Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://falic.co/office/office_cookies/main/

Overview

General Information

Sample URL:https://falic.co/office/office_cookies/main/
Analysis ID:1431875
Infos:

Detection

Score:56
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Antivirus detection for URL or domain
HTML page contains hidden URLs or javascript code
Stores files to the Windows start menu directory
Uses insecure TLS / SSL version for HTTPS connection

Classification

Process Tree

  • System is w10x64
  • chrome.exe (PID: 5608 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 6412 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2092 --field-trial-handle=2032,i,17566053712304001285,8018078620139082274,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 3572 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://falic.co/office/office_cookies/main/" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Snort Signatures

No Snort rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Antivirus / Scanner detection for submitted sample
Source: https://falic.co/office/office_cookies/main/Avira URL Cloud: detection malicious, Label: phishing
Antivirus detection for URL or domain
Source: https://falic.co/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.jsAvira URL Cloud: Label: phishing
Source: https://falic.co/cdn-cgi/challenge-platform/scripts/jsd/main.jsAvira URL Cloud: Label: phishing
Source: https://falic.co/cdn-cgi/challenge-platform/h/b/jsd/r/87a10a3c8fc0b030Avira URL Cloud: Label: phishing
Source: https://falic.co/cdn-cgi/challenge-platform/h/b/jsd/r/87a10a459b23b0ebAvira URL Cloud: Label: phishing
Source: https://falic.co/favicon.icoAvira URL Cloud: Label: phishing
Source: https://falic.co/office/office_cookies/main/HTTP Parser: Base64 decoded: (function(){ var a = function() {try{return !!window.addEventListener} catch(e) {return !1} }, b = function(b, c) {a() ? document.addEventListener("DOMContentLoaded", b, c) : document.attachEvent("onreadystatechange", b)}; b(functi...
Source: https://falic.co/office/office_cookies/main/HTTP Parser: No favicon
Source: https://falic.co/office/office_cookies/main/HTTP Parser: No favicon
Source: unknownHTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49732 version: TLS 1.0
Source: unknownHTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.5:49726 version: TLS 1.2
Source: unknownHTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.5:49727 version: TLS 1.2
Source: unknownHTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49732 version: TLS 1.0
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknownTCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknownTCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknownTCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknownTCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknownTCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknownTCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknownTCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknownTCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknownTCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknownTCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknownTCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknownTCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknownTCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknownTCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknownTCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknownTCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknownTCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknownTCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficHTTP traffic detected: GET /office/office_cookies/main/ HTTP/1.1Host: falic.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: falic.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://falic.co/office/office_cookies/main/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: OKCIt-x4yyL2_CkpqkJ8gnfsHoc=WXplgF8B2EoDQGA1SRLd34IlJ3A; mJjxZCDMencZC1FxBDBDIM6NlcQ=1714076489; NEUGw_mReqahjJQUNtrAr1i2WyY=1714162889; g-1CXj9XUeh7MedgH5yZY1beKzg=hK_aypUb-RykQ-i3f0C4hqozPtw; l1K5Dya3GjEjbYx5PiVLp1ysXYM=cHhzuWIfe0wjFd6rIjDJWEaQNmM
Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1Host: falic.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: OKCIt-x4yyL2_CkpqkJ8gnfsHoc=WXplgF8B2EoDQGA1SRLd34IlJ3A; mJjxZCDMencZC1FxBDBDIM6NlcQ=1714076489; NEUGw_mReqahjJQUNtrAr1i2WyY=1714162889; g-1CXj9XUeh7MedgH5yZY1beKzg=hK_aypUb-RykQ-i3f0C4hqozPtw; l1K5Dya3GjEjbYx5PiVLp1ysXYM=cHhzuWIfe0wjFd6rIjDJWEaQNmM
Source: global trafficHTTP traffic detected: GET /office/office_cookies/main/ HTTP/1.1Host: falic.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://falic.co/office/office_cookies/main/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: OKCIt-x4yyL2_CkpqkJ8gnfsHoc=WXplgF8B2EoDQGA1SRLd34IlJ3A; mJjxZCDMencZC1FxBDBDIM6NlcQ=1714076489; NEUGw_mReqahjJQUNtrAr1i2WyY=1714162889; g-1CXj9XUeh7MedgH5yZY1beKzg=hK_aypUb-RykQ-i3f0C4hqozPtw; l1K5Dya3GjEjbYx5PiVLp1ysXYM=cHhzuWIfe0wjFd6rIjDJWEaQNmM; U6_P53pZRqwS_7lDcGqq19s8S5M=1714076493; VqcVrnlssPQkLGgKtGOOBKlbFR4=1714162893; 4Y1UXwmRc0_V9rR4m_cpiFcBABk=L4xUxsiA7y7VQxKfpjOH-W-2vhc
Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js HTTP/1.1Host: falic.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: OKCIt-x4yyL2_CkpqkJ8gnfsHoc=WXplgF8B2EoDQGA1SRLd34IlJ3A; mJjxZCDMencZC1FxBDBDIM6NlcQ=1714076489; NEUGw_mReqahjJQUNtrAr1i2WyY=1714162889; g-1CXj9XUeh7MedgH5yZY1beKzg=hK_aypUb-RykQ-i3f0C4hqozPtw; l1K5Dya3GjEjbYx5PiVLp1ysXYM=cHhzuWIfe0wjFd6rIjDJWEaQNmM; U6_P53pZRqwS_7lDcGqq19s8S5M=1714076493; VqcVrnlssPQkLGgKtGOOBKlbFR4=1714162893; 4Y1UXwmRc0_V9rR4m_cpiFcBABk=L4xUxsiA7y7VQxKfpjOH-W-2vhc
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: falic.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://falic.co/office/office_cookies/main/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: OKCIt-x4yyL2_CkpqkJ8gnfsHoc=WXplgF8B2EoDQGA1SRLd34IlJ3A; mJjxZCDMencZC1FxBDBDIM6NlcQ=1714076489; NEUGw_mReqahjJQUNtrAr1i2WyY=1714162889; g-1CXj9XUeh7MedgH5yZY1beKzg=hK_aypUb-RykQ-i3f0C4hqozPtw; l1K5Dya3GjEjbYx5PiVLp1ysXYM=cHhzuWIfe0wjFd6rIjDJWEaQNmM; U6_P53pZRqwS_7lDcGqq19s8S5M=1714076493; VqcVrnlssPQkLGgKtGOOBKlbFR4=1714162893; 4Y1UXwmRc0_V9rR4m_cpiFcBABk=L4xUxsiA7y7VQxKfpjOH-W-2vhc
Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/jsd/r/87a10a459b23b0eb HTTP/1.1Host: falic.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: OKCIt-x4yyL2_CkpqkJ8gnfsHoc=WXplgF8B2EoDQGA1SRLd34IlJ3A; mJjxZCDMencZC1FxBDBDIM6NlcQ=1714076489; NEUGw_mReqahjJQUNtrAr1i2WyY=1714162889; g-1CXj9XUeh7MedgH5yZY1beKzg=hK_aypUb-RykQ-i3f0C4hqozPtw; l1K5Dya3GjEjbYx5PiVLp1ysXYM=cHhzuWIfe0wjFd6rIjDJWEaQNmM; U6_P53pZRqwS_7lDcGqq19s8S5M=1714076493; VqcVrnlssPQkLGgKtGOOBKlbFR4=1714162893; 4Y1UXwmRc0_V9rR4m_cpiFcBABk=L4xUxsiA7y7VQxKfpjOH-W-2vhc; cf_clearance=aIyHUJryvFqka_D8f.F5bX7JtZhUjV22VWIXtzWTk3I-1714076494-1.0.1.1-vNec5bZ12lys936Bwa6GmIBC7GDgSc_ZagoEx6x86DVuLhAbSe9aLcErRp7Eurc1TdEG48Gzjp.EzKtOLaHbbg
Source: global trafficHTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global trafficDNS traffic detected: DNS query: falic.co
Source: global trafficDNS traffic detected: DNS query: a.nel.cloudflare.com
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: unknownHTTP traffic detected: POST /office/office_cookies/main/ HTTP/1.1Host: falic.coConnection: keep-aliveContent-Length: 22sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"X-Requested-TimeStamp-Expire: sec-ch-ua-mobile: ?0X-Requested-TimeStamp-Combination: X-Requested-Type-Combination: GETq9MD7iQpZPpiUrqXMIj8kCxLmA: 44282448Content-type: application/x-www-form-urlencodedX-Requested-Type: GETUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36X-Requested-with: XMLHttpRequestX-Requested-TimeStamp: sec-ch-ua-platform: "Windows"Accept: */*Origin: https://falic.coSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://falic.co/office/office_cookies/main/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: OKCIt-x4yyL2_CkpqkJ8gnfsHoc=WXplgF8B2EoDQGA1SRLd34IlJ3A; mJjxZCDMencZC1FxBDBDIM6NlcQ=1714076489; NEUGw_mReqahjJQUNtrAr1i2WyY=1714162889; g-1CXj9XUeh7MedgH5yZY1beKzg=hK_aypUb-RykQ-i3f0C4hqozPtw; l1K5Dya3GjEjbYx5PiVLp1ysXYM=cHhzuWIfe0wjFd6rIjDJWEaQNmM
Source: global trafficHTTP traffic detected: HTTP/1.1 503 Service UnavailableDate: Thu, 25 Apr 2024 20:21:32 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeX-Content-Type-Options: nosniffX-Content-Type-Options: nosniffX-XSS-Protection: 1; mode=blockX-XSS-Protection: 1; mode=blockSet-Cookie: OKCIt-x4yyL2_CkpqkJ8gnfsHoc=WXplgF8B2EoDQGA1SRLd34IlJ3A; path=/; expires=Fri, 26-Apr-24 20:21:29 GMT; Max-Age=86400;Set-Cookie: mJjxZCDMencZC1FxBDBDIM6NlcQ=1714076489; path=/; expires=Fri, 26-Apr-24 20:21:29 GMT; Max-Age=86400;Set-Cookie: NEUGw_mReqahjJQUNtrAr1i2WyY=1714162889; path=/; expires=Fri, 26-Apr-24 20:21:29 GMT; Max-Age=86400;Set-Cookie: g-1CXj9XUeh7MedgH5yZY1beKzg=hK_aypUb-RykQ-i3f0C4hqozPtw; path=/; expires=Fri, 26-Apr-24 20:21:29 GMT; Max-Age=86400;X-Frame-Options: SAMEORIGINCache-Control: public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0Pragma: no-cacheExpires: 0CF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yFFASDBpHmhfGN3NbIyDxTVPVXDIPtvHeA8VkJVRIlit6p1PbHeryyivCSLtyMKkXsT%2FTcC5CEKvvBupt%2BiMeJ6At8X8FdAGzMMXs16hsh27Fy5N7Erv2nRQug%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 87a10a3c8fc0b030-ATLalt-svc: h3=":443"; ma=86400
Source: global trafficHTTP traffic detected: HTTP/1.1 503 Service UnavailableDate: Thu, 25 Apr 2024 20:21:33 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeX-Content-Type-Options: nosniffX-Content-Type-Options: nosniffX-XSS-Protection: 1; mode=blockX-XSS-Protection: 1; mode=blockCache-Control: public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0Pragma: no-cacheX-Frame-Options: SAMEORIGINExpires: 0CF-Cache-Status: BYPASSSet-Cookie: l1K5Dya3GjEjbYx5PiVLp1ysXYM=cHhzuWIfe0wjFd6rIjDJWEaQNmM; path=/; expires=Fri, 26-Apr-24 20:21:33 GMT; Max-Age=86400;Set-Cookie: U6_P53pZRqwS_7lDcGqq19s8S5M=1714076493; path=/; expires=Fri, 26-Apr-24 20:21:33 GMT; Max-Age=86400;Set-Cookie: VqcVrnlssPQkLGgKtGOOBKlbFR4=1714162893; path=/; expires=Fri, 26-Apr-24 20:21:33 GMT; Max-Age=86400;Set-Cookie: 4Y1UXwmRc0_V9rR4m_cpiFcBABk=L4xUxsiA7y7VQxKfpjOH-W-2vhc; path=/; expires=Fri, 26-Apr-24 20:21:33 GMT; Max-Age=86400;Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PLjsC9KXY9kR%2BruZ75vZT%2FYL4lDzdD89bVPX3NC3GXiXFs6j4uEa6bJARbx03y7hdG9Kv%2FlSh%2FQCeCQ9L2HctTecWnFUPT9t67AU%2BohASNJG5l4EbSeLKtpTxA%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 87a10a42498678d1-ATLalt-svc: h3=":443"; ma=86400
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 25 Apr 2024 20:21:34 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: closeVary: Accept-EncodingX-Content-Type-Options: nosniffX-Content-Type-Options: nosniffX-XSS-Protection: 1; mode=blockX-XSS-Protection: 1; mode=blockCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nuleg8CnEiQlz7VDWXMTsrpVix9dtm%2BwI6XvHvOlO4Zq0jaHa7jMCYhnpkI11TmmMLBlboQYSAAtjYMAsZgk%2BTQ7GE9at7G4rKvuJuiGFh9U%2FsDe08Y3qquXTQ%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 87a10a459b23b0eb-ATLalt-svc: h3=":443"; ma=86400
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 25 Apr 2024 20:21:35 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: closeVary: Accept-EncodingX-Content-Type-Options: nosniffX-Content-Type-Options: nosniffX-XSS-Protection: 1; mode=blockX-XSS-Protection: 1; mode=blockCache-Control: public, max-age=315360000, stale-while-revalidate=315360000, stale-if-error=315360000, immutablePragma: publicCF-Cache-Status: MISSReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XFIx3oF1nDYgZKuYpNzotlq2D6h5AouYjGeTsKlEEEzVkwFQB325IlLOVY8oNvvSRwRqLHAjh38qS3x5Zr1IrHcp%2FXvIIo6EZUyYPMEQWnTEw%2Foz%2F%2FoIYXhIwg%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 87a10a4cc806b08d-ATLalt-svc: h3=":443"; ma=86400
Source: unknownNetwork traffic detected: HTTP traffic on port 49674 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
Source: unknownNetwork traffic detected: HTTP traffic on port 49710 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
Source: unknownNetwork traffic detected: HTTP traffic on port 49712 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49713
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49712
Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49711
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49710
Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49711 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49703 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49703
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
Source: unknownHTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.5:49726 version: TLS 1.2
Source: unknownHTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.5:49727 version: TLS 1.2
Source: classification engineClassification label: mal56.win@16/12@10/5
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2092 --field-trial-handle=2032,i,17566053712304001285,8018078620139082274,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://falic.co/office/office_cookies/main/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2092 --field-trial-handle=2032,i,17566053712304001285,8018078620139082274,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: Google Drive.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnkJump to behavior

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
Registry Run Keys / Startup Folder		1
Process Injection		1
Masquerading		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
Registry Run Keys / Startup Folder		1
Process Injection		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media4
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive5
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture3
Ingress Tool Transfer		Traffic DuplicationData Destruction

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
https://falic.co/office/office_cookies/main/100%Avira URL Cloudphishing

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
https://falic.co/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js100%Avira URL Cloudphishing
https://falic.co/cdn-cgi/challenge-platform/scripts/jsd/main.js100%Avira URL Cloudphishing
https://falic.co/cdn-cgi/challenge-platform/h/b/jsd/r/87a10a3c8fc0b030100%Avira URL Cloudphishing
https://falic.co/cdn-cgi/challenge-platform/h/b/jsd/r/87a10a459b23b0eb100%Avira URL Cloudphishing
https://falic.co/favicon.ico100%Avira URL Cloudphishing
about:blank0%Avira URL Cloudsafe

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
a.nel.cloudflare.com
35.190.80.1
truefalse
    		high
    www.google.com
    		64.233.177.104
    		truefalse
      		high
      falic.co
      		172.67.212.156
      		truefalse
        		unknown
        fp2e7a.wpc.phicdn.net
        		192.229.211.108
        		truefalse
          		unknown

          Contacted URLs

          NameMaliciousAntivirus DetectionReputation
          https://falic.co/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.jsfalse
          • Avira URL Cloud: phishing
          		unknown
          https://falic.co/cdn-cgi/challenge-platform/h/b/jsd/r/87a10a459b23b0ebfalse
          • Avira URL Cloud: phishing
          		unknown
          https://falic.co/favicon.icofalse
          • Avira URL Cloud: phishing
          		unknown
          https://falic.co/office/office_cookies/main/true
            		unknown
            about:blankfalse
            • Avira URL Cloud: safe
            		low
            https://falic.co/cdn-cgi/challenge-platform/h/b/jsd/r/87a10a3c8fc0b030false
            • Avira URL Cloud: phishing
            		unknown
            https://a.nel.cloudflare.com/report/v4?s=XFIx3oF1nDYgZKuYpNzotlq2D6h5AouYjGeTsKlEEEzVkwFQB325IlLOVY8oNvvSRwRqLHAjh38qS3x5Zr1IrHcp%2FXvIIo6EZUyYPMEQWnTEw%2Foz%2F%2FoIYXhIwg%3D%3Dfalse
              		high
              https://falic.co/cdn-cgi/challenge-platform/scripts/jsd/main.jsfalse
              • Avira URL Cloud: phishing
              		unknown
              https://a.nel.cloudflare.com/report/v4?s=yFFASDBpHmhfGN3NbIyDxTVPVXDIPtvHeA8VkJVRIlit6p1PbHeryyivCSLtyMKkXsT%2FTcC5CEKvvBupt%2BiMeJ6At8X8FdAGzMMXs16hsh27Fy5N7Erv2nRQug%3D%3Dfalse
                		high

                World Map of Contacted IPs

                • No. of IPs < 25%
                • 25% < No. of IPs < 50%
                • 50% < No. of IPs < 75%
                • 75% < No. of IPs

                Public IPs

                IPDomainCountryFlagASNASN NameMalicious
                64.233.177.104
                		www.google.comUnited States
                		15169GOOGLEUSfalse
                239.255.255.250
                		unknownReserved
                		unknownunknownfalse
                35.190.80.1
                		a.nel.cloudflare.comUnited States
                		15169GOOGLEUSfalse
                172.67.212.156
                		falic.coUnited States
                		13335CLOUDFLARENETUSfalse

