Edit tour

Windows Analysis Report
https://appwebconnect.pages.dev/

Overview

General Information

Sample URL:	https://appwebconnect.pages.dev/
Analysis ID:	1615552
Infos:

Detection

HTMLPhisher

Score:	64
Range:	0 - 100
Confidence:	100%

Signatures

Antivirus / Scanner detection for submitted sample

Antivirus detection for URL or domain

Yara detected BlockedWebSite

Stores files to the Windows start menu directory

Suricata IDS alerts with low severity for network traffic

Uses insecure TLS / SSL version for HTTPS connection

Classification

Process Tree

System is w10x64

chrome.exe (PID: 3556 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 1632 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2136 --field-trial-handle=1804,i,16324473619381115754,14669389713665053241,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 3452 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://appwebconnect.pages.dev/" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Yara Signatures

Dropped Files

Source	Rule	Description	Author	Strings
dropped/chromecache_172	JoeSecurity_BlockedWebSite	Yara detected BlockedWebSite	Joe Security
dropped/chromecache_224	JoeSecurity_BlockedWebSite	Yara detected BlockedWebSite	Joe Security

HTML

Source	Rule	Description	Author	Strings
1.0.pages.csv	JoeSecurity_BlockedWebSite	Yara detected BlockedWebSite	Joe Security

Suricata Signatures

ET EXPLOIT_KIT Possible Nuclear EK Landing Nov 17 2015

Timestamp	SID	Severity	Classtype	Source IP	Source Port	Destination IP	Destination Port	Protocol
2025-02-15T00:55:57.071607+0100	2022112	1	Exploit Kit Activity Detected	192.168.2.5	49932	162.159.140.229	443	TCP
2025-02-15T00:55:57.081288+0100	2022112	1	Exploit Kit Activity Detected	192.168.2.5	49933	104.244.42.67	443	TCP
2025-02-15T00:55:57.829749+0100	2022112	1	Exploit Kit Activity Detected	192.168.2.5	49961	104.18.27.193	443	TCP

HTTP traffic detected: POST /report/v4?s=H4jeU0q7BkB3Yn4wB5HwYRftgHpBf3yDzZZA6b0yVSSn1OiyLJfBs%2F0W3tiz3s3WfG3IB8wAcoh6KKxV%2FzuZq9BM%2BlZ3rpmW27vLYChLxTDVIOmse2bgS74tGjgK%2Ff7Kl9guTL%2BpR6c17g%3D%3D HTTP/1.1Host: a.nel.cloudflare.comConnection: keep-aliveContent-Length: 393Content-Type: application/reports+jsonUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Fri, 14 Feb 2025 23:55:33 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeX-Frame-Options: SAMEORIGINReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H4jeU0q7BkB3Yn4wB5HwYRftgHpBf3yDzZZA6b0yVSSn1OiyLJfBs%2F0W3tiz3s3WfG3IB8wAcoh6KKxV%2FzuZq9BM%2BlZ3rpmW27vLYChLxTDVIOmse2bgS74tGjgK%2Ff7Kl9guTL%2BpR6c17g%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 9120fd5d8eeb430d-EWR
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Fri, 14 Feb 2025 23:55:36 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeX-Frame-Options: SAMEORIGINReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aGhPVZ1E7l58QLRbEdk9kb6Jc4ZM6khr9z93IfalcupryO1apJD3X%2B%2F4TIpUnbCZZcIVs4%2FQhA0VcDY4Pi5Dmk43Tg9vw%2BDz7SgOfVj0wKTshr2Su1aQ52oH7nUj7JDDsc3CDc9jxgvEnw%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 9120fd6f0cc978e8-EWR
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Fri, 14 Feb 2025 23:55:54 GMTContent-Type: application/json; charset=UTF-8Content-Length: 24Connection: closeAccess-Control-Allow-Origin: https://www.cloudflare.comAccess-Control-Allow-Credentials: trueAccess-Control-Allow-Headers: Content-Type,AcceptAccess-Control-Allow-Methods: GET,POST,OPTIONSX-Robots-Tag: noindexReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NYs%2BV5MVe24QmOnhq%2FhdWr%2FR436ux49HMjviPIW6UTqUH8540mq5aDs0W3MEjNjXqmGoJH2MkOyoMd1aVdKRTNzSsipcZBm%2FjLnUmpaR8EvdOD6jsmElG5PbUqTNN63ffe8aKiLnYTg%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 9120fde36f67729e-EWRalt-svc: h3=":443"; ma=86400
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundx-request-id: fc8fac21-8083-43ff-9769-9e56a13e5668vary: Origindate: Fri, 14 Feb 2025 23:55:57 GMTx-konductor: 25.1.7:3af4fa027x-adobe-edge: IRL1;6server: jagcontent-length: 0strict-transport-security: max-age=31536000; includeSubDomainscache-control: no-cache, no-store, max-age=0, no-transform, privatex-xss-protection: 1; mode=blockx-content-type-options: nosniffconnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundx-request-id: 4e93ff29-fbfa-4737-816f-10f9cef24c0dvary: Origindate: Fri, 14 Feb 2025 23:56:00 GMTx-konductor: 25.1.7:3af4fa027x-adobe-edge: IRL1;6server: jagcontent-length: 0strict-transport-security: max-age=31536000; includeSubDomainscache-control: no-cache, no-store, max-age=0, no-transform, privatex-xss-protection: 1; mode=blockx-content-type-options: nosniffconnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundx-request-id: c6330382-3731-49f0-b887-1493bc5b930bvary: Origindate: Fri, 14 Feb 2025 23:56:01 GMTx-konductor: 25.1.7:3af4fa027x-adobe-edge: IRL1;6server: jagcontent-length: 0strict-transport-security: max-age=31536000; includeSubDomainscache-control: no-cache, no-store, max-age=0, no-transform, privatex-xss-protection: 1; mode=blockx-content-type-options: nosniffconnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundx-request-id: 86e392f8-8a20-49d2-b4b9-763e052fbc5avary: Origindate: Fri, 14 Feb 2025 23:56:02 GMTx-konductor: 25.1.7:3af4fa027x-adobe-edge: IRL1;6server: jagcontent-length: 0strict-transport-security: max-age=31536000; includeSubDomainscache-control: no-cache, no-store, max-age=0, no-transform, privatex-xss-protection: 1; mode=blockx-content-type-options: nosniffconnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Fri, 14 Feb 2025 23:56:10 GMTContent-Type: text/plain;charset=UTF-8Content-Length: 13Connection: closeAccess-Control-Allow-Origin: access-control-allow-headers: access-control-allow-methods: timing-allow-origin: Strict-Transport-Security: max-age=15552000; includeSubDomainsX-Content-Type-Options: nosniffServer: cloudflareCF-RAY: 9120fe46fc2b0f3b-EWRalt-svc: h3=":443"; ma=86400

Source: chromecache_276.2.dr	String found in binary or memory: https://ad.doubleclick.net
Source: chromecache_217.2.dr, chromecache_200.2.dr, chromecache_278.2.dr, chromecache_276.2.dr	String found in binary or memory: https://ade.googlesyndication.com
Source: chromecache_271.2.dr	String found in binary or memory: https://adservice.google.com/pagead/regclk?
Source: chromecache_293.2.dr	String found in binary or memory: https://alb.reddit.com/rp.gif?event=PageVisit&id=t2_1upmecjq&ts=1739577354663&uuid=4086d817-df3c-4e6
Source: chromecache_266.2.dr	String found in binary or memory: https://alb.reddit.com/rp.gif?event=PageVisit&id=t2_1upmecjq&ts=1739577355383&uuid=4086d817-df3c-4e6
Source: chromecache_204.2.dr, chromecache_298.2.dr	String found in binary or memory: https://api.www.cloudflare.com/api/v1
Source: chromecache_233.2.dr, chromecache_164.2.dr	String found in binary or memory: https://app.qualified.com
Source: chromecache_252.2.dr, chromecache_191.2.dr	String found in binary or memory: https://assets.adobedtm.com/extensions/EPc7341b33570d4c988798fc9f0093d4b2/AppMeasurement.js
Source: chromecache_248.2.dr, chromecache_178.2.dr	String found in binary or memory: https://assets.adobedtm.com/extensions/EPc7341b33570d4c988798fc9f0093d4b2/AppMeasurement_Module_Acti
Source: chromecache_256.2.dr	String found in binary or memory: https://assets.adobedtm.com/f597f8065f97/065ba81630d7/8472fc7436be/RC1fcad5185a1b4a039b5df05c7d2b704
Source: chromecache_269.2.dr, chromecache_245.2.dr	String found in binary or memory: https://assets.adobedtm.com/f597f8065f97/065ba81630d7/8472fc7436be/RC392ad6d4bbf94c7283b4eda6cbf689a
Source: chromecache_286.2.dr, chromecache_216.2.dr	String found in binary or memory: https://assets.adobedtm.com/f597f8065f97/065ba81630d7/launch-efab6d095ce0.js
Source: chromecache_217.2.dr, chromecache_200.2.dr, chromecache_278.2.dr, chromecache_262.2.dr, chromecache_276.2.dr, chromecache_271.2.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: chromecache_156.2.dr, chromecache_221.2.dr	String found in binary or memory: https://cf-assets.www.cloudflare.com/slt3lc6tev37/17RhepZZwxiD452Hs0gKFk/5324e2c81dcdef79c74efea2c60
Source: chromecache_206.2.dr, chromecache_258.2.dr	String found in binary or memory: https://cf-assets.www.cloudflare.com/slt3lc6tev37/1WuCMB2xQyP5YwQW1NmnM7/cd7bf7bf2427d528ff91af1fb08
Source: chromecache_206.2.dr, chromecache_258.2.dr	String found in binary or memory: https://cf-assets.www.cloudflare.com/slt3lc6tev37/1f2iRYyLtJPAYkKFR9G5h2/9c58683aa4b33bc18ab0431847c
Source: chromecache_206.2.dr, chromecache_258.2.dr	String found in binary or memory: https://cf-assets.www.cloudflare.com/slt3lc6tev37/1h6HptFO1dOP4w2BpO4WzN/dadc2020927f5a26a128530be02
Source: chromecache_206.2.dr, chromecache_258.2.dr	String found in binary or memory: https://cf-assets.www.cloudflare.com/slt3lc6tev37/2EpMDcOzRGz0qkeQbuOoB1/647e0c54d93967efd46237dec01
Source: chromecache_258.2.dr	String found in binary or memory: https://cf-assets.www.cloudflare.com/slt3lc6tev37/2ZP0AQ92YBysyPFLsuoKOC/84f7aa80a36755aa94cb56c5e0a
Source: chromecache_238.2.dr	String found in binary or memory: https://cf-assets.www.cloudflare.com/slt3lc6tev37/2fMg89go9MegG1EDg39mNy/5a42817cd388ae352f77f56e53b
Source: chromecache_206.2.dr, chromecache_258.2.dr	String found in binary or memory: https://cf-assets.www.cloudflare.com/slt3lc6tev37/2qsPuuImKhFS0I6IchnUR0/33dfb6b56317ac494a108a86158
Source: chromecache_206.2.dr, chromecache_258.2.dr	String found in binary or memory: https://cf-assets.www.cloudflare.com/slt3lc6tev37/2yRCuqitoxUATzrEEpNPeA/49494485e77713ddfaf56b7b338
Source: chromecache_206.2.dr, chromecache_258.2.dr	String found in binary or memory: https://cf-assets.www.cloudflare.com/slt3lc6tev37/33pNtP0fhgTrjCgk4Ahdyo/c3b0e163c89573659e2898c2aa8
Source: chromecache_156.2.dr, chromecache_221.2.dr	String found in binary or memory: https://cf-assets.www.cloudflare.com/slt3lc6tev37/3aiXyraQa82SPHcEOgsxLq/ace1025cc5204f2ca8885646b8b
Source: chromecache_161.2.dr, chromecache_158.2.dr	String found in binary or memory: https://cf-assets.www.cloudflare.com/slt3lc6tev37/42XkFj9Uywkm8Jahf62RtP/0563d91cc1fa54da2bf2c50bad8
Source: chromecache_161.2.dr, chromecache_158.2.dr	String found in binary or memory: https://cf-assets.www.cloudflare.com/slt3lc6tev37/4sfL2iS6H10uq2waT6ehym/ad18b77fa469ce07f23d22e19ab
Source: chromecache_206.2.dr, chromecache_258.2.dr	String found in binary or memory: https://cf-assets.www.cloudflare.com/slt3lc6tev37/5xbbCKLej8Ie7Ty2d1NfCh/471c4d9fd80cbf7e1903f137ca4
Source: chromecache_206.2.dr, chromecache_258.2.dr	String found in binary or memory: https://cf-assets.www.cloudflare.com/slt3lc6tev37/5yUNNcm4R4mXsEu9peDFNi/53ff1c4743556c777025221561a
Source: chromecache_238.2.dr	String found in binary or memory: https://cf-assets.www.cloudflare.com/slt3lc6tev37/6bNeiYhSx0RGvbzxS5Fi8c/3ff83bcc36e86e85170201f8264
Source: chromecache_290.2.dr, chromecache_159.2.dr	String found in binary or memory: https://cf-assets.www.cloudflare.com/slt3lc6tev37/6i8d186tH2iueYvgwVRaJf/ab27fd31033bdd31aea69065480
Source: chromecache_206.2.dr, chromecache_258.2.dr	String found in binary or memory: https://cf-assets.www.cloudflare.com/slt3lc6tev37/7kPjwE4j84Rj5KSJRPRptE/177ac67e5aa1838880c3beffb1d
Source: chromecache_290.2.dr, chromecache_159.2.dr	String found in binary or memory: https://cf-assets.www.cloudflare.com/slt3lc6tev37/mJZqOomHta2MLLB73P8Hs/9378861761815b3adf7bcb7734d6
Source: chromecache_206.2.dr, chromecache_258.2.dr	String found in binary or memory: https://cloudflare.tv/cio-week/fireside-chat-with-juan-rodriguez-estevez/Mg6QNmZl
Source: chromecache_268.2.dr, chromecache_227.2.dr, chromecache_226.2.dr, chromecache_163.2.dr	String found in binary or memory: https://developers.marketo.com/MunchkinLicense.pdf
Source: chromecache_189.2.dr	String found in binary or memory: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1755215756&external_user_id=45b9487
Source: chromecache_206.2.dr, chromecache_258.2.dr	String found in binary or memory: https://eventhub.goldcast.io/?eventHubId=0dc82d0e-bb7c-4aa6-b853-a096322ed37c
Source: chromecache_206.2.dr, chromecache_258.2.dr	String found in binary or memory: https://eventhub.goldcast.io/?eventHubId=da18a2b0-617d-4767-b139-eb386a0db8ff
Source: chromecache_238.2.dr	String found in binary or memory: https://github.com/jonsuh/hamburgers
Source: chromecache_281.2.dr, chromecache_169.2.dr	String found in binary or memory: https://github.com/js-cookie/js-cookie
Source: chromecache_271.2.dr	String found in binary or memory: https://google.com
Source: chromecache_271.2.dr	String found in binary or memory: https://googleads.g.doubleclick.net
Source: chromecache_238.2.dr	String found in binary or memory: https://jonsuh.com/hamburgers
Source: chromecache_233.2.dr, chromecache_164.2.dr	String found in binary or memory: https://js.qualified.com
Source: chromecache_271.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: chromecache_217.2.dr, chromecache_200.2.dr, chromecache_278.2.dr, chromecache_262.2.dr, chromecache_276.2.dr, chromecache_271.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: chromecache_189.2.dr	String found in binary or memory: https://partners.tremorhub.com/sync?UIDM=45b94877-34f0-4999-8091-c5f3d49f762e
Source: chromecache_189.2.dr	String found in binary or memory: https://pixel.rubiconproject.com/tap.php?nid=5578&put=45b94877-34f0-4999-8091-c5f3d49f762e&v
Source: chromecache_293.2.dr, chromecache_266.2.dr	String found in binary or memory: https://px.ads.linkedin.com/collect/?fmt=js&v=2&url=https%3A%2F%2Fwww.cloudflare.com%2Flearning%2Fac
Source: chromecache_293.2.dr, chromecache_266.2.dr	String found in binary or memory: https://px.ads.linkedin.com/collect/?pid=28851&fmt=gif
Source: chromecache_233.2.dr, chromecache_164.2.dr	String found in binary or memory: https://schedule.qualified.com
Source: chromecache_221.2.dr, chromecache_238.2.dr	String found in binary or memory: https://schema.org/Answer
Source: chromecache_238.2.dr	String found in binary or memory: https://schema.org/FAQPage
Source: chromecache_221.2.dr, chromecache_238.2.dr	String found in binary or memory: https://schema.org/Question
Source: chromecache_293.2.dr, chromecache_266.2.dr	String found in binary or memory: https://scout-cdn.salesloft.com/sl.js
Source: chromecache_170.2.dr, chromecache_251.2.dr	String found in binary or memory: https://scout.us4.salesloft.com
Source: chromecache_293.2.dr, chromecache_266.2.dr	String found in binary or memory: https://snap.licdn.com/li.lms-analytics/insight.min.js
Source: chromecache_181.2.dr, chromecache_168.2.dr	String found in binary or memory: https://staging.mrk.cfdata.org/mrk/redwood-blade-repository/
Source: chromecache_293.2.dr, chromecache_266.2.dr	String found in binary or memory: https://static.ads-twitter.com/uwt.js
Source: chromecache_262.2.dr, chromecache_271.2.dr	String found in binary or memory: https://stats.g.doubleclick.net/g/collect
Source: chromecache_262.2.dr, chromecache_271.2.dr	String found in binary or memory: https://stats.g.doubleclick.net/g/collect?v=2&
Source: chromecache_293.2.dr, chromecache_266.2.dr	String found in binary or memory: https://tag.demandbase.com/1be41a80498a5b73.min.js
Source: chromecache_217.2.dr, chromecache_200.2.dr, chromecache_278.2.dr, chromecache_262.2.dr, chromecache_276.2.dr, chromecache_271.2.dr	String found in binary or memory: https://td.doubleclick.net
Source: chromecache_156.2.dr, chromecache_221.2.dr	String found in binary or memory: https://unctad.org/page/data-protection-and-privacy-legislation-worldwide
Source: chromecache_204.2.dr, chromecache_298.2.dr	String found in binary or memory: https://www.cloudflare.com
Source: chromecache_172.2.dr, chromecache_224.2.dr	String found in binary or memory: https://www.cloudflare.com/5xx-error-landing
Source: chromecache_206.2.dr, chromecache_258.2.dr	String found in binary or memory: https://www.cloudflare.com/connectivity-cloud/)
Source: chromecache_172.2.dr, chromecache_224.2.dr	String found in binary or memory: https://www.cloudflare.com/learning/access-management/phishing-attack/
Source: chromecache_206.2.dr, chromecache_258.2.dr	String found in binary or memory: https://www.cloudflare.com/learning/access-management/what-is-a-casb/)
Source: chromecache_156.2.dr, chromecache_221.2.dr	String found in binary or memory: https://www.cloudflare.com/learning/access-management/what-is-browser-isolation/
Source: chromecache_206.2.dr, chromecache_258.2.dr	String found in binary or memory: https://www.cloudflare.com/learning/access-management/what-is-sase/)
Source: chromecache_233.2.dr, chromecache_164.2.dr	String found in binary or memory: https://www.cloudflare.com/lp/multi-channel-phishing-demo?utm_medium=banner
Source: chromecache_206.2.dr, chromecache_258.2.dr	String found in binary or memory: https://www.cloudflare.com/lp/securitybuildersworkshops/
Source: chromecache_190.2.dr, chromecache_255.2.dr	String found in binary or memory: https://www.cloudflare.com/saas/)
Source: chromecache_242.2.dr	String found in binary or memory: https://www.cloudflare.com/static/z/s.js?z=
Source: chromecache_266.2.dr, chromecache_242.2.dr	String found in binary or memory: https://www.cloudflare.com/static/z/t
Source: chromecache_206.2.dr, chromecache_258.2.dr	String found in binary or memory: https://www.cloudflare.com/the-net/illuminate/fighting-phishing/
Source: chromecache_206.2.dr, chromecache_258.2.dr	String found in binary or memory: https://www.cloudflare.com/the-net/platform-consolidation-costs
Source: chromecache_271.2.dr	String found in binary or memory: https://www.google.com
Source: chromecache_217.2.dr, chromecache_200.2.dr, chromecache_278.2.dr, chromecache_276.2.dr	String found in binary or memory: https://www.google.com/gmp/conversion/?
Source: chromecache_271.2.dr	String found in binary or memory: https://www.googleadservices.com
Source: chromecache_271.2.dr	String found in binary or memory: https://www.googletagmanager.com
Source: chromecache_200.2.dr, chromecache_262.2.dr, chromecache_276.2.dr, chromecache_271.2.dr	String found in binary or memory: https://www.googletagmanager.com/a?
Source: chromecache_217.2.dr, chromecache_200.2.dr, chromecache_278.2.dr, chromecache_276.2.dr	String found in binary or memory: https://www.googletagmanager.com/dclk/ns/v1.js
Source: chromecache_200.2.dr, chromecache_262.2.dr, chromecache_276.2.dr, chromecache_271.2.dr	String found in binary or memory: https://www.googletagmanager.com/static/service_worker/
Source: chromecache_262.2.dr, chromecache_271.2.dr	String found in binary or memory: https://www.merchant-center-analytics.goog

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49865
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49986
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49864
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49985
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49863
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49862
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49861
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49982
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49981
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49980
Source: unknown	Network traffic detected: HTTP traffic on port 49932 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49898 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49875 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49852 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49990 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49859
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49858
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49979
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49978
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49977
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49855
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49976
Source: unknown	Network traffic detected: HTTP traffic on port 49841 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49975
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49853
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49974
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49852
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49973
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49970
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50074 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50004 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50268 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown	Network traffic detected: HTTP traffic on port 49978 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49847
Source: unknown	Network traffic detected: HTTP traffic on port 49886 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49846
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49965
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49843
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49964
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49841
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49962
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49840
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49961
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49960
Source: unknown	Network traffic detected: HTTP traffic on port 50015 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50040 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49989 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50246 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50073 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49933 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50028 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50269 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49839
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49958
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49957
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49956
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49834
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49955
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49833
Source: unknown	Network traffic detected: HTTP traffic on port 49887 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49954
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49832
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49953
Source: unknown	Network traffic detected: HTTP traffic on port 50062 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49952
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49864 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49950
Source: unknown	Network traffic detected: HTTP traffic on port 50280 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49910 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49853 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49955 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49949
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49948
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49947
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49946
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 50017 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50026 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49980 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50270 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 49885 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49899
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49898
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49897
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49895
Source: unknown	Network traffic detected: HTTP traffic on port 49862 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49890
Source: unknown	Network traffic detected: HTTP traffic on port 50282 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50247 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49897 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49911 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49957 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49889
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49888
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49887
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49886
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49885
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49884
Source: unknown	Network traffic detected: HTTP traffic on port 49863 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49883
Source: unknown	Network traffic detected: HTTP traffic on port 50281 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49882
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49881
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49956 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50005 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50236 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49979 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49999
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49877
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49998
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49876
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49997
Source: unknown	Network traffic detected: HTTP traffic on port 50121 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49875
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49996
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49874
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49995
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49873
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49994
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49872
Source: unknown	Network traffic detected: HTTP traffic on port 50016 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49992
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49990
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49874 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50072 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49934 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50027 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49989
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49988
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49866
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49987
Source: unknown	Network traffic detected: HTTP traffic on port 50277 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50036 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50094 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49906 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49900 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50226
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49975 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49929 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49872 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50104
Source: unknown	Network traffic detected: HTTP traffic on port 50025 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50289 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49964 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50128 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49861 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49999 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49918 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49873 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49930 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50231
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50113
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50115
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50236
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50114
Source: unknown	Network traffic detected: HTTP traffic on port 50001 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49986 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50288 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50128
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50006
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50008
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50129
Source: unknown	Network traffic detected: HTTP traffic on port 49952 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50240
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50001
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50122
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50000
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50121
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50003
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50002
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50005
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50247
Source: unknown	Network traffic detected: HTTP traffic on port 49895 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50004
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50246
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50266 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 49997 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49859 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50129 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50003 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50267 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49965 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49977 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50081 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50173 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50278 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49954 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49988 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50046 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49882 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50141 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49976 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50256 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49953 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50279 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49908 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50024 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49883 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49998 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49931 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50290 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50002 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49987 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49920 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49949 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50054
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50053
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50056
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50055
Source: unknown	Network traffic detected: HTTP traffic on port 49961 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50263 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50022 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50286 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50063
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50062
Source: unknown	Network traffic detected: HTTP traffic on port 50045 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49881 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49950 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49996 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50274 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49858 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50064
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50067
Source: unknown	Network traffic detected: HTTP traffic on port 50113 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50056 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50240 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49915 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50072
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50074
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50073
Source: unknown	Network traffic detected: HTTP traffic on port 50080 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50275 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50114 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50081
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50080
Source: unknown	Network traffic detected: HTTP traffic on port 49904 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49847 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49927 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50086
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50094
Source: unknown	Network traffic detected: HTTP traffic on port 49938 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50023 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50018
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50017
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50019
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49974 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49916 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50055 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50135
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50256
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50016
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50015
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50029
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50028
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50021
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50263
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50141
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50023
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50265
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50022
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50264
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50025
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50267
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50024
Source: unknown	Network traffic detected: HTTP traffic on port 50226 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50266
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50027
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50269
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50026
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50268
Source: unknown	Network traffic detected: HTTP traffic on port 49985 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50000 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50264 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50270
Source: unknown	Network traffic detected: HTTP traffic on port 50021 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50272
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50271
Source: unknown	Network traffic detected: HTTP traffic on port 50067 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49905 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49995 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49928 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50274
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50273
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50276
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50275
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50036
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50278
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50277
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50279
Source: unknown	Network traffic detected: HTTP traffic on port 50265 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50281
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50280
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50283
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50040
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50282
Source: unknown	Network traffic detected: HTTP traffic on port 50104 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49973 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50276 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50043
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50285
Source: unknown	Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50042
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50284
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50045
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50287
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50044
Source: unknown	Network traffic detected: HTTP traffic on port 50115 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50286
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50289
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50046
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50167
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50288
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50290
Source: unknown	Network traffic detected: HTTP traffic on port 49962 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50173
Source: unknown	Network traffic detected: HTTP traffic on port 50287 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50044 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50231 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49890 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50122 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49970 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50042 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50283 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49912 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49935 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49958 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49889 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49866 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49946 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50018 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49855 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50053 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49981 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50271 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49901 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49924 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49947 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49992 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50043 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50272 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49994 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50167 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50054 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49913 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50006 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49865 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49842 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50135 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49833 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49938
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49936
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49935
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 49902 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49934
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49933
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49932
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49931
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49930
Source: unknown	Network traffic detected: HTTP traffic on port 49925 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50064 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50008 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49936 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49876 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49960 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 50285 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49929
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49928
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49927
Source: unknown	Network traffic detected: HTTP traffic on port 50029 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49925
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49924
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49920
Source: unknown	Network traffic detected: HTTP traffic on port 50086 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443

