Windows Analysis Report
https://home3220ic223s2nl2.ru/ics/sca-app/543244home

Overview

General Information

Sample URL:	https://home3220ic223s2nl2.ru/ics/sca-app/543244home
Analysis ID:	1428703
Infos:

Detection

Score:	0
Range:	0 - 100
Whitelisted:	false
Confidence:	80%

Signatures

HTML page contains hidden URLs or javascript code

Classification

Signatures

HTML page contains hidden URLs or javascript code

Source: https://home3220ic223s2nl2.ru/ics/sca-app/543244home

HTTP Parser: Base64 decoded: https://home3220ic223s2nl2.ru/ics/sca-app/543244home

Source: https://home3220ic223s2nl2.ru/ics/sca-app/543244home	HTTP Parser: No favicon
Source: https://home3220ic223s2nl2.ru/ics/sca-app/543244home	HTTP Parser: No favicon
Source: https://home3220ic223s2nl2.ru/ics/sca-app/543244home	HTTP Parser: No favicon
Source: https://home3220ic223s2nl2.ru/ics/sca-app/543244home	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/me3r1/0x4AAAAAAAAjq6WYeRDKmebM/light/normal	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/me3r1/0x4AAAAAAAAjq6WYeRDKmebM/light/normal	HTTP Parser: No favicon