                Private

                IP
                192.168.2.5

                General Information

                Joe Sandbox version:40.0.0 Tourmaline
                Analysis ID:1431875
                Start date and time:2024-04-25 22:20:35 +02:00
                Joe Sandbox product:CloudBasic
                Overall analysis duration:0h 3m 15s
                Hypervisor based Inspection enabled:false
                Report type:full
                Cookbook file name:browseurl.jbs
                Sample URL:https://falic.co/office/office_cookies/main/
                Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                Number of analysed new started processes analysed:7
                Number of new started drivers analysed:0
                Number of existing processes analysed:0
                Number of existing drivers analysed:0
                Number of injected processes analysed:0
                Technologies:
                • HCA enabled
                • EGA enabled
                • AMSI enabled
                Analysis Mode:default
                Analysis stop reason:Timeout
                Detection:MAL
                Classification:mal56.win@16/12@10/5
                EGA Information:Failed
                HCA Information:
                • Successful, ratio: 100%
                • Number of executed functions: 0
                • Number of non-executed functions: 0

                Warnings

                • Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
                • Excluded IPs from analysis (whitelisted): 173.194.219.94, 108.177.122.84, 74.125.136.100, 74.125.136.113, 74.125.136.138, 74.125.136.139, 74.125.136.101, 74.125.136.102, 34.104.35.123, 40.127.169.103, 23.40.205.73, 23.40.205.26, 192.229.211.108, 13.85.23.206, 142.250.9.94, 72.21.81.240
                • Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, wu.ec.azureedge.net, clientservices.googleapis.com, ctldl.windowsupdate.com, a767.dspw65.akamai.net, wu-bg-shim.trafficmanager.net, wu.azureedge.net, download.windowsupdate.com.edgesuite.net, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, ocsp.digicert.com, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, bg.apr-52dd2-0503.edgecastdns.net, cs11.wpc.v0cdn.net, sls.update.microsoft.com, update.googleapis.com, hlb.apr-52dd2-0.edgecastdns.net, clients.l.google.com, glb.sls.prod.dcat.dsp.trafficmanager.net
                • Not all processes where analyzed, report is missing behavior information
                • Report size getting too big, too many NtSetInformationFile calls found.
                • VT rate limit hit for: https://falic.co/office/office_cookies/main/

                Simulations

                Behavior and APIs

                No simulations

                Joe Sandbox View / Context

                IPs

                No context

                Domains

                No context

                ASNs

                No context

                JA3 Fingerprints

                No context

                Dropped Files

                No context

                Created / dropped Files

                C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 19:21:31 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                Category:dropped
                Size (bytes):2677
                Entropy (8bit):3.9857331379230883
                Encrypted:false
                SSDEEP:48:84dkTIw4H0idAKZdA19ehwiZUklqehSy+3:8TPP1y
                MD5:84098390023F5CC8A98C6D81FD9A8CCC
                SHA1:3B44AB1139A9EF7AE09097ABE7AFCF793D49E9F8
                SHA-256:BA6BDA1B292113569E1433F3B1A8144357FB1D96349BAADECE2A3CF7CA9439F7
                SHA-512:7C80FD1301C6F127DADEE6280A20B65A25058562A56EBD7FE82F1D4DBEFBAAB31026895719D3D848F4A6A68E29A74388115C0C593D7316D813B394948C99928E
                Malicious:false
                Reputation:low
                Preview:L..................F.@.. ...$+.,....]AI)N...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.X......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........F.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 19:21:31 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                Category:dropped
                Size (bytes):2679
                Entropy (8bit):4.000670080339762
                Encrypted:false
                SSDEEP:48:8ydkTIw4H0idAKZdA1weh/iZUkAQkqehly+2:89P19Q4y
                MD5:A897834D213CB108A62064F7CC0CC130
                SHA1:352363F2D7ADA5FA6CF3AAEB10F8D2C843F84D39
                SHA-256:E03403BC2CB2F855FC47E7269607B05B877DD23077AAD3034E5BF9549EE6D9F8
                SHA-512:103918E7F6DA81CDB4A3F72C7C510ABC62A929B4612A0F16A5FB36157C7BFAF9555D5D683E9F8831B76185B50A28FAC61DE244937518A5A45B72516399125038
                Malicious:false
                Reputation:low
                Preview:L..................F.@.. ...$+.,....K+;)N...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.X......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........F.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                Category:dropped
                Size (bytes):2693
                Entropy (8bit):4.011645399793277
                Encrypted:false
                SSDEEP:48:8xRdkTIwsH0idAKZdA14tseh7sFiZUkmgqeh7sry+BX:8xQPZnpy
                MD5:D70BD5C8F3DFBD1B2A07D1DF098AF1C9
                SHA1:FAABE96125A6763BC2324EBCE16EAB802663771C
                SHA-256:C7510089CB621A88872DA1D7846624B0CD25C63D295A2276E2A7216B3788D39B
                SHA-512:FA03B91560579633665F9FE8DCCB44646C0A789AC3AE8529B526E55B6D8E2A565812D78D2A2B766F32E77CC9308C74DEC3334748C31D3F7CC20BC4CA23BC69B0
                Malicious:false
                Reputation:low
                Preview:L..................F.@.. ...$+.,......e>....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.X......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VDW.n...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........F.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 19:21:31 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                Category:dropped
                Size (bytes):2681
                Entropy (8bit):3.9977277453632163
                Encrypted:false
                SSDEEP:48:8bdkTIw4H0idAKZdA1vehDiZUkwqehRy+R:8qPWTy
                MD5:99257AFA0CA078E226721770AC23A607
                SHA1:B0A4D3F6105829EA1C99D2C00D7398F0D7DD5E4A
                SHA-256:825EE94D9A614D5768D7AD5BBCF6ECC9B1D577BBFC026A9FCAA7EA48399203A6
                SHA-512:28F3513C1F0890310A74E973C2ED1FF3FE2A681EED72FE9B42B5546B91AE42D20FB3A3292955A5D752B9F038A8CD9A3CF5429619E4AAF36788DC936B61C531B4
                Malicious:false
                Reputation:low
                Preview:L..................F.@.. ...$+.,....fx4)N...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.X......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........F.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 19:21:31 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                Category:dropped
                Size (bytes):2681
                Entropy (8bit):3.9899323305270094
                Encrypted:false
                SSDEEP:48:8LdkTIw4H0idAKZdA1hehBiZUk1W1qehfy+C:8aP29/y
                MD5:2A8B37A67207E899F964C58D9AC93072
                SHA1:4F615775A2B552F6F3E43E89FF5A6103F0419CD3
                SHA-256:AD35C9E51840435040645001B23FEBBBB1DF117BB87D8D7936CFF5A5DC4DEE8B
                SHA-512:DC2350CCBF1D71BEBE047209F9156FABAF792FF29431F0A769F1C9A1E5332A60C818301720695BC8507D28DE1110B7F17F4200E484FB7A418D6CCF2002BD7DD6
                Malicious:false
                Reputation:low
                Preview:L..................F.@.. ...$+.,......C)N...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.X......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........F.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Apr 25 19:21:31 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                Category:dropped
                Size (bytes):2683
                Entropy (8bit):3.998875160924357
                Encrypted:false
                SSDEEP:48:8RedkTIw4H0idAKZdA1duT+ehOuTbbiZUk5OjqehOuTbpy+yT+:8RRPIT/TbxWOvTbpy7T
                MD5:A68D9AAA2CD2B217858BE3203927D887
                SHA1:61CF6C9F73451D6EBE75251A85CEA1240851386C
                SHA-256:3FA37EBCFBDAC2AAE9B6AB6A2E4C8BD911BEC15F5C63FDC93956EACBF8B6F927
                SHA-512:763739773ACC8635E25854B4B63A4D02781C7AE09F213C1AC5078C0462CADB1036EBE4D85FCAF85A7A4040FADCEB9F9F4631018D210BE7929B107756C94AEF01
                Malicious:false
                Reputation:low
                Preview:L..................F.@.. ...$+.,....0.,)N...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.X......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........F.......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                Chrome Cache Entry: 61

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:HTML document, ASCII text, with very long lines (1375), with no line terminators
                Category:downloaded
                Size (bytes):1375
                Entropy (8bit):5.266163160824535
                Encrypted:false
                SSDEEP:24:kTeRH8eVxvrCJjsuRpRGB6zuDAJSa7egRWgzQunfvJVu3iPCMgsygDKGRWKMSoI0:8eFj/e5dIDqS/gwyPX7VqrsyEKGwKKI0
                MD5:AD0416C60D2DB119D797066DDF5513A8
                SHA1:547A2B7DCFDA2F3F9B02BD1C51F9942C1BDEF952
                SHA-256:499DF08A39F5B0AF2B68E98147F9DF819E8A6D50F8F7AC612BC50622704EF88A
                SHA-512:41F032DE0590C3A26A0D17AEBE8154501C2AB2D56DD85C2A463D91680D844D78B46C9A00008151E8A83CB1BE8A41BA6B7CE996261F08E5A6F3A333D6FB05B9FD
                Malicious:false
                Reputation:low
                URL:https://falic.co/office/office_cookies/main/
                Preview:<html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><script>(function(){if (!document.body) return;var js = "window['__CF$cv$params']={r:'87a10a459b23b0eb',t:'MTcxNDA3NjQ5NC4yMTYwMDA='};_cpo=document.createElement('script');_cpo.nonce='',_cpo.src='/cdn-cgi/challenge-platform/scripts/jsd/main.js',document.getElementsByTagName('head')[0].appendChild(_cpo);";var _0xh = document.createElement('iframe');_0xh.height = 1;_0xh.width = 1;_0xh.style.position = 'absolute';_0xh.style.top = 0;_0xh.style.left = 0;_0xh.style.border = 'none';_0xh.style.visibility = 'hidden';document.body.appendChild(_0xh);function handler() {var _0xi = _0xh.contentDocument || _0xh.contentWindow.document;if (_0xi) {var _0xj = _0xi.createElement('script');_0xj.innerHTML = js;_0xi.getElementsByTagName('head')[0].appendChild(_0xj);}}i

                Chrome Cache Entry: 62

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:HTML document, ASCII text, with no line terminators
                Category:downloaded
                Size (bytes):257
                Entropy (8bit):4.6486758631726115
                Encrypted:false
                SSDEEP:6:qzxUkObRHX96vetlSwzRx3G0CezoJTEHcLgabVvjsKtgsg93wzR1D:kxReRHkvetQwzRxGez7fCJjsKtgizR1D
                MD5:6147CA10712E483B5EE714D29C21E439
                SHA1:7BFFD4014EFE0ACE62D03599877153159E2A01B6
                SHA-256:E5128B5E331CAD19DF2F67041FFC85BF716D6E6106DEA098C37524593FB268E9
                SHA-512:B3381EFE8B9D07D1F27174E70813AF2E8FBFCAC00E0F5D197121F20E81DE7B2B271264CB07B332A82118F636917CA30A4CDD568BF97B83B29DFCBACC58F8C928
                Malicious:false
                Reputation:low
                URL:https://falic.co/favicon.ico
                Preview:<html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p></body></html>

                Chrome Cache Entry: 63

                Download File
                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                File Type:ASCII text, with very long lines (7907), with no line terminators
                Category:downloaded
                Size (bytes):7907
                Entropy (8bit):5.760802925386411
                Encrypted:false
                SSDEEP:192:a4NO1OnhTZExbrV+hqSxlZpXCXZsJxRn6V2:a4NOeTZExbrVMlxnpSXZux5h
                MD5:F3D00F233D0191D63991519A81B18B24
                SHA1:451AF0E07AAB87BFAB132742130DE3CA85C78C4F
                SHA-256:6817117B0AA4A506C9312282E84B285A1B3F4C313E198CAFDBC1BD600C15566F
                SHA-512:A96CC27FE7596D77F9FDDB0E255B4BADA31D74714EE28778E8DCD1D60E0AA88DA51C72D795BA1A3B60AFE03B3F8C79990BC26EBC77007884456CB4A4A2DCD308
                Malicious:false
                Reputation:low
                URL:https://falic.co/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
                Preview:window._cf_chl_opt={cFPWv:'b'};~function(V,g,h,i,j,n,o,A){V=b,function(d,e,U,f,C){for(U=b,f=d();!![];)try{if(C=parseInt(U(431))/1*(parseInt(U(471))/2)+parseInt(U(474))/3+-parseInt(U(430))/4*(-parseInt(U(424))/5)+-parseInt(U(426))/6*(-parseInt(U(498))/7)+parseInt(U(418))/8*(parseInt(U(454))/9)+parseInt(U(447))/10+parseInt(U(479))/11*(-parseInt(U(481))/12),e===C)break;else f.push(f.shift())}catch(D){f.push(f.shift())}}(a,107584),g=this||self,h=g[V(482)],i={},i[V(459)]='o',i[V(472)]='s',i[V(487)]='u',i[V(509)]='z',i[V(492)]='n',i[V(445)]='I',j=i,g[V(504)]=function(C,D,E,F,a0,H,I,J,K,L,M){if(a0=V,null===D||void 0===D)return F;for(H=m(D),C[a0(515)][a0(461)]&&(H=H[a0(412)](C[a0(515)][a0(461)](D))),H=C[a0(505)][a0(460)]&&C[a0(442)]?C[a0(505)][a0(460)](new C[(a0(442))](H)):function(N,a1,O){for(a1=a0,N[a1(448)](),O=0;O<N[a1(503)];N[O+1]===N[O]?N[a1(513)](O+1,1):O+=1);return N}(H),I='nAsAaAb'.split('A'),I=I[a0(490)][a0(508)](I),J=0;J<H[a0(503)];K=H[J],L=l(C,D,K),I(L)?(M=L==='s'&&!C[a0(467)](D[K]