Source: classification engine

Classification label: mal64.phis.win@21/241@211/73

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2136 --field-trial-handle=1804,i,16324473619381115754,14669389713665053241,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://appwebconnect.pages.dev/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2136 --field-trial-handle=1804,i,16324473619381115754,14669389713665053241,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	1 Drive-by Compromise	Windows Management Instrumentation	1 Registry Run Keys / Startup Folder	1 Process Injection	1 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	4 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	5 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	3 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Source	Detection	Scanner	Label	Link
https://appwebconnect.pages.dev/	100%	Avira URL Cloud	phishing

Source	Detection	Scanner	Label	Link
https://appwebconnect.pages.dev/favicon.ico	100%	Avira URL Cloud	phishing
https://appwebconnect.pages.dev/cdn-cgi/images/icon-exclamation.png?1376755637	100%	Avira URL Cloud	phishing

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
jsdelivr.map.fastly.net	151.101.1.229	true	false	high
benchmark.1e100cdn.net	35.190.26.57	true	false	high
prod-default.lb.logrocket.network	104.198.23.205	true	false	high
segments.company-target.com	18.245.86.101	true	false	high
s.dsp-prod.demandbase.com	34.96.71.22	true	false	high
e10776.b.akamaiedge.net	104.73.230.208	true	false	high
scout.us1.salesloft.com	3.210.93.41	true	false	high
platform.twitter.map.fastly.net	146.75.120.157	true	false	high
stats.g.doubleclick.net	64.233.184.157	true	false	high
ot.www.cloudflare.com	104.16.123.96	true	false	high
l-0005.l-msedge.net	13.107.42.14	true	false	high
t.co	162.159.140.229	true	false	high
performance.radar.cloudflare.com	104.18.30.78	true	false	high
www.google.com	172.217.18.4	true	false	high
partners-1864332697.us-east-1.elb.amazonaws.com	18.232.222.207	true	false	high
cf-assets.www.cloudflare.com	104.16.124.96	true	false	high
id.rlcdn.com	35.244.174.68	true	false	high
a798.dscd.akamai.net	2.19.11.121	true	false	high
s.twitter.com	104.244.42.67	true	false	high
cm.everesttech.net.akadns.net	52.30.140.240	true	false	high
valid.rpki.cloudflare.com	104.17.230.6	true	false	high
di.rlcdn.com	35.244.174.68	true	false	high
www.linkedin.com.cdn.cloudflare.net	172.64.146.215	true	false	high
p36.cedexis-test.com.wsoversea.com	138.113.147.185	true	false	high
cdn.logr-ingest.com	104.21.80.1	true	false	high
reddit.map.fastly.net	151.101.129.140	true	false	high
challenges.cloudflare.com	104.18.95.41	true	false	high
a1916.dscg2.akamai.net	88.221.110.145	true	false	high
static.cloudflareinsights.com	104.16.79.73	true	false	high
pixel.rubiconproject.net.akadns.net	69.173.144.165	true	false	high
benchmarks.cdn.compute-pipe.com	104.18.31.19	true	false	high
testingcf.jsdelivr.net.cdn.cloudflare.net	104.18.187.31	true	false	high
scout-cdn.salesloft.com.cdn.cloudflare.net	104.16.71.105	true	false	high
jsdelivr.b-cdn.net	169.150.247.38	true	false	high
tag.demandbase.com	18.245.46.25	true	false	high
demdex.net.ssl.sc.omtrdc.net	63.140.62.222	true	false	high
api.www.cloudflare.com	104.16.123.96	true	false	high
dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com	34.251.122.33	true	false	high
d1inq1x5xtur5k.cloudfront.net	143.204.98.59	true	false	high
appwebconnect.pages.dev	188.114.97.3	true	false	unknown
tag-logger.demandbase.com	143.204.98.127	true	false	high
a.nel.cloudflare.com	35.190.80.1	true	false	high
invalid.rpki.cloudflare.com	103.21.244.8	true	false	high
js.qualified.com	104.18.16.5	true	false	high
ws6.qualified.com	104.18.17.5	true	false	high
prod.cedexis-ssl.map.fastly.net	151.101.2.6	true	false	high
ax-0001.ax-msedge.net	150.171.27.10	true	false	high
www.cloudflare.com	104.16.124.96	true	false	high
dsum-sec.casalemedia.com	104.18.27.193	true	false	high
e7808.dscg.akamaiedge.net	2.19.105.89	true	false	high
ptcfc.com	162.159.140.203	true	false	high
adobedc.net.ssl.sc.omtrdc.net	63.140.62.17	true	false	high
api.company-target.com	18.66.102.127	true	false	high
app.qualified.com	104.18.16.5	true	false	high
713-xsc-918.mktoresp.com	192.28.144.124	true	false	high
alb.reddit.com	unknown	unknown	false	high
static.ads-twitter.com	unknown	unknown	false	high
scout.salesloft.com	unknown	unknown	false	high
scout-cdn.salesloft.com	unknown	unknown	false	high
p36.cedexis-test.com	unknown	unknown	false	high
cm.everesttech.net	unknown	unknown	false	high
testingcf.jsdelivr.net	unknown	unknown	false	high
adobedc.demdex.net	unknown	unknown	false	high
p16999.cedexis-test.com	unknown	unknown	false	high
s.company-target.com	unknown	unknown	false	high
assets.adobedtm.com	unknown	unknown	false	high
pixel.rubiconproject.com	unknown	unknown	false	high
px.ads.linkedin.com	unknown	unknown	false	high
munchkin.marketo.net	unknown	unknown	false	high
r.logr-ingest.com	unknown	unknown	false	high
fastly.jsdelivr.net	unknown	unknown	false	high
p29.cedexis-test.com	unknown	unknown	false	high
partners.tremorhub.com	unknown	unknown	false	high
cdn.bizibly.com	unknown	unknown	false	high
cloudflareinc.demdex.net	unknown	unknown	false	high
cdn.bizible.com	unknown	unknown	false	high
dpm.demdex.net	unknown	unknown	false	high
www.linkedin.com	unknown	unknown	false	high
analytics.twitter.com	unknown	unknown	false	high
snap.licdn.com	unknown	unknown	false	high
fastly.cedexis-test.com	unknown	unknown	false	high
edge.adobedc.net	unknown	unknown	false	high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://www.cloudflare.com/learning/access-management/phishing-attack/	false		high
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015	false		high
https://www.cloudflare.com/page-data/learning/access-management/what-is-identity-and-access-management/page-data.json	false		high
https://www.cloudflare.com/static/z/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyV2hhdCUyMGlzJTIwYSUyMHBoaXNoaW5nJTIwYXR0YWNrJTNGJTIwJTdDJTIwQ2xvdWRmbGFyZSUyMiUyQyUyMnglMjIlM0EwLjA5MzUyNTc1ODA5MzI2NjY5JTJDJTIydyUyMiUzQTEyODAlMkMlMjJoJTIyJTNBMTAyNCUyQyUyMmolMjIlM0E5MDclMkMlMjJlJTIyJTNBMTI4MCUyQyUyMmwlMjIlM0ElMjJodHRwcyUzQSUyRiUyRnd3dy5jbG91ZGZsYXJlLmNvbSUyRmxlYXJuaW5nJTJGYWNjZXNzLW1hbmFnZW1lbnQlMkZwaGlzaGluZy1hdHRhY2slMkYlMjIlMkMlMjJyJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZhcHB3ZWJjb25uZWN0LnBhZ2VzLmRldiUyRiUyMiUyQyUyMmslMjIlM0EyNCUyQyUyMm4lMjIlM0ElMjJVVEYtOCUyMiUyQyUyMm8lMjIlM0EzMDAlMkMlMjJxJTIyJTNBJTVCJTVEJTdE	false		high
https://id.rlcdn.com/464526.gif	false		high
https://www.cloudflare.com/component---src-components-page-page-template-tsx-c7ec2b92ba43b220ad2d.js	false		high
https://cloudflareinc.demdex.net/dest5.html?d_nsid=0	false		high
https://app.qualified.com/w/1/37pXYrro6wCZbsU7/events/trace	false		high
https://ot.www.cloudflare.com/public/vendor/onetrust/scripttemplates/202407.2.0/otBannerSdk.js	false		high
https://appwebconnect.pages.dev/cdn-cgi/images/icon-exclamation.png?1376755637	true	Avira URL Cloud: phishing	unknown
https://www.cloudflare.com/page-data/index/page-data.json	false		high
https://www.cloudflare.com/static/z/i.js	false		high
https://tag-logger.demandbase.com/bg9s?x-amz-cf-id=hz_gyejtdNiLJ9mXh8QPFIX65J3cFAbgte_Iv8o1c3Ah87-bhC8twQ==&api-version=v3	false		high
https://ptcfc.com/img/284/r20-100KB.png?r=21285673	false		high
https://a.nel.cloudflare.com/report/v4?s=V7DhjDp4KSF5KE%2Fp1XglZsgsfOxESsIWjZ3wjsfom3KbMwkMwvQ0q4wwb4o08JWl2lZEZ2nmEX%2BdJ3Y%2Fuq9vhoEOeGPz9rCqbgyR%2F%2B8JaY5s%2F0BLU3mqV0HgHTudY9IVTxxHvw%3D%3D	false		high
https://benchmarks.cdn.compute-pipe.com/r20-100KB.png?r=92723197	false		high
https://www.cloudflare.com/page-data/sq/d/3934964512.json	false		high
https://cdn.bizible.com/xdc.js?_biz_u=fe313736293c4988a9deef7447ec8124&_biz_h=-1777624096&cdn_o=a&jsVer=4.25.01.09	false		high
https://cdn.logr-ingest.com/logger-1.min.js	false		high
https://www.cloudflare.com/page-data/plans/page-data.json	false		high
https://scout.salesloft.com/i	false		high
https://tag.demandbase.com/1be41a80498a5b73.min.js	false		high
https://713-xsc-918.mktoresp.com/webevents/visitWebPage?_mchNc=1739577357226&_mchCn=&_mchId=713-XSC-918&_mchTk=_mch-cloudflare.com-5db31937406633c4c9c300a19fe2fe30&_mchHo=www.cloudflare.com&_mchPo=&_mchRu=%2Flearning%2Faccess-management%2Fphishing-attack%2F&_mchPc=https%3A&_mchVr=164&_mchEcid=8AD56F28618A50850A495FB6%40AdobeOrg%3A6%3A36722218324888834391610246623057154068&_mchHa=&_mchRe=https%3A%2F%2Fappwebconnect.pages.dev%2F&_mchQp=	false		high
https://edge.adobedc.net/ee/irl1/v1/interact?configId=715c679b-19c8-4402-8093-423571ad58c4&requestId=86e392f8-8a20-49d2-b4b9-763e052fbc5a	false		high
https://performance.radar.cloudflare.com/api/beacon	false		high
https://a.nel.cloudflare.com/report/v4?s=H4jeU0q7BkB3Yn4wB5HwYRftgHpBf3yDzZZA6b0yVSSn1OiyLJfBs%2F0W3tiz3s3WfG3IB8wAcoh6KKxV%2FzuZq9BM%2BlZ3rpmW27vLYChLxTDVIOmse2bgS74tGjgK%2Ff7Kl9guTL%2BpR6c17g%3D%3D	false		high
https://munchkin.marketo.net/munchkin-beta.js	false		high
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D28851%26time%3D1739577355127%26li_adsId%3D594f6d06-8eae-4dfc-ab00-651534dc42d1%26url%3Dhttps%253A%252F%252Fwww.cloudflare.com%252Flearning%252Faccess-management%252Fphishing-attack%252F%26liSync%3Dtrue	false		high
https://alb.reddit.com/rp.gif?event=PageVisit&id=t2_1upmecjq&ts=1739577354663&uuid=4086d817-df3c-4e6a-962e-f259e3d651df&integration=reddit&opt_out=0&v=rdt_65e23bc4&sh=1024&sw=1280	false		high
https://cf-assets.www.cloudflare.com/slt3lc6tev37/6bNeiYhSx0RGvbzxS5Fi8c/3ff83bcc36e86e85170201f8264b2c1c/banner-new.png	false		high
https://api.www.cloudflare.com/api/v1/marketo/form/2459	false		high
https://www.cloudflare.com/img/learning/security/threats/phishing-attack/diagram-phishing-attack.png	false		high
https://appwebconnect.pages.dev/	true		unknown
https://www.cloudflare.com/a06cff934e9579536ce1c10bad21c1d6d7f63ae0-90484db4602d401d94ca.js	false		high
https://t.co/1/i/adsct?bci=4&dv=America%2FNew_York%26en-US%2Cen%26Google%20Inc.%26Win32%26255%261280%261024%264%2624%261280%26984%260%26na&eci=3&event=%7B%7D&event_id=eaf61573-6bf5-4264-a5be-acbecffe09cf&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=1fabc9ca-af58-4e3a-8537-15493811c459&restricted_data_use=restrict_optimization&tw_document_href=https%3A%2F%2Fwww.cloudflare.com%2Flearning%2Faccess-management%2Fphishing-attack%2F&tw_iframe_status=0&txn_id=nvldc&type=javascript&version=2.3.31	false		high
https://cdn.bizible.com/u?mapType=mkto&mapValue=id%3A713-XSC-918%26token%3A_mch-cloudflare.com-5db31937406633c4c9c300a19fe2fe30&_biz_u=fe313736293c4988a9deef7447ec8124&_biz_l=https%3A%2F%2Fwww.cloudflare.com%2Flearning%2Faccess-management%2Fphishing-attack%2F&_biz_t=1739577357903&_biz_i=What%20is%20a%20phishing%20attack%3F%20%7C%20Cloudflare&_biz_n=2&rnd=795697&cdn_o=a&_biz_z=1739577357903	false		high
https://appwebconnect.pages.dev/favicon.ico	true	Avira URL Cloud: phishing	unknown
https://assets.adobedtm.com/extensions/EPc7341b33570d4c988798fc9f0093d4b2/AppMeasurement.min.js	false		high
https://scout-cdn.salesloft.com/sl.js	false		high
https://static.ads-twitter.com/uwt.js	false		high
https://challenges.cloudflare.com/turnstile/v0/b/324d0dcf743c/api.js	false		high
https://www.cloudflare.com/174-242772ef10d8d161ae24.js	false		high
https://a.nel.cloudflare.com/report/v4?s=aGhPVZ1E7l58QLRbEdk9kb6Jc4ZM6khr9z93IfalcupryO1apJD3X%2B%2F4TIpUnbCZZcIVs4%2FQhA0VcDY4Pi5Dmk43Tg9vw%2BDz7SgOfVj0wKTshr2Su1aQ52oH7nUj7JDDsc3CDc9jxgvEnw%3D%3D	false		high
https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=8AD56F28618A50850A495FB6%40AdobeOrg&d_nsid=0&ts=1739577353758	false		high
https://valid.rpki.cloudflare.com/?r=69149326	false		high
https://r.logr-ingest.com/i?a=ykolez%2Fcloudflarecom&r=6-019506e3-e056-7342-b003-e7416d2b7cdc&t=9618e4cd-b5dc-4422-8325-59ea586bb6e4&s=0&u=6de90df7-e0bd-40cd-8825-7b31a10b1ccc&is=1&rs=0%2Cu	false		high
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/9120fddc3d7242a3/1739577355875/8cb5a06fbe0c98215447e76b857ab6e2542d9396e60ca5ec8a2648fec9f5acb4/boZBx_BZ-GPD65T	false		high
https://www.cloudflare.com/webpack-runtime-58d5c235cebbbe34854a.js	false		high
https://ws6.qualified.com/cable?wv=9&token=37pXYrro6wCZbsU7&vu=9ada4d16-512f-47bd-8729-c5eb5949f0fd&wu=3d26e448-1169-4278-9b2b-1c885bde129b&ca=2025-02-14T23%3A55%3A56.412Z&tz=America%2FNew_York&bis=5&referrer=https%3A%2F%2Fappwebconnect.pages.dev%2F&pv=1&fv=2025-02-14-035cffbacb&iml=false&bl=en-US&ic=false	false		high
https://www.cloudflare.com/page-data/app-data.json	false		high
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=28851&time=1739577355127&li_adsId=594f6d06-8eae-4dfc-ab00-651534dc42d1&url=https%3A%2F%2Fwww.cloudflare.com%2Flearning%2Faccess-management%2Fphishing-attack%2F	false		high
https://a.nel.cloudflare.com/report/v4?s=VBcGoeL1ysNQw8iuDL0VocMKmKrTHP4FXnV6Z3NNOrnuqG6kaCO4GW7pZzPYEhL4gb%2FDrctRAnFTNwCIRzdUOQ4GAqd%2FOi50DHUBJPqiTdNabDL1aFaYi8BUHujVvGIudKzGQPv6gi4%3D	false		high
https://px.ads.linkedin.com/collect/?fmt=js&v=2&url=https%3A%2F%2Fwww.cloudflare.com%2Flearning%2Faccess-management%2Fphishing-attack%2F&time=1739577385379&pid=28851&conversionId=20071137	false		high
https://cm.everesttech.net/cm/dd?d_uuid=41210902621529238612134681257249164846	false		high
https://benchmark.1e100cdn.net/r20-100KB.png?r=22904941	false		high
https://app.qualified.com/w/1/37pXYrro6wCZbsU7/visitor_events	false		high
https://px.ads.linkedin.com/wa/	false		high
https://assets.adobedtm.com/extensions/EPc7341b33570d4c988798fc9f0093d4b2/AppMeasurement_Module_ActivityMap.min.js	false		high
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&v=1&_v=j86&tid=G-PGV1K2BN4M&cid=2e617931-e180-49ce-8951-0a78ccd73b3d&_u=KGDAAEADQAAAAC%7E&z=1535673580&slf_rd=1	false		high
https://edge.adobedc.net/ee/irl1/v1/interact?configId=715c679b-19c8-4402-8093-423571ad58c4&requestId=c6330382-3731-49f0-b887-1493bc5b930b	false		high
https://www.cloudflare.com/cdn-cgi/rum?	false		high

URLs from Memory and Binaries

Name	Source	Malicious	Reputation
https://stats.g.doubleclick.net/g/collect	chromecache_262.2.dr, chromecache_271.2.dr	false	high
https://cf-assets.www.cloudflare.com/slt3lc6tev37/7kPjwE4j84Rj5KSJRPRptE/177ac67e5aa1838880c3beffb1d	chromecache_206.2.dr, chromecache_258.2.dr	false	high
https://eventhub.goldcast.io/?eventHubId=da18a2b0-617d-4767-b139-eb386a0db8ff	chromecache_206.2.dr, chromecache_258.2.dr	false	high
https://px.ads.linkedin.com/collect/?pid=28851&fmt=gif	chromecache_293.2.dr, chromecache_266.2.dr	false	high
https://cf-assets.www.cloudflare.com/slt3lc6tev37/33pNtP0fhgTrjCgk4Ahdyo/c3b0e163c89573659e2898c2aa8	chromecache_206.2.dr, chromecache_258.2.dr	false	high
https://unctad.org/page/data-protection-and-privacy-legislation-worldwide	chromecache_156.2.dr, chromecache_221.2.dr	false	high
https://cf-assets.www.cloudflare.com/slt3lc6tev37/6i8d186tH2iueYvgwVRaJf/ab27fd31033bdd31aea69065480	chromecache_290.2.dr, chromecache_159.2.dr	false	high
https://www.cloudflare.com/saas/)	chromecache_190.2.dr, chromecache_255.2.dr	false	high
https://assets.adobedtm.com/extensions/EPc7341b33570d4c988798fc9f0093d4b2/AppMeasurement_Module_Acti	chromecache_248.2.dr, chromecache_178.2.dr	false	high
https://cf-assets.www.cloudflare.com/slt3lc6tev37/4sfL2iS6H10uq2waT6ehym/ad18b77fa469ce07f23d22e19ab	chromecache_161.2.dr, chromecache_158.2.dr	false	high
https://www.google.com	chromecache_271.2.dr	false	high
https://schema.org/FAQPage	chromecache_238.2.dr	false	high
https://cf-assets.www.cloudflare.com/slt3lc6tev37/42XkFj9Uywkm8Jahf62RtP/0563d91cc1fa54da2bf2c50bad8	chromecache_161.2.dr, chromecache_158.2.dr	false	high
https://www.cloudflare.com/learning/access-management/what-is-browser-isolation/	chromecache_156.2.dr, chromecache_221.2.dr	false	high
https://www.cloudflare.com/the-net/platform-consolidation-costs	chromecache_206.2.dr, chromecache_258.2.dr	false	high
https://www.cloudflare.com/the-net/illuminate/fighting-phishing/	chromecache_206.2.dr, chromecache_258.2.dr	false	high
https://alb.reddit.com/rp.gif?event=PageVisit&id=t2_1upmecjq&ts=1739577355383&uuid=4086d817-df3c-4e6	chromecache_266.2.dr	false	high
https://scout.us4.salesloft.com	chromecache_170.2.dr, chromecache_251.2.dr	false	high
https://cf-assets.www.cloudflare.com/slt3lc6tev37/5xbbCKLej8Ie7Ty2d1NfCh/471c4d9fd80cbf7e1903f137ca4	chromecache_206.2.dr, chromecache_258.2.dr	false	high
https://www.cloudflare.com/learning/access-management/what-is-a-casb/)	chromecache_206.2.dr, chromecache_258.2.dr	false	high
https://schema.org/Answer	chromecache_221.2.dr, chromecache_238.2.dr	false	high
https://cf-assets.www.cloudflare.com/slt3lc6tev37/6bNeiYhSx0RGvbzxS5Fi8c/3ff83bcc36e86e85170201f8264	chromecache_238.2.dr	false	high
https://www.cloudflare.com/static/z/s.js?z=	chromecache_242.2.dr	false	high
https://www.cloudflare.com	chromecache_204.2.dr, chromecache_298.2.dr	false	high
https://cf-assets.www.cloudflare.com/slt3lc6tev37/17RhepZZwxiD452Hs0gKFk/5324e2c81dcdef79c74efea2c60	chromecache_156.2.dr, chromecache_221.2.dr	false	high
https://cct.google/taggy/agent.js	chromecache_217.2.dr, chromecache_200.2.dr, chromecache_278.2.dr, chromecache_262.2.dr, chromecache_276.2.dr, chromecache_271.2.dr	false	high
https://cf-assets.www.cloudflare.com/slt3lc6tev37/5yUNNcm4R4mXsEu9peDFNi/53ff1c4743556c777025221561a	chromecache_206.2.dr, chromecache_258.2.dr	false	high
https://www.cloudflare.com/5xx-error-landing	chromecache_172.2.dr, chromecache_224.2.dr	false	high
https://eventhub.goldcast.io/?eventHubId=0dc82d0e-bb7c-4aa6-b853-a096322ed37c	chromecache_206.2.dr, chromecache_258.2.dr	false	high
https://www.cloudflare.com/connectivity-cloud/)	chromecache_206.2.dr, chromecache_258.2.dr	false	high
https://www.cloudflare.com/lp/securitybuildersworkshops/	chromecache_206.2.dr, chromecache_258.2.dr	false	high
https://developers.marketo.com/MunchkinLicense.pdf	chromecache_268.2.dr, chromecache_227.2.dr, chromecache_226.2.dr, chromecache_163.2.dr	false	high
https://cf-assets.www.cloudflare.com/slt3lc6tev37/1h6HptFO1dOP4w2BpO4WzN/dadc2020927f5a26a128530be02	chromecache_206.2.dr, chromecache_258.2.dr	false	high
https://stats.g.doubleclick.net/g/collect?v=2&	chromecache_262.2.dr, chromecache_271.2.dr	false	high
https://github.com/js-cookie/js-cookie	chromecache_281.2.dr, chromecache_169.2.dr	false	high
https://cf-assets.www.cloudflare.com/slt3lc6tev37/2yRCuqitoxUATzrEEpNPeA/49494485e77713ddfaf56b7b338	chromecache_206.2.dr, chromecache_258.2.dr	false	high
https://staging.mrk.cfdata.org/mrk/redwood-blade-repository/	chromecache_181.2.dr, chromecache_168.2.dr	false	high
https://cf-assets.www.cloudflare.com/slt3lc6tev37/3aiXyraQa82SPHcEOgsxLq/ace1025cc5204f2ca8885646b8b	chromecache_156.2.dr, chromecache_221.2.dr	false	high
https://www.cloudflare.com/learning/access-management/what-is-sase/)	chromecache_206.2.dr, chromecache_258.2.dr	false	high