Source: unknown	HTTPS traffic detected: 23.63.206.91:443 -> 192.168.2.4:49747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.63.206.91:443 -> 192.168.2.4:49750 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown	TCP traffic detected without corresponding DNS query: 72.21.81.240
Source: unknown	TCP traffic detected without corresponding DNS query: 72.21.81.240
Source: unknown	TCP traffic detected without corresponding DNS query: 72.21.81.240
Source: unknown	TCP traffic detected without corresponding DNS query: 72.21.81.240
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /ics/sca-app/543244home HTTP/1.1Host: home3220ic223s2nl2.ruConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=876c32d189ae452d HTTP/1.1Host: home3220ic223s2nl2.ruConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://home3220ic223s2nl2.ru/ics/sca-app/543244home?__cf_chl_rt_tk=P.ImZbUGgXMFZmnkuQDZPIrAjz.fjG7zyrQwGeBDq44-1713522409-0.0.1.1-1343Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/b/471dc2adc340/api.js?onload=ZbqNq8&render=explicit HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://home3220ic223s2nl2.rusec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: home3220ic223s2nl2.ruConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://home3220ic223s2nl2.ru/ics/sca-app/543244homeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cf_chl_3=77c3317d51ce14f
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/me3r1/0x4AAAAAAAAjq6WYeRDKmebM/light/normal HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1945702657:1713521451:RfkLaru5WB7ta2P5GkIT64p7qaajRJyk9ujrJqKaf9U/876c32d189ae452d/77c3317d51ce14f HTTP/1.1Host: home3220ic223s2nl2.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cf_chl_3=77c3317d51ce14f
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=876c32df6a60454c HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/me3r1/0x4AAAAAAAAjq6WYeRDKmebM/light/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/me3r1/0x4AAAAAAAAjq6WYeRDKmebM/light/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: home3220ic223s2nl2.ruConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://home3220ic223s2nl2.ru/ics/sca-app/543244homeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cf_chl_3=77c3317d51ce14f
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1048412876:1713517865:5A-igGQFXD1SrltM7O1jtWbr1_u_T7PqClYcAK3f-hU/876c32df6a60454c/a49189cb02a45de HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/pat/876c32df6a60454c/1713522413743/ba7e0fe63d7e9407d294d9320102dbd0a906831738f039648707f47201b01fed/7NjglmmGtnwmFp5 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/me3r1/0x4AAAAAAAAjq6WYeRDKmebM/light/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/876c32df6a60454c/1713522413744/ALAYJdTX7uT_qLy HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/me3r1/0x4AAAAAAAAjq6WYeRDKmebM/light/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/876c32df6a60454c/1713522413744/ALAYJdTX7uT_qLy HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1048412876:1713517865:5A-igGQFXD1SrltM7O1jtWbr1_u_T7PqClYcAK3f-hU/876c32df6a60454c/a49189cb02a45de HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1048412876:1713517865:5A-igGQFXD1SrltM7O1jtWbr1_u_T7PqClYcAK3f-hU/876c32df6a60454c/a49189cb02a45de HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1945702657:1713521451:RfkLaru5WB7ta2P5GkIT64p7qaajRJyk9ujrJqKaf9U/876c32d189ae452d/77c3317d51ce14f HTTP/1.1Host: home3220ic223s2nl2.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cf_chl_3=77c3317d51ce14f
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: home3220ic223s2nl2.ruConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://home3220ic223s2nl2.ru/ics/sca-app/543244home?__cf_chl_tk=P.ImZbUGgXMFZmnkuQDZPIrAjz.fjG7zyrQwGeBDq44-1713522409-0.0.1.1-1343Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cf_chl_3=77c3317d51ce14f
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1Host: home3220ic223s2nl2.ruConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cf_chl_3=77c3317d51ce14f; cf_clearance=_.QeSIOyfr.efKWvaBtUVfJhCAXqrpmqT9hP72moKuY-1713522409-1.0.1.1-ww5iPDbGzQ7rQDmDGGR8rsYZEpMORRw2t7rFYdWn3VZ1iuptoqyEJSHToq4Y8Ns_VRy7AYUOGKzEpLA.ZDh6ag; -mmuEXLC8zvM5lNj42zNiwppaOI=LRwytl7I0AYc8IFTGfJg_Xv-U6U; y9FKhln6lHyDAY9S9slU1IjX8AI=1713522427; lxT7siI_enPlGu3lQNPJe40c9oY=1713608827; EV8S1ic7LIv62LwWawziLsw4gRc=zn0p-Ojoh-hqFL3nz9AGS-F30WQ; _AjWrkfId3ezFO-74CRUO2uzZk4=kKTpxQn76QIUeZPoDqcp4h_DB2E
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js HTTP/1.1Host: home3220ic223s2nl2.ruConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cf_chl_3=77c3317d51ce14f; cf_clearance=_.QeSIOyfr.efKWvaBtUVfJhCAXqrpmqT9hP72moKuY-1713522409-1.0.1.1-ww5iPDbGzQ7rQDmDGGR8rsYZEpMORRw2t7rFYdWn3VZ1iuptoqyEJSHToq4Y8Ns_VRy7AYUOGKzEpLA.ZDh6ag; -mmuEXLC8zvM5lNj42zNiwppaOI=LRwytl7I0AYc8IFTGfJg_Xv-U6U; y9FKhln6lHyDAY9S9slU1IjX8AI=1713522427; lxT7siI_enPlGu3lQNPJe40c9oY=1713608827; EV8S1ic7LIv62LwWawziLsw4gRc=zn0p-Ojoh-hqFL3nz9AGS-F30WQ; _AjWrkfId3ezFO-74CRUO2uzZk4=kKTpxQn76QIUeZPoDqcp4h_DB2E
Source: global traffic	HTTP traffic detected: GET /ics/sca-app/543244home HTTP/1.1Host: home3220ic223s2nl2.ruConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-arch: "x86"sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-model: ""sec-ch-ua-bitness: "64"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://home3220ic223s2nl2.ru/ics/sca-app/543244homeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cf_chl_3=77c3317d51ce14f; cf_clearance=_.QeSIOyfr.efKWvaBtUVfJhCAXqrpmqT9hP72moKuY-1713522409-1.0.1.1-ww5iPDbGzQ7rQDmDGGR8rsYZEpMORRw2t7rFYdWn3VZ1iuptoqyEJSHToq4Y8Ns_VRy7AYUOGKzEpLA.ZDh6ag; -mmuEXLC8zvM5lNj42zNiwppaOI=LRwytl7I0AYc8IFTGfJg_Xv-U6U; y9FKhln6lHyDAY9S9slU1IjX8AI=1713522427; lxT7siI_enPlGu3lQNPJe40c9oY=1713608827; EV8S1ic7LIv62LwWawziLsw4gRc=zn0p-Ojoh-hqFL3nz9AGS-F30WQ; _AjWrkfId3ezFO-74CRUO2uzZk4=kKTpxQn76QIUeZPoDqcp4h_DB2E; ZpeNcbMHW61I2Mdrwvbri2aRgBc=1713522429; di9twD3G95XiK2IqVPRAk-5wYqA=1713608829; _JcmFChHBXWPCSHMbxtaNDLb_Nk=dJf5KVwWcqhHEfkHZFKnmoDFkio
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/jsd/r/876c3346ca856771 HTTP/1.1Host: home3220ic223s2nl2.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cf_chl_3=77c3317d51ce14f; -mmuEXLC8zvM5lNj42zNiwppaOI=LRwytl7I0AYc8IFTGfJg_Xv-U6U; y9FKhln6lHyDAY9S9slU1IjX8AI=1713522427; lxT7siI_enPlGu3lQNPJe40c9oY=1713608827; EV8S1ic7LIv62LwWawziLsw4gRc=zn0p-Ojoh-hqFL3nz9AGS-F30WQ; _AjWrkfId3ezFO-74CRUO2uzZk4=kKTpxQn76QIUeZPoDqcp4h_DB2E; ZpeNcbMHW61I2Mdrwvbri2aRgBc=1713522429; di9twD3G95XiK2IqVPRAk-5wYqA=1713608829; _JcmFChHBXWPCSHMbxtaNDLb_Nk=dJf5KVwWcqhHEfkHZFKnmoDFkio; cf_clearance=ESzRn3vJnGvZMtdgwqx4_fqfV5lTATPOrr2RS458X4M-1713522429-1.0.1.1-W2kIZTCetiL84fdj5ZiRd8IZEZYIvyoPqorfyB4.88A1G9CPEO0UmKxm6yGUXrK_bwb32_2RRt.S.ENaczQlPA
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: home3220ic223s2nl2.ruConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://home3220ic223s2nl2.ru/ics/sca-app/543244homeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cf_chl_3=77c3317d51ce14f; -mmuEXLC8zvM5lNj42zNiwppaOI=LRwytl7I0AYc8IFTGfJg_Xv-U6U; y9FKhln6lHyDAY9S9slU1IjX8AI=1713522427; lxT7siI_enPlGu3lQNPJe40c9oY=1713608827; EV8S1ic7LIv62LwWawziLsw4gRc=zn0p-Ojoh-hqFL3nz9AGS-F30WQ; _AjWrkfId3ezFO-74CRUO2uzZk4=kKTpxQn76QIUeZPoDqcp4h_DB2E; ZpeNcbMHW61I2Mdrwvbri2aRgBc=1713522429; di9twD3G95XiK2IqVPRAk-5wYqA=1713608829; _JcmFChHBXWPCSHMbxtaNDLb_Nk=dJf5KVwWcqhHEfkHZFKnmoDFkio; cf_clearance=ESzRn3vJnGvZMtdgwqx4_fqfV5lTATPOrr2RS458X4M-1713522429-1.0.1.1-W2kIZTCetiL84fdj5ZiRd8IZEZYIvyoPqorfyB4.88A1G9CPEO0UmKxm6yGUXrK_bwb32_2RRt.S.ENaczQlPA
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/jsd/r/876c3350decdb0bb HTTP/1.1Host: home3220ic223s2nl2.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cf_chl_3=77c3317d51ce14f; -mmuEXLC8zvM5lNj42zNiwppaOI=LRwytl7I0AYc8IFTGfJg_Xv-U6U; y9FKhln6lHyDAY9S9slU1IjX8AI=1713522427; lxT7siI_enPlGu3lQNPJe40c9oY=1713608827; EV8S1ic7LIv62LwWawziLsw4gRc=zn0p-Ojoh-hqFL3nz9AGS-F30WQ; _AjWrkfId3ezFO-74CRUO2uzZk4=kKTpxQn76QIUeZPoDqcp4h_DB2E; ZpeNcbMHW61I2Mdrwvbri2aRgBc=1713522429; di9twD3G95XiK2IqVPRAk-5wYqA=1713608829; _JcmFChHBXWPCSHMbxtaNDLb_Nk=dJf5KVwWcqhHEfkHZFKnmoDFkio; cf_clearance=tpyULix5FoRe1dSmU7kZBNzqAby_dcO0LtqmgcQviYs-1713522430-1.0.1.1-xJNz5_8p2dlsYhwGXgOtQcanGtkmDqXAfoqepH7wI8hWoTAPMdOYJqQcp9OF3x9kSD.c.hxANroLQZbdJSzMRA

