22%3A0%2C%22s%22%3A0%7D%2C%7B%22eid%22%3A9%2C%22pageIndex%22%3A0%7D%5D%2C%22ts%22%3A1707765478%7D HTTP/1.1Host: sqs.us-east-1.amazonaws.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Origin: https://player.flipsnack.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://player.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /756737886395/flip-sts?Action=SendMessage&MessageBody=%7B%22ih%22%3A%220283ad6deb44463282f7eba038e86fca%22%2C%22ch%22%3A%22c5erlfm1ci%22%2C%22cih%22%3A%224ba182db41a8d27e7e0152i142517236%22%2C%22e%22%3A%5B%7B%22eid%22%3A2%2C%22d%22%3A0%2C%22s%22%3A0%7D%2C%7B%22eid%22%3A9%2C%22pageIndex%22%3A0%7D%5D%2C%22ts%22%3A1707765478%7D HTTP/1.1Host: sqs.us-east-1.amazonaws.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /756737886395/flip-sts?Action=SendMessage&MessageBody=%7B%22ih%22%3A%220283ad6deb44463282f7eba038e86fca%22%2C%22ch%22%3A%22c5erlfm1ci%22%2C%22cih%22%3A%224ba182db41a8d27e7e0152i142517236%22%2C%22e%22%3A%5B%7B%22eid%22%3A3%2C%22t%22%3A5007%7D%2C%7B%22eid%22%3A10%2C%22pid%22%3A%22GaxzXKpzylBrtQw_%22%2C%22t%22%3A5007%7D%5D%2C%22ts%22%3A1707765481%7D HTTP/1.1Host: sqs.us-east-1.amazonaws.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Origin: https://player.flipsnack.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://player.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /CRA1rix15f/ HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://player.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /756737886395/flip-sts?Action=SendMessage&MessageBody=%7B%22ih%22%3A%220283ad6deb44463282f7eba038e86fca%22%2C%22ch%22%3A%22c5erlfm1ci%22%2C%22cih%22%3A%224ba182db41a8d27e7e0152i142517236%22%2C%22e%22%3A%5B%7B%22eid%22%3A7%2C%22elid%22%3A5%2C%22pid%22%3A%22GaxzXKpzylBrtQw_%22%7D%5D%2C%22ts%22%3A1707765482%7D HTTP/1.1Host: sqs.us-east-1.amazonaws.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Origin: https://player.flipsnack.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://player.flipsnack.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /756737886395/flip-sts?Action=SendMessage&MessageBody=%7B%22ih%22%3A%220283ad6deb44463282f7eba038e86fca%22%2C%22ch%22%3A%22c5erlfm1ci%22%2C%22cih%22%3A%224ba182db41a8d27e7e0152i142517236%22%2C%22e%22%3A%5B%7B%22eid%22%3A3%2C%22t%22%3A5007%7D%2C%7B%22eid%22%3A10%2C%22pid%22%3A%22GaxzXKpzylBrtQw_%22%2C%22t%22%3A5007%7D%5D%2C%22ts%22%3A1707765481%7D HTTP/1.1Host: sqs.us-east-1.amazonaws.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /756737886395/flip-sts?Action=SendMessage&MessageBody=%7B%22ih%22%3A%220283ad6deb44463282f7eba038e86fca%22%2C%22ch%22%3A%22c5erlfm1ci%22%2C%22cih%22%3A%224ba182db41a8d27e7e0152i142517236%22%2C%22e%22%3A%5B%7B%22eid%22%3A7%2C%22elid%22%3A5%2C%22pid%22%3A%22GaxzXKpzylBrtQw_%22%7D%5D%2C%22ts%22%3A1707765482%7D HTTP/1.1Host: sqs.us-east-1.amazonaws.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /CRA1rix15f/myscr731481.js HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://82nxtirnj1.q1uad.com/CRA1rix15f/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