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
192.28.144.124	713-xsc-918.mktoresp.com	United States	15224	OMNITUREUS	false
104.18.187.31	testingcf.jsdelivr.net.cdn.cloudflare.net	United States	13335	CLOUDFLARENETUS	false
18.66.102.127	api.company-target.com	United States	3	MIT-GATEWAYSUS	false
169.150.247.38	jsdelivr.b-cdn.net	United States	2711	SPIRITTEL-ASUS	false
104.21.80.1	cdn.logr-ingest.com	United States	13335	CLOUDFLARENETUS	false
2.19.105.89	e7808.dscg.akamaiedge.net	European Union	16625	AKAMAI-ASUS	false
104.198.23.205	prod-default.lb.logrocket.network	United States	15169	GOOGLEUS	false
63.140.62.222	demdex.net.ssl.sc.omtrdc.net	United States	15224	OMNITUREUS	false
104.18.30.78	performance.radar.cloudflare.com	United States	13335	CLOUDFLARENETUS	false
172.64.146.215	www.linkedin.com.cdn.cloudflare.net	United States	13335	CLOUDFLARENETUS	false
143.204.98.12	unknown	United States	16509	AMAZON-02US	false
143.204.98.127	tag-logger.demandbase.com	United States	16509	AMAZON-02US	false
35.190.80.1	a.nel.cloudflare.com	United States	15169	GOOGLEUS	false
138.113.147.185	p36.cedexis-test.com.wsoversea.com	United States	776	FR-INRIA-SOPHIAINRIASophia-AntipolisEU	false
18.245.46.44	unknown	United States	16509	AMAZON-02US	false
104.16.124.96	cf-assets.www.cloudflare.com	United States	13335	CLOUDFLARENETUS	false
143.204.98.59	d1inq1x5xtur5k.cloudfront.net	United States	16509	AMAZON-02US	false
162.159.140.229	t.co	United States	13335	CLOUDFLARENETUS	false
69.173.144.165	pixel.rubiconproject.net.akadns.net	United States	26667	RUBICONPROJECTUS	false
142.250.186.36	unknown	United States	15169	GOOGLEUS	false
104.18.186.31	unknown	United States	13335	CLOUDFLARENETUS	false
34.96.71.22	s.dsp-prod.demandbase.com	United States	15169	GOOGLEUS	false
18.245.86.101	segments.company-target.com	United States	16509	AMAZON-02US	false
108.138.26.25	unknown	United States	16509	AMAZON-02US	false
172.217.18.4	www.google.com	United States	15169	GOOGLEUS	false
104.17.230.6	valid.rpki.cloudflare.com	United States	13335	CLOUDFLARENETUS	false
104.73.230.208	e10776.b.akamaiedge.net	United States	16625	AKAMAI-ASUS	false
104.18.95.41	challenges.cloudflare.com	United States	13335	CLOUDFLARENETUS	false
104.244.42.131	unknown	United States	13414	TWITTERUS	false
63.140.62.17	adobedc.net.ssl.sc.omtrdc.net	United States	15224	OMNITUREUS	false
2.19.11.106	unknown	European Union	719	ELISA-ASHelsinkiFinlandEU	false
13.107.42.14	l-0005.l-msedge.net	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
104.16.71.105	scout-cdn.salesloft.com.cdn.cloudflare.net	United States	13335	CLOUDFLARENETUS	false
34.251.122.33	dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com	United States	16509	AMAZON-02US	false
104.18.16.5	js.qualified.com	United States	13335	CLOUDFLARENETUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
188.114.97.3	appwebconnect.pages.dev	European Union	13335	CLOUDFLARENETUS	false
151.101.194.6	unknown	United States	54113	FASTLYUS	false
35.190.26.57	benchmark.1e100cdn.net	United States	15169	GOOGLEUS	false
146.75.120.157	platform.twitter.map.fastly.net	Sweden	30051	SCCGOVUS	false
172.66.0.201	unknown	United States	13335	CLOUDFLARENETUS	false
35.244.174.68	id.rlcdn.com	United States	15169	GOOGLEUS	false
88.221.110.227	unknown	European Union	20940	AKAMAI-ASN1EU	false
88.221.110.145	a1916.dscg2.akamai.net	European Union	20940	AKAMAI-ASN1EU	false
34.225.181.232	unknown	United States	14618	AMAZON-AESUS	false
104.21.64.1	unknown	United States	13335	CLOUDFLARENETUS	false
69.173.144.138	unknown	United States	26667	RUBICONPROJECTUS	false
64.233.184.157	stats.g.doubleclick.net	United States	15169	GOOGLEUS	false
18.232.222.207	partners-1864332697.us-east-1.elb.amazonaws.com	United States	14618	AMAZON-AESUS	false
151.101.2.6	prod.cedexis-ssl.map.fastly.net	United States	54113	FASTLYUS	false
52.30.140.240	cm.everesttech.net.akadns.net	United States	16509	AMAZON-02US	false
2.23.65.88	unknown	European Union	16625	AKAMAI-ASUS	false
52.213.175.23	unknown	United States	16509	AMAZON-02US	false
18.245.46.25	tag.demandbase.com	United States	16509	AMAZON-02US	false
104.16.79.73	static.cloudflareinsights.com	United States	13335	CLOUDFLARENETUS	false
18.66.102.85	unknown	United States	3	MIT-GATEWAYSUS	false
151.101.1.229	jsdelivr.map.fastly.net	United States	54113	FASTLYUS	false
104.18.27.193	dsum-sec.casalemedia.com	United States	13335	CLOUDFLARENETUS	false
162.159.140.203	ptcfc.com	United States	13335	CLOUDFLARENETUS	false
3.210.93.41	scout.us1.salesloft.com	United States	14618	AMAZON-AESUS	false
104.244.42.67	s.twitter.com	United States	13414	TWITTERUS	false
104.18.26.193	unknown	United States	13335	CLOUDFLARENETUS	false
151.101.1.140	unknown	United States	54113	FASTLYUS	false
2.19.11.121	a798.dscd.akamai.net	European Union	719	ELISA-ASHelsinkiFinlandEU	false
104.18.17.5	ws6.qualified.com	United States	13335	CLOUDFLARENETUS	false
103.21.244.8	invalid.rpki.cloudflare.com	United States	13335	CLOUDFLARENETUS	false
188.114.96.3	unknown	European Union	13335	CLOUDFLARENETUS	false
151.101.129.140	reddit.map.fastly.net	United States	54113	FASTLYUS	false
18.245.86.7	unknown	United States	16509	AMAZON-02US	false
104.16.123.96	ot.www.cloudflare.com	United States	13335	CLOUDFLARENETUS	false
104.18.31.19	benchmarks.cdn.compute-pipe.com	United States	13335	CLOUDFLARENETUS	false

Private

IP
192.168.2.7
192.168.2.5

General Information

Joe Sandbox version:	42.0.0 Malachite
Analysis ID:	1615552
Start date and time:	2025-02-15 00:54:35 +01:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 3m 45s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	https://appwebconnect.pages.dev/
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	7
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal64.phis.win@21/241@211/73
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0

Warnings

Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 216.58.206.35, 142.250.186.110, 64.233.184.84, 142.250.186.174, 172.217.18.14, 172.217.23.110, 2.16.100.168, 2.23.77.188, 216.58.206.78, 142.250.186.168, 142.250.181.234, 142.250.186.74, 142.250.186.106, 142.250.184.234, 142.250.186.138, 142.250.185.74, 142.250.186.170, 142.250.185.234, 216.58.206.42, 172.217.18.10, 142.250.185.170, 142.250.185.106, 216.58.206.74, 142.250.185.138, 142.250.185.202, 142.250.184.202, 142.250.186.72, 142.250.185.136, 142.250.185.162, 2.19.11.101, 142.250.185.238, 142.250.186.130, 142.250.74.194, 172.217.16.206, 142.250.186.78, 92.123.12.14, 92.123.12.11, 2.20.245.32, 2.20.245.17, 142.250.184.206, 142.250.181.227, 2.19.106.160, 172.202.163.200, 13.107.246.45, 150.171.27.10
Excluded domains from analysis (whitelisted): a1851.dscw121.akamai.net, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, slscr.update.microsoft.com, otelrules.azureedge.net, ctldl.windowsupdate.com, clientservices.googleapis.com, pagead2.googlesyndication.com, fe3cr.delivery.mp.microsoft.com, essl-cdxs.edgekey.net, clients2.google.com, ade.googlesyndication.com, ocsp.digicert.com, edgedl.me.gvt1.com, redirector.gvt1.com, www.googletagmanager.com, cedexis-test.akamaized.net, bat.bing.com, e31668.dsca.akamaiedge.net, update.googleapis.com, clients.l.google.com, www.google-analytics.com
HTTPS sessions have been limited to 150. Please view the PCAPs for the complete data.
Not all processes where analyzed, report is missing behavior information
Report size exceeded maximum capacity and may have missing network information.
Report size getting too big, too many NtSetInformationFile calls found.
Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
VT rate limit hit for: https://appwebconnect.pages.dev/

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Feb 14 22:55:27 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.9794892184019814
Encrypted:	false
SSDEEP:	48:8TLdpTxZtH1idAKZdA19ehwiZUklqehAy+3:8Tb/9/y
MD5:	E083EE5F716BB5E90D79AE1DE8D2BFB6
SHA1:	226DFA54F49C206E03F54C329850C4E4514685E5
SHA-256:	11DAD4906C432F300A2F85B785FD9F71F7F2A492C82701732C099AED0C11EA52
SHA-512:	A1995360ED4FAD1BE1057E8DF9D3196CB81C45A7DBE585E7CCEDC1DBFCF2F805ADA516EAE5498942D5107E2CB2618BF2E9E7E5A9D78EB5128315129C065814CE
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.....A..;...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.INZ.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VNZ.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VNZ.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VNZ............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VNZ............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........MW.p.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

Source: https://appwebconnect.pages.dev/favicon.ico	Avira URL Cloud: Label: phishing
Source: https://appwebconnect.pages.dev/cdn-cgi/images/icon-exclamation.png?1376755637	Avira URL Cloud: Label: phishing

Source: Yara match	File source: 1.0.pages.csv, type: HTML
Source: Yara match	File source: dropped/chromecache_172, type: DROPPED
Source: Yara match	File source: dropped/chromecache_224, type: DROPPED

Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: Iframe src: https://cloudflareinc.demdex.net/dest5.html?d_nsid=0#https%3A%2F%2Fwww.cloudflare.com
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: Iframe src: https://cloudflareinc.demdex.net/dest5.html?d_nsid=0#https%3A%2F%2Fwww.cloudflare.com
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: Iframe src: https://s.company-target.com/s/sync?exc=lr
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: Iframe src: https://cloudflareinc.demdex.net/dest5.html?d_nsid=0#https%3A%2F%2Fwww.cloudflare.com
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: Iframe src: https://s.company-target.com/s/sync?exc=lr
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: Iframe src: https://cloudflareinc.demdex.net/dest5.html?d_nsid=0#https%3A%2F%2Fwww.cloudflare.com
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: Iframe src: https://s.company-target.com/s/sync?exc=lr

Source: https://appwebconnect.pages.dev/	HTTP Parser: No favicon
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: No favicon
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: No favicon
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: No favicon
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: No favicon
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: No favicon
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: No favicon
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: No favicon
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: No favicon
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: No favicon
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: No favicon

Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: No <meta name="author".. found
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: No <meta name="author".. found
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: No <meta name="author".. found
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: No <meta name="author".. found
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: No <meta name="author".. found

Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: No <meta name="copyright".. found
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: No <meta name="copyright".. found
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: No <meta name="copyright".. found
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: No <meta name="copyright".. found
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: No <meta name="copyright".. found

Source: Network traffic	Suricata IDS: 2022112 - Severity 1 - ET EXPLOIT_KIT Possible Nuclear EK Landing Nov 17 2015 : 192.168.2.5:49932 -> 162.159.140.229:443
Source: Network traffic	Suricata IDS: 2022112 - Severity 1 - ET EXPLOIT_KIT Possible Nuclear EK Landing Nov 17 2015 : 192.168.2.5:49933 -> 104.244.42.67:443
Source: Network traffic	Suricata IDS: 2022112 - Severity 1 - ET EXPLOIT_KIT Possible Nuclear EK Landing Nov 17 2015 : 192.168.2.5:49961 -> 104.18.27.193:443

Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: chromecache_293.2.dr	String found in binary or memory: -->`;document.body.appendChild(d);};{\n!function(e,t,n,s,u,a){e.twq\|\|(s=e.twq=function(){s.exe?s.exe.apply(s,arguments):s.queue.push(arguments);\n},s.version='1.1',s.queue=[],u=t.createElement(n),u.async=!0,u.src='https://static.ads-twitter.com/uwt.js',\na=t.getElementsByTagName(n)[0],a.parentNode.insertBefore(u,a))}(window,document,'script');\n// Insert Twitter Advertiser ID\ntwq('config','nvldc', {\n restricted_data_use: 'restrict_optimization' // or 'off'\n});\n};{const d = document.createElement('div');d.innerHTML = `<!-- Qualified -->\n\n\n<!-- End Qualified -->`;document.body.appendChild(d);};{\n(function(w,q){w['QualifiedObject']=q;w[q]=w[q]\|\|function(){\n(w[q].q=w[q].q\|\|[]).push(arguments)};})(window,'qualified')\n\n};{const el = document.createElement('script');Object.entries(JSON.parse(decodeURIComponent(`%7B%22async%22%3A%22%22%2C%22src%22%3A%22https%3A%2F%2Fjs.qualified.com%2Fqualified.js%3Ftoken%3D37pXYrro6wCZbsU7%22%2C%22onload%22%3A%22%7Bdocument.dispatchEvent(new%20Event(%5C%22loaded-0f490f74-2327-4d5f-9393-4537d0323194%5C%22))%7D%22%2C%22order-id%22%3A%220f490f74-2327-4d5f-9393-4537d0323194%22%7D`))).forEach(([k, v]) => {el.setAttribute(k, v);});document.head.appendChild(el);};{const d = document.createElement('div');d.innerHTML = ``;document.body.appendChild(d);};{\n(function() {\n var didInit = false;\n function initMunchkin() {\n if(didInit === false) {\n didInit = true;\n Munchkin.init('713-XSC-918');\n }\n }\n var s = document.createElement('script');\n s.type = 'text/javascript';\n s.async = true;\n s.src = '//munchkin.marketo.net/munchkin-beta.js';\n s.onreadystatechange = function() {\n if (this.readyState == 'complete' \|\| this.readyState == 'loaded') {\n initMunchkin();\n }\n };\n s.onload = initMunchkin;\n document.getElementsByTagName('head')[0].appendChild(s);\n})();\n};{const d = document.createElement('div');d.innerHTML = ``;document.body.appendChild(d);};{const el = document.createElement('script');Object.entries(JSON.parse(decodeURIComponent(`%7B%22type%22%3A%22text%2Fjavascript%22%2C%22src%22%3A%22https%3A%2F%2Fcdn.bizible.com%2Fscripts%2Fbizible.js%22%2C%22async%22%3A%22%22%2C%22onload%22%3A%22%7Bdocument.dispatchEvent(new%20Event(%5C%22loaded-d6f8e0f1-22d4-4e13-adb3-d27932d231d4%5C%22))%7D%22%2C%22order-id%22%3A%22d6f8e0f1-22d4-4e13-adb3-d27932d231d4%22%7D`))).forEach(([k, v]) => {el.setAttribute(k, v);});document.head.appendChild(el);}})(window,document)"],"f":[["https://px.ads.linkedin.com/collect/?fmt=js&v=2&url=https%3A%2F%2Fwww.cloudflare.com%2Flearning%2Faccess-management%2Fphishing-attack%2F&time=1739577354663&pid=28851&conversionId=13043044",{"credentials":"include","keepalive":true,"mode":"no-cors"}],["https://alb.reddit.com/rp.gif?event=PageVisit&id=t2_1upmecjq&ts=1739577354663&uuid=4086d817-df3c-4e6a-962e-f259e3d651df&integration=reddit&opt_out=0&v=rdt_65e23bc4&sh=1024&sw=1280",{"mode":"no-cors","keepalive":true,"credentials":"include"}]]})})(window,document)}ca
Source: chromecache_293.2.dr	String found in binary or memory: -->`;document.body.appendChild(d);};{\n!function(e,t,n,s,u,a){e.twq\|\|(s=e.twq=function(){s.exe?s.exe.apply(s,arguments):s.queue.push(arguments);\n},s.version='1.1',s.queue=[],u=t.createElement(n),u.async=!0,u.src='https://static.ads-twitter.com/uwt.js',\na=t.getElementsByTagName(n)[0],a.parentNode.insertBefore(u,a))}(window,document,'script');\n// Insert Twitter Advertiser ID\ntwq('config','nvldc', {\n restricted_data_use: 'restrict_optimization' // or 'off'\n});\n};{const d = document.createElement('div');d.innerHTML = `<!-- Qualified -->\n\n\n<!-- End Qualified -->`;document.body.appendChild(d);};{\n(function(w,q){w['QualifiedObject']=q;w[q]=w[q]\|\|function(){\n(w[q].q=w[q].q\|\|[]).push(arguments)};})(window,'qualified')\n\n};{const el = document.createElement('script');Object.entries(JSON.parse(decodeURIComponent(`%7B%22async%22%3A%22%22%2C%22src%22%3A%22https%3A%2F%2Fjs.qualified.com%2Fqualified.js%3Ftoken%3D37pXYrro6wCZbsU7%22%2C%22onload%22%3A%22%7Bdocument.dispatchEvent(new%20Event(%5C%22loaded-0f490f74-2327-4d5f-9393-4537d0323194%5C%22))%7D%22%2C%22order-id%22%3A%220f490f74-2327-4d5f-9393-4537d0323194%22%7D`))).forEach(([k, v]) => {el.setAttribute(k, v);});document.head.appendChild(el);};{const d = document.createElement('div');d.innerHTML = ``;document.body.appendChild(d);};{\n(function() {\n var didInit = false;\n function initMunchkin() {\n if(didInit === false) {\n didInit = true;\n Munchkin.init('713-XSC-918');\n }\n }\n var s = document.createElement('script');\n s.type = 'text/javascript';\n s.async = true;\n s.src = '//munchkin.marketo.net/munchkin-beta.js';\n s.onreadystatechange = function() {\n if (this.readyState == 'complete' \|\| this.readyState == 'loaded') {\n initMunchkin();\n }\n };\n s.onload = initMunchkin;\n document.getElementsByTagName('head')[0].appendChild(s);\n})();\n};{const d = document.createElement('div');d.innerHTML = ``;document.body.appendChild(d);};{const el = document.createElement('script');Object.entries(JSON.parse(decodeURIComponent(`%7B%22type%22%3A%22text%2Fjavascript%22%2C%22src%22%3A%22https%3A%2F%2Fcdn.bizible.com%2Fscripts%2Fbizible.js%22%2C%22async%22%3A%22%22%2C%22onload%22%3A%22%7Bdocument.dispatchEvent(new%20Event(%5C%22loaded-d6f8e0f1-22d4-4e13-adb3-d27932d231d4%5C%22))%7D%22%2C%22order-id%22%3A%22d6f8e0f1-22d4-4e13-adb3-d27932d231d4%22%7D`))).forEach(([k, v]) => {el.setAttribute(k, v);});document.head.appendChild(el);}})(window,document)"],"f":[["https://px.ads.linkedin.com/collect/?fmt=js&v=2&url=https%3A%2F%2Fwww.cloudflare.com%2Flearning%2Faccess-management%2Fphishing-attack%2F&time=1739577354663&pid=28851&conversionId=13043044",{"credentials":"include","keepalive":true,"mode":"no-cors"}],["https://alb.reddit.com/rp.gif?event=PageVisit&id=t2_1upmecjq&ts=1739577354663&uuid=4086d817-df3c-4e6a-962e-f259e3d651df&integration=reddit&opt_out=0&v=rdt_65e23bc4&sh=1024&sw=1280",{"mode":"no-cors","keepalive":true,"credentials":"include"}]]})})(window,document)}ca
Source: chromecache_266.2.dr	String found in binary or memory: -->`;document.body.appendChild(d);};{\n!function(e,t,n,s,u,a){e.twq\|\|(s=e.twq=function(){s.exe?s.exe.apply(s,arguments):s.queue.push(arguments);\n},s.version='1.1',s.queue=[],u=t.createElement(n),u.async=!0,u.src='https://static.ads-twitter.com/uwt.js',\na=t.getElementsByTagName(n)[0],a.parentNode.insertBefore(u,a))}(window,document,'script');\n// Insert Twitter Advertiser ID\ntwq('config','nvldc', {\n restricted_data_use: 'restrict_optimization' // or 'off'\n});\n};{const d = document.createElement('div');d.innerHTML = `<!-- Qualified -->\n\n\n<!-- End Qualified -->`;document.body.appendChild(d);};{\n(function(w,q){w['QualifiedObject']=q;w[q]=w[q]\|\|function(){\n(w[q].q=w[q].q\|\|[]).push(arguments)};})(window,'qualified')\n\n};{const el = document.createElement('script');Object.entries(JSON.parse(decodeURIComponent(`%7B%22async%22%3A%22%22%2C%22src%22%3A%22https%3A%2F%2Fjs.qualified.com%2Fqualified.js%3Ftoken%3D37pXYrro6wCZbsU7%22%2C%22onload%22%3A%22%7Bdocument.dispatchEvent(new%20Event(%5C%22loaded-324d64ff-6e93-4414-998d-e1dc4192c199%5C%22))%7D%22%2C%22order-id%22%3A%22324d64ff-6e93-4414-998d-e1dc4192c199%22%7D`))).forEach(([k, v]) => {el.setAttribute(k, v);});document.head.appendChild(el);};{const d = document.createElement('div');d.innerHTML = ``;document.body.appendChild(d);};{\n(function() {\n var didInit = false;\n function initMunchkin() {\n if(didInit === false) {\n didInit = true;\n Munchkin.init('713-XSC-918');\n }\n }\n var s = document.createElement('script');\n s.type = 'text/javascript';\n s.async = true;\n s.src = '//munchkin.marketo.net/munchkin-beta.js';\n s.onreadystatechange = function() {\n if (this.readyState == 'complete' \|\| this.readyState == 'loaded') {\n initMunchkin();\n }\n };\n s.onload = initMunchkin;\n document.getElementsByTagName('head')[0].appendChild(s);\n})();\n};{const d = document.createElement('div');d.innerHTML = ``;document.body.appendChild(d);};{const el = document.createElement('script');Object.entries(JSON.parse(decodeURIComponent(`%7B%22type%22%3A%22text%2Fjavascript%22%2C%22src%22%3A%22https%3A%2F%2Fcdn.bizible.com%2Fscripts%2Fbizible.js%22%2C%22async%22%3A%22%22%2C%22onload%22%3A%22%7Bdocument.dispatchEvent(new%20Event(%5C%22loaded-67f20770-7d99-4279-88df-3c72f3171449%5C%22))%7D%22%2C%22order-id%22%3A%2267f20770-7d99-4279-88df-3c72f3171449%22%7D`))).forEach(([k, v]) => {el.setAttribute(k, v);});document.head.appendChild(el);};{(function(w,d){;d.cookie=unescape('facebook-pixel_OwdI__fb-pixel%3D%3B%20Domain%3Dcloudflare.com%3B%20Path%3D/%3B%20Max-Age%3D0');d.cookie=unescape('facebook-pixel_VVgx__fb-pixel%3D%3B%20Domain%3Dcloudflare.com%3B%20Path%3D/%3B%20Max-Age%3D0');d.cookie=unescape('facebook-pixel_bHox__fb-pixel%3D%3B%20Domain%3Dcloudflare.com%3B%20Path%3D/%3B%20Max-Age%3D0');d.cookie=unescape('facebook-pixel_elKW__fb-pixel%3D%3B%20Domain%3Dcloudflare.com%3B%20Path%3D/%3B%20Max-Age%3D0');d.cookie=unescape('reddit_fZaD__reddit_uuid%3D%3B%20Domain%3Dcloudflare.c
Source: chromecache_266.2.dr	String found in binary or memory: -->`;document.body.appendChild(d);};{\n!function(e,t,n,s,u,a){e.twq\|\|(s=e.twq=function(){s.exe?s.exe.apply(s,arguments):s.queue.push(arguments);\n},s.version='1.1',s.queue=[],u=t.createElement(n),u.async=!0,u.src='https://static.ads-twitter.com/uwt.js',\na=t.getElementsByTagName(n)[0],a.parentNode.insertBefore(u,a))}(window,document,'script');\n// Insert Twitter Advertiser ID\ntwq('config','nvldc', {\n restricted_data_use: 'restrict_optimization' // or 'off'\n});\n};{const d = document.createElement('div');d.innerHTML = `<!-- Qualified -->\n\n\n<!-- End Qualified -->`;document.body.appendChild(d);};{\n(function(w,q){w['QualifiedObject']=q;w[q]=w[q]\|\|function(){\n(w[q].q=w[q].q\|\|[]).push(arguments)};})(window,'qualified')\n\n};{const el = document.createElement('script');Object.entries(JSON.parse(decodeURIComponent(`%7B%22async%22%3A%22%22%2C%22src%22%3A%22https%3A%2F%2Fjs.qualified.com%2Fqualified.js%3Ftoken%3D37pXYrro6wCZbsU7%22%2C%22onload%22%3A%22%7Bdocument.dispatchEvent(new%20Event(%5C%22loaded-324d64ff-6e93-4414-998d-e1dc4192c199%5C%22))%7D%22%2C%22order-id%22%3A%22324d64ff-6e93-4414-998d-e1dc4192c199%22%7D`))).forEach(([k, v]) => {el.setAttribute(k, v);});document.head.appendChild(el);};{const d = document.createElement('div');d.innerHTML = ``;document.body.appendChild(d);};{\n(function() {\n var didInit = false;\n function initMunchkin() {\n if(didInit === false) {\n didInit = true;\n Munchkin.init('713-XSC-918');\n }\n }\n var s = document.createElement('script');\n s.type = 'text/javascript';\n s.async = true;\n s.src = '//munchkin.marketo.net/munchkin-beta.js';\n s.onreadystatechange = function() {\n if (this.readyState == 'complete' \|\| this.readyState == 'loaded') {\n initMunchkin();\n }\n };\n s.onload = initMunchkin;\n document.getElementsByTagName('head')[0].appendChild(s);\n})();\n};{const d = document.createElement('div');d.innerHTML = ``;document.body.appendChild(d);};{const el = document.createElement('script');Object.entries(JSON.parse(decodeURIComponent(`%7B%22type%22%3A%22text%2Fjavascript%22%2C%22src%22%3A%22https%3A%2F%2Fcdn.bizible.com%2Fscripts%2Fbizible.js%22%2C%22async%22%3A%22%22%2C%22onload%22%3A%22%7Bdocument.dispatchEvent(new%20Event(%5C%22loaded-67f20770-7d99-4279-88df-3c72f3171449%5C%22))%7D%22%2C%22order-id%22%3A%2267f20770-7d99-4279-88df-3c72f3171449%22%7D`))).forEach(([k, v]) => {el.setAttribute(k, v);});document.head.appendChild(el);};{(function(w,d){;d.cookie=unescape('facebook-pixel_OwdI__fb-pixel%3D%3B%20Domain%3Dcloudflare.com%3B%20Path%3D/%3B%20Max-Age%3D0');d.cookie=unescape('facebook-pixel_VVgx__fb-pixel%3D%3B%20Domain%3Dcloudflare.com%3B%20Path%3D/%3B%20Max-Age%3D0');d.cookie=unescape('facebook-pixel_bHox__fb-pixel%3D%3B%20Domain%3Dcloudflare.com%3B%20Path%3D/%3B%20Max-Age%3D0');d.cookie=unescape('facebook-pixel_elKW__fb-pixel%3D%3B%20Domain%3Dcloudflare.com%3B%20Path%3D/%3B%20Max-Age%3D0');d.cookie=unescape('reddit_fZaD__reddit_uuid%3D%3B%20Domain%3Dcloudflare.c
Source: chromecache_266.2.dr	String found in binary or memory: return fetch("https://www.cloudflare.com/static/z/t",{credentials:"include",method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify(em)})})).then((function(ev){zarazData._let=(new Date).getTime();ev.ok\|\|el();return 204!==ev.status&&ev.json()})).then((async eu=>{await zaraz._p(eu);"function"==typeof ej&&ej()})).finally((()=>ek()))}))};zaraz.set=function(ew,ex,ey){try{ex=JSON.stringify(ex)}catch(ez){return}prefixedKey="_zaraz_"+ew;sessionStorage&&sessionStorage.removeItem(prefixedKey);localStorage&&localStorage.removeItem(prefixedKey);delete zaraz.pageVariables[ew];if(void 0!==ex){ey&&"session"==ey.scope?sessionStorage&&sessionStorage.setItem(prefixedKey,ex):ey&&"page"==ey.scope?zaraz.pageVariables[ew]=ex:localStorage&&localStorage.setItem(prefixedKey,ex);zaraz.__watchVar={key:ew,value:ex}}};for(const{m:eA,a:eB}of zarazData.q.filter((({m:eC})=>["debug","set"].includes(eC))))zaraz[eA](...eB);for(const{m:eD,a:eE}of zaraz.q)zaraz[eD](...eE);delete zaraz.q;delete zarazData.q;zaraz.spaPageview=()=>{zarazData.l=d.location.href;zarazData.t=d.title;zaraz.pageVariables={};zaraz.__zarazMCListeners={};zaraz.track("__zarazSPA")};zaraz.fulfilTrigger=function(dy,dz,dA,dB){zaraz.__zarazTriggerMap\|\|(zaraz.__zarazTriggerMap={});zaraz.__zarazTriggerMap[dy]\|\|(zaraz.__zarazTriggerMap[dy]="");zaraz.__zarazTriggerMap[dy]+=""+dz+"";zaraz.track("__zarazEmpty",{...dA,__zarazClientTriggers:zaraz.__zarazTriggerMap[dy]},dB)};zaraz._c=cZ=>{const{event:c$,...da}=cZ;zaraz.track(c$,{...da,__zarazClientEvent:!0})};zaraz._syncedAttributes=["altKey","clientX","clientY","pageX","pageY","button"];zaraz.__zcl.track=!0;zaraz._p({"e":["(function(w,d){(function(){if(\"function\"!=typeof zaraz._timeout){zaraz._timeouts=[];zaraz._timeout=(dU,dV,dW,dX)=>{dW=parseInt(dW,10);dX=parseInt(dX,10);if(0==dW)return;const dY=setTimeout((function(){zaraz.fulfilTrigger(dU,dV);zaraz._timeout(dU,dV,--dW,dX)}),dX);zaraz._timeouts.push(dY)}}zaraz._timeout(\"IFsU\",\"BKpn\",\"1\",\"30000\");})();(function(){const dJ=\"25%,50%,75%,100%\",dK=[];for(let dM=0;dM<dJ.split(\",\").length;dM+=1){const dN=dJ.split(\",\")[dM].trim().match(/^([0-9]{1,999999999})(px\|%)?$/);dN&&dN[1]&&dK.push([parseInt(dN[1],10),dN[2]\|\|\"%\"])}let dL=()=>{const dO=d.scrollingElement\|\|d.documentElement,dP=dO.scrollHeight-dO.clientHeight,dQ=dO.scrollTop/dP*100;for(let dR=0;dR<dK.length;dR+=1)if(dK[dR]){const[dS,dT]=dK[dR];if(\"%\"===dT&&dQ>=dS\|\|\"px\"===dT&&dO.scrollTop>=dS){delete dK[dR];zaraz.fulfilTrigger(\"zDVF\",\"Frnx\",{scrollDepth:dS+dT})}}};w.zaraz._al(d,\"scroll\",dL);w.zaraz._al(w,\"resize\",dL);dL();})();;w.zarazData.executed.push(\"Pageview\");})(window,document)","(function(w,d){{const d = document.createElement('div');d.innerHTML = ``;document.body.appendChild(d);};{\n(function(d,b,a,s,e){ var t = b.createElement(a), \n fs = b.getElementsByTagName(a)[0]; t.async=1; t.id=e; t.src=s; \n fs.parentNode.insertBefore(t, fs); })\n(window,document,'script','https://tag.demandbase.com/1be41a80498a5b73.m
Source: chromecache_217.2.dr, chromecache_200.2.dr, chromecache_278.2.dr, chromecache_262.2.dr, chromecache_276.2.dr, chromecache_271.2.dr	String found in binary or memory: return f}OF.F="internal.enableAutoEventOnTimer";var Yb=wa(["data-gtm-yt-inspected-"]),QF=["www.youtube.com","www.youtube-nocookie.com"],RF,SF=!1; equals www.youtube.com (Youtube)
Source: chromecache_200.2.dr, chromecache_276.2.dr	String found in binary or memory: var cF=function(a,b,c,d,e){var f=PC("fsl",c?"nv.mwt":"mwt",0),g;g=c?PC("fsl","nv.ids",[]):PC("fsl","ids",[]);if(!g.length)return!0;var k=UC(a,"gtm.formSubmit",g),m=a.action;m&&m.tagName&&(m=a.cloneNode(!1).action);U(121);if(m==="https://www.facebook.com/tr/")return U(122),!0;k["gtm.elementUrl"]=m;k["gtm.formCanceled"]=c;a.getAttribute("name")!=null&&(k["gtm.interactedFormName"]=a.getAttribute("name"));e&&(k["gtm.formSubmitElement"]=e,k["gtm.formSubmitElementText"]=e.value);if(d&&f){if(!AB(k,CB(b, equals www.facebook.com (Facebook)

Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: appwebconnect.pages.dev
Source: global traffic	DNS traffic detected: DNS query: a.nel.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: www.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: static.cloudflareinsights.com
Source: global traffic	DNS traffic detected: DNS query: cf-assets.www.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: performance.radar.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: challenges.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: ot.www.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: invalid.rpki.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: cdn.logr-ingest.com
Source: global traffic	DNS traffic detected: DNS query: valid.rpki.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: assets.adobedtm.com
Source: global traffic	DNS traffic detected: DNS query: api.www.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: benchmark.1e100cdn.net
Source: global traffic	DNS traffic detected: DNS query: dpm.demdex.net
Source: global traffic	DNS traffic detected: DNS query: p29.cedexis-test.com
Source: global traffic	DNS traffic detected: DNS query: di.rlcdn.com
Source: global traffic	DNS traffic detected: DNS query: tag.demandbase.com
Source: global traffic	DNS traffic detected: DNS query: snap.licdn.com
Source: global traffic	DNS traffic detected: DNS query: scout-cdn.salesloft.com
Source: global traffic	DNS traffic detected: DNS query: static.ads-twitter.com
Source: global traffic	DNS traffic detected: DNS query: px.ads.linkedin.com
Source: global traffic	DNS traffic detected: DNS query: alb.reddit.com
Source: global traffic	DNS traffic detected: DNS query: js.qualified.com
Source: global traffic	DNS traffic detected: DNS query: munchkin.marketo.net
Source: global traffic	DNS traffic detected: DNS query: adobedc.demdex.net
Source: global traffic	DNS traffic detected: DNS query: cloudflareinc.demdex.net
Source: global traffic	DNS traffic detected: DNS query: cdn.bizible.com
Source: global traffic	DNS traffic detected: DNS query: cm.everesttech.net
Source: global traffic	DNS traffic detected: DNS query: scout.salesloft.com
Source: global traffic	DNS traffic detected: DNS query: stats.g.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: api.company-target.com
Source: global traffic	DNS traffic detected: DNS query: s.company-target.com
Source: global traffic	DNS traffic detected: DNS query: id.rlcdn.com
Source: global traffic	DNS traffic detected: DNS query: t.co
Source: global traffic	DNS traffic detected: DNS query: analytics.twitter.com
Source: global traffic	DNS traffic detected: DNS query: r.logr-ingest.com
Source: global traffic	DNS traffic detected: DNS query: www.linkedin.com
Source: global traffic	DNS traffic detected: DNS query: tag-logger.demandbase.com
Source: global traffic	DNS traffic detected: DNS query: ws6.qualified.com
Source: global traffic	DNS traffic detected: DNS query: app.qualified.com
Source: global traffic	DNS traffic detected: DNS query: cdn.bizibly.com
Source: global traffic	DNS traffic detected: DNS query: fastly.cedexis-test.com
Source: global traffic	DNS traffic detected: DNS query: dsum-sec.casalemedia.com
Source: global traffic	DNS traffic detected: DNS query: partners.tremorhub.com
Source: global traffic	DNS traffic detected: DNS query: pixel.rubiconproject.com
Source: global traffic	DNS traffic detected: DNS query: 713-xsc-918.mktoresp.com
Source: global traffic	DNS traffic detected: DNS query: benchmarks.cdn.compute-pipe.com
Source: global traffic	DNS traffic detected: DNS query: edge.adobedc.net
Source: global traffic	DNS traffic detected: DNS query: p16999.cedexis-test.com
Source: global traffic	DNS traffic detected: DNS query: segments.company-target.com
Source: global traffic	DNS traffic detected: DNS query: p36.cedexis-test.com
Source: global traffic	DNS traffic detected: DNS query: jsdelivr.b-cdn.net
Source: global traffic	DNS traffic detected: DNS query: ptcfc.com
Source: global traffic	DNS traffic detected: DNS query: fastly.jsdelivr.net
Source: global traffic	DNS traffic detected: DNS query: testingcf.jsdelivr.net

Timestamp	Bytes transferred	Direction	Data
2025-02-14 23:55:33 UTC	666	OUT	GET / HTTP/1.1 Host: appwebconnect.pages.dev Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-02-14 23:55:33 UTC	572	IN	HTTP/1.1 403 Forbidden Date: Fri, 14 Feb 2025 23:55:33 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Frame-Options: SAMEORIGIN Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H4jeU0q7BkB3Yn4wB5HwYRftgHpBf3yDzZZA6b0yVSSn1OiyLJfBs%2F0W3tiz3s3WfG3IB8wAcoh6KKxV%2FzuZq9BM%2BlZ3rpmW27vLYChLxTDVIOmse2bgS74tGjgK%2Ff7Kl9guTL%2BpR6c17g%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 9120fd5d8eeb430d-EWR
2025-02-14 23:55:33 UTC	797	IN	Data Raw: 66 66 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 21 2d 2d 5b 69 66 20 6c 74 20 49 45 20 37 5d 3e 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 36 20 6f 6c 64 69 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 21 2d 2d 5b 69 66 20 49 45 20 37 5d 3e 20 20 20 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 37 20 6f 6c 64 69 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 21 2d 2d 5b 69 66 20 49 45 20 38 5d 3e 20 20 20 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 38 20 6f 6c 64 69 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 21 2d 2d 5b 69 66 20 67 Data Ascii: fff<!DOCTYPE html>...[if lt IE 7]> <html class="no-js ie6 oldie" lang="en-US"> <![endif]-->...[if IE 7]> <html class="no-js ie7 oldie" lang="en-US"> <![endif]-->...[if IE 8]> <html class="no-js ie8 oldie" lang="en-US"> <![endif]-->...[if g
2025-02-14 23:55:33 UTC	1369	IN	Data Raw: 65 66 3d 22 2f 63 64 6e 2d 63 67 69 2f 73 74 79 6c 65 73 2f 63 66 2e 65 72 72 6f 72 73 2e 69 65 2e 63 73 73 22 20 2f 3e 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 3c 2f 73 74 79 6c 65 3e 0a 0a 0a 3c 21 2d 2d 5b 69 66 20 67 74 65 20 49 45 20 31 30 5d 3e 3c 21 2d 2d 3e 0a 3c 73 63 72 69 70 74 3e 0a 20 20 69 66 20 28 21 6e 61 76 69 67 61 74 6f 72 2e 63 6f 6f 6b 69 65 45 6e 61 62 6c 65 64 29 20 7b 0a 20 20 20 20 77 69 6e 64 6f 77 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 27 44 4f 4d 43 6f 6e 74 65 6e 74 4c 6f 61 64 65 64 27 2c 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 20 20 20 20 20 20 76 61 72 20 63 6f 6f 6b 69 65 45 6c 20 3d 20 64 6f 63 75 6d 65 6e 74 2e Data Ascii: ef="/cdn-cgi/styles/cf.errors.ie.css" /><![endif]--><style>body{margin:0;padding:0}</style>...[if gte IE 10]>...><script> if (!navigator.cookieEnabled) { window.addEventListener('DOMContentLoaded', function () { var cookieEl = document.
2025-02-14 23:55:33 UTC	1369	IN	Data Raw: 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 2f 6c 65 61 72 6e 69 6e 67 2f 61 63 63 65 73 73 2d 6d 61 6e 61 67 65 6d 65 6e 74 2f 70 68 69 73 68 69 6e 67 2d 61 74 74 61 63 6b 2f 22 20 63 6c 61 73 73 3d 22 63 66 2d 62 74 6e 22 20 73 74 79 6c 65 3d 22 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 34 30 34 30 34 30 3b 20 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 20 62 6f 72 64 65 72 3a 20 30 3b 22 3e 4c 65 61 72 6e 20 4d 6f 72 65 3c 2f 61 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f Data Ascii: <a href="https://www.cloudflare.com/learning/access-management/phishing-attack/" class="cf-btn" style="background-color: #404040; color: #fff; border: 0;">Learn More</a> </
2025-02-14 23:55:33 UTC	567	IN	Data Raw: 69 70 74 3e 28 66 75 6e 63 74 69 6f 6e 28 29 7b 66 75 6e 63 74 69 6f 6e 20 64 28 29 7b 76 61 72 20 62 3d 61 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 63 66 2d 66 6f 6f 74 65 72 2d 69 74 65 6d 2d 69 70 22 29 2c 63 3d 61 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 63 66 2d 66 6f 6f 74 65 72 2d 69 70 2d 72 65 76 65 61 6c 22 29 3b 62 26 26 22 63 6c 61 73 73 4c 69 73 74 22 69 6e 20 62 26 26 28 62 2e 63 6c 61 73 73 4c 69 73 74 2e 72 65 6d 6f 76 65 28 22 68 69 64 64 65 6e 22 29 2c 63 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 63 6c 69 63 6b 22 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 63 2e 63 6c 61 73 73 4c 69 73 74 2e 61 64 64 28 22 68 69 64 64 65 6e 22 29 3b 61 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 63 66 2d 66 6f 6f 74 65 Data Ascii: ipt>(function(){function d(){var b=a.getElementById("cf-footer-item-ip"),c=a.getElementById("cf-footer-ip-reveal");b&&"classList"in b&&(b.classList.remove("hidden"),c.addEventListener("click",function(){c.classList.add("hidden");a.getElementById("cf-foote
2025-02-14 23:55:33 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2025-02-14 23:55:33 UTC	573	OUT	GET /cdn-cgi/styles/cf.errors.css HTTP/1.1 Host: appwebconnect.pages.dev Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://appwebconnect.pages.dev/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-02-14 23:55:33 UTC	411	IN	HTTP/1.1 200 OK Date: Fri, 14 Feb 2025 23:55:33 GMT Content-Type: text/css Content-Length: 24051 Connection: close Last-Modified: Tue, 11 Feb 2025 12:48:48 GMT ETag: "67ab4730-5df3" Server: cloudflare CF-RAY: 9120fd5ecdb91831-EWR X-Frame-Options: DENY X-Content-Type-Options: nosniff Expires: Sat, 15 Feb 2025 01:55:33 GMT Cache-Control: max-age=7200 Cache-Control: public Accept-Ranges: bytes
2025-02-14 23:55:33 UTC	958	IN	Data Raw: 23 63 66 2d 77 72 61 70 70 65 72 20 61 2c 23 63 66 2d 77 72 61 70 70 65 72 20 61 62 62 72 2c 23 63 66 2d 77 72 61 70 70 65 72 20 61 72 74 69 63 6c 65 2c 23 63 66 2d 77 72 61 70 70 65 72 20 61 73 69 64 65 2c 23 63 66 2d 77 72 61 70 70 65 72 20 62 2c 23 63 66 2d 77 72 61 70 70 65 72 20 62 69 67 2c 23 63 66 2d 77 72 61 70 70 65 72 20 62 6c 6f 63 6b 71 75 6f 74 65 2c 23 63 66 2d 77 72 61 70 70 65 72 20 62 6f 64 79 2c 23 63 66 2d 77 72 61 70 70 65 72 20 63 61 6e 76 61 73 2c 23 63 66 2d 77 72 61 70 70 65 72 20 63 61 70 74 69 6f 6e 2c 23 63 66 2d 77 72 61 70 70 65 72 20 63 65 6e 74 65 72 2c 23 63 66 2d 77 72 61 70 70 65 72 20 63 69 74 65 2c 23 63 66 2d 77 72 61 70 70 65 72 20 63 6f 64 65 2c 23 63 66 2d 77 72 61 70 70 65 72 20 64 64 2c 23 63 66 2d 77 72 61 70 70 Data Ascii: #cf-wrapper a,#cf-wrapper abbr,#cf-wrapper article,#cf-wrapper aside,#cf-wrapper b,#cf-wrapper big,#cf-wrapper blockquote,#cf-wrapper body,#cf-wrapper canvas,#cf-wrapper caption,#cf-wrapper center,#cf-wrapper cite,#cf-wrapper code,#cf-wrapper dd,#cf-wrapp
2025-02-14 23:55:33 UTC	1369	IN	Data Raw: 65 2c 23 63 66 2d 77 72 61 70 70 65 72 20 73 74 72 6f 6e 67 2c 23 63 66 2d 77 72 61 70 70 65 72 20 73 75 62 2c 23 63 66 2d 77 72 61 70 70 65 72 20 73 75 6d 6d 61 72 79 2c 23 63 66 2d 77 72 61 70 70 65 72 20 73 75 70 2c 23 63 66 2d 77 72 61 70 70 65 72 20 74 61 62 6c 65 2c 23 63 66 2d 77 72 61 70 70 65 72 20 74 62 6f 64 79 2c 23 63 66 2d 77 72 61 70 70 65 72 20 74 64 2c 23 63 66 2d 77 72 61 70 70 65 72 20 74 66 6f 6f 74 2c 23 63 66 2d 77 72 61 70 70 65 72 20 74 68 2c 23 63 66 2d 77 72 61 70 70 65 72 20 74 68 65 61 64 2c 23 63 66 2d 77 72 61 70 70 65 72 20 74 72 2c 23 63 66 2d 77 72 61 70 70 65 72 20 74 74 2c 23 63 66 2d 77 72 61 70 70 65 72 20 75 2c 23 63 66 2d 77 72 61 70 70 65 72 20 75 6c 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 3b 62 6f Data Ascii: e,#cf-wrapper strong,#cf-wrapper sub,#cf-wrapper summary,#cf-wrapper sup,#cf-wrapper table,#cf-wrapper tbody,#cf-wrapper td,#cf-wrapper tfoot,#cf-wrapper th,#cf-wrapper thead,#cf-wrapper tr,#cf-wrapper tt,#cf-wrapper u,#cf-wrapper ul{margin:0;padding:0;bo
2025-02-14 23:55:33 UTC	1369	IN	Data Raw: 31 2e 35 21 69 6d 70 6f 72 74 61 6e 74 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 21 69 6d 70 6f 72 74 61 6e 74 3b 6c 65 74 74 65 72 2d 73 70 61 63 69 6e 67 3a 6e 6f 72 6d 61 6c 3b 2d 77 65 62 6b 69 74 2d 74 61 70 2d 68 69 67 68 6c 69 67 68 74 2d 63 6f 6c 6f 72 3a 72 67 62 61 28 32 34 36 2c 31 33 39 2c 33 31 2c 2e 33 29 3b 2d 77 65 62 6b 69 74 2d 66 6f 6e 74 2d 73 6d 6f 6f 74 68 69 6e 67 3a 61 6e 74 69 61 6c 69 61 73 65 64 7d 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 73 65 63 74 69 6f 6e 2c 23 63 66 2d 77 72 61 70 70 65 72 20 73 65 63 74 69 6f 6e 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 30 20 30 3b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 32 65 6d 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 32 65 6d Data Ascii: 1.5!important;text-decoration:none!important;letter-spacing:normal;-webkit-tap-highlight-color:rgba(246,139,31,.3);-webkit-font-smoothing:antialiased}#cf-wrapper .cf-section,#cf-wrapper section{background:0 0;display:block;margin-bottom:2em;margin-top:2em
2025-02-14 23:55:33 UTC	1369	IN	Data Raw: 6c 64 28 32 6e 29 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 63 6f 6c 75 6d 6e 73 2e 63 6f 6c 73 2d 34 3e 2e 63 66 2d 63 6f 6c 75 6d 6e 3a 6e 74 68 2d 63 68 69 6c 64 28 32 6e 29 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 63 6f 6c 75 6d 6e 73 2e 66 6f 75 72 3e 2e 63 66 2d 63 6f 6c 75 6d 6e 3a 6e 74 68 2d 63 68 69 6c 64 28 32 6e 29 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 63 6f 6c 75 6d 6e 73 2e 74 77 6f 3e 2e 63 66 2d 63 6f 6c 75 6d 6e 3a 6e 74 68 2d 63 68 69 6c 64 28 32 6e 29 7b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 32 32 2e 35 70 78 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 63 6f 6c 75 6d 6e 73 2e 63 6f 6c 73 2d 32 3e 2e 63 66 2d 63 6f 6c 75 6d 6e 3a 6e 74 68 2d 63 68 69 Data Ascii: ld(2n),#cf-wrapper .cf-columns.cols-4>.cf-column:nth-child(2n),#cf-wrapper .cf-columns.four>.cf-column:nth-child(2n),#cf-wrapper .cf-columns.two>.cf-column:nth-child(2n){padding-left:22.5px;padding-right:0}#cf-wrapper .cf-columns.cols-2>.cf-column:nth-chi
2025-02-14 23:55:33 UTC	1369	IN	Data Raw: 29 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 63 6f 6c 75 6d 6e 73 2e 66 6f 75 72 3e 2e 63 66 2d 63 6f 6c 75 6d 6e 3a 6e 74 68 2d 63 68 69 6c 64 28 6f 64 64 29 7b 63 6c 65 61 72 3a 6e 6f 6e 65 7d 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 63 6f 6c 75 6d 6e 73 2e 63 6f 6c 73 2d 34 3e 2e 63 66 2d 63 6f 6c 75 6d 6e 3a 66 69 72 73 74 2d 63 68 69 6c 64 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 63 6f 6c 75 6d 6e 73 2e 63 6f 6c 73 2d 34 3e 2e 63 66 2d 63 6f 6c 75 6d 6e 3a 6e 74 68 2d 63 68 69 6c 64 28 34 6e 2b 31 29 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 63 6f 6c 75 6d 6e 73 2e 66 6f 75 72 3e 2e 63 66 2d 63 6f 6c 75 6d 6e 3a 66 69 72 73 74 2d 63 68 69 6c 64 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 63 6f 6c 75 6d 6e 73 Data Ascii: ),#cf-wrapper .cf-columns.four>.cf-column:nth-child(odd){clear:none}#cf-wrapper .cf-columns.cols-4>.cf-column:first-child,#cf-wrapper .cf-columns.cols-4>.cf-column:nth-child(4n+1),#cf-wrapper .cf-columns.four>.cf-column:first-child,#cf-wrapper .cf-columns
2025-02-14 23:55:33 UTC	1369	IN	Data Raw: 30 3b 70 61 64 64 69 6e 67 3a 30 7d 23 63 66 2d 77 72 61 70 70 65 72 20 68 31 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 32 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 33 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 34 30 30 7d 23 63 66 2d 77 72 61 70 70 65 72 20 68 34 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 35 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 36 2c 23 63 66 2d 77 72 61 70 70 65 72 20 73 74 72 6f 6e 67 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 36 30 30 7d 23 63 66 2d 77 72 61 70 70 65 72 20 68 31 7b 66 6f 6e 74 2d 73 69 7a 65 3a 33 36 70 78 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 32 7d 23 63 66 2d 77 72 61 70 70 65 72 20 68 32 7b 66 6f 6e 74 2d 73 69 7a 65 3a 33 30 70 78 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 33 7d 23 63 66 2d 77 72 61 70 70 65 Data Ascii: 0;padding:0}#cf-wrapper h1,#cf-wrapper h2,#cf-wrapper h3{font-weight:400}#cf-wrapper h4,#cf-wrapper h5,#cf-wrapper h6,#cf-wrapper strong{font-weight:600}#cf-wrapper h1{font-size:36px;line-height:1.2}#cf-wrapper h2{font-size:30px;line-height:1.3}#cf-wrappe
2025-02-14 23:55:33 UTC	1369	IN	Data Raw: 68 32 2b 68 34 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 32 2b 68 35 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 32 2b 68 36 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 33 2b 68 35 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 33 2b 68 36 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 33 2b 70 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 34 2b 70 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 35 2b 6f 6c 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 35 2b 70 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 35 2b 75 6c 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2e 35 65 6d 7d 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 62 74 6e 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 3b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 39 39 39 3b 63 6f 6c Data Ascii: h2+h4,#cf-wrapper h2+h5,#cf-wrapper h2+h6,#cf-wrapper h3+h5,#cf-wrapper h3+h6,#cf-wrapper h3+p,#cf-wrapper h4+p,#cf-wrapper h5+ol,#cf-wrapper h5+p,#cf-wrapper h5+ul{margin-top:.5em}#cf-wrapper .cf-btn{background-color:transparent;border:1px solid #999;col
2025-02-14 23:55:33 UTC	1369	IN	Data Raw: 3a 23 36 32 61 31 64 38 3b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 31 36 33 39 35 39 3b 63 6f 6c 6f 72 3a 23 66 66 66 7d 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 62 74 6e 2d 64 61 6e 67 65 72 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 62 74 6e 2d 65 72 72 6f 72 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 62 74 6e 2d 69 6d 70 6f 72 74 61 6e 74 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 62 64 32 34 32 36 3b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 3b 63 6f 6c 6f 72 3a 23 66 66 66 7d 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 62 74 6e 2d 64 61 6e 67 65 72 3a 68 6f 76 65 72 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 62 74 6e 2d 65 72 72 6f 72 3a 68 6f 76 65 72 2c 23 Data Ascii: :#62a1d8;border:1px solid #163959;color:#fff}#cf-wrapper .cf-btn-danger,#cf-wrapper .cf-btn-error,#cf-wrapper .cf-btn-important{background-color:#bd2426;border-color:transparent;color:#fff}#cf-wrapper .cf-btn-danger:hover,#cf-wrapper .cf-btn-error:hover,#
2025-02-14 23:55:33 UTC	1369	IN	Data Raw: 61 63 65 3a 6e 6f 77 72 61 70 7d 23 63 66 2d 77 72 61 70 70 65 72 20 69 6e 70 75 74 2c 23 63 66 2d 77 72 61 70 70 65 72 20 73 65 6c 65 63 74 2c 23 63 66 2d 77 72 61 70 70 65 72 20 74 65 78 74 61 72 65 61 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 21 69 6d 70 6f 72 74 61 6e 74 3b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 39 39 39 21 69 6d 70 6f 72 74 61 6e 74 3b 63 6f 6c 6f 72 3a 23 34 30 34 30 34 30 21 69 6d 70 6f 72 74 61 6e 74 3b 66 6f 6e 74 2d 73 69 7a 65 3a 2e 38 36 36 36 37 65 6d 21 69 6d 70 6f 72 74 61 6e 74 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 32 34 21 69 6d 70 6f 72 74 61 6e 74 3b 6d 61 72 67 69 6e 3a 30 20 30 20 31 65 6d 21 69 6d 70 6f 72 74 61 6e 74 3b 6d 61 78 2d 77 69 64 74 68 3a 31 30 30 25 21 69 6d 70 6f 72 74 61 6e Data Ascii: ace:nowrap}#cf-wrapper input,#cf-wrapper select,#cf-wrapper textarea{background:#fff!important;border:1px solid #999!important;color:#404040!important;font-size:.86667em!important;line-height:1.24!important;margin:0 0 1em!important;max-width:100%!importan
2025-02-14 23:55:33 UTC	1369	IN	Data Raw: 3a 23 34 30 34 30 34 30 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 33 70 78 3b 70 61 64 64 69 6e 67 3a 37 2e 35 70 78 20 31 35 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 76 65 72 74 69 63 61 6c 2d 61 6c 69 67 6e 3a 6d 69 64 64 6c 65 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 32 70 78 7d 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 61 6c 65 72 74 3a 65 6d 70 74 79 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 61 6c 65 72 74 20 2e 63 66 2d 63 6c 6f 73 65 7b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 74 72 61 6e 73 70 61 72 65 6e 74 3b 63 6f 6c 6f 72 3a 69 6e 68 65 72 69 74 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 38 2e 37 35 70 78 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 3b 70 61 64 64 69 6e Data Ascii: :#404040;font-size:13px;padding:7.5px 15px;position:relative;vertical-align:middle;border-radius:2px}#cf-wrapper .cf-alert:empty{display:none}#cf-wrapper .cf-alert .cf-close{border:1px solid transparent;color:inherit;font-size:18.75px;line-height:1;paddin