Source: unknown

DNS traffic detected: queries for: home3220ic223s2nl2.ru

Source: unknown

HTTP traffic detected: POST /report/v4?s=rfb2iB4t6uNfiJmFoQIv9O68%2BvfgVES%2BrthFPv5vchvO6O4mqF7qVrY8BAh0xdcgP0d%2BWg2OvVOOcUNuExRnyBGMU1o0ypJF%2FidAlRC3wGfKd8tAM91oFEjv%2BubzOtuSzPC8YJLYQBU%3D HTTP/1.1Host: a.nel.cloudflare.comConnection: keep-aliveContent-Length: 413Content-Type: application/reports+jsonUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Fri, 19 Apr 2024 10:26:49 GMTContent-Type: text/html; charset=UTF-8Content-Length: 16470Connection: closeAccept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UACross-Origin-Embedder-Policy: require-corpCross-Origin-Opener-Policy: same-originCross-Origin-Resource-Policy: same-originOrigin-Agent-Cluster: ?1Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()Referrer-Policy: same-originX-Frame-Options: SAMEORIGINcf-mitigated: challengecf-chl-out: LAa1VV3IPI15KqfANsIS72s3EvM0tIP4MUDr1NwcVqQl1ftvShZHpiaKlKmFpGzczjaTeDiJahxPqEOIu3M0kaiu1o07D/pnyHA3ZxdHMpMEzq8xh43zFvhYemdFuACVK1d9qvHg7oG9o3pSQ6B0RQ==$+MnKXZpJ3L7yECntdc8ovg==Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0Expires: Thu, 01 Jan 1970 00:00:01 GMT
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Fri, 19 Apr 2024 10:26:50 GMTContent-Type: text/html; charset=UTF-8Content-Length: 16523Connection: closeAccept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UACross-Origin-Embedder-Policy: require-corpCross-Origin-Opener-Policy: same-originCross-Origin-Resource-Policy: same-originOrigin-Agent-Cluster: ?1Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()Referrer-Policy: same-originX-Frame-Options: SAMEORIGINcf-mitigated: challengecf-chl-out: jIUC0bZVc1pJgzlE+FK2xLCuouMUxOxAyUL3fmG14Z2V/uhUQ0ce7LVGHsddYx5FEORUMauAKLzYoUnKd+m4z7mJJbhKlPtZruslq3+WjXDEGjNmzAst8aFhQ4CzZ/oHp6fnIVG0KbfincB9UF8QIg==$2idCcdCHo7ocilRpbztZ/A==Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0Expires: Thu, 01 Jan 1970 00:00:01 GMT
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Fri, 19 Apr 2024 10:26:54 GMTContent-Type: text/html; charset=UTF-8Content-Length: 16544Connection: closeAccept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UACross-Origin-Embedder-Policy: require-corpCross-Origin-Opener-Policy: same-originCross-Origin-Resource-Policy: same-originOrigin-Agent-Cluster: ?1Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()Referrer-Policy: same-originX-Frame-Options: SAMEORIGINcf-mitigated: challengecf-chl-out: sC4xmAFd8lhIPZj3z11cRUulMLbsfGTQogpvQFA66Sjz89v3ssBBkoa8eVIsE3MPacd7xiffOfHSyzDsJJi3ciO0oVTii02Dua0EkD9h2ErFEizPptAvwWa8lx+TewwX20sOWVv7Z6CiaAk8r9soUA==$rYNeY9qDBDA0OdGKpje5jg==Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0Expires: Thu, 01 Jan 1970 00:00:01 GMT
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Fri, 19 Apr 2024 10:27:08 GMTContent-Type: text/html; charset=UTF-8Content-Length: 16629Connection: closeAccept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UACross-Origin-Embedder-Policy: require-corpCross-Origin-Opener-Policy: same-originCross-Origin-Resource-Policy: same-originOrigin-Agent-Cluster: ?1Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()Referrer-Policy: same-originX-Frame-Options: SAMEORIGINcf-mitigated: challengecf-chl-out: 3vKsvcd+LqC1OabqMPqq8tQ3WUiAHGAEJKEWX6C2KwEfTCPVNdzFdT3UQoMxn0SJLYFq7Fs+6uwu4Sz/wBeD8Zm1rXGXR2bxWC5sfQIK0kBtmiwVZSVWRjKTgFGLb1pynynAofFVITgZhuMJVTP79g==$tcXqsmrB+Cl3H/54NkV9qg==Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0Expires: Thu, 01 Jan 1970 00:00:01 GMT
Source: global traffic	HTTP traffic detected: HTTP/1.1 503 Service UnavailableDate: Fri, 19 Apr 2024 10:27:08 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeSet-Cookie: cf_chl_3=; path=/; expires=Thu, Jan 01 1970 00:00:00 UTC; domain=.home3220ic223s2nl2.ru; SecureSet-Cookie: cf_clearance=_.QeSIOyfr.efKWvaBtUVfJhCAXqrpmqT9hP72moKuY-1713522409-1.0.1.1-ww5iPDbGzQ7rQDmDGGR8rsYZEpMORRw2t7rFYdWn3VZ1iuptoqyEJSHToq4Y8Ns_VRy7AYUOGKzEpLA.ZDh6ag; path=/; expires=Sat, 19-Apr-25 10:27:08 GMT; domain=.home3220ic223s2nl2.ru; HttpOnly; Secure; SameSite=NoneX-Content-Type-Options: nosniffX-Content-Type-Options: nosniffX-XSS-Protection: 1; mode=blockX-XSS-Protection: 1; mode=blockSet-Cookie: -mmuEXLC8zvM5lNj42zNiwppaOI=LRwytl7I0AYc8IFTGfJg_Xv-U6U; path=/; expires=Sat, 20-Apr-24 10:27:07 GMT; Max-Age=86400;Set-Cookie: y9FKhln6lHyDAY9S9slU1IjX8AI=1713522427; path=/; expires=Sat, 20-Apr-24 10:27:07 GMT; Max-Age=86400;Set-Cookie: lxT7siI_enPlGu3lQNPJe40c9oY=1713608827; path=/; expires=Sat, 20-Apr-24 10:27:07 GMT; Max-Age=86400;Set-Cookie: EV8S1ic7LIv62LwWawziLsw4gRc=zn0p-Ojoh-hqFL3nz9AGS-F30WQ; path=/; expires=Sat, 20-Apr-24 10:27:07 GMT; Max-Age=86400;X-Frame-Options: SAMEORIGINCache-Control: public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0Pragma: no-cacheExpires: 0CF-Cache-Status: DYNAMIC
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 19 Apr 2024 10:27:10 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: closeVary: Accept-EncodingX-Content-Type-Options: nosniffX-Content-Type-Options: nosniffX-XSS-Protection: 1; mode=blockX-XSS-Protection: 1; mode=blockCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FtLEhuw7lNlWNHbQvgM3nMk%2FMv0AFF3Yhw0jpIFGCkm6FmxnsVGFr3ePZD3F1WT%2BNMkzDa%2BWU9jPHeHwCqWLl1kQGL5qYLbE6h1xwWrj2xnbnu9cMwoZAgSLlI5zyG%2BCFSnVQ4Uv2jQ%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 876c3350decdb0bb-ATLalt-svc: h3=":443"; ma=86400
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 19 Apr 2024 10:27:10 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: closeVary: Accept-EncodingX-Content-Type-Options: nosniffX-Content-Type-Options: nosniffX-XSS-Protection: 1; mode=blockX-XSS-Protection: 1; mode=blockCache-Control: public, max-age=315360000, stale-while-revalidate=315360000, stale-if-error=315360000, immutablePragma: publicCF-Cache-Status: MISSReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MfihiE1siwAHTdxYtUtskAWAkdYUNdkXSQ1hkYUucx5brjiuiGyJdtTqsmXXh%2FRQXjLVXSotmCVQ3nEe38TBcA7uASlywtWOHJzSToiDZ2wTLuJeFTX5zQLgiBXprayAHRFsJAHtWEY%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 876c33577833b050-ATLalt-svc: h3=":443"; ma=86400