                Static File Info

                No static file info

                Network Behavior

                Network Port Distribution

                TCP Packets

                TimestampSource PortDest PortSource IPDest IP
                Apr 25, 2024 22:21:25.442948103 CEST49675443192.168.2.523.1.237.91
                Apr 25, 2024 22:21:25.442954063 CEST49674443192.168.2.523.1.237.91
                Apr 25, 2024 22:21:25.567939043 CEST49673443192.168.2.523.1.237.91
                Apr 25, 2024 22:21:31.805836916 CEST49710443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:31.805927038 CEST44349710172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:31.806108952 CEST49710443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:31.806231976 CEST49711443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:31.806266069 CEST44349711172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:31.806322098 CEST49711443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:31.806453943 CEST49710443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:31.806485891 CEST44349710172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:31.806682110 CEST49711443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:31.806694031 CEST44349711172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:32.037951946 CEST44349711172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:32.038213968 CEST49711443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:32.038223028 CEST44349711172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:32.039124012 CEST44349711172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:32.039196014 CEST49711443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:32.040235043 CEST49711443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:32.040246010 CEST44349710172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:32.040311098 CEST44349711172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:32.040493965 CEST49710443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:32.040532112 CEST44349710172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:32.040585041 CEST49711443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:32.040592909 CEST44349711172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:32.043988943 CEST44349710172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:32.044131994 CEST49710443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:32.044361115 CEST49710443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:32.044454098 CEST44349710172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:32.128696918 CEST49711443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:32.236757040 CEST49710443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:32.236818075 CEST44349710172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:32.344352007 CEST49710443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:32.609200954 CEST44349711172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:32.609242916 CEST44349711172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:32.609281063 CEST49711443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:32.609302044 CEST44349711172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:32.609312057 CEST44349711172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:32.609344959 CEST44349711172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:32.609348059 CEST49711443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:32.609355927 CEST44349711172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:32.609390020 CEST49711443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:32.609952927 CEST44349711172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:32.610011101 CEST44349711172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:32.610055923 CEST49711443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:32.629412889 CEST49711443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:32.629437923 CEST44349711172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:32.703720093 CEST49710443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:32.715481043 CEST49712443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:32.715507030 CEST44349712172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:32.715593100 CEST49712443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:32.715898037 CEST49712443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:32.715910912 CEST44349712172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:32.716407061 CEST49713443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:32.716473103 CEST44349713172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:32.716542959 CEST49713443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:32.716856956 CEST49713443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:32.716878891 CEST44349713172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:32.724324942 CEST49714443192.168.2.535.190.80.1
                Apr 25, 2024 22:21:32.724355936 CEST4434971435.190.80.1192.168.2.5
                Apr 25, 2024 22:21:32.724425077 CEST49714443192.168.2.535.190.80.1
                Apr 25, 2024 22:21:32.724598885 CEST49714443192.168.2.535.190.80.1
                Apr 25, 2024 22:21:32.724615097 CEST4434971435.190.80.1192.168.2.5
                Apr 25, 2024 22:21:32.748126030 CEST44349710172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:32.952208996 CEST44349712172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:32.952625036 CEST49712443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:32.952651978 CEST44349712172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:32.953062057 CEST44349712172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:32.953391075 CEST49712443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:32.953452110 CEST44349712172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:32.953536987 CEST49712443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:32.955111027 CEST44349713172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:32.956120014 CEST49713443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:32.956195116 CEST44349713172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:32.956599951 CEST44349713172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:32.957094908 CEST49713443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:32.957176924 CEST44349713172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:32.957195997 CEST49713443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:32.957247019 CEST4434971435.190.80.1192.168.2.5
                Apr 25, 2024 22:21:32.957420111 CEST49714443192.168.2.535.190.80.1
                Apr 25, 2024 22:21:32.957442999 CEST4434971435.190.80.1192.168.2.5
                Apr 25, 2024 22:21:32.959150076 CEST4434971435.190.80.1192.168.2.5
                Apr 25, 2024 22:21:32.959222078 CEST49714443192.168.2.535.190.80.1
                Apr 25, 2024 22:21:32.960192919 CEST49714443192.168.2.535.190.80.1
                Apr 25, 2024 22:21:32.960299015 CEST4434971435.190.80.1192.168.2.5
                Apr 25, 2024 22:21:32.960396051 CEST49714443192.168.2.535.190.80.1
                Apr 25, 2024 22:21:32.960403919 CEST4434971435.190.80.1192.168.2.5
                Apr 25, 2024 22:21:32.996114969 CEST44349712172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:33.000138998 CEST44349713172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:33.003489017 CEST49713443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:33.003604889 CEST49714443192.168.2.535.190.80.1
                Apr 25, 2024 22:21:33.202959061 CEST4434971435.190.80.1192.168.2.5
                Apr 25, 2024 22:21:33.203047991 CEST4434971435.190.80.1192.168.2.5
                Apr 25, 2024 22:21:33.203262091 CEST49714443192.168.2.535.190.80.1
                Apr 25, 2024 22:21:33.203489065 CEST49714443192.168.2.535.190.80.1
                Apr 25, 2024 22:21:33.203505993 CEST4434971435.190.80.1192.168.2.5
                Apr 25, 2024 22:21:33.204066992 CEST49718443192.168.2.535.190.80.1
                Apr 25, 2024 22:21:33.204102039 CEST4434971835.190.80.1192.168.2.5
                Apr 25, 2024 22:21:33.204184055 CEST49718443192.168.2.535.190.80.1
                Apr 25, 2024 22:21:33.204466105 CEST49718443192.168.2.535.190.80.1
                Apr 25, 2024 22:21:33.204478025 CEST4434971835.190.80.1192.168.2.5
                Apr 25, 2024 22:21:33.224744081 CEST44349713172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:33.224827051 CEST44349713172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:33.224881887 CEST49713443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:33.227870941 CEST44349710172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:33.228018999 CEST44349710172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:33.228072882 CEST49710443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:33.231868982 CEST49710443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:33.231887102 CEST44349710172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:33.247013092 CEST49713443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:33.247021914 CEST44349713172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:33.249285936 CEST49719443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:33.249320030 CEST44349719172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:33.249377012 CEST49719443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:33.249721050 CEST49720443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:33.249749899 CEST44349720172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:33.249799967 CEST49720443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:33.250030994 CEST49719443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:33.250047922 CEST44349719172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:33.250415087 CEST49720443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:33.250430107 CEST44349720172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:33.431463957 CEST4434971835.190.80.1192.168.2.5
                Apr 25, 2024 22:21:33.463304043 CEST49718443192.168.2.535.190.80.1
                Apr 25, 2024 22:21:33.463325977 CEST4434971835.190.80.1192.168.2.5
                Apr 25, 2024 22:21:33.463860989 CEST4434971835.190.80.1192.168.2.5
                Apr 25, 2024 22:21:33.465306044 CEST49718443192.168.2.535.190.80.1
                Apr 25, 2024 22:21:33.465388060 CEST4434971835.190.80.1192.168.2.5
                Apr 25, 2024 22:21:33.465967894 CEST49718443192.168.2.535.190.80.1
                Apr 25, 2024 22:21:33.484854937 CEST44349720172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:33.485589027 CEST49720443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:33.485600948 CEST44349720172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:33.485992908 CEST44349720172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:33.487325907 CEST44349719172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:33.488467932 CEST49720443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:33.488539934 CEST44349720172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:33.489012003 CEST49719443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:33.489028931 CEST44349719172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:33.489456892 CEST49720443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:33.490199089 CEST44349719172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:33.491302967 CEST49719443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:33.491475105 CEST44349719172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:33.491559982 CEST49719443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:33.508120060 CEST4434971835.190.80.1192.168.2.5
                Apr 25, 2024 22:21:33.523099899 CEST44349712172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:33.523128033 CEST44349712172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:33.523168087 CEST49712443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:33.523183107 CEST44349712172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:33.523211002 CEST44349712172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:33.523231983 CEST49712443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:33.523241997 CEST44349712172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:33.523253918 CEST49712443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:33.523443937 CEST44349712172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:33.523488045 CEST49712443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:33.532119989 CEST44349719172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:33.532128096 CEST44349720172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:33.534573078 CEST49712443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:33.534584999 CEST44349712172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:33.683192015 CEST4434971835.190.80.1192.168.2.5
                Apr 25, 2024 22:21:33.683265924 CEST4434971835.190.80.1192.168.2.5
                Apr 25, 2024 22:21:33.683317900 CEST49718443192.168.2.535.190.80.1
                Apr 25, 2024 22:21:33.684228897 CEST49718443192.168.2.535.190.80.1
                Apr 25, 2024 22:21:33.684245110 CEST4434971835.190.80.1192.168.2.5
                Apr 25, 2024 22:21:33.754359961 CEST44349719172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:33.754504919 CEST44349719172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:33.754554987 CEST49719443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:33.754578114 CEST44349719172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:33.754728079 CEST44349719172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:33.754776001 CEST49719443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:33.754785061 CEST44349719172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:33.754898071 CEST44349719172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:33.754946947 CEST49719443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:33.754954100 CEST44349719172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:33.755237103 CEST44349719172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:33.755286932 CEST49719443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:33.756210089 CEST49719443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:33.756222963 CEST44349719172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:33.870978117 CEST49721443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:33.871058941 CEST44349721172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:33.871144056 CEST49721443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:33.871718884 CEST49721443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:33.871747017 CEST44349721172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:34.103851080 CEST44349721172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:34.104124069 CEST49721443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:34.104180098 CEST44349721172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:34.104794979 CEST44349721172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:34.105137110 CEST49721443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:34.105259895 CEST44349721172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:34.105386019 CEST49721443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:34.105458021 CEST49721443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:34.105495930 CEST44349721172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:34.105551004 CEST49721443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:34.148159981 CEST44349721172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:34.270375967 CEST44349720172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:34.270445108 CEST44349720172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:34.270505905 CEST44349720172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:34.270617008 CEST49720443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:34.270617008 CEST49720443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:34.271311998 CEST49720443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:34.271326065 CEST44349720172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:34.271338940 CEST49720443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:34.271385908 CEST49720443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:34.275098085 CEST49721443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:34.275242090 CEST44349721172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:34.275332928 CEST49721443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:34.395137072 CEST49722443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:34.395160913 CEST44349722172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:34.395231009 CEST49722443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:34.395780087 CEST49722443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:34.395790100 CEST44349722172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:34.405066967 CEST49723443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:34.405117989 CEST44349723172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:34.405179977 CEST49723443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:34.405360937 CEST49723443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:34.405376911 CEST44349723172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:34.633532047 CEST44349722172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:34.633795977 CEST49722443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:34.633806944 CEST44349722172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:34.635282040 CEST44349722172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:34.635346889 CEST49722443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:34.635695934 CEST49722443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:34.635793924 CEST44349722172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:34.636013031 CEST49722443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:34.636018991 CEST44349722172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:34.636179924 CEST49722443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:34.636215925 CEST44349722172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:34.637542963 CEST44349723172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:34.637864113 CEST49723443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:34.637897968 CEST44349723172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:34.638242006 CEST44349723172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:34.638529062 CEST49723443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:34.638586998 CEST44349723172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:34.638648987 CEST49723443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:34.669419050 CEST49724443192.168.2.564.233.177.104
                Apr 25, 2024 22:21:34.669451952 CEST4434972464.233.177.104192.168.2.5
                Apr 25, 2024 22:21:34.669507980 CEST49724443192.168.2.564.233.177.104
                Apr 25, 2024 22:21:34.669698000 CEST49724443192.168.2.564.233.177.104
                Apr 25, 2024 22:21:34.669711113 CEST4434972464.233.177.104192.168.2.5
                Apr 25, 2024 22:21:34.682708025 CEST49723443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:34.682775974 CEST44349723172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:34.888715029 CEST44349722172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:34.888887882 CEST44349722172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:34.888952971 CEST49722443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:34.890053988 CEST49722443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:34.890068054 CEST44349722172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:34.898330927 CEST4434972464.233.177.104192.168.2.5
                Apr 25, 2024 22:21:34.898890018 CEST49724443192.168.2.564.233.177.104
                Apr 25, 2024 22:21:34.898924112 CEST4434972464.233.177.104192.168.2.5
                Apr 25, 2024 22:21:34.899921894 CEST4434972464.233.177.104192.168.2.5
                Apr 25, 2024 22:21:34.899986982 CEST49724443192.168.2.564.233.177.104
                Apr 25, 2024 22:21:34.900998116 CEST49724443192.168.2.564.233.177.104
                Apr 25, 2024 22:21:34.901058912 CEST4434972464.233.177.104192.168.2.5
                Apr 25, 2024 22:21:34.940721035 CEST49724443192.168.2.564.233.177.104
                Apr 25, 2024 22:21:34.940747023 CEST4434972464.233.177.104192.168.2.5
                Apr 25, 2024 22:21:35.000972986 CEST49724443192.168.2.564.233.177.104
                Apr 25, 2024 22:21:35.047852039 CEST49675443192.168.2.523.1.237.91
                Apr 25, 2024 22:21:35.047873020 CEST49674443192.168.2.523.1.237.91
                Apr 25, 2024 22:21:35.056729078 CEST44349723172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:35.056842089 CEST44349723172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:35.056896925 CEST49723443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:35.057773113 CEST49723443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:35.057800055 CEST44349723172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:35.080663919 CEST49725443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:35.080715895 CEST44349725172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:35.080785036 CEST49725443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:35.080996037 CEST49725443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:35.081007004 CEST44349725172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:35.172875881 CEST49673443192.168.2.523.1.237.91
                Apr 25, 2024 22:21:35.316493988 CEST44349725172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:35.316888094 CEST49725443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:35.316922903 CEST44349725172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:35.320818901 CEST44349725172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:35.320893049 CEST49725443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:35.321415901 CEST49725443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:35.321547985 CEST49725443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:35.321553946 CEST44349725172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:35.321696043 CEST44349725172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:35.351824999 CEST49726443192.168.2.5184.31.62.93
                Apr 25, 2024 22:21:35.351877928 CEST44349726184.31.62.93192.168.2.5
                Apr 25, 2024 22:21:35.351943016 CEST49726443192.168.2.5184.31.62.93
                Apr 25, 2024 22:21:35.354393959 CEST49726443192.168.2.5184.31.62.93
                Apr 25, 2024 22:21:35.354409933 CEST44349726184.31.62.93192.168.2.5
                Apr 25, 2024 22:21:35.376029968 CEST49725443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:35.376055956 CEST44349725172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:35.422861099 CEST49725443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:35.581669092 CEST44349726184.31.62.93192.168.2.5
                Apr 25, 2024 22:21:35.581773043 CEST49726443192.168.2.5184.31.62.93
                Apr 25, 2024 22:21:35.584594965 CEST49726443192.168.2.5184.31.62.93
                Apr 25, 2024 22:21:35.584609985 CEST44349726184.31.62.93192.168.2.5
                Apr 25, 2024 22:21:35.584884882 CEST44349726184.31.62.93192.168.2.5
                Apr 25, 2024 22:21:35.594031096 CEST44349725172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:35.594100952 CEST44349725172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:35.594177961 CEST49725443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:35.594716072 CEST49725443192.168.2.5172.67.212.156
                Apr 25, 2024 22:21:35.594743013 CEST44349725172.67.212.156192.168.2.5
                Apr 25, 2024 22:21:35.626018047 CEST49726443192.168.2.5184.31.62.93
                Apr 25, 2024 22:21:35.626776934 CEST49726443192.168.2.5184.31.62.93
                Apr 25, 2024 22:21:35.672121048 CEST44349726184.31.62.93192.168.2.5
                Apr 25, 2024 22:21:35.795139074 CEST44349726184.31.62.93192.168.2.5
                Apr 25, 2024 22:21:35.795211077 CEST44349726184.31.62.93192.168.2.5
                Apr 25, 2024 22:21:35.795277119 CEST49726443192.168.2.5184.31.62.93
                Apr 25, 2024 22:21:35.795396090 CEST49726443192.168.2.5184.31.62.93
                Apr 25, 2024 22:21:35.795432091 CEST44349726184.31.62.93192.168.2.5
                Apr 25, 2024 22:21:35.795473099 CEST49726443192.168.2.5184.31.62.93
                Apr 25, 2024 22:21:35.795480013 CEST44349726184.31.62.93192.168.2.5
                Apr 25, 2024 22:21:35.833456039 CEST49727443192.168.2.5184.31.62.93
                Apr 25, 2024 22:21:35.833503962 CEST44349727184.31.62.93192.168.2.5
                Apr 25, 2024 22:21:35.833600044 CEST49727443192.168.2.5184.31.62.93
                Apr 25, 2024 22:21:35.833949089 CEST49727443192.168.2.5184.31.62.93
                Apr 25, 2024 22:21:35.833962917 CEST44349727184.31.62.93192.168.2.5
                Apr 25, 2024 22:21:36.057972908 CEST44349727184.31.62.93192.168.2.5
                Apr 25, 2024 22:21:36.058048010 CEST49727443192.168.2.5184.31.62.93
                Apr 25, 2024 22:21:36.061955929 CEST49727443192.168.2.5184.31.62.93
                Apr 25, 2024 22:21:36.061978102 CEST44349727184.31.62.93192.168.2.5
                Apr 25, 2024 22:21:36.062314034 CEST44349727184.31.62.93192.168.2.5
                Apr 25, 2024 22:21:36.064044952 CEST49727443192.168.2.5184.31.62.93
                Apr 25, 2024 22:21:36.108115911 CEST44349727184.31.62.93192.168.2.5
                Apr 25, 2024 22:21:36.276812077 CEST44349727184.31.62.93192.168.2.5
                Apr 25, 2024 22:21:36.276969910 CEST44349727184.31.62.93192.168.2.5
                Apr 25, 2024 22:21:36.277040958 CEST49727443192.168.2.5184.31.62.93
                Apr 25, 2024 22:21:36.277863026 CEST49727443192.168.2.5184.31.62.93
                Apr 25, 2024 22:21:36.277889967 CEST44349727184.31.62.93192.168.2.5
                Apr 25, 2024 22:21:36.277924061 CEST49727443192.168.2.5184.31.62.93
                Apr 25, 2024 22:21:36.277936935 CEST44349727184.31.62.93192.168.2.5
                Apr 25, 2024 22:21:36.710753918 CEST4434970323.1.237.91192.168.2.5
                Apr 25, 2024 22:21:36.712322950 CEST49703443192.168.2.523.1.237.91
                Apr 25, 2024 22:21:44.892981052 CEST4434972464.233.177.104192.168.2.5
                Apr 25, 2024 22:21:44.893079042 CEST4434972464.233.177.104192.168.2.5
                Apr 25, 2024 22:21:44.893131018 CEST49724443192.168.2.564.233.177.104
                Apr 25, 2024 22:21:46.589329958 CEST49703443192.168.2.523.1.237.91
                Apr 25, 2024 22:21:46.589632034 CEST49703443192.168.2.523.1.237.91
                Apr 25, 2024 22:21:46.590513945 CEST49732443192.168.2.523.1.237.91
                Apr 25, 2024 22:21:46.590532064 CEST4434973223.1.237.91192.168.2.5
                Apr 25, 2024 22:21:46.590732098 CEST49732443192.168.2.523.1.237.91
                Apr 25, 2024 22:21:46.591046095 CEST49732443192.168.2.523.1.237.91
                Apr 25, 2024 22:21:46.591054916 CEST4434973223.1.237.91192.168.2.5
                Apr 25, 2024 22:21:46.746843100 CEST4434970323.1.237.91192.168.2.5
                Apr 25, 2024 22:21:46.746912956 CEST4434970323.1.237.91192.168.2.5
                Apr 25, 2024 22:21:46.769454956 CEST49724443192.168.2.564.233.177.104
                Apr 25, 2024 22:21:46.769493103 CEST4434972464.233.177.104192.168.2.5
                Apr 25, 2024 22:21:46.918263912 CEST4434973223.1.237.91192.168.2.5
                Apr 25, 2024 22:21:46.918385029 CEST49732443192.168.2.523.1.237.91
                Apr 25, 2024 22:22:06.078779936 CEST4434973223.1.237.91192.168.2.5
                Apr 25, 2024 22:22:06.078974009 CEST49732443192.168.2.523.1.237.91
                Apr 25, 2024 22:22:32.613919973 CEST49737443192.168.2.535.190.80.1
                Apr 25, 2024 22:22:32.613962889 CEST4434973735.190.80.1192.168.2.5
                Apr 25, 2024 22:22:32.614072084 CEST49737443192.168.2.535.190.80.1
                Apr 25, 2024 22:22:32.614517927 CEST49737443192.168.2.535.190.80.1
                Apr 25, 2024 22:22:32.614531040 CEST4434973735.190.80.1192.168.2.5
                Apr 25, 2024 22:22:32.725040913 CEST49738443192.168.2.535.190.80.1
                Apr 25, 2024 22:22:32.725084066 CEST4434973835.190.80.1192.168.2.5
                Apr 25, 2024 22:22:32.725176096 CEST49738443192.168.2.535.190.80.1
                Apr 25, 2024 22:22:32.725363016 CEST49738443192.168.2.535.190.80.1
                Apr 25, 2024 22:22:32.725373983 CEST4434973835.190.80.1192.168.2.5
                Apr 25, 2024 22:22:32.841082096 CEST4434973735.190.80.1192.168.2.5
                Apr 25, 2024 22:22:32.841367960 CEST49737443192.168.2.535.190.80.1
                Apr 25, 2024 22:22:32.841432095 CEST4434973735.190.80.1192.168.2.5
                Apr 25, 2024 22:22:32.841928005 CEST4434973735.190.80.1192.168.2.5
                Apr 25, 2024 22:22:32.842250109 CEST49737443192.168.2.535.190.80.1
                Apr 25, 2024 22:22:32.842363119 CEST4434973735.190.80.1192.168.2.5
                Apr 25, 2024 22:22:32.842372894 CEST49737443192.168.2.535.190.80.1
                Apr 25, 2024 22:22:32.884162903 CEST4434973735.190.80.1192.168.2.5
                Apr 25, 2024 22:22:32.891911983 CEST49737443192.168.2.535.190.80.1
                Apr 25, 2024 22:22:32.954469919 CEST4434973835.190.80.1192.168.2.5
                Apr 25, 2024 22:22:32.954752922 CEST49738443192.168.2.535.190.80.1
                Apr 25, 2024 22:22:32.954782963 CEST4434973835.190.80.1192.168.2.5
                Apr 25, 2024 22:22:32.958332062 CEST4434973835.190.80.1192.168.2.5
                Apr 25, 2024 22:22:32.958394051 CEST49738443192.168.2.535.190.80.1
                Apr 25, 2024 22:22:32.958755016 CEST49738443192.168.2.535.190.80.1
                Apr 25, 2024 22:22:32.958874941 CEST49738443192.168.2.535.190.80.1
                Apr 25, 2024 22:22:32.958882093 CEST4434973835.190.80.1192.168.2.5
                Apr 25, 2024 22:22:32.958928108 CEST4434973835.190.80.1192.168.2.5
                Apr 25, 2024 22:22:33.001267910 CEST49738443192.168.2.535.190.80.1
                Apr 25, 2024 22:22:33.001286030 CEST4434973835.190.80.1192.168.2.5
                Apr 25, 2024 22:22:33.048137903 CEST49738443192.168.2.535.190.80.1
                Apr 25, 2024 22:22:33.088782072 CEST4434973735.190.80.1192.168.2.5
                Apr 25, 2024 22:22:33.088969946 CEST4434973735.190.80.1192.168.2.5
                Apr 25, 2024 22:22:33.089041948 CEST49737443192.168.2.535.190.80.1
                Apr 25, 2024 22:22:33.089088917 CEST4434973735.190.80.1192.168.2.5
                Apr 25, 2024 22:22:33.089117050 CEST49737443192.168.2.535.190.80.1
                Apr 25, 2024 22:22:33.089220047 CEST49737443192.168.2.535.190.80.1
                Apr 25, 2024 22:22:33.089643955 CEST49739443192.168.2.535.190.80.1
                Apr 25, 2024 22:22:33.089723110 CEST4434973935.190.80.1192.168.2.5
                Apr 25, 2024 22:22:33.089931011 CEST49739443192.168.2.535.190.80.1
                Apr 25, 2024 22:22:33.090132952 CEST49739443192.168.2.535.190.80.1
                Apr 25, 2024 22:22:33.090164900 CEST4434973935.190.80.1192.168.2.5
                Apr 25, 2024 22:22:33.200803995 CEST4434973835.190.80.1192.168.2.5
                Apr 25, 2024 22:22:33.200998068 CEST4434973835.190.80.1192.168.2.5
                Apr 25, 2024 22:22:33.201061010 CEST49738443192.168.2.535.190.80.1
                Apr 25, 2024 22:22:33.201272964 CEST49738443192.168.2.535.190.80.1
                Apr 25, 2024 22:22:33.201291084 CEST4434973835.190.80.1192.168.2.5
                Apr 25, 2024 22:22:33.202132940 CEST49740443192.168.2.535.190.80.1
                Apr 25, 2024 22:22:33.202167034 CEST4434974035.190.80.1192.168.2.5
                Apr 25, 2024 22:22:33.202238083 CEST49740443192.168.2.535.190.80.1
                Apr 25, 2024 22:22:33.202769041 CEST49740443192.168.2.535.190.80.1
                Apr 25, 2024 22:22:33.202788115 CEST4434974035.190.80.1192.168.2.5
                Apr 25, 2024 22:22:33.320020914 CEST4434973935.190.80.1192.168.2.5
                Apr 25, 2024 22:22:33.323379040 CEST49739443192.168.2.535.190.80.1
                Apr 25, 2024 22:22:33.323409081 CEST4434973935.190.80.1192.168.2.5
                Apr 25, 2024 22:22:33.324549913 CEST4434973935.190.80.1192.168.2.5
                Apr 25, 2024 22:22:33.325448990 CEST49739443192.168.2.535.190.80.1
                Apr 25, 2024 22:22:33.325623989 CEST4434973935.190.80.1192.168.2.5
                Apr 25, 2024 22:22:33.325712919 CEST49739443192.168.2.535.190.80.1
                Apr 25, 2024 22:22:33.325823069 CEST49739443192.168.2.535.190.80.1
                Apr 25, 2024 22:22:33.325874090 CEST4434973935.190.80.1192.168.2.5
                Apr 25, 2024 22:22:33.435741901 CEST4434974035.190.80.1192.168.2.5
                Apr 25, 2024 22:22:33.436089993 CEST49740443192.168.2.535.190.80.1
                Apr 25, 2024 22:22:33.436113119 CEST4434974035.190.80.1192.168.2.5
                Apr 25, 2024 22:22:33.437310934 CEST4434974035.190.80.1192.168.2.5
                Apr 25, 2024 22:22:33.437696934 CEST49740443192.168.2.535.190.80.1
                Apr 25, 2024 22:22:33.437870979 CEST4434974035.190.80.1192.168.2.5
                Apr 25, 2024 22:22:33.437968969 CEST49740443192.168.2.535.190.80.1
                Apr 25, 2024 22:22:33.484112978 CEST4434974035.190.80.1192.168.2.5
                Apr 25, 2024 22:22:33.569360018 CEST4434973935.190.80.1192.168.2.5
                Apr 25, 2024 22:22:33.569546938 CEST4434973935.190.80.1192.168.2.5
                Apr 25, 2024 22:22:33.569727898 CEST49739443192.168.2.535.190.80.1
                Apr 25, 2024 22:22:33.579339027 CEST49739443192.168.2.535.190.80.1
                Apr 25, 2024 22:22:33.579364061 CEST4434973935.190.80.1192.168.2.5
                Apr 25, 2024 22:22:33.683506966 CEST4434974035.190.80.1192.168.2.5
                Apr 25, 2024 22:22:33.683763027 CEST4434974035.190.80.1192.168.2.5
                Apr 25, 2024 22:22:33.683795929 CEST49740443192.168.2.535.190.80.1
                Apr 25, 2024 22:22:33.683829069 CEST4434974035.190.80.1192.168.2.5
                Apr 25, 2024 22:22:33.683839083 CEST49740443192.168.2.535.190.80.1
                Apr 25, 2024 22:22:34.611931086 CEST49741443192.168.2.564.233.177.104
                Apr 25, 2024 22:22:34.611974001 CEST4434974164.233.177.104192.168.2.5
                Apr 25, 2024 22:22:34.612129927 CEST49741443192.168.2.564.233.177.104
                Apr 25, 2024 22:22:34.612359047 CEST49741443192.168.2.564.233.177.104
                Apr 25, 2024 22:22:34.612376928 CEST4434974164.233.177.104192.168.2.5
                Apr 25, 2024 22:22:34.843451977 CEST4434974164.233.177.104192.168.2.5
                Apr 25, 2024 22:22:34.843678951 CEST49741443192.168.2.564.233.177.104
                Apr 25, 2024 22:22:34.843699932 CEST4434974164.233.177.104192.168.2.5
                Apr 25, 2024 22:22:34.844161987 CEST4434974164.233.177.104192.168.2.5
                Apr 25, 2024 22:22:34.844436884 CEST49741443192.168.2.564.233.177.104
                Apr 25, 2024 22:22:34.844515085 CEST4434974164.233.177.104192.168.2.5
                Apr 25, 2024 22:22:34.891880035 CEST49741443192.168.2.564.233.177.104
                Apr 25, 2024 22:22:44.843767881 CEST4434974164.233.177.104192.168.2.5
                Apr 25, 2024 22:22:44.843905926 CEST4434974164.233.177.104192.168.2.5
                Apr 25, 2024 22:22:44.846507072 CEST49741443192.168.2.564.233.177.104
                Apr 25, 2024 22:22:46.785497904 CEST49741443192.168.2.564.233.177.104
                Apr 25, 2024 22:22:46.785523891 CEST4434974164.233.177.104192.168.2.5