Timestamp	Bytes transferred	Direction	Data
2025-02-14 23:55:33 UTC	562	OUT	OPTIONS /report/v4?s=H4jeU0q7BkB3Yn4wB5HwYRftgHpBf3yDzZZA6b0yVSSn1OiyLJfBs%2F0W3tiz3s3WfG3IB8wAcoh6KKxV%2FzuZq9BM%2BlZ3rpmW27vLYChLxTDVIOmse2bgS74tGjgK%2Ff7Kl9guTL%2BpR6c17g%3D%3D HTTP/1.1 Host: a.nel.cloudflare.com Connection: keep-alive Origin: https://appwebconnect.pages.dev Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-02-14 23:55:34 UTC	336	IN	HTTP/1.1 200 OK Content-Length: 0 access-control-max-age: 86400 access-control-allow-methods: OPTIONS, POST access-control-allow-origin: * access-control-allow-headers: content-type, content-length date: Fri, 14 Feb 2025 23:55:33 GMT Via: 1.1 google Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close

Timestamp	Bytes transferred	Direction	Data
2025-02-14 23:55:34 UTC	496	OUT	POST /report/v4?s=H4jeU0q7BkB3Yn4wB5HwYRftgHpBf3yDzZZA6b0yVSSn1OiyLJfBs%2F0W3tiz3s3WfG3IB8wAcoh6KKxV%2FzuZq9BM%2BlZ3rpmW27vLYChLxTDVIOmse2bgS74tGjgK%2Ff7Kl9guTL%2BpR6c17g%3D%3D HTTP/1.1 Host: a.nel.cloudflare.com Connection: keep-alive Content-Length: 393 Content-Type: application/reports+json User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-02-14 23:55:34 UTC	393	OUT	Data Raw: 5b 7b 22 61 67 65 22 3a 31 2c 22 62 6f 64 79 22 3a 7b 22 65 6c 61 70 73 65 64 5f 74 69 6d 65 22 3a 31 37 35 38 2c 22 6d 65 74 68 6f 64 22 3a 22 47 45 54 22 2c 22 70 68 61 73 65 22 3a 22 61 70 70 6c 69 63 61 74 69 6f 6e 22 2c 22 70 72 6f 74 6f 63 6f 6c 22 3a 22 68 74 74 70 2f 31 2e 31 22 2c 22 72 65 66 65 72 72 65 72 22 3a 22 22 2c 22 73 61 6d 70 6c 69 6e 67 5f 66 72 61 63 74 69 6f 6e 22 3a 31 2e 30 2c 22 73 65 72 76 65 72 5f 69 70 22 3a 22 31 38 38 2e 31 31 34 2e 39 37 2e 33 22 2c 22 73 74 61 74 75 73 5f 63 6f 64 65 22 3a 34 30 33 2c 22 74 79 70 65 22 3a 22 68 74 74 70 2e 65 72 72 6f 72 22 7d 2c 22 74 79 70 65 22 3a 22 6e 65 74 77 6f 72 6b 2d 65 72 72 6f 72 22 2c 22 75 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 61 70 70 77 65 62 63 6f 6e 6e 65 63 74 2e 70 61 Data Ascii: [{"age":1,"body":{"elapsed_time":1758,"method":"GET","phase":"application","protocol":"http/1.1","referrer":"","sampling_fraction":1.0,"server_ip":"188.114.97.3","status_code":403,"type":"http.error"},"type":"network-error","url":"https://appwebconnect.pa
2025-02-14 23:55:34 UTC	168	IN	HTTP/1.1 200 OK Content-Length: 0 date: Fri, 14 Feb 2025 23:55:34 GMT Via: 1.1 google Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close

Timestamp	Bytes transferred	Direction	Data
2025-02-14 23:55:34 UTC	665	OUT	GET /cdn-cgi/images/icon-exclamation.png?1376755637 HTTP/1.1 Host: appwebconnect.pages.dev Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://appwebconnect.pages.dev/cdn-cgi/styles/cf.errors.css Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-02-14 23:55:35 UTC	409	IN	HTTP/1.1 200 OK Date: Fri, 14 Feb 2025 23:55:35 GMT Content-Type: image/png Content-Length: 452 Connection: close Last-Modified: Tue, 11 Feb 2025 12:48:48 GMT ETag: "67ab4730-1c4" Server: cloudflare CF-RAY: 9120fd67ffa943d7-EWR X-Frame-Options: DENY X-Content-Type-Options: nosniff Expires: Sat, 15 Feb 2025 01:55:35 GMT Cache-Control: max-age=7200 Cache-Control: public Accept-Ranges: bytes
2025-02-14 23:55:35 UTC	452	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 36 00 00 00 36 08 03 00 00 00 bb 9b 9a ef 00 00 00 33 50 4c 54 45 c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f ab b2 22 ed 00 00 00 11 74 52 4e 53 00 40 30 10 60 8f bf ff ef 7f af 9f df 20 50 cf 70 60 82 c8 9b 00 00 01 2f 49 44 41 54 78 01 bd d3 05 d2 b4 30 10 06 e1 8e 6c de c1 36 dc ff b2 9f 2b 95 c9 12 7e 79 4a 91 46 22 b8 c2 8b c8 80 94 6f 45 1f ac 4c 81 33 f2 ac 03 5b 1e 95 69 32 b5 94 6e 98 57 79 4a c4 91 8a 7a 26 9a 82 a9 af a4 46 95 f5 d0 1a fb 95 c7 62 bf b2 f2 e9 70 7e e3 a7 a0 df ee 7c 3a 74 35 f1 6d b3 b3 99 66 70 af 69 f2 2f 65 ef c7 fa 99 25 de 25 1b c9 b4 f0 6e d2 50 a6 ed fb 65 Data Ascii: PNGIHDR663PLTEE?E?E?E?E?E?E?E?E?E?E?E?E?E?E?E?E?"tRNS@0` Pp`/IDATx0l6+~yJF"oEL3[i2nWyJz&Fbp~\|:t5mfpi/e%%nPe

Timestamp	Bytes transferred	Direction	Data
2025-02-14 23:55:36 UTC	393	OUT	GET /cdn-cgi/images/icon-exclamation.png?1376755637 HTTP/1.1 Host: appwebconnect.pages.dev Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-02-14 23:55:36 UTC	409	IN	HTTP/1.1 200 OK Date: Fri, 14 Feb 2025 23:55:36 GMT Content-Type: image/png Content-Length: 452 Connection: close Last-Modified: Tue, 11 Feb 2025 12:48:48 GMT ETag: "67ab4730-1c4" Server: cloudflare CF-RAY: 9120fd6f08d58c8a-EWR X-Frame-Options: DENY X-Content-Type-Options: nosniff Expires: Sat, 15 Feb 2025 01:55:36 GMT Cache-Control: max-age=7200 Cache-Control: public Accept-Ranges: bytes
2025-02-14 23:55:36 UTC	452	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 36 00 00 00 36 08 03 00 00 00 bb 9b 9a ef 00 00 00 33 50 4c 54 45 c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f ab b2 22 ed 00 00 00 11 74 52 4e 53 00 40 30 10 60 8f bf ff ef 7f af 9f df 20 50 cf 70 60 82 c8 9b 00 00 01 2f 49 44 41 54 78 01 bd d3 05 d2 b4 30 10 06 e1 8e 6c de c1 36 dc ff b2 9f 2b 95 c9 12 7e 79 4a 91 46 22 b8 c2 8b c8 80 94 6f 45 1f ac 4c 81 33 f2 ac 03 5b 1e 95 69 32 b5 94 6e 98 57 79 4a c4 91 8a 7a 26 9a 82 a9 af a4 46 95 f5 d0 1a fb 95 c7 62 bf b2 f2 e9 70 7e e3 a7 a0 df ee 7c 3a 74 35 f1 6d b3 b3 99 66 70 af 69 f2 2f 65 ef c7 fa 99 25 de 25 1b c9 b4 f0 6e d2 50 a6 ed fb 65 Data Ascii: PNGIHDR663PLTEE?E?E?E?E?E?E?E?E?E?E?E?E?E?E?E?E?"tRNS@0` Pp`/IDATx0l6+~yJF"oEL3[i2nWyJz&Fbp~\|:t5mfpi/e%%nPe