    Source: global trafficHTTP traffic detected: GET /jquery-3.6.0.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://82nxtirnj1.q1uad.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /turnstile/v0/api.js?render=explicit HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://82nxtirnj1.q1uad.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /turnstile/v0/b/a990e557/api.js?render=explicit HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://82nxtirnj1.q1uad.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=VPWhO5pYBrwwGp2&MD=HetDcHbA HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
    Source: global trafficHTTP traffic detected: GET /web6/assets/js/pages-head-top-web.min.js?cb=1707765480000 HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://82nxtirnj1.q1uad.com/CRA1rix15f/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /web6/assets/js/pages-head-web.min.js?cb=36 HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://82nxtirnj1.q1uad.com/CRA1rix15f/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /4.6.0/socket.io.min.js HTTP/1.1Host: cdn.socket.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://82nxtirnj1.q1uad.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/maan4/0x4AAAAAAARTVxgciW021I2z/auto/normal HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://82nxtirnj1.q1uad.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/maan4/0x4AAAAAAARTVxgciW021I2z/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=85472d0cba267ba2 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/maan4/0x4AAAAAAARTVxgciW021I2z/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /web6/assets/cloudfavicon.ico HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://82nxtirnj1.q1uad.com/CRA1rix15f/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/188599553:1707761284:t35egqV8oiwBr-fcwNypp56HyrUC8YuAQ06QaNMI4Yw/85472d0cba267ba2/7faf2e30711334a HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /web6/assets/cloudfavicon.ico HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/85472d0cba267ba2/1707765492216/vpaMIviRrH04L-R HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/maan4/0x4AAAAAAARTVxgciW021I2z/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/85472d0cba267ba2/1707765492216/vpaMIviRrH04L-R HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/pat/85472d0cba267ba2/1707765492220/8bc209de43f7e6dc6a1f5591bb317a734b7989731d016204f0c1facc8bee6958/2HuYEMxeYf5W5fe HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/maan4/0x4AAAAAAARTVxgciW021I2z/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/188599553:1707761284:t35egqV8oiwBr-fcwNypp56HyrUC8YuAQ06QaNMI4Yw/85472d0cba267ba2/7faf2e30711334a HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/188599553:1707761284:t35egqV8oiwBr-fcwNypp56HyrUC8YuAQ06QaNMI4Yw/85472d0cba267ba2/7faf2e30711334a HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /web6/assets/pages/nsix.css?cb=1707765487934 HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://82nxtirnj1.q1uad.com/CRA1rix15f/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /web6/assets/css/pages.min.css?cb=36 HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://82nxtirnj1.q1uad.com/CRA1rix15f/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /web6/assets/css/pages-godaddy.css?cb=36 HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://82nxtirnj1.q1uad.com/CRA1rix15f/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /web6/assets/fonts/GDSherpa-bold.woff2 HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://82nxtirnj1.q1uad.