                UDP Packets

                TimestampSource PortDest PortSource IPDest IP
                Apr 25, 2024 22:21:30.349236965 CEST53649581.1.1.1192.168.2.5
                Apr 25, 2024 22:21:30.463392019 CEST53597981.1.1.1192.168.2.5
                Apr 25, 2024 22:21:31.106334925 CEST53634851.1.1.1192.168.2.5
                Apr 25, 2024 22:21:31.663157940 CEST5378953192.168.2.51.1.1.1
                Apr 25, 2024 22:21:31.663302898 CEST4970453192.168.2.51.1.1.1
                Apr 25, 2024 22:21:31.803513050 CEST53497041.1.1.1192.168.2.5
                Apr 25, 2024 22:21:31.804955959 CEST53537891.1.1.1192.168.2.5
                Apr 25, 2024 22:21:32.611424923 CEST5431553192.168.2.51.1.1.1
                Apr 25, 2024 22:21:32.611623049 CEST6200553192.168.2.51.1.1.1
                Apr 25, 2024 22:21:32.721956968 CEST53543151.1.1.1192.168.2.5
                Apr 25, 2024 22:21:32.722453117 CEST53620051.1.1.1192.168.2.5
                Apr 25, 2024 22:21:34.558504105 CEST6419453192.168.2.51.1.1.1
                Apr 25, 2024 22:21:34.558669090 CEST4963153192.168.2.51.1.1.1
                Apr 25, 2024 22:21:34.668521881 CEST53496311.1.1.1192.168.2.5
                Apr 25, 2024 22:21:34.668590069 CEST53641941.1.1.1192.168.2.5
                Apr 25, 2024 22:21:34.933059931 CEST6172753192.168.2.51.1.1.1
                Apr 25, 2024 22:21:34.933208942 CEST6540253192.168.2.51.1.1.1
                Apr 25, 2024 22:21:35.047055960 CEST53654021.1.1.1192.168.2.5
                Apr 25, 2024 22:21:35.080166101 CEST53617271.1.1.1192.168.2.5
                Apr 25, 2024 22:21:48.185441017 CEST53589811.1.1.1192.168.2.5
                Apr 25, 2024 22:22:07.197252989 CEST53535051.1.1.1192.168.2.5
                Apr 25, 2024 22:22:30.237632036 CEST53565861.1.1.1192.168.2.5
                Apr 25, 2024 22:22:30.304364920 CEST53645841.1.1.1192.168.2.5
                Apr 25, 2024 22:22:32.612755060 CEST6461553192.168.2.51.1.1.1
                Apr 25, 2024 22:22:32.613251925 CEST4919153192.168.2.51.1.1.1
                Apr 25, 2024 22:22:32.723941088 CEST53646151.1.1.1192.168.2.5
                Apr 25, 2024 22:22:32.724529028 CEST53491911.1.1.1192.168.2.5

                DNS Queries

                TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                Apr 25, 2024 22:21:31.663157940 CEST192.168.2.51.1.1.10xdcf3Standard query (0)falic.coA (IP address)IN (0x0001)false
                Apr 25, 2024 22:21:31.663302898 CEST192.168.2.51.1.1.10xc9d9Standard query (0)falic.co65IN (0x0001)false
                Apr 25, 2024 22:21:32.611424923 CEST192.168.2.51.1.1.10x36bcStandard query (0)a.nel.cloudflare.comA (IP address)IN (0x0001)false
                Apr 25, 2024 22:21:32.611623049 CEST192.168.2.51.1.1.10x9f32Standard query (0)a.nel.cloudflare.com65IN (0x0001)false
                Apr 25, 2024 22:21:34.558504105 CEST192.168.2.51.1.1.10xb55bStandard query (0)www.google.comA (IP address)IN (0x0001)false
                Apr 25, 2024 22:21:34.558669090 CEST192.168.2.51.1.1.10xcb43Standard query (0)www.google.com65IN (0x0001)false
                Apr 25, 2024 22:21:34.933059931 CEST192.168.2.51.1.1.10x5f47Standard query (0)falic.coA (IP address)IN (0x0001)false
                Apr 25, 2024 22:21:34.933208942 CEST192.168.2.51.1.1.10x36e3Standard query (0)falic.co65IN (0x0001)false
                Apr 25, 2024 22:22:32.612755060 CEST192.168.2.51.1.1.10xdf00Standard query (0)a.nel.cloudflare.comA (IP address)IN (0x0001)false
                Apr 25, 2024 22:22:32.613251925 CEST192.168.2.51.1.1.10xcf63Standard query (0)a.nel.cloudflare.com65IN (0x0001)false

                DNS Answers

                TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                Apr 25, 2024 22:21:31.803513050 CEST1.1.1.1192.168.2.50xc9d9No error (0)falic.co65IN (0x0001)false
                Apr 25, 2024 22:21:31.804955959 CEST1.1.1.1192.168.2.50xdcf3No error (0)falic.co172.67.212.156A (IP address)IN (0x0001)false
                Apr 25, 2024 22:21:31.804955959 CEST1.1.1.1192.168.2.50xdcf3No error (0)falic.co104.21.59.39A (IP address)IN (0x0001)false
                Apr 25, 2024 22:21:32.721956968 CEST1.1.1.1192.168.2.50x36bcNo error (0)a.nel.cloudflare.com35.190.80.1A (IP address)IN (0x0001)false
                Apr 25, 2024 22:21:34.668521881 CEST1.1.1.1192.168.2.50xcb43No error (0)www.google.com65IN (0x0001)false
                Apr 25, 2024 22:21:34.668590069 CEST1.1.1.1192.168.2.50xb55bNo error (0)www.google.com64.233.177.104A (IP address)IN (0x0001)false
                Apr 25, 2024 22:21:34.668590069 CEST1.1.1.1192.168.2.50xb55bNo error (0)www.google.com64.233.177.147A (IP address)IN (0x0001)false
                Apr 25, 2024 22:21:34.668590069 CEST1.1.1.1192.168.2.50xb55bNo error (0)www.google.com64.233.177.106A (IP address)IN (0x0001)false
                Apr 25, 2024 22:21:34.668590069 CEST1.1.1.1192.168.2.50xb55bNo error (0)www.google.com64.233.177.105A (IP address)IN (0x0001)false
                Apr 25, 2024 22:21:34.668590069 CEST1.1.1.1192.168.2.50xb55bNo error (0)www.google.com64.233.177.103A (IP address)IN (0x0001)false
                Apr 25, 2024 22:21:34.668590069 CEST1.1.1.1192.168.2.50xb55bNo error (0)www.google.com64.233.177.99A (IP address)IN (0x0001)false
                Apr 25, 2024 22:21:35.047055960 CEST1.1.1.1192.168.2.50x36e3No error (0)falic.co65IN (0x0001)false
                Apr 25, 2024 22:21:35.080166101 CEST1.1.1.1192.168.2.50x5f47No error (0)falic.co172.67.212.156A (IP address)IN (0x0001)false
                Apr 25, 2024 22:21:35.080166101 CEST1.1.1.1192.168.2.50x5f47No error (0)falic.co104.21.59.39A (IP address)IN (0x0001)false
                Apr 25, 2024 22:21:46.344249964 CEST1.1.1.1192.168.2.50x3fNo error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                Apr 25, 2024 22:21:46.344249964 CEST1.1.1.1192.168.2.50x3fNo error (0)fp2e7a.wpc.phicdn.net192.229.211.108A (IP address)IN (0x0001)false
                Apr 25, 2024 22:21:59.554306030 CEST1.1.1.1192.168.2.50x1b7fNo error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                Apr 25, 2024 22:21:59.554306030 CEST1.1.1.1192.168.2.50x1b7fNo error (0)fp2e7a.wpc.phicdn.net192.229.211.108A (IP address)IN (0x0001)false
                Apr 25, 2024 22:22:22.302752018 CEST1.1.1.1192.168.2.50x4346No error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                Apr 25, 2024 22:22:22.302752018 CEST1.1.1.1192.168.2.50x4346No error (0)fp2e7a.wpc.phicdn.net192.229.211.108A (IP address)IN (0x0001)false
                Apr 25, 2024 22:22:32.723941088 CEST1.1.1.1192.168.2.50xdf00No error (0)a.nel.cloudflare.com35.190.80.1A (IP address)IN (0x0001)false
                Apr 25, 2024 22:22:43.129812956 CEST1.1.1.1192.168.2.50xeaf9No error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                Apr 25, 2024 22:22:43.129812956 CEST1.1.1.1192.168.2.50xeaf9No error (0)fp2e7a.wpc.phicdn.net192.229.211.108A (IP address)IN (0x0001)false

                HTTP Request Dependency Graph

                • falic.co
                • https:
                • a.nel.cloudflare.com
                • fs.microsoft.com