Timestamp	Bytes transferred	Direction	Data
2025-02-14 23:55:36 UTC	602	OUT	GET /favicon.ico HTTP/1.1 Host: appwebconnect.pages.dev Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://appwebconnect.pages.dev/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-02-14 23:55:36 UTC	570	IN	HTTP/1.1 403 Forbidden Date: Fri, 14 Feb 2025 23:55:36 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Frame-Options: SAMEORIGIN Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aGhPVZ1E7l58QLRbEdk9kb6Jc4ZM6khr9z93IfalcupryO1apJD3X%2B%2F4TIpUnbCZZcIVs4%2FQhA0VcDY4Pi5Dmk43Tg9vw%2BDz7SgOfVj0wKTshr2Su1aQ52oH7nUj7JDDsc3CDc9jxgvEnw%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 9120fd6f0cc978e8-EWR
2025-02-14 23:55:36 UTC	799	IN	Data Raw: 66 66 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 21 2d 2d 5b 69 66 20 6c 74 20 49 45 20 37 5d 3e 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 36 20 6f 6c 64 69 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 21 2d 2d 5b 69 66 20 49 45 20 37 5d 3e 20 20 20 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 37 20 6f 6c 64 69 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 21 2d 2d 5b 69 66 20 49 45 20 38 5d 3e 20 20 20 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 38 20 6f 6c 64 69 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 21 2d 2d 5b 69 66 20 67 Data Ascii: fff<!DOCTYPE html>...[if lt IE 7]> <html class="no-js ie6 oldie" lang="en-US"> <![endif]-->...[if IE 7]> <html class="no-js ie7 oldie" lang="en-US"> <![endif]-->...[if IE 8]> <html class="no-js ie8 oldie" lang="en-US"> <![endif]-->...[if g
2025-02-14 23:55:36 UTC	1369	IN	Data Raw: 3d 22 2f 63 64 6e 2d 63 67 69 2f 73 74 79 6c 65 73 2f 63 66 2e 65 72 72 6f 72 73 2e 69 65 2e 63 73 73 22 20 2f 3e 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 3c 2f 73 74 79 6c 65 3e 0a 0a 0a 3c 21 2d 2d 5b 69 66 20 67 74 65 20 49 45 20 31 30 5d 3e 3c 21 2d 2d 3e 0a 3c 73 63 72 69 70 74 3e 0a 20 20 69 66 20 28 21 6e 61 76 69 67 61 74 6f 72 2e 63 6f 6f 6b 69 65 45 6e 61 62 6c 65 64 29 20 7b 0a 20 20 20 20 77 69 6e 64 6f 77 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 27 44 4f 4d 43 6f 6e 74 65 6e 74 4c 6f 61 64 65 64 27 2c 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 20 20 20 20 20 20 76 61 72 20 63 6f 6f 6b 69 65 45 6c 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 67 65 Data Ascii: ="/cdn-cgi/styles/cf.errors.ie.css" /><![endif]--><style>body{margin:0;padding:0}</style>...[if gte IE 10]>...><script> if (!navigator.cookieEnabled) { window.addEventListener('DOMContentLoaded', function () { var cookieEl = document.ge
2025-02-14 23:55:36 UTC	1369	IN	Data Raw: 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 2f 6c 65 61 72 6e 69 6e 67 2f 61 63 63 65 73 73 2d 6d 61 6e 61 67 65 6d 65 6e 74 2f 70 68 69 73 68 69 6e 67 2d 61 74 74 61 63 6b 2f 22 20 63 6c 61 73 73 3d 22 63 66 2d 62 74 6e 22 20 73 74 79 6c 65 3d 22 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 34 30 34 30 34 30 3b 20 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 20 62 6f 72 64 65 72 3a 20 30 3b 22 3e 4c 65 61 72 6e 20 4d 6f 72 65 3c 2f 61 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 70 3e Data Ascii: <a href="https://www.cloudflare.com/learning/access-management/phishing-attack/" class="cf-btn" style="background-color: #404040; color: #fff; border: 0;">Learn More</a> </p>
2025-02-14 23:55:36 UTC	565	IN	Data Raw: 74 3e 28 66 75 6e 63 74 69 6f 6e 28 29 7b 66 75 6e 63 74 69 6f 6e 20 64 28 29 7b 76 61 72 20 62 3d 61 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 63 66 2d 66 6f 6f 74 65 72 2d 69 74 65 6d 2d 69 70 22 29 2c 63 3d 61 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 63 66 2d 66 6f 6f 74 65 72 2d 69 70 2d 72 65 76 65 61 6c 22 29 3b 62 26 26 22 63 6c 61 73 73 4c 69 73 74 22 69 6e 20 62 26 26 28 62 2e 63 6c 61 73 73 4c 69 73 74 2e 72 65 6d 6f 76 65 28 22 68 69 64 64 65 6e 22 29 2c 63 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 63 6c 69 63 6b 22 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 63 2e 63 6c 61 73 73 4c 69 73 74 2e 61 64 64 28 22 68 69 64 64 65 6e 22 29 3b 61 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 63 66 2d 66 6f 6f 74 65 72 2d Data Ascii: t>(function(){function d(){var b=a.getElementById("cf-footer-item-ip"),c=a.getElementById("cf-footer-ip-reveal");b&&"classList"in b&&(b.classList.remove("hidden"),c.addEventListener("click",function(){c.classList.add("hidden");a.getElementById("cf-footer-
2025-02-14 23:55:36 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2025-02-14 23:55:47 UTC	753	OUT	GET /learning/access-management/phishing-attack/ HTTP/1.1 Host: www.cloudflare.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Referer: https://appwebconnect.pages.dev/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-02-14 23:55:48 UTC	1216	IN	HTTP/1.1 200 OK Date: Fri, 14 Feb 2025 23:55:48 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close Cache-Control: public, max-age=0, must-revalidate Strict-Transport-Security: max-age=31536000; includeSubDomains Permissions-Policy: geolocation=(), camera=(), microphone=() Referrer-Policy: strict-origin-when-cross-origin X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-GWW-LOC: EN-US X-PGS-LOC: EN-US x-RM: GW X-XSS-Protection: 1; mode=block Set-Cookie: __cf_bm=FGhWv14D3CnzXQl0jk92tYa9t9pH1pu7jvmh8JWpPQk-1739577348-1.0.1.1-3FZ3Ny_vz1nmQQK5bok6fOiiks39OjlDW2uLSWAn9bqhqkqJRUwXbe7IpNvEDcuruzPtKwywIWBu50HaNG8e1vqMNxOxJOVPtwUEvsdyic8; path=/; expires=Sat, 15-Feb-25 00:25:48 GMT; domain=.www.cloudflare.com; HttpOnly; Secure; SameSite=None Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KcVND5%2B6l0Y0oM2MOwFan3J75R9YL9ofhJqMIYVs8kl9nhvBVm6NOSJ2vHb7TnAigvx2oqJwpHlzscjl7YB4p8KFGdcD3RSNNTZcCkZTAq6tz5ptHuqkGvd8lzuK1psMJxcgeg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 9120fdb88edb4322-EWR alt-svc: h3=":443"; ma=86400
2025-02-14 23:55:48 UTC	1369	IN	Data Raw: 37 66 66 32 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 75 73 22 3e 3c 68 65 61 64 3e 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 72 65 64 77 6f 6f 64 3d 7b 22 63 6f 6e 73 65 6e 74 47 72 6f 75 70 73 22 3a 7b 22 43 30 30 30 31 22 3a 74 72 75 65 2c 22 43 30 30 30 32 22 3a 74 72 75 65 2c 22 43 30 30 30 33 22 3a 74 72 75 65 2c 22 43 30 30 30 34 22 3a 74 72 75 65 7d 2c 22 63 6f 75 6e 74 72 79 22 3a 22 55 53 22 2c 22 63 6f 6c 6f 22 3a 22 45 57 52 22 2c 22 75 73 65 72 22 3a 6e 75 6c 6c 2c 22 72 76 31 22 3a 22 75 6f 69 22 2c 22 6c 6f 63 61 6c 65 22 3a 22 65 6e 2d 55 53 22 7d 3c 2f 73 63 72 69 70 74 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a Data Ascii: 7ff2<!DOCTYPE html><html lang="en-us"><head><script>window.redwood={"consentGroups":{"C0001":true,"C0002":true,"C0003":true,"C0004":true},"country":"US","colo":"EWR","user":null,"rv1":"uoi","locale":"en-US"}</script> <script type="text/javascript">
2025-02-14 23:55:48 UTC	1369	IN	Data Raw: 3d 3d 20 27 77 77 77 2e 63 6c 6f 75 64 66 6c 61 72 65 2d 63 6e 2e 63 6f 6d 27 29 20 7b 0a 20 20 20 20 20 20 69 66 20 28 6c 6f 63 61 6c 53 74 6f 72 61 67 65 2e 67 65 74 49 74 65 6d 28 27 6c 61 6e 67 50 72 65 66 65 72 65 6e 63 65 27 29 29 20 7b 0a 20 20 20 20 20 20 20 20 69 66 20 28 6c 6f 63 61 6c 53 74 6f 72 61 67 65 2e 67 65 74 49 74 65 6d 28 27 6c 61 6e 67 50 72 65 66 65 72 65 6e 63 65 27 29 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 20 21 3d 20 27 65 6e 2d 75 73 27 29 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6e 73 74 20 6c 61 6e 67 50 72 65 66 65 72 65 6e 63 65 20 3d 20 6c 6f 63 61 6c 53 74 6f 72 61 67 65 2e 67 65 74 49 74 65 6d 28 27 6c 61 6e 67 50 72 65 66 65 72 65 6e 63 65 27 29 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 3b 0a 20 20 20 20 20 Data Ascii: == 'www.cloudflare-cn.com') { if (localStorage.getItem('langPreference')) { if (localStorage.getItem('langPreference').toLowerCase() != 'en-us') { const langPreference = localStorage.getItem('langPreference').toLowerCase();
2025-02-14 23:55:48 UTC	1369	IN	Data Raw: 68 61 6e 73 2d 63 6e 2c 20 73 77 69 74 63 68 20 74 6f 20 7a 68 2d 63 6e 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6e 73 74 20 72 65 64 69 72 65 63 74 50 61 74 68 20 3d 20 67 65 74 50 61 74 68 46 72 6f 6d 4c 6f 63 61 6c 65 28 6d 61 79 62 65 4c 6f 63 61 6c 65 2c 20 72 65 71 75 65 73 74 65 64 4c 61 6e 67 43 6f 64 65 2c 20 73 70 6c 69 74 50 61 74 68 53 74 72 69 6e 67 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 69 66 20 28 72 65 64 69 72 65 63 74 50 61 74 68 20 26 26 20 21 69 67 6e 6f 72 65 4c 69 73 74 2e 69 6e 63 6c 75 64 65 73 28 6d 61 79 62 65 4c 6f 63 61 6c 65 29 29 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6c 6f 63 61 74 69 6f 6e 2e 72 65 70 6c 61 63 65 28 27 68 74 74 70 73 3a 2f 2f 27 20 2b 20 77 69 6e 64 6f 77 2e 6c 6f Data Ascii: hans-cn, switch to zh-cn const redirectPath = getPathFromLocale(maybeLocale, requestedLangCode, splitPathString); if (redirectPath && !ignoreList.includes(maybeLocale)) { window.location.replace('https://' + window.lo
2025-02-14 23:55:48 UTC	1369	IN	Data Raw: 43 66 75 4e 42 74 79 77 69 73 69 32 78 66 42 50 56 70 2f 64 35 34 61 38 34 39 34 39 30 39 31 61 65 64 32 31 35 36 30 30 62 34 32 62 62 34 37 65 64 33 65 2f 73 65 63 75 72 69 74 79 2d 6c 63 2e 70 6e 67 22 20 64 61 74 61 2d 67 61 74 73 62 79 2d 68 65 61 64 3d 22 74 72 75 65 22 2f 3e 3c 6d 65 74 61 20 69 64 3d 22 74 77 69 74 74 65 72 2d 64 65 73 63 72 69 70 74 69 6f 6e 22 20 6e 61 6d 65 3d 22 74 77 69 74 74 65 72 3a 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 50 68 69 73 68 69 6e 67 20 61 74 74 61 63 6b 73 20 69 6e 76 6f 6c 76 65 64 20 74 72 69 63 6b 69 6e 67 20 61 20 76 69 63 74 69 6d 20 69 6e 74 6f 20 74 61 6b 69 6e 67 20 73 6f 6d 65 20 61 63 74 69 6f 6e 20 74 68 61 74 20 62 65 6e 65 66 69 74 73 20 74 68 65 20 61 74 74 61 63 6b 65 72 Data Ascii: CfuNBtywisi2xfBPVp/d54a84949091aed215600b42bb47ed3e/security-lc.png" data-gatsby-head="true"/><meta id="twitter-description" name="twitter:description" content="Phishing attacks involved tricking a victim into taking some action that benefits the attacker
2025-02-14 23:55:48 UTC	1369	IN	Data Raw: 20 70 3a 6c 61 73 74 2d 63 68 69 6c 64 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 30 7d 2e 72 69 63 68 2d 74 65 78 74 2d 72 65 6e 64 65 72 65 72 20 74 61 62 6c 65 20 74 68 20 73 70 61 6e 2e 66 77 37 7b 63 6f 6c 6f 72 3a 23 66 36 33 7d 2e 72 69 63 68 2d 74 65 78 74 2d 72 65 6e 64 65 72 65 72 20 74 61 62 6c 65 20 74 64 20 70 2e 62 6c 61 63 6b 2e 66 33 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 30 3b 70 61 64 64 69 6e 67 3a 32 65 6d 20 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 77 69 64 74 68 3a 31 30 30 30 70 78 29 7b 2e 73 74 69 63 6b 79 2d 72 69 63 68 2d 74 65 78 74 2d 72 65 6e 64 65 72 65 72 7b 6d 61 78 2d 68 65 69 67 68 74 3a 37 30 30 70 78 3b 6f 76 65 72 66 6c 6f 77 2d 79 3a 73 63 72 6f 6c 6c 3b 70 6f 73 69 74 69 6f Data Ascii: p:last-child{margin-bottom:0}.rich-text-renderer table th span.fw7{color:#f63}.rich-text-renderer table td p.black.f3{margin-bottom:0;padding:2em 0}@media screen and (min-width:1000px){.sticky-rich-text-renderer{max-height:700px;overflow-y:scroll;positio
2025-02-14 23:55:48 UTC	1369	IN	Data Raw: 65 78 74 7b 70 61 64 64 69 6e 67 3a 32 35 70 78 7d 2e 66 65 61 74 75 72 65 2d 63 61 72 64 20 2e 6f 6c 2d 74 65 78 74 5f 5f 73 75 70 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 32 72 65 6d 3b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 31 35 70 78 7d 2e 66 65 61 74 75 72 65 2d 63 61 72 64 20 2e 6f 6c 2d 74 65 78 74 5f 5f 74 65 78 74 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 2e 35 72 65 6d 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 32 2e 34 72 65 6d 7d 7d 2e 65 6c 65 6d 65 6e 74 2d 72 65 73 6f 75 72 63 65 2d 63 61 72 64 2d 73 68 61 64 6f 77 7b 62 6f 78 2d 73 68 61 64 6f 77 3a 30 20 34 70 78 20 31 30 70 78 20 23 30 30 30 30 30 30 31 66 7d 2e 65 6c 65 6d 65 6e 74 2d 72 65 73 6f 75 72 63 65 2d 63 61 72 64 7b 68 65 69 67 68 74 3a 31 30 30 25 3b 6d 69 6e 2d 68 65 69 67 68 74 3a Data Ascii: ext{padding:25px}.feature-card .ol-text__sup{font-size:1.2rem;margin-bottom:15px}.feature-card .ol-text__text{font-size:2.5rem;line-height:2.4rem}}.element-resource-card-shadow{box-shadow:0 4px 10px #0000001f}.element-resource-card{height:100%;min-height:
2025-02-14 23:55:48 UTC	1369	IN	Data Raw: 3a 31 30 30 31 70 78 29 7b 2e 62 6c 61 64 65 2d 63 61 72 64 2d 63 61 72 6f 75 73 65 6c 2d 77 72 61 70 70 65 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 73 69 7a 65 3a 61 75 74 6f 7d 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 31 30 30 30 70 78 29 7b 2e 62 6c 61 64 65 2d 63 61 72 64 2d 63 61 72 6f 75 73 65 6c 2d 77 72 61 70 70 65 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 73 69 7a 65 3a 63 6f 76 65 72 7d 7d 2e 62 6c 61 64 65 2d 63 61 72 64 2d 63 61 72 6f 75 73 65 6c 2d 77 72 61 70 70 65 72 20 2e 73 6c 69 64 65 7b 6d 61 72 67 69 6e 3a 32 34 70 78 21 69 6d 70 6f 72 74 61 6e 74 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 37 35 30 70 78 29 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 31 30 30 31 70 78 29 7b 2e 62 6c 61 64 65 2d 63 61 72 64 Data Ascii: :1001px){.blade-card-carousel-wrapper{background-size:auto}}@media (min-width:1000px){.blade-card-carousel-wrapper{background-size:cover}}.blade-card-carousel-wrapper .slide{margin:24px!important}@media (min-width:750px) and (max-width:1001px){.blade-card
2025-02-14 23:55:48 UTC	1369	IN	Data Raw: 63 6f 6c 75 6d 6e 3b 66 6c 65 78 2d 77 72 61 70 3a 6e 6f 77 72 61 70 3b 6f 72 64 65 72 3a 31 7d 2e 62 6c 61 64 65 2d 66 75 6c 6c 2d 77 69 64 74 68 2d 68 65 72 6f 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 2d 77 72 61 70 70 65 72 20 2e 66 65 61 74 75 72 65 73 2d 77 72 61 70 70 65 72 3e 64 69 76 7b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 74 6f 70 3a 34 38 70 78 7d 2e 62 6c 61 64 65 2d 66 75 6c 6c 2d 77 69 64 74 68 2d 68 65 72 6f 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 2d 77 72 61 70 70 65 72 20 2e 66 65 61 74 75 72 65 73 2d 69 6d 61 67 65 2d 77 72 61 70 70 65 72 7b 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 66 6c 65 78 2d 64 69 72 65 63 74 69 6f 6e 3a 63 6f 6c 75 6d 6e 2d 72 65 76 65 72 73 65 3b 6d 61 72 67 69 6e Data Ascii: column;flex-wrap:nowrap;order:1}.blade-full-width-hero-background-image-wrapper .features-wrapper>div{max-width:none;padding-top:48px}.blade-full-width-hero-background-image-wrapper .features-image-wrapper{display:flex;flex-direction:column-reverse;margin
2025-02-14 23:55:48 UTC	1369	IN	Data Raw: 67 68 74 3a 36 30 30 7d 2e 74 61 62 2d 61 72 72 6f 77 7b 63 6f 6c 6f 72 3a 23 66 36 33 3b 66 6c 6f 61 74 3a 6c 65 66 74 7d 2e 68 65 72 6f 2d 73 65 63 74 69 6f 6e 2d 74 6f 70 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 36 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 34 30 30 70 78 7d 2e 68 65 72 6f 2d 73 65 63 74 69 6f 6e 2d 74 6f 70 20 2e 72 6f 77 7b 6d 61 78 2d 68 65 69 67 68 74 3a 34 30 30 70 78 7d 2e 68 65 72 6f 2d 6d 65 64 69 61 7b 68 65 69 67 68 74 3a 33 30 38 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 7d 2e 68 65 72 6f 2d 6d 65 64 69 61 20 69 6d 67 2c 2e 68 65 72 6f 2d 6d 65 64 69 61 20 76 69 64 65 6f 7b 68 65 69 67 68 74 3a 31 30 30 25 3b 77 69 64 74 68 3a 31 30 30 25 7d 2e 68 65 72 Data Ascii: ght:600}.tab-arrow{color:#f63;float:left}.hero-section-top{margin-bottom:60px;min-height:400px}.hero-section-top .row{max-height:400px}.hero-media{height:308px;overflow:hidden;position:relative}.hero-media img,.hero-media video{height:100%;width:100%}.her
2025-02-14 23:55:48 UTC	1369	IN	Data Raw: 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 69 6e 69 74 69 61 6c 21 69 6d 70 6f 72 74 61 6e 74 3b 63 6f 6c 6f 72 3a 23 66 36 33 21 69 6d 70 6f 72 74 61 6e 74 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 35 30 30 21 69 6d 70 6f 72 74 61 6e 74 3b 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 32 34 70 78 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 21 69 6d 70 6f 72 74 61 6e 74 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 31 30 30 30 70 78 29 7b 2e 68 65 72 6f 2d 70 72 6f 6d 6f 74 69 6f 6e 61 6c 2d 62 61 6e 6e 65 72 2d 77 72 61 70 70 65 72 20 2e 6c 65 61 72 6e 2d 6d 6f 72 65 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 32 34 70 78 7d 7d 2e 68 65 72 6f 2d 70 72 6f 6d 6f 74 69 6f 6e 61 6c 2d 62 61 6e 6e 65 72 2d 77 72 61 70 70 65 72 20 2e 6c 65 61 72 6e 2d 6d 6f 72 65 Data Ascii: ground-color:initial!important;color:#f63!important;font-weight:500!important;margin-right:24px;padding-right:0!important}@media (min-width:1000px){.hero-promotional-banner-wrapper .learn-more{margin-left:24px}}.hero-promotional-banner-wrapper .learn-more

Timestamp	Bytes transferred	Direction	Data
2025-02-14 23:55:48 UTC	885	OUT	GET /img/learning/security/threats/phishing-attack/diagram-phishing-attack.png HTTP/1.1 Host: www.cloudflare.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.cloudflare.com/learning/access-management/phishing-attack/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: __cf_bm=FGhWv14D3CnzXQl0jk92tYa9t9pH1pu7jvmh8JWpPQk-1739577348-1.0.1.1-3FZ3Ny_vz1nmQQK5bok6fOiiks39OjlDW2uLSWAn9bqhqkqJRUwXbe7IpNvEDcuruzPtKwywIWBu50HaNG8e1vqMNxOxJOVPtwUEvsdyic8
2025-02-14 23:55:48 UTC	918	IN	HTTP/1.1 200 OK Date: Fri, 14 Feb 2025 23:55:48 GMT Content-Type: image/webp Content-Length: 28858 Connection: close Accept-Ranges: bytes ETag: "f881ce0909c7585c5f12986f7499f9db" Strict-Transport-Security: max-age=31536000; includeSubDomains Permissions-Policy: geolocation=(), camera=(), microphone=() Referrer-Policy: strict-origin-when-cross-origin X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-GWW-LOC: EN-US X-PGS-LOC: EN-US X-XSS-Protection: 1; mode=block Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T%2FzEUpX51u0ez%2FsiSpYac2Edc84fH%2BY7P00%2Bud8FWUZboyD1xJE1qCc%2Fq0P9G2C%2Bbic4V2spehdhu5w7nBe%2BoKWPZSBqlycWp%2BaIHaUBsEJ2NfyyjG5SQ%2BWaR7dhSHqzowbzrg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 9120fdbc1ee872b7-EWR alt-svc: h3=":443"; ma=86400
2025-02-14 23:55:48 UTC	451	IN	Data Raw: 52 49 46 46 b2 70 00 00 57 45 42 50 56 50 38 4c a6 70 00 00 2f 72 c8 19 11 8f e4 2a b6 6d a7 59 08 c2 08 fe 55 f0 0f 29 b7 a5 c7 02 83 b6 91 1c f9 3b e0 27 f8 58 1e c5 b5 dd 65 dc b6 6d 20 76 8f bb 71 6e ff 61 ee 95 b6 4e dc d6 da f6 24 0f 39 c3 47 49 cd 00 8e a7 9d b5 f3 b8 88 0b e4 58 92 73 4a 30 35 1b 0a e4 7f 3a e7 1d 63 fb 5d 43 57 c0 35 e7 4d 3b 87 8a 7b ae d9 21 2e c8 f1 c0 03 39 72 e4 c8 66 1b 6c e8 68 ee 63 53 75 97 49 da 62 11 f3 50 19 72 85 8a 4b 45 a8 15 ec 4d 2d e4 ba 54 84 5a a1 a3 89 da 2c b1 e8 6c 72 85 ce 66 8e 90 6d 18 43 d9 f4 80 42 cc 83 c2 7d 1e 8e fe 13 73 ff 3b 3b b9 f5 62 6a 4e 31 ce fe de 37 58 51 61 45 89 05 13 7a cc a8 31 a1 c1 88 16 03 56 0c e8 d1 a3 c3 80 16 23 1a 4c a8 31 63 41 8b 05 25 56 14 d8 8e 77 1d f6 f8 6d d8 b0 21 10 Data Ascii: RIFFpWEBPVP8Lp/r*mYU);'Xem vqnaN$9GIXsJ05:c]CW5M;{!.9rflhcSuIbPrKEM-TZ,lrfmCB}s;;bjN17XQaEz1V#L1cA%Vwm!
2025-02-14 23:55:48 UTC	1369	IN	Data Raw: 49 93 2f 02 28 82 2a f8 32 95 6f bd 8c c6 ff ff e5 38 ad 1e f6 7d 2b 69 b9 cf be d0 d0 86 10 6e 09 a1 97 d0 a4 21 e4 d9 ea da be f5 f8 e2 49 31 e2 da c4 35 d7 72 d3 24 0d b4 21 0b 49 cb 2b 84 2c 24 2f f2 2f 8f ce f9 fd 7e e7 a7 23 cd 48 d6 98 d1 e8 8c 74 a4 91 ac 88 fe 53 a0 6d ab 6e 1b 1d a4 ca fa fa c1 4c 23 02 88 87 9e 64 ab cb 92 6d bb 8d 24 49 0b e9 15 a9 a9 d6 62 54 bd 94 1e 75 6f 39 ab 9d 7c 00 69 74 02 04 1d 55 ed 5e e1 e6 91 22 22 fa 4f 01 92 24 41 6d 54 87 8c 40 c8 b1 b3 67 fd a1 59 d8 86 86 81 0f 6f b7 6d 67 a9 ad 6d db 7f 67 4f 44 99 ea 82 bf 6c c6 e8 19 30 59 e5 e0 d8 af 29 f4 48 82 51 88 e8 3f 25 48 92 24 49 91 55 cf 3d 80 65 b2 87 4b 0d 95 91 1d cd 7c 76 6d c7 e1 5e f8 4f fa 4f fa 4f fa 4f fa 4f fa cf 0b ff b9 39 c4 1f 66 ec 07 a1 c2 9f ac Data Ascii: I/(*2o8}+in!I15r$!I+,$//~#HtSmnL#dm$IbTuo9\|itU^""O$AmT@gYomgmgODl0Y)HQ?%H$IU=eK\|vm^OOOOO9f
2025-02-14 23:55:48 UTC	1255	IN	Data Raw: cc c5 a1 09 ae 1c 15 69 c1 a0 48 29 dc 2b e7 59 40 9f 6e a7 00 d5 a3 ab 1c 3b e3 94 3d 96 72 8a 10 eb 8e 10 4f 70 72 21 12 63 0c da 94 51 27 37 28 26 15 97 91 a4 2e 45 b1 5b 63 94 27 3b 76 06 6e 1c 29 45 70 86 a8 88 2b c8 58 3a 8d e0 77 35 df 3c 1e a0 4f 45 dc e2 58 d2 7f 5e f8 4f fa 4f fa 4f fa 4f fa 8f 2e fd 1f 5f cd ff f8 e3 c9 b4 1a b2 9d 72 be fd 9a 05 47 53 57 43 b3 74 6f ce 88 e3 87 62 38 96 ea c3 59 71 fc 32 1d 8a ed 03 e7 c6 31 de b2 32 1c fa 1f f5 f3 47 82 ac cf 32 bb b5 74 3a 2e e5 ba c6 68 14 32 8c 02 ae 22 ae 9c 21 34 c5 16 12 de 99 cf 6a 8c 46 21 c3 28 e0 22 a2 f9 35 4b 8e 7a 8b 0b 36 a3 e7 d3 a4 0c 1e 1f e7 73 41 d1 85 79 42 b6 85 34 68 15 47 96 98 49 71 34 0a 19 26 af b6 5b 46 23 0b 67 0a df 6d 95 2d 32 c7 4c a6 0d ec 5e dd 7a 72 ed 5c e1 Data Ascii: iH)+Y@n;=rOpr!cQ'7(&.E[c';vn)Ep+X:w5<OEX^OOOO._rGSWCtob8Yq212G2t:.h2"!4jF!("5Kz6sAyB4hGIq4&[F#gm-2L^zr\
2025-02-14 23:55:48 UTC	1369	IN	Data Raw: d0 07 24 cf 04 c9 85 e8 82 8a 94 54 48 a1 46 15 de 4b 75 c1 20 19 58 1f f5 ea 10 09 b3 81 a0 bb 2b 72 bb cd 81 b1 0d 04 ed 36 03 dc 0c 06 76 9c 3c a6 2f 75 73 fe 06 47 9b f3 57 e9 fe 2c 63 73 26 20 34 89 62 aa fa bd 9a 3b e8 b3 36 7b 17 83 b1 12 14 ec 66 52 98 e7 4f 7e 08 1c 7a 3c ab 77 e2 2e 9a c0 b0 92 08 a6 fa ae 64 b3 17 d8 8f 4f e2 2c 36 6d 60 68 12 c0 8c 99 cf 32 7f d4 3e 8e ad 58 09 0e b3 49 5f 9e 3f 1d 65 fc ae 7c 12 53 d1 04 07 7b 37 d1 4b f5 83 6f 46 03 7b 5a c4 51 cc 04 88 6e 82 97 aa f5 d5 0a a4 4f e3 27 ca 20 31 9b 70 24 18 db f1 6d 81 71 dc 44 37 48 d8 32 a1 cb 4e a3 50 44 24 7f 6a 27 53 c1 ed 58 5b e7 0a 02 e6 8f e3 25 da 40 71 2b 91 4b 95 53 23 2f f5 b7 b4 e8 cb 74 f2 03 75 d1 a7 41 c2 95 0e 5b 3b 9f c4 65 4c 5a ab 69 15 2b 36 ad c6 3f 92 Data Ascii: $THFKu X+r6v</usGW,cs& 4b;6{fRO~z<w.dO,6m`h2>XI_?e\|S{7KoF{ZQnO' 1p$mqD7H2NPD$j'SX[%@q+KS#/tuA[;eLZi+6?
2025-02-14 23:55:48 UTC	1369	IN	Data Raw: 97 bb 0a ec 19 b0 b2 76 d8 74 7f 40 19 1c 93 87 d7 52 c9 f9 bc 81 93 91 0c f3 f0 13 a9 cb 35 ab 06 64 9c 9b d8 8b 27 cc b9 2b 2c fc c2 9b 87 f4 5c 37 cc ba 3f 88 6c 44 5e e7 62 ea b3 93 d5 e8 1f 8c 62 20 91 13 ad aa 01 99 e4 26 fe e2 07 e6 32 a4 3f 71 d5 07 c2 58 25 c8 b7 71 07 dd 70 c1 ae 85 d0 f0 f4 0d bf 79 1b 18 44 34 cc 87 72 16 8c ff 3d 9c 3d 14 83 f1 8c 59 a3 ec 53 ae 9b 52 91 71 65 ab 1b 16 dd 1f 54 06 fb 25 2e a7 be bb 0b f2 ec 08 06 5a d0 54 9b 6a 40 be 36 71 18 cf b9 ab 3d 7f cc c1 af bc 49 3a 3f e9 86 45 f7 07 94 c1 49 79 9d d4 7f ae 03 1b 89 5e a0 87 d3 1a 4d aa 01 79 64 62 31 a6 ec 55 90 3e 63 18 e7 2e b8 12 6f b0 66 ed a0 32 38 c4 58 f9 d8 ef 3c f1 de 60 19 1c 8d 5e 10 62 29 1a 28 c9 cf ca 2f 4d 24 e3 9b 29 e4 3e 7e 18 8a 4c d8 ab 03 7b c2 Data Ascii: vt@R5d'+,\7?lD^bb &2?qX%qpyD4r==YSRqeT%.ZTj@6q=I:?EIy^Mydb1U>c.of28X<`^b)(/M$)>~L{
2025-02-14 23:55:48 UTC	1369	IN	Data Raw: 87 58 ab 3c c8 85 4f c6 0d 4e 94 eb c3 03 7f 22 1d af 3b 7f fa f8 49 3d 82 15 e9 59 99 57 d1 49 bf b1 18 62 5b 13 7b 62 2c 68 2d 18 1c 95 1b 96 ae 0b 57 25 4e 44 36 be c9 30 ed f7 b4 32 23 b0 d2 17 95 43 6c be 46 89 6e 7d f8 9d 0b 2d c0 13 5d 3f 63 91 4f 15 97 fc 29 ca b3 32 af da 0e 8e 3b e1 34 71 e1 1e d2 53 d2 86 36 82 b4 e2 15 5d b8 20 af 19 b5 20 54 02 42 93 f0 e1 44 3e 7c 46 ad 55 1e b9 2c fb 34 47 88 6c 7d d8 9f 7e 75 33 d9 ef bc d0 5f 62 80 d3 af 5e 5b 50 cf 32 31 45 37 84 1a 22 b6 b2 8b 21 bb e9 56 11 9c 05 cf eb c2 19 69 c9 c8 05 a1 12 10 aa 93 ba 52 75 3f f8 b5 2c fe 57 30 91 ad 0f 0a 7a 2c f8 0b 7d da 14 df 35 85 22 27 11 1c 9e 58 cc fc bd 5d 01 5f 49 f9 83 a2 30 51 8e 0f e9 8f 7c b5 00 6f e8 c1 35 79 4e e4 42 4a 3c 61 38 59 a7 af c9 35 af 93 Data Ascii: X<ON";I=YWIb[{b,h-W%ND602#ClFn}-]?cO)2;4qS6] TBD>\|FU,4Gl}~u3_b^[P21E7"!ViRu?,W0z,}5"'X]_I0Q\|o5yNBJ<a8Y5
2025-02-14 23:55:48 UTC	1369	IN	Data Raw: f0 4f 5d 81 2f ce 5d 63 78 85 f6 11 ee c5 57 7a 5b b5 a1 b7 58 4c c5 b0 fd 0e 3e d1 0d f4 02 04 3e d6 18 4f dc cd 06 e7 4c f0 4f ec dd 0d 2f 70 45 a1 bd e9 d7 2f c1 af 8a 7d a7 12 3f 37 17 56 f4 a6 91 27 da f1 03 f2 31 0b d0 18 47 dc cd 57 26 38 ae dc 5f 20 ee fc 95 eb a4 29 97 cf ee c6 6f f4 a7 44 10 dd 0d df f4 02 e9 7f 34 d1 1e b3 32 db 27 e7 06 fa 86 06 2b 8a 33 17 2e 5f 03 16 7d 3b bb 74 fe cc 6e c2 ed 0c 96 10 22 56 c4 37 9d f8 16 ee 9f 3d 8f fa 98 7b 23 5d 18 28 6c 7d 7d 92 7a 2b 2c 9e 3e 07 de af 71 e8 7d 85 95 18 22 2e 78 38 3f 6b c4 2f b0 0c bf 9a c8 8f d9 bc d5 f7 b6 71 d7 04 d0 1d dd bb 9b d1 ed 1c 37 26 41 44 6c 02 f1 e5 70 14 03 60 cc da 7c 5f e3 66 40 8d 51 7a ea f0 1e b6 57 47 8d 49 16 11 7f d0 92 58 e2 66 fc de bc dd bf 36 99 8f 4c 60 dd Data Ascii: O]/]cxWz[XL>>OLO/pE/}?7V'1GW&8_ )oD42'+3._};tn"V7={#](l}}z+,>q}".x8?k/q7&ADlp`\|_f@QzWGIXf6L`
2025-02-14 23:55:48 UTC	1369	IN	Data Raw: 73 d5 7d b6 2e 05 62 d9 87 91 b8 bd eb c7 45 1a 25 d7 ae 3e 84 d0 35 7e 51 af b3 d6 c3 48 ec b7 52 fc b2 4d 5a 7e bf e7 75 d7 3f d9 3f ea 7b ca c8 6c 4d 14 bf f1 e3 f2 0e 27 fc dc 79 26 fd 42 df 9a 88 ea ca 96 79 ea 86 2e e2 27 a7 16 3b a2 7d f8 f1 f8 73 1e 69 f3 96 26 87 b6 14 5d de a9 89 40 37 fd 61 b0 79 8f 9f 9f fe 6a 22 ad 5b 5b d4 e4 32 c9 de 5b e4 62 02 4c 4d 00 2e fe dd d3 41 c5 7d 0b 4f 89 ac 2b cd b3 dc 97 a4 85 26 71 a6 ee c6 ae a1 0a 17 e9 17 c8 d9 92 44 46 aa 9b 69 87 f2 5f b5 ba 4b 70 37 4b 56 f1 ef 2c f0 5c fd d0 6d 04 16 df 59 a0 5d f7 ae c2 8f 27 97 05 29 ba 54 0f 7f 2c 1f 71 2f 0d 8b b8 6a 5e 34 93 d2 bf f8 c9 5a 0d 5c 6d 85 a2 d8 a9 ef 99 ed 38 dc 0b ff 49 ff 49 ff 49 ff 49 ff 49 ff 49 ff 49 ff 49 ff 49 ff 49 ff 49 ff 79 e1 3f e9 3f e9 Data Ascii: s}.bE%>5~QHRMZ~u??{lM'y&By.';}si&]@7ayj"[[2[bLM.A}O+&qDFi_Kp7KV,\mY]')T,q/j^4Z\m8IIIIIIIIIIIy??
2025-02-14 23:55:48 UTC	1369	IN	Data Raw: 55 a0 ed 8f ef d0 21 9d 8d e4 2a 9c e0 51 53 a8 51 1c ac 61 1d 1d 10 b7 64 50 b7 9c 23 8a 88 9c 84 2b a6 82 2a 44 a0 e3 96 44 be 78 10 a6 45 f8 f1 43 5f 08 67 d6 62 6b a2 28 6e 09 52 88 d1 f3 4a f6 58 a6 8e 49 11 6f e6 09 57 1c 60 5c e5 90 80 26 a3 f1 78 77 23 1c 62 0d 1c 19 5c 5a da ad 60 28 a2 40 7f 39 e4 56 91 62 71 92 94 a1 3a b1 0c 29 c7 d2 60 15 94 a4 0d 46 52 74 74 ce 60 28 ee 2a 2e 37 36 de 83 37 65 e4 8a 11 a0 d5 54 6a 20 47 6d 0c 59 94 56 f8 5f bd 14 cb 33 cd a1 71 12 47 fa ab 53 38 ee 2e 1a 4d 86 c5 f8 5d 59 d0 52 68 a5 3a 46 52 74 74 09 af f8 40 69 57 c1 36 36 ad d8 8e c3 bd f0 9f f4 9f f4 9f f4 9f f4 9f f4 9f f4 9f 17 fe 93 fe 93 fe 93 fe 93 fe 93 fe 93 fe 93 fe 93 fe 93 fe 93 fe 93 fe 93 fe 93 fe 93 fe e3 6e 9c 3c 7e ec b0 e8 ea 36 df 06 83 Data Ascii: U!QSQadP#+DDxEC_gbk(nRJXIoW`\&xw#b\Z`(@9Vbq:)`FRtt`(*.767eTj GmYV_3qGS8.M]YRh:FRtt@iW66n<~6
2025-02-14 23:55:48 UTC	1369	IN	Data Raw: 41 f4 cb 25 d8 b8 c0 c2 9b 85 58 fb 58 fc ca 51 89 eb 3c 05 a4 de 10 61 19 cd 8c 1e 4e a8 f0 74 11 7f 2a 5a 24 dc 1a ef 71 48 da 10 5f ff 1a 5b 53 8f 0f 38 e4 8f d6 19 9e c4 c3 df bc c3 c0 0d fd ea f5 dd 58 c8 95 be c4 d8 67 ef 26 d6 aa 20 3b cb d8 b3 31 76 c8 04 e2 79 65 de 79 c9 2b 1f c5 41 7a 46 c3 4a f6 08 1a e4 12 6e fa e5 8e b2 e9 76 79 2b 13 d7 60 a0 90 70 c8 53 5e 52 9f 26 6c 8f 85 f3 c1 c8 b2 5c 4b b2 e9 97 3b 2e f1 b6 36 fd f5 38 52 83 2d 97 5e 17 eb 4d 7b 97 87 49 10 9a a2 92 70 d3 2f 77 4a 3e 79 16 d6 9e a7 50 df 49 87 fc ce 46 75 5a d1 e3 cd 94 87 71 10 9a a2 92 74 d3 2f b7 47 3a f3 6a 96 9e f5 1c ac f7 c4 91 e9 87 a9 22 2f 0b 07 81 31 71 2d 38 ad 5f ba 9b 58 d3 2f 77 40 3a 8e 40 97 3e 3d 2b 6d 2b 8e 84 63 da 7b dc 68 6d d8 80 a4 9b 7e b9 23 Data Ascii: A%XXQ<aNt*Z$qH_[S8Xg& ;1vyey+AzFJnvy+`pS^R&l\K;.68R-^M{Ip/wJ>yPIFuZqt/G:j"/1q-8_X/w@:@>=+m+c{hm~#