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://82nxtirnj1.q1uad.com/CRA1rix15f/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /web6/assets/fonts/GDSherpa-bold.woff HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://82nxtirnj1.q1uad.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://82nxtirnj1.q1uad.com/CRA1rix15f/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /web6/assets/fonts/GDSherpa-regular.woff2 HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://82nxtirnj1.q1uad.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://82nxtirnj1.q1uad.com/CRA1rix15f/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /web6/assets/fonts/GDSherpa-regular.woff HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://82nxtirnj1.q1uad.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://82nxtirnj1.q1uad.com/CRA1rix15f/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /web6/assets/fonts/GDSherpa-vf.woff2 HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://82nxtirnj1.q1uad.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://82nxtirnj1.q1uad.com/CRA1rix15f/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /web6/assets/fonts/GDSherpa-vf2.woff2 HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://82nxtirnj1.q1uad.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://82nxtirnj1.q1uad.com/CRA1rix15f/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /web6/validatecaptcha HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IkQxTlhVYzRkRXNVMDZyQjV6ZGgvSHc9PSIsInZhbHVlIjoiYXA0eVlVNUpGN000WCtYd1dLeTZydWlxRkxXeGhHa2dzU2hnaVBUUkx2ZHJHdzFjakVObHRjb0pUZktIMGtyb2VLdHBSWjlLUkNrcWRXUGV6UUx4ZEo4czNKclUrOVg1RVU3R29vYjNWT3cvMk9YSGx0NzNHRmIzU1F6MWxSZVkiLCJtYWMiOiIwYzBhZWVmNjNkMjIxYjUwMmJkZjI1Y2RiYzE1MjA4ZjcxYWI3NDllODQ5YzQ0ZmI1ZmIwZDYwMjFmMjczM2YzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjVUT1hvc3FqZERwQ0VxUGFYWFU1RUE9PSIsInZhbHVlIjoiaDhXNmJOc2JuY3ZXcWVPeTZ2d1NSN0ppM3IyMzJkTngyNFcwZHZpcWRkYUZ3V3VNY0hnSlVXVTVZZUZKY1E3bktLK2pJWVIvZURKWmhWQUd3dEo5dis4dWpWUTBnSHVLNzAwM3E5Um8rQ2ZDVzJYaThPV1I1YVRKeFk2eU1BNHoiLCJtYWMiOiIwNzc1MWI1MGMzYTljMDgyOGM2ZDUxZjViOTA0NGUzNjRiODRhYWRjMWVhZjc1MzIzODIwODVlZmM0ZWQxOTBlIiwidGFnIjoiIn0%3D
    Source: global trafficHTTP traffic detected: GET //web6socket/socket.io/?type=User&appnum=1&EIO=4&transport=websocket HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://82nxtirnj1.q1uad.