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789

Source: unknown	HTTPS traffic detected: 23.63.206.91:443 -> 192.168.2.4:49747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.63.206.91:443 -> 192.168.2.4:49750 version: TLS 1.2

Source: classification engine

Classification label: clean0.win@20/16@16/8

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2092 --field-trial-handle=2028,i,2498440743626686221,15363801811470681751,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://home3220ic223s2nl2.ru/ics/sca-app/543244home"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2092 --field-trial-handle=2028,i,2498440743626686221,15363801811470681751,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
104.21.20.27	home3220ic223s2nl2.ru	United States	13335	CLOUDFLARENETUS	false
172.253.124.147	www.google.com	United States	15169	GOOGLEUS	false
104.17.3.184	unknown	United States	13335	CLOUDFLARENETUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
35.190.80.1	a.nel.cloudflare.com	United States	15169	GOOGLEUS	false
104.17.2.184	challenges.cloudflare.com	United States	13335	CLOUDFLARENETUS	false

Private

IP
192.168.2.4
192.168.2.5

Contacted Domains

Name	IP	Active
a.nel.cloudflare.com	35.190.80.1	true
challenges.cloudflare.com	104.17.2.184	true
home3220ic223s2nl2.ru	104.21.20.27	true
www.google.com	172.253.124.147	true
fp2e7a.wpc.phicdn.net	192.229.211.108	true

Contacted URLs

Name	Malicious	Reputation
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/876c32df6a60454c/1713522413744/ALAYJdTX7uT_qLy	false	high
https://home3220ic223s2nl2.ru/cdn-cgi/challenge-platform/scripts/jsd/main.js	false	unknown
https://home3220ic223s2nl2.ru/cdn-cgi/challenge-platform/h/b/jsd/r/876c3350decdb0bb	false	unknown
https://a.nel.cloudflare.com/report/v4?s=rfb2iB4t6uNfiJmFoQIv9O68%2BvfgVES%2BrthFPv5vchvO6O4mqF7qVrY8BAh0xdcgP0d%2BWg2OvVOOcUNuExRnyBGMU1o0ypJF%2FidAlRC3wGfKd8tAM91oFEjv%2BubzOtuSzPC8YJLYQBU%3D	false	high
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/me3r1/0x4AAAAAAAAjq6WYeRDKmebM/light/normal	false	high
https://home3220ic223s2nl2.ru/ics/sca-app/543244home	false	unknown
https://home3220ic223s2nl2.ru/cdn-cgi/challenge-platform/h/b/jsd/r/876c3346ca856771	false	unknown
https://home3220ic223s2nl2.ru/favicon.ico	false	unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1048412876:1713517865:5A-igGQFXD1SrltM7O1jtWbr1_u_T7PqClYcAK3f-hU/876c32df6a60454c/a49189cb02a45de	false	high
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D	false	high
https://home3220ic223s2nl2.ru/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=876c32d189ae452d	false	unknown
https://a.nel.cloudflare.com/report/v4?s=rFVlzpTMp%2FIDy5iBUs8lWKmQJJoyhgwvJnDqliuOjJgdmY931iwzYEtBzd3aGR7yHZYHml9QhTkk6CbkRmpE63GEnjxhK2uRfNCwwC6bJDpvXiY5EBNDjHxB8uYaqUCWnEOT0h1O%2BG0%3D	false	high
about:blank	false	low
https://home3220ic223s2nl2.ru/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js	false	unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/876c32df6a60454c/1713522413743/ba7e0fe63d7e9407d294d9320102dbd0a906831738f039648707f47201b01fed/7NjglmmGtnwmFp5	false	high
https://home3220ic223s2nl2.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/1945702657:1713521451:RfkLaru5WB7ta2P5GkIT64p7qaajRJyk9ujrJqKaf9U/876c32d189ae452d/77c3317d51ce14f	false	unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=876c32df6a60454c	false	high