                HTTPS Proxied Packets

                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                0192.168.2.549711172.67.212.1564436412C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampBytes transferredDirectionData
                2024-04-25 20:21:32 UTC678OUTGET /office/office_cookies/main/ HTTP/1.1
                Host: falic.co
                Connection: keep-alive
                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                sec-ch-ua-mobile: ?0
                sec-ch-ua-platform: "Windows"
                Upgrade-Insecure-Requests: 1
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                Sec-Fetch-Site: none
                Sec-Fetch-Mode: navigate
                Sec-Fetch-User: ?1
                Sec-Fetch-Dest: document
                Accept-Encoding: gzip, deflate, br
                Accept-Language: en-US,en;q=0.9
                2024-04-25 20:21:32 UTC1357INHTTP/1.1 503 Service Unavailable
                Date: Thu, 25 Apr 2024 20:21:32 GMT
                Content-Type: text/html; charset=utf-8
                Transfer-Encoding: chunked
                Connection: close
                X-Content-Type-Options: nosniff
                X-Content-Type-Options: nosniff
                X-XSS-Protection: 1; mode=block
                X-XSS-Protection: 1; mode=block
                Set-Cookie: OKCIt-x4yyL2_CkpqkJ8gnfsHoc=WXplgF8B2EoDQGA1SRLd34IlJ3A; path=/; expires=Fri, 26-Apr-24 20:21:29 GMT; Max-Age=86400;
                Set-Cookie: mJjxZCDMencZC1FxBDBDIM6NlcQ=1714076489; path=/; expires=Fri, 26-Apr-24 20:21:29 GMT; Max-Age=86400;
                Set-Cookie: NEUGw_mReqahjJQUNtrAr1i2WyY=1714162889; path=/; expires=Fri, 26-Apr-24 20:21:29 GMT; Max-Age=86400;
                Set-Cookie: g-1CXj9XUeh7MedgH5yZY1beKzg=hK_aypUb-RykQ-i3f0C4hqozPtw; path=/; expires=Fri, 26-Apr-24 20:21:29 GMT; Max-Age=86400;
                X-Frame-Options: SAMEORIGIN
                Cache-Control: public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
                Pragma: no-cache
                Expires: 0
                CF-Cache-Status: DYNAMIC
                Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yFFASDBpHmhfGN3NbIyDxTVPVXDIPtvHeA8VkJVRIlit6p1PbHeryyivCSLtyMKkXsT%2FTcC5CEKvvBupt%2BiMeJ6At8X8FdAGzMMXs16hsh27Fy5N7Erv2nRQug%3D%3D"}],"group":"cf-nel","max_age":604800}
                NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                Server: cloudflare
                CF-RAY: 87a10a3c8fc0b030-ATL
                alt-svc: h3=":443"; ma=86400
                2024-04-25 20:21:32 UTC12INData Raw: 31 64 62 33 0d 0a 3c 21 44 4f 43 54
                Data Ascii: 1db3<!DOCT
                2024-04-25 20:21:32 UTC1369INData Raw: 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 45 64 67 65 2c 63 68 72 6f 6d 65 3d 31 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78
                Data Ascii: YPE html><html><head><meta charset="utf-8" /><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><meta http-equiv="X-UA-Compatible" content="IE=Edge,chrome=1" /><meta name="viewport" content="width=device-width, initial-scale=1, max
                2024-04-25 20:21:32 UTC1369INData Raw: 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 76 4c 32 70 68 64 6d 46 7a 59 33 4a 70 63 48 51 67 63 48 56 36 65 6d 78 6c 49 47 5a 76 63 69 42 69 63 6d 39 33 63 32 56 79 49 48 52 76 49 47 5a 70 5a 33 56 79 5a 53 42 76 64 58 51 67 64 47 38 67 5a 32 56 30 49 47 46 75 63 33 64 6c 63 67 6f 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 42 70 5a 69 67 68 64 32 6c 75 5a 47 39 33 4c 6c 39 77 61 47 46 75 64 47 39 74 49 48 78 38 49 43 46 33 61 57 35 6b 62 33 63 75 59 32 46 73 62 46 42 6f 59 57 35 30 62 32 30 70 65 79 38 71 63 47 68 68 62 6e 52 76 62 57 70 7a 4b 69 38 4b 61 57 59 6f 49 58 64 70 62 6d 52 76 64 79 35 66 58 33 42 6f 59 57 35 30 62 32 31 68 63 79 6c 37 4c 79 70 77 61 47 46 75 64 47 39 74 59
                Data Ascii: AgICAgICAgICAgICAgICAvL2phdmFzY3JpcHQgcHV6emxlIGZvciBicm93c2VyIHRvIGZpZ3VyZSBvdXQgdG8gZ2V0IGFuc3dlcgogICAgICAgICAgICAgICAgICAgICAgICBpZighd2luZG93Ll9waGFudG9tIHx8ICF3aW5kb3cuY2FsbFBoYW50b20pey8qcGhhbnRvbWpzKi8KaWYoIXdpbmRvdy5fX3BoYW50b21hcyl7LypwaGFudG9tY
                2024-04-25 20:21:32 UTC1369INData Raw: 67 49 43 41 76 4c 32 56 75 5a 43 42 71 59 58 5a 68 63 32 4e 79 61 58 42 30 49 48 42 31 65 6e 70 73 5a 51 6f 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 42 32 59 58 49 67 65 47 68 30 64 48 41 67 50 53 42 75 5a 58 63 67 57 45 31 4d 53 48 52 30 63 46 4a 6c 63 58 56 6c 63 33 51 6f 4b 54 73 4b 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 65 47 68 30 64 48 41 75 62 32 35 79 5a 57 46 6b 65 58 4e 30 59 58 52 6c 59 32 68 68 62 6d 64 6c 49 44 30 67 5a 6e 56 75 59 33 52 70 62 32 34 6f 4b 53 42 37 43 69 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 61 57 59 67 4b 48 68 6f 64 48 52 77 4c 6e
                Data Ascii: gICAvL2VuZCBqYXZhc2NyaXB0IHB1enpsZQogICAgICAgICAgICAgICAgICAgICAgICB2YXIgeGh0dHAgPSBuZXcgWE1MSHR0cFJlcXVlc3QoKTsKICAgICAgICAgICAgICAgICAgICAgICAgeGh0dHAub25yZWFkeXN0YXRlY2hhbmdlID0gZnVuY3Rpb24oKSB7CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgKHhodHRwLn
                2024-04-25 20:21:32 UTC1369INData Raw: 49 48 73 4b 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 42 33 61 57 35 6b 62 33 63 75 62 47 39 6a 59 58 52 70 62 32 34 75 63 6d 56 73 62 32 46 6b 4b 43 6b 37 43 69 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 42 39 43 6e 30 4b 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 42 39 43 69 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 48 30 37 43 69 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41
                Data Ascii: IHsKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICB3aW5kb3cubG9jYXRpb24ucmVsb2FkKCk7CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICB9Cn0KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICB9CiAgICAgICAgICAgICAgICAgICAgICAgIH07CiAgICAgICAgICAgICA
                2024-04-25 20:21:32 UTC1369INData Raw: 6e 64 70 5a 48 52 6f 4f 77 70 7a 61 43 41 39 49 48 4e 6a 63 6d 56 6c 62 69 35 6f 5a 57 6c 6e 61 48 51 37 43 6e 64 33 49 44 30 67 64 32 6c 75 5a 47 39 33 4c 6d 6c 75 62 6d 56 79 56 32 6c 6b 64 47 67 67 66 48 77 67 5a 47 39 6a 64 57 31 6c 62 6e 51 75 5a 47 39 6a 64 57 31 6c 62 6e 52 46 62 47 56 74 5a 57 35 30 4c 6d 4e 73 61 57 56 75 64 46 64 70 5a 48 52 6f 49 48 78 38 49 47 52 76 59 33 56 74 5a 57 35 30 4c 6d 4a 76 5a 48 6b 75 59 32 78 70 5a 57 35 30 56 32 6c 6b 64 47 67 67 66 48 77 67 4d 44 73 4b 64 32 67 67 50 53 42 33 61 57 35 6b 62 33 63 75 61 57 35 75 5a 58 4a 49 5a 57 6c 6e 61 48 51 67 66 48 77 67 5a 47 39 6a 64 57 31 6c 62 6e 51 75 5a 47 39 6a 64 57 31 6c 62 6e 52 46 62 47 56 74 5a 57 35 30 4c 6d 4e 73 61 57 56 75 64 45 68 6c 61 57 64 6f 64 43 42 38
                Data Ascii: ndpZHRoOwpzaCA9IHNjcmVlbi5oZWlnaHQ7Cnd3ID0gd2luZG93LmlubmVyV2lkdGggfHwgZG9jdW1lbnQuZG9jdW1lbnRFbGVtZW50LmNsaWVudFdpZHRoIHx8IGRvY3VtZW50LmJvZHkuY2xpZW50V2lkdGggfHwgMDsKd2ggPSB3aW5kb3cuaW5uZXJIZWlnaHQgfHwgZG9jdW1lbnQuZG9jdW1lbnRFbGVtZW50LmNsaWVudEhlaWdodCB8
                2024-04-25 20:21:32 UTC754INData Raw: 78 68 2e 73 74 79 6c 65 2e 70 6f 73 69 74 69 6f 6e 20 3d 20 27 61 62 73 6f 6c 75 74 65 27 3b 5f 30 78 68 2e 73 74 79 6c 65 2e 74 6f 70 20 3d 20 30 3b 5f 30 78 68 2e 73 74 79 6c 65 2e 6c 65 66 74 20 3d 20 30 3b 5f 30 78 68 2e 73 74 79 6c 65 2e 62 6f 72 64 65 72 20 3d 20 27 6e 6f 6e 65 27 3b 5f 30 78 68 2e 73 74 79 6c 65 2e 76 69 73 69 62 69 6c 69 74 79 20 3d 20 27 68 69 64 64 65 6e 27 3b 64 6f 63 75 6d 65 6e 74 2e 62 6f 64 79 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 5f 30 78 68 29 3b 66 75 6e 63 74 69 6f 6e 20 68 61 6e 64 6c 65 72 28 29 20 7b 76 61 72 20 5f 30 78 69 20 3d 20 5f 30 78 68 2e 63 6f 6e 74 65 6e 74 44 6f 63 75 6d 65 6e 74 20 7c 7c 20 5f 30 78 68 2e 63 6f 6e 74 65 6e 74 57 69 6e 64 6f 77 2e 64 6f 63 75 6d 65 6e 74 3b 69 66 20 28 5f 30 78 69 29 20
                Data Ascii: xh.style.position = 'absolute';_0xh.style.top = 0;_0xh.style.left = 0;_0xh.style.border = 'none';_0xh.style.visibility = 'hidden';document.body.appendChild(_0xh);function handler() {var _0xi = _0xh.contentDocument || _0xh.contentWindow.document;if (_0xi)
                2024-04-25 20:21:32 UTC5INData Raw: 30 0d 0a 0d 0a
                Data Ascii: 0


                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                1192.168.2.549710172.67.212.1564436412C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampBytes transferredDirectionData
                2024-04-25 20:21:32 UTC1130OUTPOST /office/office_cookies/main/ HTTP/1.1
                Host: falic.co
                Connection: keep-alive
                Content-Length: 22
                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                X-Requested-TimeStamp-Expire:
                sec-ch-ua-mobile: ?0
                X-Requested-TimeStamp-Combination:
                X-Requested-Type-Combination: GET
                q9MD7iQpZPpiUrqXMIj8kCxLmA: 44282448
                Content-type: application/x-www-form-urlencoded
                X-Requested-Type: GET
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                X-Requested-with: XMLHttpRequest
                X-Requested-TimeStamp:
                sec-ch-ua-platform: "Windows"
                Accept: */*
                Origin: https://falic.co
                Sec-Fetch-Site: same-origin
                Sec-Fetch-Mode: cors
                Sec-Fetch-Dest: empty
                Referer: https://falic.co/office/office_cookies/main/
                Accept-Encoding: gzip, deflate, br
                Accept-Language: en-US,en;q=0.9
                Cookie: OKCIt-x4yyL2_CkpqkJ8gnfsHoc=WXplgF8B2EoDQGA1SRLd34IlJ3A; mJjxZCDMencZC1FxBDBDIM6NlcQ=1714076489; NEUGw_mReqahjJQUNtrAr1i2WyY=1714162889; g-1CXj9XUeh7MedgH5yZY1beKzg=hK_aypUb-RykQ-i3f0C4hqozPtw; l1K5Dya3GjEjbYx5PiVLp1ysXYM=cHhzuWIfe0wjFd6rIjDJWEaQNmM
                2024-04-25 20:21:32 UTC22OUTData Raw: 6e 61 6d 65 31 3d 48 65 6e 72 79 26 6e 61 6d 65 32 3d 46 6f 72 64
                Data Ascii: name1=Henry&name2=Ford
                2024-04-25 20:21:33 UTC1278INHTTP/1.1 204 No Content
                Date: Thu, 25 Apr 2024 20:21:33 GMT
                Connection: close
                X-Content-Type-Options: nosniff
                X-Content-Type-Options: nosniff
                X-XSS-Protection: 1; mode=block
                X-XSS-Protection: 1; mode=block
                Set-Cookie: l1K5Dya3GjEjbYx5PiVLp1ysXYM=cHhzuWIfe0wjFd6rIjDJWEaQNmM; path=/; expires=Fri, 26-Apr-24 20:21:33 GMT; Max-Age=86400;
                Set-Cookie: U6_P53pZRqwS_7lDcGqq19s8S5M=1714076493; path=/; expires=Fri, 26-Apr-24 20:21:33 GMT; Max-Age=86400;
                Set-Cookie: VqcVrnlssPQkLGgKtGOOBKlbFR4=1714162893; path=/; expires=Fri, 26-Apr-24 20:21:33 GMT; Max-Age=86400;
                Set-Cookie: 4Y1UXwmRc0_V9rR4m_cpiFcBABk=L4xUxsiA7y7VQxKfpjOH-W-2vhc; path=/; expires=Fri, 26-Apr-24 20:21:33 GMT; Max-Age=86400;
                X-Frame-Options: SAMEORIGIN
                Cache-Control: public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
                Pragma: no-cache
                Expires: 0
                CF-Cache-Status: DYNAMIC
                Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZW7vMTxDPkEi5qXofDqSkGWbnu3T2I%2FfLcacpneeG8N3AiAB3F8nl33NB8U10ntqwZYGjX783grdB6MP9hxA2YACR4U0kTR6o0NL3uqJ93uebqcop9Z1r0UAfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
                NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                Server: cloudflare
                CF-RAY: 87a10a3fcfc1454b-ATL
                alt-svc: h3=":443"; ma=86400


                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                2192.168.2.549712172.67.212.1564436412C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampBytes transferredDirectionData
                2024-04-25 20:21:32 UTC858OUTGET /favicon.ico HTTP/1.1
                Host: falic.co
                Connection: keep-alive
                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                sec-ch-ua-mobile: ?0
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                sec-ch-ua-platform: "Windows"
                Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                Sec-Fetch-Site: same-origin
                Sec-Fetch-Mode: no-cors
                Sec-Fetch-Dest: image
                Referer: https://falic.co/office/office_cookies/main/
                Accept-Encoding: gzip, deflate, br
                Accept-Language: en-US,en;q=0.9
                Cookie: OKCIt-x4yyL2_CkpqkJ8gnfsHoc=WXplgF8B2EoDQGA1SRLd34IlJ3A; mJjxZCDMencZC1FxBDBDIM6NlcQ=1714076489; NEUGw_mReqahjJQUNtrAr1i2WyY=1714162889; g-1CXj9XUeh7MedgH5yZY1beKzg=hK_aypUb-RykQ-i3f0C4hqozPtw; l1K5Dya3GjEjbYx5PiVLp1ysXYM=cHhzuWIfe0wjFd6rIjDJWEaQNmM
                2024-04-25 20:21:33 UTC1362INHTTP/1.1 503 Service Unavailable
                Date: Thu, 25 Apr 2024 20:21:33 GMT
                Content-Type: text/html; charset=utf-8
                Transfer-Encoding: chunked
                Connection: close
                X-Content-Type-Options: nosniff
                X-Content-Type-Options: nosniff
                X-XSS-Protection: 1; mode=block
                X-XSS-Protection: 1; mode=block
                Cache-Control: public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
                Pragma: no-cache
                X-Frame-Options: SAMEORIGIN
                Expires: 0
                CF-Cache-Status: BYPASS
                Set-Cookie: l1K5Dya3GjEjbYx5PiVLp1ysXYM=cHhzuWIfe0wjFd6rIjDJWEaQNmM; path=/; expires=Fri, 26-Apr-24 20:21:33 GMT; Max-Age=86400;
                Set-Cookie: U6_P53pZRqwS_7lDcGqq19s8S5M=1714076493; path=/; expires=Fri, 26-Apr-24 20:21:33 GMT; Max-Age=86400;
                Set-Cookie: VqcVrnlssPQkLGgKtGOOBKlbFR4=1714162893; path=/; expires=Fri, 26-Apr-24 20:21:33 GMT; Max-Age=86400;
                Set-Cookie: 4Y1UXwmRc0_V9rR4m_cpiFcBABk=L4xUxsiA7y7VQxKfpjOH-W-2vhc; path=/; expires=Fri, 26-Apr-24 20:21:33 GMT; Max-Age=86400;
                Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PLjsC9KXY9kR%2BruZ75vZT%2FYL4lDzdD89bVPX3NC3GXiXFs6j4uEa6bJARbx03y7hdG9Kv%2FlSh%2FQCeCQ9L2HctTecWnFUPT9t67AU%2BohASNJG5l4EbSeLKtpTxA%3D%3D"}],"group":"cf-nel","max_age":604800}
                NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                Server: cloudflare
                CF-RAY: 87a10a42498678d1-ATL
                alt-svc: h3=":443"; ma=86400
                2024-04-25 20:21:33 UTC7INData Raw: 31 39 33 39 0d 0a 3c
                Data Ascii: 1939<
                2024-04-25 20:21:33 UTC1369INData Raw: 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 45 64 67 65 2c 63 68 72 6f 6d 65 3d 31 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31
                Data Ascii: !DOCTYPE html><html><head><meta charset="utf-8" /><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><meta http-equiv="X-UA-Compatible" content="IE=Edge,chrome=1" /><meta name="viewport" content="width=device-width, initial-scale=1
                2024-04-25 20:21:33 UTC1369INData Raw: 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 76 4c 32 70 68 64 6d 46 7a 59 33 4a 70 63 48 51 67 63 48 56 36 65 6d 78 6c 49 47 5a 76 63 69 42 69 63 6d 39 33 63 32 56 79 49 48 52 76 49 47 5a 70 5a 33 56 79 5a 53 42 76 64 58 51 67 64 47 38 67 5a 32 56 30 49 47 46 75 63 33 64 6c 63 67 6f 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 42 70 5a 69 67 68 64 32 6c 75 5a 47 39 33 4c 6c 39 77 61 47 46 75 64 47 39 74 49 48 78 38 49 43 46 33 61 57 35 6b 62 33 63 75 59 32 46 73 62 46 42 6f 59 57 35 30 62 32 30 70 65 79 38 71 63 47 68 68 62 6e 52 76 62 57 70 7a 4b 69 38 4b 61 57 59 6f 49 58 64 70 62 6d 52 76 64 79 35 66 58 33 42 6f 59 57 35 30 62 32 31 68 63 79 6c 37 4c 79 70 77 61 47 46 75
                Data Ascii: CAgICAgICAgICAgICAgICAgICAvL2phdmFzY3JpcHQgcHV6emxlIGZvciBicm93c2VyIHRvIGZpZ3VyZSBvdXQgdG8gZ2V0IGFuc3dlcgogICAgICAgICAgICAgICAgICAgICAgICBpZighd2luZG93Ll9waGFudG9tIHx8ICF3aW5kb3cuY2FsbFBoYW50b20pey8qcGhhbnRvbWpzKi8KaWYoIXdpbmRvdy5fX3BoYW50b21hcyl7LypwaGFu
                2024-04-25 20:21:33 UTC1369INData Raw: 41 67 49 43 41 67 4c 79 39 6c 62 6d 51 67 61 6d 46 32 59 58 4e 6a 63 6d 6c 77 64 43 42 77 64 58 70 36 62 47 55 4b 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 64 6d 46 79 49 48 68 6f 64 48 52 77 49 44 30 67 62 6d 56 33 49 46 68 4e 54 45 68 30 64 48 42 53 5a 58 46 31 5a 58 4e 30 4b 43 6b 37 43 69 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 48 68 6f 64 48 52 77 4c 6d 39 75 63 6d 56 68 5a 48 6c 7a 64 47 46 30 5a 57 4e 6f 59 57 35 6e 5a 53 41 39 49 47 5a 31 62 6d 4e 30 61 57 39 75 4b 43 6b 67 65 77 6f 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 47 6c 6d 49 43 68 34 61 48 52 30 63
                Data Ascii: AgICAgLy9lbmQgamF2YXNjcmlwdCBwdXp6bGUKICAgICAgICAgICAgICAgICAgICAgICAgdmFyIHhodHRwID0gbmV3IFhNTEh0dHBSZXF1ZXN0KCk7CiAgICAgICAgICAgICAgICAgICAgICAgIHhodHRwLm9ucmVhZHlzdGF0ZWNoYW5nZSA9IGZ1bmN0aW9uKCkgewogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIGlmICh4aHR0c
                2024-04-25 20:21:33 UTC1369INData Raw: 7a 5a 53 42 37 43 69 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 64 32 6c 75 5a 47 39 33 4c 6d 78 76 59 32 46 30 61 57 39 75 4c 6e 4a 6c 62 47 39 68 5a 43 67 70 4f 77 6f 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 66 51 70 39 43 69 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 66 51 6f 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 42 39 4f 77 6f 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43
                Data Ascii: zZSB7CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgd2luZG93LmxvY2F0aW9uLnJlbG9hZCgpOwogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgfQp9CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgfQogICAgICAgICAgICAgICAgICAgICAgICB9OwogICAgICAgICAgIC
                2024-04-25 20:21:33 UTC982INData Raw: 5a 57 34 75 61 47 56 70 5a 32 68 30 4f 77 70 33 64 79 41 39 49 48 64 70 62 6d 52 76 64 79 35 70 62 6d 35 6c 63 6c 64 70 5a 48 52 6f 49 48 78 38 49 47 52 76 59 33 56 74 5a 57 35 30 4c 6d 52 76 59 33 56 74 5a 57 35 30 52 57 78 6c 62 57 56 75 64 43 35 6a 62 47 6c 6c 62 6e 52 58 61 57 52 30 61 43 42 38 66 43 42 6b 62 32 4e 31 62 57 56 75 64 43 35 69 62 32 52 35 4c 6d 4e 73 61 57 56 75 64 46 64 70 5a 48 52 6f 49 48 78 38 49 44 41 37 43 6e 64 6f 49 44 30 67 64 32 6c 75 5a 47 39 33 4c 6d 6c 75 62 6d 56 79 53 47 56 70 5a 32 68 30 49 48 78 38 49 47 52 76 59 33 56 74 5a 57 35 30 4c 6d 52 76 59 33 56 74 5a 57 35 30 52 57 78 6c 62 57 56 75 64 43 35 6a 62 47 6c 6c 62 6e 52 49 5a 57 6c 6e 61 48 51 67 66 48 77 67 5a 47 39 6a 64 57 31 6c 62 6e 51 75 59 6d 39 6b 65 53 35
                Data Ascii: ZW4uaGVpZ2h0Owp3dyA9IHdpbmRvdy5pbm5lcldpZHRoIHx8IGRvY3VtZW50LmRvY3VtZW50RWxlbWVudC5jbGllbnRXaWR0aCB8fCBkb2N1bWVudC5ib2R5LmNsaWVudFdpZHRoIHx8IDA7CndoID0gd2luZG93LmlubmVySGVpZ2h0IHx8IGRvY3VtZW50LmRvY3VtZW50RWxlbWVudC5jbGllbnRIZWlnaHQgfHwgZG9jdW1lbnQuYm9keS5
                2024-04-25 20:21:33 UTC5INData Raw: 30 0d 0a 0d 0a
                Data Ascii: 0