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IkQxTlhVYzRkRXNVMDZyQjV6ZGgvSHc9PSIsInZhbHVlIjoiYXA0eVlVNUpGN000WCtYd1dLeTZydWlxRkxXeGhHa2dzU2hnaVBUUkx2ZHJHdzFjakVObHRjb0pUZktIMGtyb2VLdHBSWjlLUkNrcWRXUGV6UUx4ZEo4czNKclUrOVg1RVU3R29vYjNWT3cvMk9YSGx0NzNHRmIzU1F6MWxSZVkiLCJtYWMiOiIwYzBhZWVmNjNkMjIxYjUwMmJkZjI1Y2RiYzE1MjA4ZjcxYWI3NDllODQ5YzQ0ZmI1ZmIwZDYwMjFmMjczM2YzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjVUT1hvc3FqZERwQ0VxUGFYWFU1RUE9PSIsInZhbHVlIjoiaDhXNmJOc2JuY3ZXcWVPeTZ2d1NSN0ppM3IyMzJkTngyNFcwZHZpcWRkYUZ3V3VNY0hnSlVXVTVZZUZKY1E3bktLK2pJWVIvZURKWmhWQUd3dEo5dis4dWpWUTBnSHVLNzAwM3E5Um8rQ2ZDVzJYaThPV1I1YVRKeFk2eU1BNHoiLCJtYWMiOiIwNzc1MWI1MGMzYTljMDgyOGM2ZDUxZjViOTA0NGUzNjRiODRhYWRjMWVhZjc1MzIzODIwODVlZmM0ZWQxOTBlIiwidGFnIjoiIn0%3DSec-WebSocket-Key: rN7PqZcNuG7OrWFFk4JdYg==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
    Source: global trafficHTTP traffic detected: GET /web6/info HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IkpRRFRCTkxnb0JoQXhDVi9sbkk0YlE9PSIsInZhbHVlIjoiclVZR1k4WEFCVTEzajZEcU91aGFmdUJZTGpQNlh6SVhLZXlsc2F2TXlRdGU2aGF4V1NpWExTWUJJendxVkdnNDY3Nnk1TjZsU0xPNmZjMnlpcTVSdXpEUStGTTBJOEwyL3dqYTc3WmR5czZKbnlwdFJpSWcydy92MkxoVGhMMG0iLCJtYWMiOiJjNzNmNDNhMjIyNDgzYjhmMmM4YzU5NDU4MzQ1MDAyNzA5ZDdkYmQ1NTYzZGMyYzg4YjM4ZWJjYmFmYzAzY2U2IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ild5UkprQ1hZazgzeUVFYS9zYkpHREE9PSIsInZhbHVlIjoia1R6RzRTQ0pyZy9TZWVwaVFEa1BIQ1RWaDhlQWU2TlZyc2kvRkxjQm9QVnJjOVN6bGZKaGVFQVUyMGVmU2tKbXFGS2k2UVl2dlp4aFZGOC8wVkp2ZmpFK2VNd0d6MUlTTG1zY3djSHlNUk5xSmt1emhrQ2xSQUhpSTFHZFluVWEiLCJtYWMiOiI2YWFjNmY0NjA4YzA3MzM3ZjVlOTljY2YxOGExOTYxYmZjMDE0ZDgxYjYyNTUxY2IzODNiNWMzZjhlMmRjNDg0IiwidGFnIjoiIn0%3D
    Source: global trafficHTTP traffic detected: GET /web6/assets/officelogo.png HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://82nxtirnj1.q1uad.com/web6/assets/pages/nsix.css?cb=1707765487934Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InJOc3gzclpvMkNuUkk1R3d6UjU4N1E9PSIsInZhbHVlIjoiYUgxUitHRDVWRHRrTlVYUUl1cmxUcHRLaVpEbkNRc2xUNFltdnNOQVJTc290UDNEeFNTTmN5dEg1ZVFHSE55Rnlvc1pyaUtUeHdqSmE4OG1ReWFzckhNa3gvcnZ6aUgyVmVWaUdmN254UHhyU0doNUF5Z1Y5NU5iSHJHN3oycWUiLCJtYWMiOiJhNDM4YjlmMmJiZDIzMmY2ZmE2MzhmMDIyMjYzZmNiOWM5MjNhMTUzZWMwMTk1MGJiNjNmYTgxZGU5NDBmOGFjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNLL1doUG4vRmluTzU0Um1GZlUvN0E9PSIsInZhbHVlIjoidk94cFZoZlZ5Ty9JdlF2WnE4bkl2SnpiZnFrSFQzNkZkakJyK1FCZG5mM1Brem5QVVh4RjRUbmpjemMzT1hSRytQWjFSQUlSMTlVcDUvbmorWEFxQjAzTmFmbnBqWktRaXlrZWFpa2VzYmN0dnVIdTRrU0pPRGsrZnZCWE83WlMiLCJtYWMiOiI3Y2IyMDRiNDM3MWM3ODIyMjU5M2E2MWZlYWQwNTdjNjE1Y2E2NDdkNzBmZTgzMmNkNDA4NmM2NmE3OTczZjg0IiwidGFnIjoiIn0%3D
    Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/maan4/0x4AAAAAAARTVxgciW021I2z/auto/normal HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://82nxtirnj1.q1uad.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /web6/assets/js/pages.min.js?cb=36 HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://82nxtirnj1.q1uad.com/CRA1rix15f/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InJOc3gzclpvMkNuUkk1R3d6UjU4N1E9PSIsInZhbHVlIjoiYUgxUitHRDVWRHRrTlVYUUl1cmxUcHRLaVpEbkNRc2xUNFltdnNOQVJTc290UDNEeFNTTmN5dEg1ZVFHSE55Rnlvc1pyaUtUeHdqSmE4OG1ReWFzckhNa3gvcnZ6aUgyVmVWaUdmN254UHhyU0doNUF5Z1Y5NU5iSHJHN3oycWUiLCJtYWMiOiJhNDM4YjlmMmJiZDIzMmY2ZmE2MzhmMDIyMjYzZmNiOWM5MjNhMTUzZWMwMTk1MGJiNjNmYTgxZGU5NDBmOGFjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNLL1doUG4vRmluTzU0Um1GZlUvN0E9PSIsInZhbHVlIjoidk94cFZoZlZ5Ty9JdlF2WnE4bkl2SnpiZnFrSFQzNkZkakJyK1FCZG5mM1Brem5QVVh4RjRUbmpjemMzT1hSRytQWjFSQUlSMTlVcDUvbmorWEFxQjAzTmFmbnBqWktRaXlrZWFpa2VzYmN0dnVIdTRrU0pPRGsrZnZCWE83WlMiLCJtYWMiOiI3Y2IyMDRiNDM3MWM3ODIyMjU5M2E2MWZlYWQwNTdjNjE1Y2E2NDdkNzBmZTgzMmNkNDA4NmM2NmE3OTczZjg0IiwidGFnIjoiIn0%3D