Timestamp	Bytes transferred	Direction	Data
2025-02-14 23:55:49 UTC	834	OUT	GET /img/privacyoptions.svg HTTP/1.1 Host: www.cloudflare.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.cloudflare.com/learning/access-management/phishing-attack/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: __cf_bm=FGhWv14D3CnzXQl0jk92tYa9t9pH1pu7jvmh8JWpPQk-1739577348-1.0.1.1-3FZ3Ny_vz1nmQQK5bok6fOiiks39OjlDW2uLSWAn9bqhqkqJRUwXbe7IpNvEDcuruzPtKwywIWBu50HaNG8e1vqMNxOxJOVPtwUEvsdyic8
2025-02-14 23:55:49 UTC	892	IN	HTTP/1.1 200 OK Date: Fri, 14 Feb 2025 23:55:49 GMT Content-Type: image/svg+xml Transfer-Encoding: chunked Connection: close ETag: W/"5a8d3dae7c1ddd64826cea94a93139d4" Strict-Transport-Security: max-age=31536000; includeSubDomains Permissions-Policy: geolocation=(), camera=(), microphone=() Referrer-Policy: strict-origin-when-cross-origin X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-GWW-LOC: EN-US X-PGS-LOC: EN-US X-XSS-Protection: 1; mode=block Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=avxou7Chmhhgimi%2F3Qa6N0TVgtJ7WUzPTN0W2IBibuZu0TVG8inhADtBuzqJPLAPK0GmyRi6JmtYiHSsxlWFubztc0eOyM4xKgCpedoHSGulNxHaICsHXpMO1V%2FgjNXq1RXI2w%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 9120fdbfceba42b1-EWR alt-svc: h3=":443"; ma=86400
2025-02-14 23:55:49 UTC	477	IN	Data Raw: 37 30 31 0d 0a 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0a 3c 21 2d 2d 20 47 65 6e 65 72 61 74 6f 72 3a 20 41 64 6f 62 65 20 49 6c 6c 75 73 74 72 61 74 6f 72 20 32 34 2e 33 2e 30 2c 20 53 56 47 20 45 78 70 6f 72 74 20 50 6c 75 67 2d 49 6e 20 2e 20 53 56 47 20 56 65 72 73 69 6f 6e 3a 20 36 2e 30 30 20 42 75 69 6c 64 20 30 29 20 20 2d 2d 3e 0a 3c 73 76 67 20 76 65 72 73 69 6f 6e 3d 22 31 2e 31 22 20 69 64 3d 22 4c 61 79 65 72 5f 31 22 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 22 20 78 6d 6c 6e 73 3a 78 6c 69 6e 6b 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 6c 69 6e 6b 22 20 78 3d 22 30 70 78 Data Ascii: 701<?xml version="1.0" encoding="utf-8"?>... Generator: Adobe Illustrator 24.3.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) --><svg version="1.1" id="Layer_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px
2025-02-14 23:55:49 UTC	1323	IN	Data Raw: 3a 23 30 30 36 36 46 46 3b 7d 0a 09 2e 73 74 32 7b 66 69 6c 6c 3a 23 46 46 46 46 46 46 3b 7d 0a 09 2e 73 74 33 7b 66 69 6c 6c 3a 23 30 30 36 36 46 46 3b 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 3c 67 3e 0a 09 3c 67 20 69 64 3d 22 66 69 6e 61 6c 2d 2d 2d 64 65 63 2e 31 31 2d 32 30 32 30 5f 31 5f 22 3e 0a 09 09 3c 67 20 69 64 3d 22 5f 78 33 30 5f 32 30 38 2d 6f 75 72 2d 74 6f 67 67 6c 65 5f 32 5f 22 20 74 72 61 6e 73 66 6f 72 6d 3d 22 74 72 61 6e 73 6c 61 74 65 28 2d 31 32 37 35 2e 30 30 30 30 30 30 2c 20 2d 32 30 30 2e 30 30 30 30 30 30 29 22 3e 0a 09 09 09 3c 67 20 69 64 3d 22 46 69 6e 61 6c 2d 43 6f 70 79 2d 32 5f 32 5f 22 20 74 72 61 6e 73 66 6f 72 6d 3d 22 74 72 61 6e 73 6c 61 74 65 28 31 32 37 35 2e 30 30 30 30 30 30 2c 20 32 30 30 2e 30 30 30 30 30 30 29 22 Data Ascii: :#0066FF;}.st2{fill:#FFFFFF;}.st3{fill:#0066FF;}</style><g><g id="final---dec.11-2020_1_"><g id="_x30_208-our-toggle_2_" transform="translate(-1275.000000, -200.000000)"><g id="Final-Copy-2_2_" transform="translate(1275.000000, 200.000000)"
2025-02-14 23:55:49 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report https://appwebconnect.pages.dev/

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Dropped Files

HTML

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Boot Survival

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Chrome Cache Entry: 152

Chrome Cache Entry: 153

Chrome Cache Entry: 154

Chrome Cache Entry: 155

Chrome Cache Entry: 156

Chrome Cache Entry: 157

Chrome Cache Entry: 158

Chrome Cache Entry: 159

Chrome Cache Entry: 160

Chrome Cache Entry: 161

Chrome Cache Entry: 162

Chrome Cache Entry: 163

Chrome Cache Entry: 164

Chrome Cache Entry: 165

Chrome Cache Entry: 166

Chrome Cache Entry: 167

Chrome Cache Entry: 168

Chrome Cache Entry: 169

Chrome Cache Entry: 170

Windows Analysis Report
https://appwebconnect.pages.dev/

Timestamp	Bytes transferred	Direction	Data
2025-02-14 23:55:49 UTC	858	OUT	GET /slt3lc6tev37/2fMg89go9MegG1EDg39mNy/5a42817cd388ae352f77f56e53b1ff81/card-new.png HTTP/1.1 Host: cf-assets.www.cloudflare.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.cloudflare.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: __cf_bm=FGhWv14D3CnzXQl0jk92tYa9t9pH1pu7jvmh8JWpPQk-1739577348-1.0.1.1-3FZ3Ny_vz1nmQQK5bok6fOiiks39OjlDW2uLSWAn9bqhqkqJRUwXbe7IpNvEDcuruzPtKwywIWBu50HaNG8e1vqMNxOxJOVPtwUEvsdyic8
2025-02-14 23:55:49 UTC	855	IN	HTTP/1.1 200 OK Date: Fri, 14 Feb 2025 23:55:49 GMT Content-Type: image/webp Content-Length: 2784 Connection: close CF-Ray: 9120fdbfc9e8430e-EWR CF-Cache-Status: HIT Accept-Ranges: bytes Age: 112204 Cache-Control: max-age=604800 Content-Disposition: inline; filename="card-new.webp" ETag: "f4eb2a2f745f8799e3e6f6478ab2305d" Last-Modified: Wed, 21 Aug 2024 18:12:19 GMT Vary: Accept Cf-Bgj: imgq:85,h2pri Cf-Polished: origFmt=png, origSize=3908 Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S8CYdCvwNrJiHpz%2BEzdGqQNAfwJsPWyWx%2FDsCEy%2FWYLQE0AsmCSPWsoArftc5Fq9KtMy7BRshj9OsXopvwKZRuvE72NJHvdSYHJzvrgv%2BxZy7u9nxGroqEuwmPEO51YGFxowhfWq6CX8M9jW6fk%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare alt-svc: h3=":443"; ma=86400
2025-02-14 23:55:49 UTC	514	IN	Data Raw: 52 49 46 46 d8 0a 00 00 57 45 42 50 56 50 38 4c cc 0a 00 00 2f 36 41 2b 10 19 45 6d db 40 ca 3b e5 cf 78 27 82 88 fe a7 7c aa 82 85 6c 14 b4 6d c3 18 44 f9 b3 ed 0e 03 c2 6c a3 22 ec 79 fe 64 87 22 16 4c f1 ce 70 ea bf c2 b6 6d 90 c2 78 8f a0 19 e1 43 91 fa 33 06 70 5d b2 c4 db 6d db 7a db d6 b6 36 41 8a ce ff ff 15 f9 b8 7e 5e 5e 31 59 8a 8c 97 89 f1 32 99 8f 1d ea 22 3b 0d 2d aa 38 6c db 46 92 e8 fb af ff 76 07 23 c8 91 24 29 92 3c 97 05 da 83 e7 e9 2f 0f 63 38 a8 ad 2d 68 ae 0d 8c 40 83 11 61 24 d8 9a e8 12 08 0d a4 89 26 70 11 fe 08 44 20 02 2d da 76 eb b6 91 d4 76 3c 12 20 5f 00 97 97 20 f3 fc 2e 2c 00 7e ef fe 1e ec 73 ed ff 7b b5 84 2d e7 15 30 38 8b 81 e5 29 58 9f 32 c2 35 00 98 bf 01 57 80 14 31 0d 91 16 d0 06 a2 b4 b8 3e 4f ad 30 26 00 fe d7 cb Data Ascii: RIFFWEBPVP8L/6A+Em@;x'\|lmDl"yd"LpmxC3p]mz6A~^^1Y2";-8lFv#$)</c8-h@a$&pD -vv< _ .,~s{-08)X25W1>O0&
2025-02-14 23:55:49 UTC	1369	IN	Data Raw: 6a b1 d5 84 d9 ec f5 9c 41 af 57 ae 52 21 e0 de 8e 8a 39 f8 ce f4 93 98 03 b1 27 be e9 17 05 01 a9 49 f7 14 ed db 98 2d 4d ff 30 bb 7e a5 8e da de 49 92 02 08 58 cc 89 33 22 e1 5d 62 29 d1 a2 06 92 a0 26 89 a5 bd 80 de 28 84 7b 53 45 e6 b6 61 65 ad a9 f8 9d dc 3b 00 a7 b6 6d 4d b3 14 64 36 ed a4 fa da c2 6b b4 e5 d4 d6 96 da 4c a5 94 3d 50 83 bd 15 d5 bf 10 4d a7 97 2e ea 1f 03 f5 81 fb 36 c4 ec ca 6c ca 7e d0 64 df 0e b1 62 f3 e4 90 4b 3e 33 ab 4e bb 7a d2 2e 34 ad 64 ca 75 38 c6 2d 7e 64 9e ec a6 a8 99 4a 14 7b a6 3a fb 66 d8 0d d8 d5 8c 2c a2 d2 66 0e 85 db b0 ec 3e a9 b8 29 84 b5 85 cd 16 5f 85 09 90 21 c8 15 11 61 94 da ef 2e c3 9a 39 15 9f fe c8 e9 9e 46 35 89 01 bd 19 e1 47 f7 de b0 98 21 a9 0d 80 89 34 2c 64 d3 e0 35 9a 65 37 43 1b 3a 75 46 14 03 Data Ascii: jAWR!9'I-M0~IX3"]b)&({SEae;mMd6kL=PM.6l~dbK>3Nz.4du8-~dJ{:f,f>)_!a.9F5G!4,d5e7C:uF
2025-02-14 23:55:49 UTC	901	IN	Data Raw: cd 45 8e cd 08 f7 ad 21 48 ba 99 f2 39 3f 8f ef 0b 1e 2d c1 58 af 79 a5 ee 8c e6 e8 dc e1 e3 fb 07 68 f5 51 e8 4d 29 50 c5 8d 14 83 f9 f1 fa be 80 76 d4 e6 06 20 aa e8 dd 06 53 30 d8 7c 97 51 32 c2 77 f3 56 c5 0d 93 cf 16 24 af fb c1 18 1f ba 96 74 cb e4 73 ed 38 2e 71 bc c2 7c b0 5f ea bc 18 58 82 79 dc 8f 23 cc 0f 4d a1 2a cc 78 18 3d ab 09 14 fd 82 2f 30 d0 0f 9a 11 e4 23 06 dd d5 12 7e bf 35 67 19 cc 30 22 fd 68 1e 29 34 39 bb b1 4b f8 38 c7 a5 39 4b b0 9f 65 24 28 b2 d4 f5 02 0c 3f ce cd 17 67 39 8b 72 0a ea bf 7c 6e 46 73 9c e2 d2 9c 04 18 30 bb 17 e7 e8 91 18 c4 aa f3 e3 e3 1c 0f 80 1b ec fd 16 be b7 45 0c d6 71 3c be 3e d6 7d 83 d8 54 dc 2e 5b 80 c7 f9 f2 26 f7 a8 bf 9e 61 9a 71 9f 71 79 fd f8 fa 3a 0b 11 f5 55 b2 65 14 91 08 f6 71 2a af 27 c0 56 Data Ascii: E!H9?-XyhQM)Pv S0\|Q2wV$ts8.q\|_Xy#Mx=/0#~5g0"h)49K89Ke$(?g9r\|nFs0Eq<>}T.[&aqqy:Ueq'V