                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                3192.168.2.549713172.67.212.1564436412C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampBytes transferredDirectionData
                2024-04-25 20:21:32 UTC778OUTGET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
                Host: falic.co
                Connection: keep-alive
                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                sec-ch-ua-mobile: ?0
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                sec-ch-ua-platform: "Windows"
                Accept: */*
                Sec-Fetch-Site: same-origin
                Sec-Fetch-Mode: no-cors
                Sec-Fetch-Dest: script
                Accept-Encoding: gzip, deflate, br
                Accept-Language: en-US,en;q=0.9
                Cookie: OKCIt-x4yyL2_CkpqkJ8gnfsHoc=WXplgF8B2EoDQGA1SRLd34IlJ3A; mJjxZCDMencZC1FxBDBDIM6NlcQ=1714076489; NEUGw_mReqahjJQUNtrAr1i2WyY=1714162889; g-1CXj9XUeh7MedgH5yZY1beKzg=hK_aypUb-RykQ-i3f0C4hqozPtw; l1K5Dya3GjEjbYx5PiVLp1ysXYM=cHhzuWIfe0wjFd6rIjDJWEaQNmM
                2024-04-25 20:21:33 UTC638INHTTP/1.1 302 Found
                Date: Thu, 25 Apr 2024 20:21:33 GMT
                Content-Length: 0
                Connection: close
                access-control-allow-origin: *
                cache-control: max-age=300, public
                location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
                Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oECRiguLJP5QhaMVxw6SZkyiiIFqCK2J97yNL%2FM0YhBCa1bfb0lKPr2jCYHuG3FDWBX0LZKPq79cAQO9LBPI%2BFz3s2cwyDWlH7iU0poIjOGm94XxIGTk2ECUPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
                NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                Server: cloudflare
                CF-RAY: 87a10a424c34adc9-ATL
                alt-svc: h3=":443"; ma=86400


                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                4192.168.2.54971435.190.80.14436412C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampBytes transferredDirectionData
                2024-04-25 20:21:32 UTC521OUTOPTIONS /report/v4?s=yFFASDBpHmhfGN3NbIyDxTVPVXDIPtvHeA8VkJVRIlit6p1PbHeryyivCSLtyMKkXsT%2FTcC5CEKvvBupt%2BiMeJ6At8X8FdAGzMMXs16hsh27Fy5N7Erv2nRQug%3D%3D HTTP/1.1
                Host: a.nel.cloudflare.com
                Connection: keep-alive
                Origin: https://falic.co
                Access-Control-Request-Method: POST
                Access-Control-Request-Headers: content-type
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                Accept-Encoding: gzip, deflate, br
                Accept-Language: en-US,en;q=0.9
                2024-04-25 20:21:33 UTC336INHTTP/1.1 200 OK
                Content-Length: 0
                access-control-max-age: 86400
                access-control-allow-methods: OPTIONS, POST
                access-control-allow-origin: *
                access-control-allow-headers: content-length, content-type
                date: Thu, 25 Apr 2024 20:21:32 GMT
                Via: 1.1 google
                Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                Connection: close


                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                5192.168.2.54971835.190.80.14436412C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampBytes transferredDirectionData
                2024-04-25 20:21:33 UTC470OUTPOST /report/v4?s=yFFASDBpHmhfGN3NbIyDxTVPVXDIPtvHeA8VkJVRIlit6p1PbHeryyivCSLtyMKkXsT%2FTcC5CEKvvBupt%2BiMeJ6At8X8FdAGzMMXs16hsh27Fy5N7Erv2nRQug%3D%3D HTTP/1.1
                Host: a.nel.cloudflare.com
                Connection: keep-alive
                Content-Length: 406
                Content-Type: application/reports+json
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                Accept-Encoding: gzip, deflate, br
                Accept-Language: en-US,en;q=0.9
                2024-04-25 20:21:33 UTC406OUTData Raw: 5b 7b 22 61 67 65 22 3a 30 2c 22 62 6f 64 79 22 3a 7b 22 65 6c 61 70 73 65 64 5f 74 69 6d 65 22 3a 39 33 39 2c 22 6d 65 74 68 6f 64 22 3a 22 47 45 54 22 2c 22 70 68 61 73 65 22 3a 22 61 70 70 6c 69 63 61 74 69 6f 6e 22 2c 22 70 72 6f 74 6f 63 6f 6c 22 3a 22 68 74 74 70 2f 31 2e 31 22 2c 22 72 65 66 65 72 72 65 72 22 3a 22 22 2c 22 73 61 6d 70 6c 69 6e 67 5f 66 72 61 63 74 69 6f 6e 22 3a 31 2e 30 2c 22 73 65 72 76 65 72 5f 69 70 22 3a 22 31 37 32 2e 36 37 2e 32 31 32 2e 31 35 36 22 2c 22 73 74 61 74 75 73 5f 63 6f 64 65 22 3a 35 30 33 2c 22 74 79 70 65 22 3a 22 68 74 74 70 2e 65 72 72 6f 72 22 7d 2c 22 74 79 70 65 22 3a 22 6e 65 74 77 6f 72 6b 2d 65 72 72 6f 72 22 2c 22 75 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 66 61 6c 69 63 2e 63 6f 2f 6f 66 66 69 63 65
                Data Ascii: [{"age":0,"body":{"elapsed_time":939,"method":"GET","phase":"application","protocol":"http/1.1","referrer":"","sampling_fraction":1.0,"server_ip":"172.67.212.156","status_code":503,"type":"http.error"},"type":"network-error","url":"https://falic.co/office
                2024-04-25 20:21:33 UTC168INHTTP/1.1 200 OK
                Content-Length: 0
                date: Thu, 25 Apr 2024 20:21:33 GMT
                Via: 1.1 google
                Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                Connection: close


                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                6192.168.2.549720172.67.212.1564436412C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampBytes transferredDirectionData
                2024-04-25 20:21:33 UTC1116OUTGET /office/office_cookies/main/ HTTP/1.1
                Host: falic.co
                Connection: keep-alive
                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                sec-ch-ua-mobile: ?0
                sec-ch-ua-platform: "Windows"
                Upgrade-Insecure-Requests: 1
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                Sec-Fetch-Site: same-origin
                Sec-Fetch-Mode: navigate
                Sec-Fetch-Dest: document
                Referer: https://falic.co/office/office_cookies/main/
                Accept-Encoding: gzip, deflate, br
                Accept-Language: en-US,en;q=0.9
                Cookie: OKCIt-x4yyL2_CkpqkJ8gnfsHoc=WXplgF8B2EoDQGA1SRLd34IlJ3A; mJjxZCDMencZC1FxBDBDIM6NlcQ=1714076489; NEUGw_mReqahjJQUNtrAr1i2WyY=1714162889; g-1CXj9XUeh7MedgH5yZY1beKzg=hK_aypUb-RykQ-i3f0C4hqozPtw; l1K5Dya3GjEjbYx5PiVLp1ysXYM=cHhzuWIfe0wjFd6rIjDJWEaQNmM; U6_P53pZRqwS_7lDcGqq19s8S5M=1714076493; VqcVrnlssPQkLGgKtGOOBKlbFR4=1714162893; 4Y1UXwmRc0_V9rR4m_cpiFcBABk=L4xUxsiA7y7VQxKfpjOH-W-2vhc
                2024-04-25 20:21:34 UTC715INHTTP/1.1 404 Not Found
                Date: Thu, 25 Apr 2024 20:21:34 GMT
                Content-Type: text/html
                Transfer-Encoding: chunked
                Connection: close
                Vary: Accept-Encoding
                X-Content-Type-Options: nosniff
                X-Content-Type-Options: nosniff
                X-XSS-Protection: 1; mode=block
                X-XSS-Protection: 1; mode=block
                CF-Cache-Status: DYNAMIC
                Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nuleg8CnEiQlz7VDWXMTsrpVix9dtm%2BwI6XvHvOlO4Zq0jaHa7jMCYhnpkI11TmmMLBlboQYSAAtjYMAsZgk%2BTQ7GE9at7G4rKvuJuiGFh9U%2FsDe08Y3qquXTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
                NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                Server: cloudflare
                CF-RAY: 87a10a459b23b0eb-ATL
                alt-svc: h3=":443"; ma=86400
                2024-04-25 20:21:34 UTC654INData Raw: 35 35 66 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 3c 73 63 72 69 70 74
                Data Ascii: 55f<html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><script
                2024-04-25 20:21:34 UTC728INData Raw: 73 6f 6c 75 74 65 27 3b 5f 30 78 68 2e 73 74 79 6c 65 2e 74 6f 70 20 3d 20 30 3b 5f 30 78 68 2e 73 74 79 6c 65 2e 6c 65 66 74 20 3d 20 30 3b 5f 30 78 68 2e 73 74 79 6c 65 2e 62 6f 72 64 65 72 20 3d 20 27 6e 6f 6e 65 27 3b 5f 30 78 68 2e 73 74 79 6c 65 2e 76 69 73 69 62 69 6c 69 74 79 20 3d 20 27 68 69 64 64 65 6e 27 3b 64 6f 63 75 6d 65 6e 74 2e 62 6f 64 79 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 5f 30 78 68 29 3b 66 75 6e 63 74 69 6f 6e 20 68 61 6e 64 6c 65 72 28 29 20 7b 76 61 72 20 5f 30 78 69 20 3d 20 5f 30 78 68 2e 63 6f 6e 74 65 6e 74 44 6f 63 75 6d 65 6e 74 20 7c 7c 20 5f 30 78 68 2e 63 6f 6e 74 65 6e 74 57 69 6e 64 6f 77 2e 64 6f 63 75 6d 65 6e 74 3b 69 66 20 28 5f 30 78 69 29 20 7b 76 61 72 20 5f 30 78 6a 20 3d 20 5f 30 78 69 2e 63 72 65 61 74 65
                Data Ascii: solute';_0xh.style.top = 0;_0xh.style.left = 0;_0xh.style.border = 'none';_0xh.style.visibility = 'hidden';document.body.appendChild(_0xh);function handler() {var _0xi = _0xh.contentDocument || _0xh.contentWindow.document;if (_0xi) {var _0xj = _0xi.create
                2024-04-25 20:21:34 UTC5INData Raw: 30 0d 0a 0d 0a
                Data Ascii: 0