Name	Type	MD5	SHA1	SHA256
Chrome Cache Entry: 49	PNG image data, 42 x 81, 8-bit/color RGB, non-interlaced	0B8BE2B782455D2EC539FF65FA1E6E7F	E8D20597AB59EC7097E5A816A064D77622332496	D0F4C86D4187454DFB6713E718064D4413A87EE28FE90F8FD4B3E5FB9B6B391F
Chrome Cache Entry: 50	HTML document, ASCII text, with very long lines (1375), with no line terminators	859FDF473BDB61F4C1AF3B8FC27E6714	2ECF860EF0E2D5AEE6B5AF1113F2914BC43D2962	66BAFFC5E8760714D26F87C99DC83BD8F2000F8E7B1EA0F22CE36DCC18E1A6E7
Chrome Cache Entry: 51	PNG image data, 42 x 81, 8-bit/color RGB, non-interlaced	0B8BE2B782455D2EC539FF65FA1E6E7F	E8D20597AB59EC7097E5A816A064D77622332496	D0F4C86D4187454DFB6713E718064D4413A87EE28FE90F8FD4B3E5FB9B6B391F
Chrome Cache Entry: 52	PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced	9246CCA8FC3C00F50035F28E9F6B7F7D	3AA538440F70873B574F40CD793060F53EC17A5D	C07D7D29E3C20FA6CA4C5D20663688D52BAD13E129AD82CE06B80EB187D9DC84
Chrome Cache Entry: 53	HTML document, ASCII text, with no line terminators	6147CA10712E483B5EE714D29C21E439	7BFFD4014EFE0ACE62D03599877153159E2A01B6	E5128B5E331CAD19DF2F67041FFC85BF716D6E6106DEA098C37524593FB268E9
Chrome Cache Entry: 54	ASCII text, with very long lines (42414)	F94A2211CE789A95A7C67E8C660D63E8	F1FC19B6BCB96D0A905BF3192AAFF0885FF9F36F	926DC3302F99EC05E4206E965DDEB7250F5910A8C38E82C7BEAFB724BBAAF37B
Chrome Cache Entry: 55	PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced	9246CCA8FC3C00F50035F28E9F6B7F7D	3AA538440F70873B574F40CD793060F53EC17A5D	C07D7D29E3C20FA6CA4C5D20663688D52BAD13E129AD82CE06B80EB187D9DC84
Chrome Cache Entry: 56	HTML document, ASCII text, with very long lines (17597)	ED947D8A79530A520721A518A76FCC43	9FF6A22682B1EEDCE2CEBAE8CCB159AF735D42DC	1C6D31505DDAAA7F01A6307A0604FC02D1FB5B9398B5FA2548FB75CE5EE6DA54
Chrome Cache Entry: 57	ASCII text, with very long lines (7845), with no line terminators	A79791E47A5C3BD79F8CC76778F7AE05	17E53499E7837D3BD428B037EA0E8E873B6C64DE	0B31B38D95D4DBE29830EDCBA84539383E4A239DD35263B82582BEB6C5255F2A

HTML page contains hidden URLs or javascript code

Source: https://home3220ic223s2nl2.ru/ics/sca-app/543244home

HTTP Parser: Base64 decoded: https://home3220ic223s2nl2.ru/ics/sca-app/543244home

Source: https://home3220ic223s2nl2.ru/ics/sca-app/543244home	HTTP Parser: No favicon
Source: https://home3220ic223s2nl2.ru/ics/sca-app/543244home	HTTP Parser: No favicon
Source: https://home3220ic223s2nl2.ru/ics/sca-app/543244home	HTTP Parser: No favicon
Source: https://home3220ic223s2nl2.ru/ics/sca-app/543244home	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/me3r1/0x4AAAAAAAAjq6WYeRDKmebM/light/normal	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/me3r1/0x4AAAAAAAAjq6WYeRDKmebM/light/normal	HTTP Parser: No favicon