    Source: global trafficHTTP traffic detected: GET /web6/assets/back.png HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://82nxtirnj1.q1uad.com/CRA1rix15f/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InJOc3gzclpvMkNuUkk1R3d6UjU4N1E9PSIsInZhbHVlIjoiYUgxUitHRDVWRHRrTlVYUUl1cmxUcHRLaVpEbkNRc2xUNFltdnNOQVJTc290UDNEeFNTTmN5dEg1ZVFHSE55Rnlvc1pyaUtUeHdqSmE4OG1ReWFzckhNa3gvcnZ6aUgyVmVWaUdmN254UHhyU0doNUF5Z1Y5NU5iSHJHN3oycWUiLCJtYWMiOiJhNDM4YjlmMmJiZDIzMmY2ZmE2MzhmMDIyMjYzZmNiOWM5MjNhMTUzZWMwMTk1MGJiNjNmYTgxZGU5NDBmOGFjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNLL1doUG4vRmluTzU0Um1GZlUvN0E9PSIsInZhbHVlIjoidk94cFZoZlZ5Ty9JdlF2WnE4bkl2SnpiZnFrSFQzNkZkakJyK1FCZG5mM1Brem5QVVh4RjRUbmpjemMzT1hSRytQWjFSQUlSMTlVcDUvbmorWEFxQjAzTmFmbnBqWktRaXlrZWFpa2VzYmN0dnVIdTRrU0pPRGsrZnZCWE83WlMiLCJtYWMiOiI3Y2IyMDRiNDM3MWM3ODIyMjU5M2E2MWZlYWQwNTdjNjE1Y2E2NDdkNzBmZTgzMmNkNDA4NmM2NmE3OTczZjg0IiwidGFnIjoiIn0%3D
    Source: global trafficHTTP traffic detected: GET /web6/assets/key.png HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://82nxtirnj1.q1uad.com/CRA1rix15f/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InJOc3gzclpvMkNuUkk1R3d6UjU4N1E9PSIsInZhbHVlIjoiYUgxUitHRDVWRHRrTlVYUUl1cmxUcHRLaVpEbkNRc2xUNFltdnNOQVJTc290UDNEeFNTTmN5dEg1ZVFHSE55Rnlvc1pyaUtUeHdqSmE4OG1ReWFzckhNa3gvcnZ6aUgyVmVWaUdmN254UHhyU0doNUF5Z1Y5NU5iSHJHN3oycWUiLCJtYWMiOiJhNDM4YjlmMmJiZDIzMmY2ZmE2MzhmMDIyMjYzZmNiOWM5MjNhMTUzZWMwMTk1MGJiNjNmYTgxZGU5NDBmOGFjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNLL1doUG4vRmluTzU0Um1GZlUvN0E9PSIsInZhbHVlIjoidk94cFZoZlZ5Ty9JdlF2WnE4bkl2SnpiZnFrSFQzNkZkakJyK1FCZG5mM1Brem5QVVh4RjRUbmpjemMzT1hSRytQWjFSQUlSMTlVcDUvbmorWEFxQjAzTmFmbnBqWktRaXlrZWFpa2VzYmN0dnVIdTRrU0pPRGsrZnZCWE83WlMiLCJtYWMiOiI3Y2IyMDRiNDM3MWM3ODIyMjU5M2E2MWZlYWQwNTdjNjE1Y2E2NDdkNzBmZTgzMmNkNDA4NmM2NmE3OTczZjg0IiwidGFnIjoiIn0%3D
    Source: global trafficHTTP traffic detected: GET /web6/assets/godaddy-logo.png HTTP/1.1Host: 82nxtirnj1.q1uad.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://82nxtirnj1.q1uad.com/CRA1rix15f/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6InJOc3gzclpvMkNuUkk1R3d6UjU4N1E9PSIsInZhbHVlIjoiYUgxUitHRDVWRHRrTlVYUUl1cmxUcHRLaVpEbkNRc2xUNFltdnNOQVJTc290UDNEeFNTTmN5dEg1ZVFHSE55Rnlvc1pyaUtUeHdqSmE4OG1ReWFzckhNa3gvcnZ6aUgyVmVWaUdmN254UHhyU0doNUF5Z1Y5NU5iSHJHN3oycWUiLCJtYWMiOiJhNDM4YjlmMmJiZDIzMmY2ZmE2MzhmMDIyMjYzZmNiOWM5MjNhMTUzZWMwMTk1MGJiNjNmYTgxZGU5NDBmOGFjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNLL1doUG4vRmluTzU0Um1GZlUvN0E9PSIsInZhbHVlIjoidk94cFZoZlZ5Ty9JdlF2WnE4bkl2SnpiZnFrSFQzNkZkakJyK1FCZG5mM1Brem5QVVh4RjRUbmpjemMzT1hSRytQWjFSQUlSMTlVcDUvbmorWEFxQjAzTmFmbnBqWktRaXlrZWFpa2VzYmN0dnVIdTRrU0pPRGsrZnZCWE83WlMiLCJtYWMiOiI3Y2IyMDRiNDM3MWM3ODIyMjU5M2E2MWZlYWQwNTdjNjE1Y2E2NDdkNzBmZTgzMmNkNDA4NmM2NmE3OTczZjg0IiwidGFnIjoiIn0%3D
    Source: global traffic