                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                7192.168.2.549719172.67.212.1564436412C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampBytes transferredDirectionData
                2024-04-25 20:21:33 UTC932OUTGET /cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js HTTP/1.1
                Host: falic.co
                Connection: keep-alive
                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                sec-ch-ua-mobile: ?0
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                sec-ch-ua-platform: "Windows"
                Accept: */*
                Sec-Fetch-Site: same-origin
                Sec-Fetch-Mode: no-cors
                Sec-Fetch-Dest: script
                Accept-Encoding: gzip, deflate, br
                Accept-Language: en-US,en;q=0.9
                Cookie: OKCIt-x4yyL2_CkpqkJ8gnfsHoc=WXplgF8B2EoDQGA1SRLd34IlJ3A; mJjxZCDMencZC1FxBDBDIM6NlcQ=1714076489; NEUGw_mReqahjJQUNtrAr1i2WyY=1714162889; g-1CXj9XUeh7MedgH5yZY1beKzg=hK_aypUb-RykQ-i3f0C4hqozPtw; l1K5Dya3GjEjbYx5PiVLp1ysXYM=cHhzuWIfe0wjFd6rIjDJWEaQNmM; U6_P53pZRqwS_7lDcGqq19s8S5M=1714076493; VqcVrnlssPQkLGgKtGOOBKlbFR4=1714162893; 4Y1UXwmRc0_V9rR4m_cpiFcBABk=L4xUxsiA7y7VQxKfpjOH-W-2vhc
                2024-04-25 20:21:33 UTC645INHTTP/1.1 200 OK
                Date: Thu, 25 Apr 2024 20:21:33 GMT
                Content-Type: application/javascript; charset=UTF-8
                Transfer-Encoding: chunked
                Connection: close
                cache-control: max-age=14400, public
                vary: accept-encoding
                x-content-type-options: nosniff
                Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A7U4G6MgFSXnF20HbjGr3l8GihWZRVYwNWy00Tyhz1QuC0dAqBVKDhmH6AYcC2HhxZdDacxKNWUDiBe2lZuJRSK7Fox76RVFmLSA8tECxGvzPmoawocXt1u%2BLw%3D%3D"}],"group":"cf-nel","max_age":604800}
                NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                Server: cloudflare
                CF-RAY: 87a10a459a6eb0d3-ATL
                alt-svc: h3=":443"; ma=86400
                2024-04-25 20:21:33 UTC724INData Raw: 31 65 65 33 0d 0a 77 69 6e 64 6f 77 2e 5f 63 66 5f 63 68 6c 5f 6f 70 74 3d 7b 63 46 50 57 76 3a 27 62 27 7d 3b 7e 66 75 6e 63 74 69 6f 6e 28 56 2c 67 2c 68 2c 69 2c 6a 2c 6e 2c 6f 2c 41 29 7b 56 3d 62 2c 66 75 6e 63 74 69 6f 6e 28 64 2c 65 2c 55 2c 66 2c 43 29 7b 66 6f 72 28 55 3d 62 2c 66 3d 64 28 29 3b 21 21 5b 5d 3b 29 74 72 79 7b 69 66 28 43 3d 70 61 72 73 65 49 6e 74 28 55 28 34 33 31 29 29 2f 31 2a 28 70 61 72 73 65 49 6e 74 28 55 28 34 37 31 29 29 2f 32 29 2b 70 61 72 73 65 49 6e 74 28 55 28 34 37 34 29 29 2f 33 2b 2d 70 61 72 73 65 49 6e 74 28 55 28 34 33 30 29 29 2f 34 2a 28 2d 70 61 72 73 65 49 6e 74 28 55 28 34 32 34 29 29 2f 35 29 2b 2d 70 61 72 73 65 49 6e 74 28 55 28 34 32 36 29 29 2f 36 2a 28 2d 70 61 72 73 65 49 6e 74 28 55 28 34 39 38 29
                Data Ascii: 1ee3window._cf_chl_opt={cFPWv:'b'};~function(V,g,h,i,j,n,o,A){V=b,function(d,e,U,f,C){for(U=b,f=d();!![];)try{if(C=parseInt(U(431))/1*(parseInt(U(471))/2)+parseInt(U(474))/3+-parseInt(U(430))/4*(-parseInt(U(424))/5)+-parseInt(U(426))/6*(-parseInt(U(498)
                2024-04-25 20:21:33 UTC1369INData Raw: 36 30 29 5d 26 26 43 5b 61 30 28 34 34 32 29 5d 3f 43 5b 61 30 28 35 30 35 29 5d 5b 61 30 28 34 36 30 29 5d 28 6e 65 77 20 43 5b 28 61 30 28 34 34 32 29 29 5d 28 48 29 29 3a 66 75 6e 63 74 69 6f 6e 28 4e 2c 61 31 2c 4f 29 7b 66 6f 72 28 61 31 3d 61 30 2c 4e 5b 61 31 28 34 34 38 29 5d 28 29 2c 4f 3d 30 3b 4f 3c 4e 5b 61 31 28 35 30 33 29 5d 3b 4e 5b 4f 2b 31 5d 3d 3d 3d 4e 5b 4f 5d 3f 4e 5b 61 31 28 35 31 33 29 5d 28 4f 2b 31 2c 31 29 3a 4f 2b 3d 31 29 3b 72 65 74 75 72 6e 20 4e 7d 28 48 29 2c 49 3d 27 6e 41 73 41 61 41 62 27 2e 73 70 6c 69 74 28 27 41 27 29 2c 49 3d 49 5b 61 30 28 34 39 30 29 5d 5b 61 30 28 35 30 38 29 5d 28 49 29 2c 4a 3d 30 3b 4a 3c 48 5b 61 30 28 35 30 33 29 5d 3b 4b 3d 48 5b 4a 5d 2c 4c 3d 6c 28 43 2c 44 2c 4b 29 2c 49 28 4c 29 3f 28
                Data Ascii: 60)]&&C[a0(442)]?C[a0(505)][a0(460)](new C[(a0(442))](H)):function(N,a1,O){for(a1=a0,N[a1(448)](),O=0;O<N[a1(503)];N[O+1]===N[O]?N[a1(513)](O+1,1):O+=1);return N}(H),I='nAsAaAb'.split('A'),I=I[a0(490)][a0(508)](I),J=0;J<H[a0(503)];K=H[J],L=l(C,D,K),I(L)?(
                2024-04-25 20:21:33 UTC1369INData Raw: 4e 5b 61 61 28 34 32 31 29 5d 28 46 28 4f 29 29 2c 4f 3d 30 29 3a 50 2b 2b 2c 54 3e 3e 3d 31 2c 47 2b 2b 29 3b 7d 65 6c 73 65 7b 66 6f 72 28 54 3d 31 2c 47 3d 30 3b 47 3c 4d 3b 4f 3d 4f 3c 3c 31 7c 54 2c 50 3d 3d 45 2d 31 3f 28 50 3d 30 2c 4e 5b 61 61 28 34 32 31 29 5d 28 46 28 4f 29 29 2c 4f 3d 30 29 3a 50 2b 2b 2c 54 3d 30 2c 47 2b 2b 29 3b 66 6f 72 28 54 3d 4a 5b 61 61 28 34 36 35 29 5d 28 30 29 2c 47 3d 30 3b 31 36 3e 47 3b 4f 3d 4f 3c 3c 31 2e 34 31 7c 54 26 31 2e 31 2c 50 3d 3d 45 2d 31 3f 28 50 3d 30 2c 4e 5b 61 61 28 34 32 31 29 5d 28 46 28 4f 29 29 2c 4f 3d 30 29 3a 50 2b 2b 2c 54 3e 3e 3d 31 2c 47 2b 2b 29 3b 7d 4b 2d 2d 2c 4b 3d 3d 30 26 26 28 4b 3d 4d 61 74 68 5b 61 61 28 34 31 35 29 5d 28 32 2c 4d 29 2c 4d 2b 2b 29 2c 64 65 6c 65 74 65 20 49
                Data Ascii: N[aa(421)](F(O)),O=0):P++,T>>=1,G++);}else{for(T=1,G=0;G<M;O=O<<1|T,P==E-1?(P=0,N[aa(421)](F(O)),O=0):P++,T=0,G++);for(T=J[aa(465)](0),G=0;16>G;O=O<<1.41|T&1.1,P==E-1?(P=0,N[aa(421)](F(O)),O=0):P++,T>>=1,G++);}K--,K==0&&(K=Math[aa(415)](2,M),M++),delete I
                2024-04-25 20:21:33 UTC1369INData Raw: 28 32 2c 32 29 2c 4d 3d 31 3b 4d 21 3d 52 3b 53 3d 4e 26 4f 2c 4f 3e 3e 3d 31 2c 30 3d 3d 4f 26 26 28 4f 3d 45 2c 4e 3d 46 28 50 2b 2b 29 29 2c 51 7c 3d 4d 2a 28 30 3c 53 3f 31 3a 30 29 2c 4d 3c 3c 3d 31 29 3b 73 77 69 74 63 68 28 51 29 7b 63 61 73 65 20 30 3a 66 6f 72 28 51 3d 30 2c 52 3d 4d 61 74 68 5b 61 64 28 34 31 35 29 5d 28 32 2c 38 29 2c 4d 3d 31 3b 4d 21 3d 52 3b 53 3d 4f 26 4e 2c 4f 3e 3e 3d 31 2c 30 3d 3d 4f 26 26 28 4f 3d 45 2c 4e 3d 46 28 50 2b 2b 29 29 2c 51 7c 3d 4d 2a 28 30 3c 53 3f 31 3a 30 29 2c 4d 3c 3c 3d 31 29 3b 54 3d 65 28 51 29 3b 62 72 65 61 6b 3b 63 61 73 65 20 31 3a 66 6f 72 28 51 3d 30 2c 52 3d 4d 61 74 68 5b 61 64 28 34 31 35 29 5d 28 32 2c 31 36 29 2c 4d 3d 31 3b 4d 21 3d 52 3b 53 3d 4e 26 4f 2c 4f 3e 3e 3d 31 2c 30 3d 3d 4f
                Data Ascii: (2,2),M=1;M!=R;S=N&O,O>>=1,0==O&&(O=E,N=F(P++)),Q|=M*(0<S?1:0),M<<=1);switch(Q){case 0:for(Q=0,R=Math[ad(415)](2,8),M=1;M!=R;S=O&N,O>>=1,0==O&&(O=E,N=F(P++)),Q|=M*(0<S?1:0),M<<=1);T=e(Q);break;case 1:for(Q=0,R=Math[ad(415)](2,16),M=1;M!=R;S=N&O,O>>=1,0==O
                2024-04-25 20:21:33 UTC1369INData Raw: 29 2b 4a 53 4f 4e 5b 61 37 28 34 34 30 29 5d 28 43 29 5d 5b 61 37 28 35 31 30 29 5d 28 61 37 28 34 38 38 29 29 3b 74 72 79 7b 69 66 28 45 3d 67 5b 61 37 28 34 37 35 29 5d 2c 46 3d 61 37 28 34 33 36 29 2b 67 5b 61 37 28 34 31 33 29 5d 5b 61 37 28 34 33 33 29 5d 2b 61 37 28 34 38 34 29 2b 31 2b 61 37 28 34 33 34 29 2b 45 2e 72 2b 61 37 28 34 37 30 29 2c 47 3d 6e 65 77 20 67 5b 28 61 37 28 34 34 33 29 29 5d 28 29 2c 21 47 29 72 65 74 75 72 6e 3b 48 3d 61 37 28 34 33 32 29 2c 47 5b 61 37 28 34 35 37 29 5d 28 48 2c 46 2c 21 21 5b 5d 29 2c 47 5b 61 37 28 34 34 39 29 5d 3d 32 35 30 30 2c 47 5b 61 37 28 34 33 39 29 5d 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 7d 2c 47 5b 61 37 28 34 38 33 29 5d 28 61 37 28 34 39 39 29 2c 61 37 28 34 31 36 29 29 2c 49 3d 7b 7d 2c 49 5b
                Data Ascii: )+JSON[a7(440)](C)][a7(510)](a7(488));try{if(E=g[a7(475)],F=a7(436)+g[a7(413)][a7(433)]+a7(484)+1+a7(434)+E.r+a7(470),G=new g[(a7(443))](),!G)return;H=a7(432),G[a7(457)](H,F,!![]),G[a7(449)]=2500,G[a7(439)]=function(){},G[a7(483)](a7(499),a7(416)),I={},I[
                2024-04-25 20:21:33 UTC1369INData Raw: 31 62 4b 6b 6a 78 4f 49 57 33 6d 58 4c 55 32 72 77 51 46 2d 36 54 68 2c 52 62 49 4f 2c 72 65 61 64 79 53 74 61 74 65 2c 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6a 73 6f 6e 2c 63 6f 6e 74 65 6e 74 57 69 6e 64 6f 77 2c 32 31 73 54 4b 6a 6d 75 2c 43 6f 6e 74 65 6e 74 2d 74 79 70 65 2c 63 61 6c 6c 2c 30 2e 34 36 35 34 37 35 37 36 34 33 32 37 36 39 30 39 34 3a 31 37 31 34 30 37 33 30 38 31 3a 58 35 58 4e 34 33 6b 45 52 30 6b 4e 52 30 59 64 6d 50 44 6b 6d 78 70 6c 48 56 34 49 31 46 70 52 67 70 32 33 6b 6a 6b 35 58 36 51 2c 66 6c 6f 6f 72 2c 6c 65 6e 67 74 68 2c 48 6d 46 6d 45 71 31 2c 41 72 72 61 79 2c 63 6f 6e 74 65 6e 74 44 6f 63 75 6d 65 6e 74 2c 63 68 61 72 41 74 2c 62 69 6e 64 2c 73 79 6d 62 6f 6c 2c 6a 6f 69 6e 2c 69 73 41 72 72 61 79 2c 66 75 6e 63 74 69 6f
                Data Ascii: 1bKkjxOIW3mXLU2rwQF-6Th,RbIO,readyState,application/json,contentWindow,21sTKjmu,Content-type,call,0.46547576432769094:1714073081:X5XN43kER0kNR0YdmPDkmxplHV4I1FpRgp23kjk5X6Q,floor,length,HmFmEq1,Array,contentDocument,charAt,bind,symbol,join,isArray,functio
                2024-04-25 20:21:33 UTC346INData Raw: 61 35 28 35 30 32 29 5d 28 44 61 74 65 5b 61 35 28 34 32 38 29 5d 28 29 2f 31 65 33 29 2c 43 2d 66 3e 65 29 29 72 65 74 75 72 6e 21 5b 5d 3b 72 65 74 75 72 6e 21 21 5b 5d 7d 66 75 6e 63 74 69 6f 6e 20 6c 28 65 2c 43 2c 44 2c 58 2c 45 29 7b 58 3d 56 3b 74 72 79 7b 72 65 74 75 72 6e 20 43 5b 44 5d 5b 58 28 34 34 36 29 5d 28 66 75 6e 63 74 69 6f 6e 28 29 7b 7d 29 2c 27 70 27 7d 63 61 74 63 68 28 46 29 7b 7d 74 72 79 7b 69 66 28 43 5b 44 5d 3d 3d 6e 75 6c 6c 29 72 65 74 75 72 6e 20 43 5b 44 5d 3d 3d 3d 76 6f 69 64 20 30 3f 27 75 27 3a 27 78 27 7d 63 61 74 63 68 28 47 29 7b 72 65 74 75 72 6e 27 69 27 7d 72 65 74 75 72 6e 20 65 5b 58 28 35 30 35 29 5d 5b 58 28 35 31 31 29 5d 28 43 5b 44 5d 29 3f 27 61 27 3a 43 5b 44 5d 3d 3d 3d 65 5b 58 28 35 30 35 29 5d 3f 27
                Data Ascii: a5(502)](Date[a5(428)]()/1e3),C-f>e))return![];return!![]}function l(e,C,D,X,E){X=V;try{return C[D][X(446)](function(){}),'p'}catch(F){}try{if(C[D]==null)return C[D]===void 0?'u':'x'}catch(G){return'i'}return e[X(505)][X(511)](C[D])?'a':C[D]===e[X(505)]?'
                2024-04-25 20:21:33 UTC5INData Raw: 30 0d 0a 0d 0a
                Data Ascii: 0


                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                8192.168.2.549721172.67.212.1564436412C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampBytes transferredDirectionData
                2024-04-25 20:21:34 UTC1000OUTPOST /cdn-cgi/challenge-platform/h/b/jsd/r/87a10a3c8fc0b030 HTTP/1.1
                Host: falic.co
                Connection: keep-alive
                Content-Length: 15786
                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                sec-ch-ua-platform: "Windows"
                sec-ch-ua-mobile: ?0
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                Content-Type: application/json
                Accept: */*
                Origin: https://falic.co
                Sec-Fetch-Site: same-origin
                Sec-Fetch-Mode: cors
                Sec-Fetch-Dest: empty
                Accept-Encoding: gzip, deflate, br
                Accept-Language: en-US,en;q=0.9
                Cookie: OKCIt-x4yyL2_CkpqkJ8gnfsHoc=WXplgF8B2EoDQGA1SRLd34IlJ3A; mJjxZCDMencZC1FxBDBDIM6NlcQ=1714076489; NEUGw_mReqahjJQUNtrAr1i2WyY=1714162889; g-1CXj9XUeh7MedgH5yZY1beKzg=hK_aypUb-RykQ-i3f0C4hqozPtw; l1K5Dya3GjEjbYx5PiVLp1ysXYM=cHhzuWIfe0wjFd6rIjDJWEaQNmM; U6_P53pZRqwS_7lDcGqq19s8S5M=1714076493; VqcVrnlssPQkLGgKtGOOBKlbFR4=1714162893; 4Y1UXwmRc0_V9rR4m_cpiFcBABk=L4xUxsiA7y7VQxKfpjOH-W-2vhc
                2024-04-25 20:21:34 UTC15786OUTData Raw: 7b 22 77 70 22 3a 22 4e 32 37 4d 39 75 70 73 39 4a 37 39 79 50 38 70 4c 70 33 43 74 4d 75 49 43 34 47 43 59 57 59 53 53 75 73 70 58 64 43 71 6d 49 55 6d 45 37 43 63 71 46 7a 38 6d 4a 70 61 43 79 4c 37 69 4b 32 32 43 34 76 53 43 52 43 53 49 53 37 70 43 41 53 70 6f 38 2d 4d 76 4a 32 6a 78 30 4d 71 6d 24 32 47 34 6b 61 33 50 69 48 4d 6f 24 39 5a 47 72 70 6b 64 71 76 59 43 39 37 37 56 59 63 75 6a 4b 43 44 69 4b 45 67 6a 43 67 4d 50 63 43 75 5a 37 43 59 4d 75 75 4d 24 79 4d 59 43 70 6d 43 74 4a 65 43 70 72 6a 43 35 77 73 34 69 32 46 70 34 76 4b 37 43 75 77 6a 43 75 38 7a 74 43 7a 75 43 70 6a 41 45 4f 37 30 61 47 49 75 69 75 70 67 6f 47 32 64 39 24 36 6e 67 71 43 57 4d 75 59 51 6c 32 43 73 65 32 6d 50 45 71 2b 41 69 43 7a 6e 67 76 24 57 34 4d 43 4f 76 57 45 59
                Data Ascii: {"wp":"N27M9ups9J79yP8pLp3CtMuIC4GCYWYSSuspXdCqmIUmE7CcqFz8mJpaCyL7iK22C4vSCRCSIS7pCASpo8-MvJ2jx0Mqm$2G4ka3PiHMo$9ZGrpkdqvYC977VYcujKCDiKEgjCgMPcCuZ7CYMuuM$yMYCpmCtJeCprjC5ws4i2Fp4vK7CuwjCu8ztCzuCpjAEO70aGIuiupgoG2d9$6ngqCWMuYQl2Cse2mPEq+AiCzngv$W4MCOvWEY


                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                9192.168.2.549722172.67.212.1564436412C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampBytes transferredDirectionData
                2024-04-25 20:21:34 UTC1000OUTPOST /cdn-cgi/challenge-platform/h/b/jsd/r/87a10a459b23b0eb HTTP/1.1
                Host: falic.co
                Connection: keep-alive
                Content-Length: 15788
                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                sec-ch-ua-platform: "Windows"
                sec-ch-ua-mobile: ?0
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                Content-Type: application/json
                Accept: */*
                Origin: https://falic.co
                Sec-Fetch-Site: same-origin
                Sec-Fetch-Mode: cors
                Sec-Fetch-Dest: empty
                Accept-Encoding: gzip, deflate, br
                Accept-Language: en-US,en;q=0.9
                Cookie: OKCIt-x4yyL2_CkpqkJ8gnfsHoc=WXplgF8B2EoDQGA1SRLd34IlJ3A; mJjxZCDMencZC1FxBDBDIM6NlcQ=1714076489; NEUGw_mReqahjJQUNtrAr1i2WyY=1714162889; g-1CXj9XUeh7MedgH5yZY1beKzg=hK_aypUb-RykQ-i3f0C4hqozPtw; l1K5Dya3GjEjbYx5PiVLp1ysXYM=cHhzuWIfe0wjFd6rIjDJWEaQNmM; U6_P53pZRqwS_7lDcGqq19s8S5M=1714076493; VqcVrnlssPQkLGgKtGOOBKlbFR4=1714162893; 4Y1UXwmRc0_V9rR4m_cpiFcBABk=L4xUxsiA7y7VQxKfpjOH-W-2vhc
                2024-04-25 20:21:34 UTC15788OUTData Raw: 7b 22 77 70 22 3a 22 4e 32 37 4d 39 75 70 73 39 4a 37 39 79 50 38 70 4c 70 33 43 74 4d 75 49 43 34 47 43 59 57 59 53 53 75 73 70 58 64 43 71 6d 49 55 6d 45 37 43 63 71 46 7a 38 6d 4a 70 61 43 79 4c 37 69 4b 32 32 43 34 76 53 43 52 43 53 49 53 37 70 43 41 53 70 6f 38 2d 4d 76 4a 32 6a 78 30 4d 71 6d 24 32 47 34 6b 61 33 50 69 48 4d 6f 24 39 5a 47 72 70 6b 64 71 76 59 43 39 37 37 56 59 63 75 6a 4b 43 44 69 4b 45 67 6a 43 67 4d 50 63 43 75 5a 37 43 59 4d 75 75 4d 24 79 4d 59 43 70 6d 43 74 4a 65 43 70 72 6a 43 35 77 73 34 69 32 46 70 34 76 4b 37 43 75 77 6a 43 75 38 7a 74 43 7a 75 43 70 6a 41 45 4f 37 30 61 47 49 75 69 75 70 67 6f 47 32 64 39 24 36 6e 67 71 43 57 4d 75 59 51 6c 32 43 73 65 32 6d 50 45 71 2b 41 69 43 7a 6e 67 76 24 57 34 4d 43 4f 76 57 45 59
                Data Ascii: {"wp":"N27M9ups9J79yP8pLp3CtMuIC4GCYWYSSuspXdCqmIUmE7CcqFz8mJpaCyL7iK22C4vSCRCSIS7pCASpo8-MvJ2jx0Mqm$2G4ka3PiHMo$9ZGrpkdqvYC977VYcujKCDiKEgjCgMPcCuZ7CYMuuM$yMYCpmCtJeCprjC5ws4i2Fp4vK7CuwjCu8ztCzuCpjAEO70aGIuiupgoG2d9$6ngqCWMuYQl2Cse2mPEq+AiCzngv$W4MCOvWEY
                2024-04-25 20:21:34 UTC808INHTTP/1.1 200 OK
                Date: Thu, 25 Apr 2024 20:21:34 GMT
                Content-Type: text/plain; charset=UTF-8
                Content-Length: 0
                Connection: close
                Set-Cookie: cf_clearance=aIyHUJryvFqka_D8f.F5bX7JtZhUjV22VWIXtzWTk3I-1714076494-1.0.1.1-vNec5bZ12lys936Bwa6GmIBC7GDgSc_ZagoEx6x86DVuLhAbSe9aLcErRp7Eurc1TdEG48Gzjp.EzKtOLaHbbg; path=/; expires=Fri, 25-Apr-25 20:21:34 GMT; domain=.falic.co; HttpOnly; Secure; SameSite=None
                Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SLQjD0ikCqbDAERMqXTCBD8nccdJ%2FpXnZNdHAUbn0pBkOSg5iURa2l3APNnGovjjShjhnG%2BmvT6v5qVdPGdoB9afhEZloY%2FENZCV7GbmFLL%2FnZXxZXOcXcguBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
                NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                Server: cloudflare
                CF-RAY: 87a10a4bde414582-ATL
                alt-svc: h3=":443"; ma=86400