Source: unknown	HTTPS traffic detected: 23.63.206.91:443 -> 192.168.2.4:49747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.63.206.91:443 -> 192.168.2.4:49750 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.63.206.91
Source: unknown	TCP traffic detected without corresponding DNS query: 72.21.81.240
Source: unknown	TCP traffic detected without corresponding DNS query: 72.21.81.240
Source: unknown	TCP traffic detected without corresponding DNS query: 72.21.81.240
Source: unknown	TCP traffic detected without corresponding DNS query: 72.21.81.240
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /ics/sca-app/543244home HTTP/1.1Host: home3220ic223s2nl2.ruConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=876c32d189ae452d HTTP/1.1Host: home3220ic223s2nl2.ruConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://home3220ic223s2nl2.ru/ics/sca-app/543244home?__cf_chl_rt_tk=P.ImZbUGgXMFZmnkuQDZPIrAjz.fjG7zyrQwGeBDq44-1713522409-0.0.1.1-1343Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/b/471dc2adc340/api.js?onload=ZbqNq8&render=explicit HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://home3220ic223s2nl2.rusec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: home3220ic223s2nl2.ruConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://home3220ic223s2nl2.ru/ics/sca-app/543244homeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cf_chl_3=77c3317d51ce14f
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/me3r1/0x4AAAAAAAAjq6WYeRDKmebM/light/normal HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1945702657:1713521451:RfkLaru5WB7ta2P5GkIT64p7qaajRJyk9ujrJqKaf9U/876c32d189ae452d/77c3317d51ce14f HTTP/1.1Host: home3220ic223s2nl2.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cf_chl_3=77c3317d51ce14f
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=876c32df6a60454c HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/me3r1/0x4AAAAAAAAjq6WYeRDKmebM/light/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/me3r1/0x4AAAAAAAAjq6WYeRDKmebM/light/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: home3220ic223s2nl2.ruConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://home3220ic223s2nl2.ru/ics/sca-app/543244homeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cf_chl_3=77c3317d51ce14f
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1048412876:1713517865:5A-igGQFXD1SrltM7O1jtWbr1_u_T7PqClYcAK3f-hU/876c32df6a60454c/a49189cb02a45de HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/pat/876c32df6a60454c/1713522413743/ba7e0fe63d7e9407d294d9320102dbd0a906831738f039648707f47201b01fed/7NjglmmGtnwmFp5 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/me3r1/0x4AAAAAAAAjq6WYeRDKmebM/light/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/876c32df6a60454c/1713522413744/ALAYJdTX7uT_qLy HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/me3r1/0x4AAAAAAAAjq6WYeRDKmebM/light/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/876c32df6a60454c/1713522413744/ALAYJdTX7uT_qLy HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1048412876:1713517865:5A-igGQFXD1SrltM7O1jtWbr1_u_T7PqClYcAK3f-hU/876c32df6a60454c/a49189cb02a45de HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1048412876:1713517865:5A-igGQFXD1SrltM7O1jtWbr1_u_T7PqClYcAK3f-hU/876c32df6a60454c/a49189cb02a45de HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1945702657:1713521451:RfkLaru5WB7ta2P5GkIT64p7qaajRJyk9ujrJqKaf9U/876c32d189ae452d/77c3317d51ce14f HTTP/1.1Host: home3220ic223s2nl2.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cf_chl_3=77c3317d51ce14f
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: home3220ic223s2nl2.ruConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://home3220ic223s2nl2.ru/ics/sca-app/543244home?__cf_chl_tk=P.ImZbUGgXMFZmnkuQDZPIrAjz.fjG7zyrQwGeBDq44-1713522409-0.0.1.1-1343Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cf_chl_3=77c3317d51ce14f