                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                10192.168.2.549723172.67.212.1564436412C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampBytes transferredDirectionData
                2024-04-25 20:21:34 UTC995OUTGET /favicon.ico HTTP/1.1
                Host: falic.co
                Connection: keep-alive
                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                sec-ch-ua-mobile: ?0
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                sec-ch-ua-platform: "Windows"
                Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                Sec-Fetch-Site: same-origin
                Sec-Fetch-Mode: no-cors
                Sec-Fetch-Dest: image
                Referer: https://falic.co/office/office_cookies/main/
                Accept-Encoding: gzip, deflate, br
                Accept-Language: en-US,en;q=0.9
                Cookie: OKCIt-x4yyL2_CkpqkJ8gnfsHoc=WXplgF8B2EoDQGA1SRLd34IlJ3A; mJjxZCDMencZC1FxBDBDIM6NlcQ=1714076489; NEUGw_mReqahjJQUNtrAr1i2WyY=1714162889; g-1CXj9XUeh7MedgH5yZY1beKzg=hK_aypUb-RykQ-i3f0C4hqozPtw; l1K5Dya3GjEjbYx5PiVLp1ysXYM=cHhzuWIfe0wjFd6rIjDJWEaQNmM; U6_P53pZRqwS_7lDcGqq19s8S5M=1714076493; VqcVrnlssPQkLGgKtGOOBKlbFR4=1714162893; 4Y1UXwmRc0_V9rR4m_cpiFcBABk=L4xUxsiA7y7VQxKfpjOH-W-2vhc
                2024-04-25 20:21:35 UTC843INHTTP/1.1 404 Not Found
                Date: Thu, 25 Apr 2024 20:21:35 GMT
                Content-Type: text/html
                Transfer-Encoding: chunked
                Connection: close
                Vary: Accept-Encoding
                X-Content-Type-Options: nosniff
                X-Content-Type-Options: nosniff
                X-XSS-Protection: 1; mode=block
                X-XSS-Protection: 1; mode=block
                Cache-Control: public, max-age=315360000, stale-while-revalidate=315360000, stale-if-error=315360000, immutable
                Pragma: public
                CF-Cache-Status: MISS
                Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XFIx3oF1nDYgZKuYpNzotlq2D6h5AouYjGeTsKlEEEzVkwFQB325IlLOVY8oNvvSRwRqLHAjh38qS3x5Zr1IrHcp%2FXvIIo6EZUyYPMEQWnTEw%2Foz%2F%2FoIYXhIwg%3D%3D"}],"group":"cf-nel","max_age":604800}
                NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                Server: cloudflare
                CF-RAY: 87a10a4cc806b08d-ATL
                alt-svc: h3=":443"; ma=86400
                2024-04-25 20:21:35 UTC264INData Raw: 31 30 31 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 3c 2f 62 6f 64 79 3e
                Data Ascii: 101<html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p></body>
                2024-04-25 20:21:35 UTC5INData Raw: 30 0d 0a 0d 0a
                Data Ascii: 0


                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                11192.168.2.549725172.67.212.1564436412C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampBytes transferredDirectionData
                2024-04-25 20:21:35 UTC945OUTGET /cdn-cgi/challenge-platform/h/b/jsd/r/87a10a459b23b0eb HTTP/1.1
                Host: falic.co
                Connection: keep-alive
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                Accept: */*
                Sec-Fetch-Site: none
                Sec-Fetch-Mode: cors
                Sec-Fetch-Dest: empty
                Accept-Encoding: gzip, deflate, br
                Accept-Language: en-US,en;q=0.9
                Cookie: OKCIt-x4yyL2_CkpqkJ8gnfsHoc=WXplgF8B2EoDQGA1SRLd34IlJ3A; mJjxZCDMencZC1FxBDBDIM6NlcQ=1714076489; NEUGw_mReqahjJQUNtrAr1i2WyY=1714162889; g-1CXj9XUeh7MedgH5yZY1beKzg=hK_aypUb-RykQ-i3f0C4hqozPtw; l1K5Dya3GjEjbYx5PiVLp1ysXYM=cHhzuWIfe0wjFd6rIjDJWEaQNmM; U6_P53pZRqwS_7lDcGqq19s8S5M=1714076493; VqcVrnlssPQkLGgKtGOOBKlbFR4=1714162893; 4Y1UXwmRc0_V9rR4m_cpiFcBABk=L4xUxsiA7y7VQxKfpjOH-W-2vhc; cf_clearance=aIyHUJryvFqka_D8f.F5bX7JtZhUjV22VWIXtzWTk3I-1714076494-1.0.1.1-vNec5bZ12lys936Bwa6GmIBC7GDgSc_ZagoEx6x86DVuLhAbSe9aLcErRp7Eurc1TdEG48Gzjp.EzKtOLaHbbg
                2024-04-25 20:21:35 UTC700INHTTP/1.1 400 Bad Request
                Date: Thu, 25 Apr 2024 20:21:35 GMT
                Content-Type: application/json
                Content-Length: 7
                Connection: close
                cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
                cf-chl-out: LrmRCHIRF023Rt1JzS/9iw==$Cw4LY/UNrZRld3YF+Voq/w==
                Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RCBzYhMs7g97a7M%2Begu8AZJ3ksSGP6iWXxq%2FUnHRDMj%2FNQALyIcW%2FVEWfIZLPsX41EAJC%2FWXPsJsyKDS4oLCWlJZSy5nikwu69yd1a3zjHxug28QAlArsTAztQ%3D%3D"}],"group":"cf-nel","max_age":604800}
                NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                Server: cloudflare
                CF-RAY: 87a10a51092953f1-ATL
                alt-svc: h3=":443"; ma=86400
                2024-04-25 20:21:35 UTC7INData Raw: 69 6e 76 61 6c 69 64
                Data Ascii: invalid


                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                12192.168.2.549726184.31.62.93443
                TimestampBytes transferredDirectionData
                2024-04-25 20:21:35 UTC161OUTHEAD /fs/windows/config.json HTTP/1.1
                Connection: Keep-Alive
                Accept: */*
                Accept-Encoding: identity
                User-Agent: Microsoft BITS/7.8
                Host: fs.microsoft.com
                2024-04-25 20:21:35 UTC467INHTTP/1.1 200 OK
                Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                Content-Type: application/octet-stream
                ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                Server: ECAcc (chd/0790)
                X-CID: 11
                X-Ms-ApiVersion: Distribute 1.2
                X-Ms-Region: prod-eus-z1
                Cache-Control: public, max-age=124920
                Date: Thu, 25 Apr 2024 20:21:35 GMT
                Connection: close
                X-CID: 2


                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                13192.168.2.549727184.31.62.93443
                TimestampBytes transferredDirectionData
                2024-04-25 20:21:36 UTC239OUTGET /fs/windows/config.json HTTP/1.1
                Connection: Keep-Alive
                Accept: */*
                Accept-Encoding: identity
                If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT
                Range: bytes=0-2147483646
                User-Agent: Microsoft BITS/7.8
                Host: fs.microsoft.com
                2024-04-25 20:21:36 UTC515INHTTP/1.1 200 OK
                ApiVersion: Distribute 1.1
                Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                Content-Type: application/octet-stream
                ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                Server: ECAcc (chd/0758)
                X-CID: 11
                X-Ms-ApiVersion: Distribute 1.2
                X-Ms-Region: prod-eus-z1
                Cache-Control: public, max-age=124919
                Date: Thu, 25 Apr 2024 20:21:36 GMT
                Content-Length: 55
                Connection: close
                X-CID: 2
                2024-04-25 20:21:36 UTC55INData Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d
                Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}


                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                14192.168.2.54973735.190.80.14436412C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampBytes transferredDirectionData
                2024-04-25 20:22:32 UTC525OUTOPTIONS /report/v4?s=XFIx3oF1nDYgZKuYpNzotlq2D6h5AouYjGeTsKlEEEzVkwFQB325IlLOVY8oNvvSRwRqLHAjh38qS3x5Zr1IrHcp%2FXvIIo6EZUyYPMEQWnTEw%2Foz%2F%2FoIYXhIwg%3D%3D HTTP/1.1
                Host: a.nel.cloudflare.com
                Connection: keep-alive
                Origin: https://falic.co
                Access-Control-Request-Method: POST
                Access-Control-Request-Headers: content-type
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                Accept-Encoding: gzip, deflate, br
                Accept-Language: en-US,en;q=0.9
                2024-04-25 20:22:33 UTC336INHTTP/1.1 200 OK
                Content-Length: 0
                access-control-max-age: 86400
                access-control-allow-methods: POST, OPTIONS
                access-control-allow-origin: *
                access-control-allow-headers: content-length, content-type
                date: Thu, 25 Apr 2024 20:22:32 GMT
                Via: 1.1 google
                Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                Connection: close


                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                15192.168.2.54973835.190.80.14436412C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampBytes transferredDirectionData
                2024-04-25 20:22:32 UTC527OUTOPTIONS /report/v4?s=RCBzYhMs7g97a7M%2Begu8AZJ3ksSGP6iWXxq%2FUnHRDMj%2FNQALyIcW%2FVEWfIZLPsX41EAJC%2FWXPsJsyKDS4oLCWlJZSy5nikwu69yd1a3zjHxug28QAlArsTAztQ%3D%3D HTTP/1.1
                Host: a.nel.cloudflare.com
                Connection: keep-alive
                Origin: https://falic.co
                Access-Control-Request-Method: POST
                Access-Control-Request-Headers: content-type
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                Accept-Encoding: gzip, deflate, br
                Accept-Language: en-US,en;q=0.9
                2024-04-25 20:22:33 UTC336INHTTP/1.1 200 OK
                Content-Length: 0
                access-control-max-age: 86400
                access-control-allow-methods: POST, OPTIONS
                access-control-allow-origin: *
                access-control-allow-headers: content-type, content-length
                date: Thu, 25 Apr 2024 20:22:33 GMT
                Via: 1.1 google
                Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                Connection: close


                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                16192.168.2.54973935.190.80.14436412C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampBytes transferredDirectionData
                2024-04-25 20:22:33 UTC475OUTPOST /report/v4?s=XFIx3oF1nDYgZKuYpNzotlq2D6h5AouYjGeTsKlEEEzVkwFQB325IlLOVY8oNvvSRwRqLHAjh38qS3x5Zr1IrHcp%2FXvIIo6EZUyYPMEQWnTEw%2Foz%2F%2FoIYXhIwg%3D%3D HTTP/1.1
                Host: a.nel.cloudflare.com
                Connection: keep-alive
                Content-Length: 1762
                Content-Type: application/reports+json
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                Accept-Encoding: gzip, deflate, br
                Accept-Language: en-US,en;q=0.9
                2024-04-25 20:22:33 UTC1762OUTData Raw: 5b 7b 22 61 67 65 22 3a 35 39 30 38 39 2c 22 62 6f 64 79 22 3a 7b 22 65 6c 61 70 73 65 64 5f 74 69 6d 65 22 3a 38 30 37 2c 22 6d 65 74 68 6f 64 22 3a 22 47 45 54 22 2c 22 70 68 61 73 65 22 3a 22 61 70 70 6c 69 63 61 74 69 6f 6e 22 2c 22 70 72 6f 74 6f 63 6f 6c 22 3a 22 68 74 74 70 2f 31 2e 31 22 2c 22 72 65 66 65 72 72 65 72 22 3a 22 68 74 74 70 73 3a 2f 2f 66 61 6c 69 63 2e 63 6f 2f 6f 66 66 69 63 65 2f 6f 66 66 69 63 65 5f 63 6f 6f 6b 69 65 73 2f 6d 61 69 6e 2f 22 2c 22 73 61 6d 70 6c 69 6e 67 5f 66 72 61 63 74 69 6f 6e 22 3a 31 2e 30 2c 22 73 65 72 76 65 72 5f 69 70 22 3a 22 31 37 32 2e 36 37 2e 32 31 32 2e 31 35 36 22 2c 22 73 74 61 74 75 73 5f 63 6f 64 65 22 3a 35 30 33 2c 22 74 79 70 65 22 3a 22 68 74 74 70 2e 65 72 72 6f 72 22 7d 2c 22 74 79 70 65
                Data Ascii: [{"age":59089,"body":{"elapsed_time":807,"method":"GET","phase":"application","protocol":"http/1.1","referrer":"https://falic.co/office/office_cookies/main/","sampling_fraction":1.0,"server_ip":"172.67.212.156","status_code":503,"type":"http.error"},"type
                2024-04-25 20:22:33 UTC168INHTTP/1.1 200 OK
                Content-Length: 0
                date: Thu, 25 Apr 2024 20:22:33 GMT
                Via: 1.1 google
                Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                Connection: close


                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                17192.168.2.54974035.190.80.14436412C:\Program Files\Google\Chrome\Application\chrome.exe
                TimestampBytes transferredDirectionData
                2024-04-25 20:22:33 UTC476OUTPOST /report/v4?s=RCBzYhMs7g97a7M%2Begu8AZJ3ksSGP6iWXxq%2FUnHRDMj%2FNQALyIcW%2FVEWfIZLPsX41EAJC%2FWXPsJsyKDS4oLCWlJZSy5nikwu69yd1a3zjHxug28QAlArsTAztQ%3D%3D HTTP/1.1
                Host: a.nel.cloudflare.com
                Connection: keep-alive
                Content-Length: 436
                Content-Type: application/reports+json
                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                Accept-Encoding: gzip, deflate, br
                Accept-Language: en-US,en;q=0.9
                2024-04-25 20:22:33 UTC436OUTData Raw: 5b 7b 22 61 67 65 22 3a 35 37 30 31 37 2c 22 62 6f 64 79 22 3a 7b 22 65 6c 61 70 73 65 64 5f 74 69 6d 65 22 3a 36 36 31 2c 22 6d 65 74 68 6f 64 22 3a 22 47 45 54 22 2c 22 70 68 61 73 65 22 3a 22 61 70 70 6c 69 63 61 74 69 6f 6e 22 2c 22 70 72 6f 74 6f 63 6f 6c 22 3a 22 68 74 74 70 2f 31 2e 31 22 2c 22 72 65 66 65 72 72 65 72 22 3a 22 22 2c 22 73 61 6d 70 6c 69 6e 67 5f 66 72 61 63 74 69 6f 6e 22 3a 31 2e 30 2c 22 73 65 72 76 65 72 5f 69 70 22 3a 22 31 37 32 2e 36 37 2e 32 31 32 2e 31 35 36 22 2c 22 73 74 61 74 75 73 5f 63 6f 64 65 22 3a 34 30 30 2c 22 74 79 70 65 22 3a 22 68 74 74 70 2e 65 72 72 6f 72 22 7d 2c 22 74 79 70 65 22 3a 22 6e 65 74 77 6f 72 6b 2d 65 72 72 6f 72 22 2c 22 75 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 66 61 6c 69 63 2e 63 6f 2f 63 64
                Data Ascii: [{"age":57017,"body":{"elapsed_time":661,"method":"GET","phase":"application","protocol":"http/1.1","referrer":"","sampling_fraction":1.0,"server_ip":"172.67.212.156","status_code":400,"type":"http.error"},"type":"network-error","url":"https://falic.co/cd
                2024-04-25 20:22:33 UTC168INHTTP/1.1 200 OK
                Content-Length: 0
                date: Thu, 25 Apr 2024 20:22:33 GMT
                Via: 1.1 google
                Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                Connection: close


                Statistics

                CPU Usage

                Click to jump to process

                Memory Usage

                Click to jump to process

                Behavior

                Click to jump to process

                System Behavior

                General

                Target ID:0
                Start time:22:21:24
                Start date:25/04/2024
                Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                Wow64 process (32bit):false
                Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
                Imagebase:0x7ff715980000
                File size:3'242'272 bytes
                MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                Has elevated privileges:true
                Has administrator privileges:true
                Programmed in:C, C++ or other language
                Reputation:low
                Has exited:false

                General

                Target ID:2
                Start time:22:21:28
                Start date:25/04/2024
                Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                Wow64 process (32bit):false
                Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2092 --field-trial-handle=2032,i,17566053712304001285,8018078620139082274,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                Imagebase:0x7ff715980000
                File size:3'242'272 bytes
                MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                Has elevated privileges:true
                Has administrator privileges:true
                Programmed in:C, C++ or other language
                Reputation:low
                Has exited:false

                General

                Target ID:3
                Start time:22:21:30
                Start date:25/04/2024
                Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                Wow64 process (32bit):false
                Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://falic.co/office/office_cookies/main/"
                Imagebase:0x7ff715980000
                File size:3'242'272 bytes
                MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                Has elevated privileges:true
                Has administrator privileges:true
                Programmed in:C, C++ or other language
                Reputation:low
                Has exited:true

                Disassembly

                No disassembly