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1Host: home3220ic223s2nl2.ruConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cf_chl_3=77c3317d51ce14f; cf_clearance=_.QeSIOyfr.efKWvaBtUVfJhCAXqrpmqT9hP72moKuY-1713522409-1.0.1.1-ww5iPDbGzQ7rQDmDGGR8rsYZEpMORRw2t7rFYdWn3VZ1iuptoqyEJSHToq4Y8Ns_VRy7AYUOGKzEpLA.ZDh6ag; -mmuEXLC8zvM5lNj42zNiwppaOI=LRwytl7I0AYc8IFTGfJg_Xv-U6U; y9FKhln6lHyDAY9S9slU1IjX8AI=1713522427; lxT7siI_enPlGu3lQNPJe40c9oY=1713608827; EV8S1ic7LIv62LwWawziLsw4gRc=zn0p-Ojoh-hqFL3nz9AGS-F30WQ; _AjWrkfId3ezFO-74CRUO2uzZk4=kKTpxQn76QIUeZPoDqcp4h_DB2E
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js HTTP/1.1Host: home3220ic223s2nl2.ruConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cf_chl_3=77c3317d51ce14f; cf_clearance=_.QeSIOyfr.efKWvaBtUVfJhCAXqrpmqT9hP72moKuY-1713522409-1.0.1.1-ww5iPDbGzQ7rQDmDGGR8rsYZEpMORRw2t7rFYdWn3VZ1iuptoqyEJSHToq4Y8Ns_VRy7AYUOGKzEpLA.ZDh6ag; -mmuEXLC8zvM5lNj42zNiwppaOI=LRwytl7I0AYc8IFTGfJg_Xv-U6U; y9FKhln6lHyDAY9S9slU1IjX8AI=1713522427; lxT7siI_enPlGu3lQNPJe40c9oY=1713608827; EV8S1ic7LIv62LwWawziLsw4gRc=zn0p-Ojoh-hqFL3nz9AGS-F30WQ; _AjWrkfId3ezFO-74CRUO2uzZk4=kKTpxQn76QIUeZPoDqcp4h_DB2E
Source: global traffic	HTTP traffic detected: GET /ics/sca-app/543244home HTTP/1.1Host: home3220ic223s2nl2.ruConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-arch: "x86"sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-model: ""sec-ch-ua-bitness: "64"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://home3220ic223s2nl2.ru/ics/sca-app/543244homeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cf_chl_3=77c3317d51ce14f; cf_clearance=_.QeSIOyfr.efKWvaBtUVfJhCAXqrpmqT9hP72moKuY-1713522409-1.0.1.1-ww5iPDbGzQ7rQDmDGGR8rsYZEpMORRw2t7rFYdWn3VZ1iuptoqyEJSHToq4Y8Ns_VRy7AYUOGKzEpLA.ZDh6ag; -mmuEXLC8zvM5lNj42zNiwppaOI=LRwytl7I0AYc8IFTGfJg_Xv-U6U; y9FKhln6lHyDAY9S9slU1IjX8AI=1713522427; lxT7siI_enPlGu3lQNPJe40c9oY=1713608827; EV8S1ic7LIv62LwWawziLsw4gRc=zn0p-Ojoh-hqFL3nz9AGS-F30WQ; _AjWrkfId3ezFO-74CRUO2uzZk4=kKTpxQn76QIUeZPoDqcp4h_DB2E; ZpeNcbMHW61I2Mdrwvbri2aRgBc=1713522429; di9twD3G95XiK2IqVPRAk-5wYqA=1713608829; _JcmFChHBXWPCSHMbxtaNDLb_Nk=dJf5KVwWcqhHEfkHZFKnmoDFkio
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/jsd/r/876c3346ca856771 HTTP/1.1Host: home3220ic223s2nl2.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cf_chl_3=77c3317d51ce14f; -mmuEXLC8zvM5lNj42zNiwppaOI=LRwytl7I0AYc8IFTGfJg_Xv-U6U; y9FKhln6lHyDAY9S9slU1IjX8AI=1713522427; lxT7siI_enPlGu3lQNPJe40c9oY=1713608827; EV8S1ic7LIv62LwWawziLsw4gRc=zn0p-Ojoh-hqFL3nz9AGS-F30WQ; _AjWrkfId3ezFO-74CRUO2uzZk4=kKTpxQn76QIUeZPoDqcp4h_DB2E; ZpeNcbMHW61I2Mdrwvbri2aRgBc=1713522429; di9twD3G95XiK2IqVPRAk-5wYqA=1713608829; _JcmFChHBXWPCSHMbxtaNDLb_Nk=dJf5KVwWcqhHEfkHZFKnmoDFkio; cf_clearance=ESzRn3vJnGvZMtdgwqx4_fqfV5lTATPOrr2RS458X4M-1713522429-1.0.1.1-W2kIZTCetiL84fdj5ZiRd8IZEZYIvyoPqorfyB4.88A1G9CPEO0UmKxm6yGUXrK_bwb32_2RRt.S.ENaczQlPA
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: home3220ic223s2nl2.ruConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://home3220ic223s2nl2.ru/ics/sca-app/543244homeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cf_chl_3=77c3317d51ce14f; -mmuEXLC8zvM5lNj42zNiwppaOI=LRwytl7I0AYc8IFTGfJg_Xv-U6U; y9FKhln6lHyDAY9S9slU1IjX8AI=1713522427; lxT7siI_enPlGu3lQNPJe40c9oY=1713608827; EV8S1ic7LIv62LwWawziLsw4gRc=zn0p-Ojoh-hqFL3nz9AGS-F30WQ; _AjWrkfId3ezFO-74CRUO2uzZk4=kKTpxQn76QIUeZPoDqcp4h_DB2E; ZpeNcbMHW61I2Mdrwvbri2aRgBc=1713522429; di9twD3G95XiK2IqVPRAk-5wYqA=1713608829; _JcmFChHBXWPCSHMbxtaNDLb_Nk=dJf5KVwWcqhHEfkHZFKnmoDFkio; cf_clearance=ESzRn3vJnGvZMtdgwqx4_fqfV5lTATPOrr2RS458X4M-1713522429-1.0.1.1-W2kIZTCetiL84fdj5ZiRd8IZEZYIvyoPqorfyB4.88A1G9CPEO0UmKxm6yGUXrK_bwb32_2RRt.S.ENaczQlPA
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/jsd/r/876c3350decdb0bb HTTP/1.1Host: home3220ic223s2nl2.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cf_chl_3=77c3317d51ce14f; -mmuEXLC8zvM5lNj42zNiwppaOI=LRwytl7I0AYc8IFTGfJg_Xv-U6U; y9FKhln6lHyDAY9S9slU1IjX8AI=1713522427; lxT7siI_enPlGu3lQNPJe40c9oY=1713608827; EV8S1ic7LIv62LwWawziLsw4gRc=zn0p-Ojoh-hqFL3nz9AGS-F30WQ; _AjWrkfId3ezFO-74CRUO2uzZk4=kKTpxQn76QIUeZPoDqcp4h_DB2E; ZpeNcbMHW61I2Mdrwvbri2aRgBc=1713522429; di9twD3G95XiK2IqVPRAk-5wYqA=1713608829; _JcmFChHBXWPCSHMbxtaNDLb_Nk=dJf5KVwWcqhHEfkHZFKnmoDFkio; cf_clearance=tpyULix5FoRe1dSmU7kZBNzqAby_dcO0LtqmgcQviYs-1713522430-1.0.1.1-xJNz5_8p2dlsYhwGXgOtQcanGtkmDqXAfoqepH7wI8hWoTAPMdOYJqQcp9OF3x9kSD.c.hxANroLQZbdJSzMRA

Source: unknown

DNS traffic detected: queries for: home3220ic223s2nl2.ru

Source: unknown

Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Fri, 19 Apr 2024 10:26:49 GMTContent-Type: text/html; charset=UTF-8Content-Length: 16470Connection: closeAccept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UACross-Origin-Embedder-Policy: require-corpCross-Origin-Opener-Policy: same-originCross-Origin-Resource-Policy: same-originOrigin-Agent-Cluster: ?1Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()Referrer-Policy: same-originX-Frame-Options: SAMEORIGINcf-mitigated: challengecf-chl-out: LAa1VV3IPI15KqfANsIS72s3EvM0tIP4MUDr1NwcVqQl1ftvShZHpiaKlKmFpGzczjaTeDiJahxPqEOIu3M0kaiu1o07D/pnyHA3ZxdHMpMEzq8xh43zFvhYemdFuACVK1d9qvHg7oG9o3pSQ6B0RQ==$+MnKXZpJ3L7yECntdc8ovg==Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0Expires: Thu, 01 Jan 1970 00:00:01 GMT
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Fri, 19 Apr 2024 10:26:50 GMTContent-Type: text/html; charset=UTF-8Content-Length: 16523Connection: closeAccept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UACross-Origin-Embedder-Policy: require-corpCross-Origin-Opener-Policy: same-originCross-Origin-Resource-Policy: same-originOrigin-Agent-Cluster: ?1Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()Referrer-Policy: same-originX-Frame-Options: SAMEORIGINcf-mitigated: challengecf-chl-out: jIUC0bZVc1pJgzlE+FK2xLCuouMUxOxAyUL3fmG14Z2V/uhUQ0ce7LVGHsddYx5FEORUMauAKLzYoUnKd+m4z7mJJbhKlPtZruslq3+WjXDEGjNmzAst8aFhQ4CzZ/oHp6fnIVG0KbfincB9UF8QIg==$2idCcdCHo7ocilRpbztZ/A==Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0Expires: Thu, 01 Jan 1970 00:00:01 GMT
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Fri, 19 Apr 2024 10:26:54 GMTContent-Type: text/html; charset=UTF-8Content-Length: 16544Connection: closeAccept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UACross-Origin-Embedder-Policy: require-corpCross-Origin-Opener-Policy: same-originCross-Origin-Resource-Policy: same-originOrigin-Agent-Cluster: ?1Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()Referrer-Policy: same-originX-Frame-Options: SAMEORIGINcf-mitigated: challengecf-chl-out: sC4xmAFd8lhIPZj3z11cRUulMLbsfGTQogpvQFA66Sjz89v3ssBBkoa8eVIsE3MPacd7xiffOfHSyzDsJJi3ciO0oVTii02Dua0EkD9h2ErFEizPptAvwWa8lx+TewwX20sOWVv7Z6CiaAk8r9soUA==$rYNeY9qDBDA0OdGKpje5jg==Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0Expires: Thu, 01 Jan 1970 00:00:01 GMT
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Fri, 19 Apr 2024 10:27:08 GMTContent-Type: text/html; charset=UTF-8Content-Length: 16629Connection: closeAccept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UACross-Origin-Embedder-Policy: require-corpCross-Origin-Opener-Policy: same-originCross-Origin-Resource-Policy: same-originOrigin-Agent-Cluster: ?1Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()Referrer-Policy: same-originX-Frame-Options: SAMEORIGINcf-mitigated: challengecf-chl-out: 3vKsvcd+LqC1OabqMPqq8tQ3WUiAHGAEJKEWX6C2KwEfTCPVNdzFdT3UQoMxn0SJLYFq7Fs+6uwu4Sz/wBeD8Zm1rXGXR2bxWC5sfQIK0kBtmiwVZSVWRjKTgFGLb1pynynAofFVITgZhuMJVTP79g==$tcXqsmrB+Cl3H/54NkV9qg==Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0Expires: Thu, 01 Jan 1970 00:00:01 GMT
Source: global traffic	HTTP traffic detected: HTTP/1.1 503 Service UnavailableDate: Fri, 19 Apr 2024 10:27:08 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeSet-Cookie: cf_chl_3=; path=/; expires=Thu, Jan 01 1970 00:00:00 UTC; domain=.home3220ic223s2nl2.ru; SecureSet-Cookie: cf_clearance=_.QeSIOyfr.efKWvaBtUVfJhCAXqrpmqT9hP72moKuY-1713522409-1.0.1.1-ww5iPDbGzQ7rQDmDGGR8rsYZEpMORRw2t7rFYdWn3VZ1iuptoqyEJSHToq4Y8Ns_VRy7AYUOGKzEpLA.ZDh6ag; path=/; expires=Sat, 19-Apr-25 10:27:08 GMT; domain=.home3220ic223s2nl2.ru; HttpOnly; Secure; SameSite=NoneX-Content-Type-Options: nosniffX-Content-Type-Options: nosniffX-XSS-Protection: 1; mode=blockX-XSS-Protection: 1; mode=blockSet-Cookie: -mmuEXLC8zvM5lNj42zNiwppaOI=LRwytl7I0AYc8IFTGfJg_Xv-U6U; path=/; expires=Sat, 20-Apr-24 10:27:07 GMT; Max-Age=86400;Set-Cookie: y9FKhln6lHyDAY9S9slU1IjX8AI=1713522427; path=/; expires=Sat, 20-Apr-24 10:27:07 GMT; Max-Age=86400;Set-Cookie: lxT7siI_enPlGu3lQNPJe40c9oY=1713608827; path=/; expires=Sat, 20-Apr-24 10:27:07 GMT; Max-Age=86400;Set-Cookie: EV8S1ic7LIv62LwWawziLsw4gRc=zn0p-Ojoh-hqFL3nz9AGS-F30WQ; path=/; expires=Sat, 20-Apr-24 10:27:07 GMT; Max-Age=86400;X-Frame-Options: SAMEORIGINCache-Control: public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0Pragma: no-cacheExpires: 0CF-Cache-Status: DYNAMIC
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 19 Apr 2024 10:27:10 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: closeVary: Accept-EncodingX-Content-Type-Options: nosniffX-Content-Type-Options: nosniffX-XSS-Protection: 1; mode=blockX-XSS-Protection: 1; mode=blockCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FtLEhuw7lNlWNHbQvgM3nMk%2FMv0AFF3Yhw0jpIFGCkm6FmxnsVGFr3ePZD3F1WT%2BNMkzDa%2BWU9jPHeHwCqWLl1kQGL5qYLbE6h1xwWrj2xnbnu9cMwoZAgSLlI5zyG%2BCFSnVQ4Uv2jQ%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 876c3350decdb0bb-ATLalt-svc: h3=":443"; ma=86400
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 19 Apr 2024 10:27:10 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: closeVary: Accept-EncodingX-Content-Type-Options: nosniffX-Content-Type-Options: nosniffX-XSS-Protection: 1; mode=blockX-XSS-Protection: 1; mode=blockCache-Control: public, max-age=315360000, stale-while-revalidate=315360000, stale-if-error=315360000, immutablePragma: publicCF-Cache-Status: MISSReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MfihiE1siwAHTdxYtUtskAWAkdYUNdkXSQ1hkYUucx5brjiuiGyJdtTqsmXXh%2FRQXjLVXSotmCVQ3nEe38TBcA7uASlywtWOHJzSToiDZ2wTLuJeFTX5zQLgiBXprayAHRFsJAHtWEY%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 876c33577833b050-ATLalt-svc: h3=":443"; ma=86400

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789

Source: unknown	HTTPS traffic detected: 23.63.206.91:443 -> 192.168.2.4:49747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.63.206.91:443 -> 192.168.2.4:49750 version: TLS 1.2

Source: classification engine

Classification label: clean0.win@20/16@16/8

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2092 --field-trial-handle=2028,i,2498440743626686221,15363801811470681751,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://home3220ic223s2nl2.ru/ics/sca-app/543244home"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2092 --field-trial-handle=2028,i,2498440743626686221,15363801811470681751,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

ID:	1428703
Product:	CloudBasic
Start time:	12:25:54
Start date:	19.04.2024
Cookbook:	browseurl.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Windows Analysis Report
https://home3220ic223s2nl2.ru/ics/sca-app/543244home

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report https://home3220ic223s2nl2.ru/ics/sca-app/543244home

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
https://home3220ic223s2nl2.ru/ics/sca-app/543244home