Timestamp	Bytes transferred	Direction	Data
2025-02-14 23:55:49 UTC	624	OUT	GET /beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 HTTP/1.1 Host: static.cloudflareinsights.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Origin: https://www.cloudflare.com sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: script Referer: https://www.cloudflare.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-02-14 23:55:49 UTC	373	IN	HTTP/1.1 200 OK Date: Fri, 14 Feb 2025 23:55:49 GMT Content-Type: text/javascript;charset=UTF-8 Content-Length: 19948 Connection: close Access-Control-Allow-Origin: * Cache-Control: public, max-age=86400 ETag: W/"2024.6.1" Last-Modified: Thu, 06 Jun 2024 15:52:56 GMT Cross-Origin-Resource-Policy: cross-origin Server: cloudflare CF-RAY: 9120fdbfcb1e8c7b-EWR
2025-02-14 23:55:49 UTC	1369	IN	Data Raw: 21 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 65 3d 7b 33 34 33 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 66 6f 72 28 76 61 72 20 74 3d 5b 5d 2c 6e 3d 30 3b 6e 3c 32 35 36 3b 2b 2b 6e 29 74 5b 6e 5d 3d 28 6e 2b 32 35 36 29 2e 74 6f 53 74 72 69 6e 67 28 31 36 29 2e 73 75 62 73 74 72 28 31 29 3b 65 2e 65 78 70 6f 72 74 73 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 6e 29 7b 76 61 72 20 72 3d 6e 7c 7c 30 2c 69 3d 74 3b 72 65 74 75 72 6e 5b 69 5b 65 5b 72 2b 2b 5d 5d 2c 69 5b 65 5b 72 2b 2b 5d 5d 2c 69 5b 65 5b 72 2b 2b 5d 5d 2c 69 5b 65 5b 72 2b 2b 5d 5d 2c 22 2d 22 2c 69 5b 65 5b 72 2b 2b 5d 5d 2c 69 5b 65 5b 72 2b 2b 5d 5d 2c 22 2d 22 2c 69 5b 65 5b 72 2b 2b 5d 5d 2c 69 5b 65 5b 72 2b 2b 5d 5d 2c 22 2d 22 2c 69 5b 65 5b 72 2b Data Ascii: !function(){var e={343:function(e){"use strict";for(var t=[],n=0;n<256;++n)t[n]=(n+256).toString(16).substr(1);e.exports=function(e,n){var r=n\|\|0,i=t;return[i[e[r++]],i[e[r++]],i[e[r++]],i[e[r++]],"-",i[e[r++]],i[e[r++]],"-",i[e[r++]],i[e[r++]],"-",i[e[r+
2025-02-14 23:55:49 UTC	1369	IN	Data Raw: 72 20 69 3d 6e 28 36 39 39 29 2c 6f 3d 6e 28 37 35 32 29 2c 61 3d 6e 28 31 30 34 29 2c 63 3d 6e 28 35 30 38 29 3b 21 66 75 6e 63 74 69 6f 6e 28 29 7b 66 75 6e 63 74 69 6f 6e 20 65 28 65 29 7b 76 61 72 20 74 3d 22 22 3b 69 66 28 74 3d 77 69 6e 64 6f 77 2e 6c 6f 63 61 74 69 6f 6e 2e 6f 72 69 67 69 6e 3f 77 69 6e 64 6f 77 2e 6c 6f 63 61 74 69 6f 6e 2e 6f 72 69 67 69 6e 3a 22 22 2e 63 6f 6e 63 61 74 28 77 69 6e 64 6f 77 2e 6c 6f 63 61 74 69 6f 6e 2e 70 72 6f 74 6f 63 6f 6c 2c 22 3a 2f 2f 22 29 2e 63 6f 6e 63 61 74 28 77 69 6e 64 6f 77 2e 6c 6f 63 61 74 69 6f 6e 2e 68 6f 73 74 29 2c 65 26 26 22 73 74 72 69 6e 67 22 3d 3d 74 79 70 65 6f 66 20 65 29 69 66 28 30 3d 3d 3d 65 2e 69 6e 64 65 78 4f 66 28 22 2f 22 29 29 74 2b 3d 65 3b 65 6c 73 65 20 74 72 79 7b 76 61 Data Ascii: r i=n(699),o=n(752),a=n(104),c=n(508);!function(){function e(e){var t="";if(t=window.location.origin?window.location.origin:"".concat(window.location.protocol,"://").concat(window.location.host),e&&"string"==typeof e)if(0===e.indexOf("/"))t+=e;else try{va
2025-02-14 23:55:49 UTC	1369	IN	Data Raw: 29 3d 3d 74 26 26 28 6e 75 6c 6c 3d 3d 77 3f 76 6f 69 64 20 30 3a 77 2e 74 72 69 67 67 65 72 65 64 29 7c 7c 50 28 29 2c 5f 28 74 29 7d 21 62 26 26 77 26 26 28 62 3d 21 30 2c 42 28 29 29 7d 65 6c 73 65 22 76 69 73 69 62 6c 65 22 3d 3d 3d 64 6f 63 75 6d 65 6e 74 2e 76 69 73 69 62 69 6c 69 74 79 53 74 61 74 65 26 26 28 6e 65 77 20 44 61 74 65 29 2e 67 65 74 54 69 6d 65 28 29 7d 29 29 3b 76 61 72 20 45 3d 7b 7d 3b 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 50 65 72 66 6f 72 6d 61 6e 63 65 4f 62 73 65 72 76 65 72 26 26 28 28 30 2c 61 2e 6f 6e 4c 43 50 29 28 78 29 2c 28 30 2c 61 2e 6f 6e 46 49 44 29 28 78 29 2c 28 30 2c 61 2e 6f 6e 46 43 50 29 28 78 29 2c 28 30 2c 61 2e 6f 6e 49 4e 50 29 28 78 29 2c 28 30 2c 61 2e 6f 6e 54 54 46 42 29 28 78 29 2c Data Ascii: )==t&&(null==w?void 0:w.triggered)\|\|P(),_(t)}!b&&w&&(b=!0,B())}else"visible"===document.visibilityState&&(new Date).getTime()}));var E={};"function"==typeof PerformanceObserver&&((0,a.onLCP)(x),(0,a.onFID)(x),(0,a.onFCP)(x),(0,a.onINP)(x),(0,a.onTTFB)(x),
2025-02-14 23:55:49 UTC	1369	IN	Data Raw: 2c 70 26 26 28 28 30 2c 6f 2e 73 65 6e 64 4f 62 6a 65 63 74 42 65 61 63 6f 6e 29 28 22 22 2c 61 2c 28 66 75 6e 63 74 69 6f 6e 28 29 7b 7d 29 2c 21 31 2c 43 29 2c 76 6f 69 64 20 30 21 3d 3d 70 2e 66 6f 72 77 61 72 64 26 26 76 6f 69 64 20 30 21 3d 3d 70 2e 66 6f 72 77 61 72 64 2e 75 72 6c 26 26 28 30 2c 6f 2e 73 65 6e 64 4f 62 6a 65 63 74 42 65 61 63 6f 6e 29 28 22 22 2c 61 2c 28 66 75 6e 63 74 69 6f 6e 28 29 7b 7d 29 2c 21 31 2c 70 2e 66 6f 72 77 61 72 64 2e 75 72 6c 29 29 29 7d 2c 42 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 74 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 74 3d 73 2e 67 65 74 45 6e 74 72 69 65 73 42 79 54 79 70 65 28 22 6e 61 76 69 67 61 74 69 6f 6e 22 29 5b 30 5d 2c 6e 3d 22 22 3b 74 72 79 7b 6e 3d 22 66 75 6e 63 74 69 6f 6e 22 Data Ascii: ,p&&((0,o.sendObjectBeacon)("",a,(function(){}),!1,C),void 0!==p.forward&&void 0!==p.forward.url&&(0,o.sendObjectBeacon)("",a,(function(){}),!1,p.forward.url)))},B=function(){var t=function(){var t=s.getEntriesByType("navigation")[0],n="";try{n="function"
2025-02-14 23:55:49 UTC	1369	IN	Data Raw: 28 6f 2c 61 2c 63 29 7b 6e 3d 65 28 63 29 3b 76 61 72 20 75 3d 65 28 29 2c 73 3d 21 30 3b 72 65 74 75 72 6e 20 6e 3d 3d 75 26 26 28 73 3d 21 31 29 2c 73 26 26 28 41 28 29 26 26 28 28 6e 75 6c 6c 3d 3d 77 3f 76 6f 69 64 20 30 3a 77 2e 75 72 6c 29 3d 3d 75 26 26 28 6e 75 6c 6c 3d 3d 77 3f 76 6f 69 64 20 30 3a 77 2e 74 72 69 67 67 65 72 65 64 29 7c 7c 50 28 75 29 2c 5f 28 75 29 29 2c 69 28 29 29 2c 72 2e 61 70 70 6c 79 28 74 2c 5b 6f 2c 61 2c 63 5d 29 7d 2c 77 69 6e 64 6f 77 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 70 6f 70 73 74 61 74 65 22 2c 28 66 75 6e 63 74 69 6f 6e 28 74 29 7b 41 28 29 26 26 28 28 6e 75 6c 6c 3d 3d 77 3f 76 6f 69 64 20 30 3a 77 2e 75 72 6c 29 3d 3d 6e 26 26 28 6e 75 6c 6c 3d 3d 77 3f 76 6f 69 64 20 30 3a 77 2e 74 72 69 Data Ascii: (o,a,c){n=e(c);var u=e(),s=!0;return n==u&&(s=!1),s&&(A()&&((null==w?void 0:w.url)==u&&(null==w?void 0:w.triggered)\|\|P(u),_(u)),i()),r.apply(t,[o,a,c])},window.addEventListener("popstate",(function(t){A()&&((null==w?void 0:w.url)==n&&(null==w?void 0:w.tri
2025-02-14 23:55:49 UTC	1369	IN	Data Raw: 45 2e 69 6e 70 2e 65 6c 65 6d 65 6e 74 3d 63 2e 65 76 65 6e 74 54 61 72 67 65 74 2c 45 2e 69 6e 70 2e 6e 61 6d 65 3d 63 2e 65 76 65 6e 74 54 79 70 65 29 29 7d 7d 66 75 6e 63 74 69 6f 6e 20 46 28 29 7b 72 65 74 75 72 6e 20 73 2e 74 69 6d 65 4f 72 69 67 69 6e 7d 66 75 6e 63 74 69 6f 6e 20 49 28 29 7b 69 66 28 70 26 26 70 2e 73 65 72 76 65 72 54 69 6d 69 6e 67 29 7b 66 6f 72 28 76 61 72 20 65 3d 5b 5d 2c 74 3d 30 2c 6e 3d 5b 22 6e 61 76 69 67 61 74 69 6f 6e 22 2c 22 72 65 73 6f 75 72 63 65 22 5d 3b 74 3c 6e 2e 6c 65 6e 67 74 68 3b 74 2b 2b 29 66 6f 72 28 76 61 72 20 72 3d 6e 5b 74 5d 2c 69 3d 30 2c 6f 3d 73 2e 67 65 74 45 6e 74 72 69 65 73 42 79 54 79 70 65 28 72 29 3b 69 3c 6f 2e 6c 65 6e 67 74 68 3b 69 2b 2b 29 7b 76 61 72 20 61 3d 6f 5b 69 5d 2c 63 3d 61 Data Ascii: E.inp.element=c.eventTarget,E.inp.name=c.eventType))}}function F(){return s.timeOrigin}function I(){if(p&&p.serverTiming){for(var e=[],t=0,n=["navigation","resource"];t<n.length;t++)for(var r=n[t],i=0,o=s.getEntriesByType(r);i<o.length;i++){var a=o[i],c=a
2025-02-14 23:55:49 UTC	1369	IN	Data Raw: 29 7d 28 29 7d 2c 37 35 32 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 74 2e 5f 5f 65 73 4d 6f 64 75 6c 65 3d 21 30 2c 74 2e 73 65 6e 64 4f 62 6a 65 63 74 42 65 61 63 6f 6e 3d 76 6f 69 64 20 30 2c 74 2e 73 65 6e 64 4f 62 6a 65 63 74 42 65 61 63 6f 6e 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 2c 72 2c 69 29 7b 76 6f 69 64 20 30 3d 3d 3d 72 26 26 28 72 3d 21 31 29 2c 76 6f 69 64 20 30 3d 3d 3d 69 26 26 28 69 3d 6e 75 6c 6c 29 3b 76 61 72 20 6f 3d 69 7c 7c 28 74 2e 73 69 74 65 54 6f 6b 65 6e 26 26 74 2e 76 65 72 73 69 6f 6e 73 2e 66 6c 3f 22 2f 63 64 6e 2d 63 67 69 2f 72 75 6d 3f 22 2e 63 6f 6e 63 61 74 28 65 29 3a 22 2f 63 64 6e 2d 63 67 69 2f 62 65 61 63 6f 6e 2f 70 65 72 66 6f 72 6d 61 6e 63 65 3f 22 2e 63 6f 6e Data Ascii: )}()},752:function(e,t){"use strict";t.__esModule=!0,t.sendObjectBeacon=void 0,t.sendObjectBeacon=function(e,t,n,r,i){void 0===r&&(r=!1),void 0===i&&(i=null);var o=i\|\|(t.siteToken&&t.versions.fl?"/cdn-cgi/rum?".concat(e):"/cdn-cgi/beacon/performance?".con
2025-02-14 23:55:49 UTC	1369	IN	Data Raw: 69 6e 67 22 3d 3d 3d 64 6f 63 75 6d 65 6e 74 2e 72 65 61 64 79 53 74 61 74 65 29 72 65 74 75 72 6e 22 6c 6f 61 64 69 6e 67 22 3b 76 61 72 20 74 3d 61 28 29 3b 69 66 28 74 29 7b 69 66 28 65 3c 74 2e 64 6f 6d 49 6e 74 65 72 61 63 74 69 76 65 29 72 65 74 75 72 6e 22 6c 6f 61 64 69 6e 67 22 3b 69 66 28 30 3d 3d 3d 74 2e 64 6f 6d 43 6f 6e 74 65 6e 74 4c 6f 61 64 65 64 45 76 65 6e 74 53 74 61 72 74 7c 7c 65 3c 74 2e 64 6f 6d 43 6f 6e 74 65 6e 74 4c 6f 61 64 65 64 45 76 65 6e 74 53 74 61 72 74 29 72 65 74 75 72 6e 22 64 6f 6d 2d 69 6e 74 65 72 61 63 74 69 76 65 22 3b 69 66 28 30 3d 3d 3d 74 2e 64 6f 6d 43 6f 6d 70 6c 65 74 65 7c 7c 65 3c 74 2e 64 6f 6d 43 6f 6d 70 6c 65 74 65 29 72 65 74 75 72 6e 22 64 6f 6d 2d 63 6f 6e 74 65 6e 74 2d 6c 6f 61 64 65 64 22 7d 72 Data Ascii: ing"===document.readyState)return"loading";var t=a();if(t){if(e<t.domInteractive)return"loading";if(0===t.domContentLoadedEventStart\|\|e<t.domContentLoadedEventStart)return"dom-interactive";if(0===t.domComplete\|\|e<t.domComplete)return"dom-content-loaded"}r
2025-02-14 23:55:49 UTC	1369	IN	Data Raw: 65 29 7b 50 72 6f 6d 69 73 65 2e 72 65 73 6f 6c 76 65 28 29 2e 74 68 65 6e 28 28 66 75 6e 63 74 69 6f 6e 28 29 7b 74 28 65 2e 67 65 74 45 6e 74 72 69 65 73 28 29 29 7d 29 29 7d 29 29 3b 72 65 74 75 72 6e 20 72 2e 6f 62 73 65 72 76 65 28 4f 62 6a 65 63 74 2e 61 73 73 69 67 6e 28 7b 74 79 70 65 3a 65 2c 62 75 66 66 65 72 65 64 3a 21 30 7d 2c 6e 7c 7c 7b 7d 29 29 2c 72 7d 7d 63 61 74 63 68 28 65 29 7b 7d 7d 2c 67 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 2c 72 29 7b 76 61 72 20 69 2c 6f 3b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 61 29 7b 74 2e 76 61 6c 75 65 3e 3d 30 26 26 28 61 7c 7c 72 29 26 26 28 28 6f 3d 74 2e 76 61 6c 75 65 2d 28 69 7c 7c 30 29 29 7c 7c 76 6f 69 64 20 30 3d 3d 3d 69 29 26 26 28 69 3d 74 2e 76 61 6c 75 65 2c 74 2e 64 65 6c 74 Data Ascii: e){Promise.resolve().then((function(){t(e.getEntries())}))}));return r.observe(Object.assign({type:e,buffered:!0},n\|\|{})),r}}catch(e){}},g=function(e,t,n,r){var i,o;return function(a){t.value>=0&&(a\|\|r)&&((o=t.value-(i\|\|0))\|\|void 0===i)&&(i=t.value,t.delt
2025-02-14 23:55:49 UTC	1369	IN	Data Raw: 7b 7d 2c 50 28 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 6e 2c 72 3d 43 28 29 2c 69 3d 70 28 22 46 43 50 22 29 2c 6f 3d 6d 28 22 70 61 69 6e 74 22 2c 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 65 2e 66 6f 72 45 61 63 68 28 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 22 66 69 72 73 74 2d 63 6f 6e 74 65 6e 74 66 75 6c 2d 70 61 69 6e 74 22 3d 3d 3d 65 2e 6e 61 6d 65 26 26 28 6f 2e 64 69 73 63 6f 6e 6e 65 63 74 28 29 2c 65 2e 73 74 61 72 74 54 69 6d 65 3c 72 2e 66 69 72 73 74 48 69 64 64 65 6e 54 69 6d 65 26 26 28 69 2e 76 61 6c 75 65 3d 4d 61 74 68 2e 6d 61 78 28 65 2e 73 74 61 72 74 54 69 6d 65 2d 76 28 29 2c 30 29 2c 69 2e 65 6e 74 72 69 65 73 2e 70 75 73 68 28 65 29 2c 6e 28 21 30 29 29 29 7d 29 29 7d 29 29 3b 6f 26 26 28 6e 3d 67 28 65 2c 69 2c 42 2c 74 2e Data Ascii: {},P((function(){var n,r=C(),i=p("FCP"),o=m("paint",(function(e){e.forEach((function(e){"first-contentful-paint"===e.name&&(o.disconnect(),e.startTime<r.firstHiddenTime&&(i.value=Math.max(e.startTime-v(),0),i.entries.push(e),n(!0)))}))}));o&&(n=g(e,i,B,t.

Timestamp	Bytes transferred	Direction	Data
2025-02-14 23:55:49 UTC	860	OUT	GET /slt3lc6tev37/6bNeiYhSx0RGvbzxS5Fi8c/3ff83bcc36e86e85170201f8264b2c1c/banner-new.png HTTP/1.1 Host: cf-assets.www.cloudflare.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.cloudflare.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: __cf_bm=FGhWv14D3CnzXQl0jk92tYa9t9pH1pu7jvmh8JWpPQk-1739577348-1.0.1.1-3FZ3Ny_vz1nmQQK5bok6fOiiks39OjlDW2uLSWAn9bqhqkqJRUwXbe7IpNvEDcuruzPtKwywIWBu50HaNG8e1vqMNxOxJOVPtwUEvsdyic8
2025-02-14 23:55:49 UTC	861	IN	HTTP/1.1 200 OK Date: Fri, 14 Feb 2025 23:55:49 GMT Content-Type: image/webp Content-Length: 2238 Connection: close CF-Ray: 9120fdbfcb4a0f43-EWR CF-Cache-Status: HIT Accept-Ranges: bytes Age: 114285 Cache-Control: max-age=604800 Content-Disposition: inline; filename="banner-new.webp" ETag: "a9df8b6f62f4aeb1b4699a2ae4b291bb" Last-Modified: Thu, 22 Aug 2024 13:46:01 GMT Vary: Accept Cf-Bgj: imgq:85,h2pri Cf-Polished: origFmt=png, origSize=3127 Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KNiIExHl4Dpe9hiYdH9YNGvxdZse7n%2FPE4WRb0N1NOwO6hiqyT96QQOGAohG%2FdyudyzS5t7jK8P632M7s%2FbIjsPbd1%2B96FH93ETfqpCffu2SX1YoUWPvIhRqG3Tk%2FoGD%2Bu8OHGP7ZUN3RjgpH84%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare alt-svc: h3=":443"; ma=86400
2025-02-14 23:55:49 UTC	508	IN	Data Raw: 52 49 46 46 b6 08 00 00 57 45 42 50 56 50 38 4c aa 08 00 00 2f 99 82 15 10 19 45 6d db 40 ca 3b e3 8f f8 1e 82 88 fe 4f 80 3c 36 b1 09 c4 86 4c da 26 fe 6d af d7 14 08 04 92 11 f2 a7 1b 65 10 fa 2f 24 48 b0 39 45 8e 59 a1 1f 18 05 25 49 92 e3 48 92 1b 7a 99 ff bf 62 8e f3 bc 7d 18 22 45 00 64 82 11 0e f6 8d 61 db b6 61 e8 b5 ff 5f 5c 4c 90 23 49 52 24 79 2e 0b b4 07 cf d3 5f 1e c6 70 50 5b 5b d0 5c 1b 18 81 06 fb 23 cc 04 5b 13 5c 02 a4 81 34 c1 04 2e 02 11 88 60 04 48 90 e4 c6 6d 24 e7 8e 52 0b 70 b1 5c 40 b9 de 62 11 04 e1 f7 ee 6f ec 13 fd 7f c3 92 90 e0 0c 08 3e cf 40 1e f8 c9 4f 70 3f 30 d0 5f b7 02 77 8a b3 66 70 30 d4 46 7c c7 2a 66 07 e0 8f 5e d6 3f bd 16 65 df 14 ed cd 51 1e d4 66 b1 c3 c8 d8 ce df fc 54 f1 7c 3d fd d9 db 2d 85 6d d6 07 8c 15 31 Data Ascii: RIFFWEBPVP8L/Em@;O<6L&me/$H9EY%IHzb}"Edaa_\L#IR$y._pP[[\#[\4.`Hm$Rp\@bo>@Op?0_wfp0F\|*f^?eQfT\|=-m1
2025-02-14 23:55:49 UTC	1369	IN	Data Raw: 90 38 10 27 65 52 a2 e9 55 14 0a 3f 50 7a 37 b5 69 9c f7 27 fd e0 2e 16 45 65 d2 82 1d 3a ff 9d a4 02 a4 0a 39 b0 c6 01 80 22 e9 01 ee 6e 0d 6e 5c 24 ab e5 4c b1 44 71 81 27 f1 4a 17 e1 8b f1 19 20 15 c6 c0 4d 80 8a e2 2b 06 b2 40 0c 14 2b 1b 50 05 30 70 91 37 90 3e e4 80 20 28 4a d3 59 00 c9 d7 54 72 eb 08 49 47 8c 74 08 03 25 e4 a6 76 99 3c 37 15 37 3e 29 f4 9e 03 e0 82 cd 02 28 91 57 85 51 3a 7b 26 03 70 b4 28 c0 44 14 20 b3 09 05 2e 82 00 f5 84 31 50 44 f7 36 65 7f 15 e6 b4 ce c6 66 b5 88 e9 07 ca 91 0e 58 da f4 32 df 9e 36 ef 42 d3 e7 f5 c0 e4 63 01 41 00 be 12 0d cc 6d a7 8a da 74 76 29 db 81 19 bb 03 81 1e c9 80 25 64 42 fe 1e d1 81 9b 11 05 92 26 0e d8 d0 26 90 00 ad a2 36 9b 5d bd 0c f4 44 9e 5c 37 fe c0 c4 81 09 c7 03 99 c2 0f 54 31 31 e6 ba 26 Data Ascii: 8'eRU?Pz7i'.Ee:9"nn\$LDq'J M+@+P0p7> (JYTrIGt%v<77>)(WQ:{&p(D .1PD6efX26BcAmtv)%dB&&6]D\7T11&
2025-02-14 23:55:49 UTC	361	IN	Data Raw: 35 23 bc 25 7d 2f 10 84 d4 9f 2b 53 bf 0e de ae fc 82 af 43 05 08 02 65 80 89 4c 20 29 92 09 6b 92 20 64 64 f6 62 1a 80 b0 7b e6 83 d9 41 11 28 dd ae 2e cc c5 f7 26 f7 15 c5 08 03 36 f8 49 fb a3 be 00 16 1c 2a 00 51 cc a0 20 d7 44 37 41 40 b0 45 b6 83 fa 57 a7 0f 09 e9 b6 ce 09 9f 3b 34 c4 c5 81 ac 8d 4e 51 9d 3b 92 9b 9f e1 9f fb 31 6e 1e d2 14 e9 3c 26 b4 01 e6 ac b0 e4 02 57 a0 07 a0 18 28 ad b8 a4 f6 e4 56 75 60 72 80 9b 01 05 6a 33 67 4d 82 c1 d7 17 32 bc e9 3f 7f 6a 46 fb 7f 2e c8 97 ce 3c 70 bd 36 60 0a 0a 9c 04 d2 26 5b 6e 14 92 86 15 e8 91 1b 21 68 28 02 4f ac 02 b0 4c a4 6d a7 8a 36 44 87 fb d3 58 25 b7 00 c9 dc 48 47 e0 e1 8c 35 ac 90 4c d0 c1 4f 70 04 4c 4f ab 37 5d ad ed a8 e2 2f 4e c8 39 32 10 48 ef 2d 80 91 25 03 89 31 83 1a ef f1 59 89 61 Data Ascii: 5#%}/+SCeL )k ddb{A(.&6I*Q D7A@EW;4NQ;1n<&W(Vu`rj3gM2?jF.<p6`&[n!h(OLm6DX%HG5LOpLO7]/N92H-%1Ya

Timestamp	Bytes transferred	Direction	Data
2025-02-14 23:55:49 UTC	815	OUT	GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1 Host: www.cloudflare.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.cloudflare.com/learning/access-management/phishing-attack/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: __cf_bm=FGhWv14D3CnzXQl0jk92tYa9t9pH1pu7jvmh8JWpPQk-1739577348-1.0.1.1-3FZ3Ny_vz1nmQQK5bok6fOiiks39OjlDW2uLSWAn9bqhqkqJRUwXbe7IpNvEDcuruzPtKwywIWBu50HaNG8e1vqMNxOxJOVPtwUEvsdyic8
2025-02-14 23:55:49 UTC	756	IN	HTTP/1.1 200 OK Date: Fri, 14 Feb 2025 23:55:49 GMT Content-Type: application/javascript Content-Length: 12332 Connection: close Last-Modified: Tue, 11 Feb 2025 12:49:22 GMT ETag: "67ab4752-302c" Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EWZ4Ygu2HshxZA4B12xc5o8MsPgJU7P3wvMDyczLLtEE9QIuZjL9SwZ7nHFK2MOY8pRS1owcMAN5RIPjqFUplGgz3NhX%2Fhhnjpz9MgeBuX16%2BX2u02IuemQDBvG6iqNfu8ychw%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 9120fdbfcaa243f3-EWR X-Frame-Options: DENY X-Content-Type-Options: nosniff Expires: Sun, 16 Feb 2025 23:55:49 GMT Cache-Control: max-age=172800 Cache-Control: public Accept-Ranges: bytes
2025-02-14 23:55:49 UTC	613	IN	Data Raw: 21 66 75 6e 63 74 69 6f 6e 28 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 66 75 6e 63 74 69 6f 6e 20 74 28 29 7b 72 65 74 75 72 6e 22 63 66 2d 6d 61 72 6b 65 72 2d 22 2b 4d 61 74 68 2e 72 61 6e 64 6f 6d 28 29 2e 74 6f 53 74 72 69 6e 67 28 29 2e 73 6c 69 63 65 28 32 29 7d 66 75 6e 63 74 69 6f 6e 20 65 28 29 7b 66 6f 72 28 76 61 72 20 74 3d 5b 5d 2c 65 3d 30 3b 65 3c 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3b 65 2b 2b 29 74 5b 65 5d 3d 61 72 67 75 6d 65 6e 74 73 5b 65 5d 3b 28 6e 3d 63 6f 6e 73 6f 6c 65 2e 77 61 72 6e 7c 7c 63 6f 6e 73 6f 6c 65 2e 6c 6f 67 29 2e 63 61 6c 6c 2e 61 70 70 6c 79 28 6e 2c 5b 63 6f 6e 73 6f 6c 65 2c 22 5b 52 4f 43 4b 45 54 20 4c 4f 41 44 45 52 5d 20 22 5d 2e 63 6f 6e 63 61 74 28 74 29 29 3b 76 61 72 20 6e 7d 66 75 6e 63 Data Ascii: !function(){"use strict";function t(){return"cf-marker-"+Math.random().toString().slice(2)}function e(){for(var t=[],e=0;e<arguments.length;e++)t[e]=arguments[e];(n=console.warn\|\|console.log).call.apply(n,[console,"[ROCKET LOADER] "].concat(t));var n}func
2025-02-14 23:55:49 UTC	1369	IN	Data Raw: 74 29 7b 72 65 74 75 72 6e 20 61 28 74 2c 22 22 29 7d 66 75 6e 63 74 69 6f 6e 20 73 28 74 2c 65 29 7b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 69 66 28 65 28 29 2c 74 29 72 65 74 75 72 6e 20 74 2e 63 61 6c 6c 28 74 68 69 73 2c 6e 29 7d 7d 66 75 6e 63 74 69 6f 6e 20 75 28 74 2c 65 29 7b 74 2e 6f 6e 6c 6f 61 64 3d 73 28 74 2e 6f 6e 6c 6f 61 64 2c 65 29 2c 74 2e 6f 6e 65 72 72 6f 72 3d 73 28 74 2e 6f 6e 65 72 72 6f 72 2c 65 29 7d 66 75 6e 63 74 69 6f 6e 20 70 28 74 29 7b 76 61 72 20 65 3d 64 6f 63 75 6d 65 6e 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 4e 53 28 74 2e 6e 61 6d 65 73 70 61 63 65 55 52 49 2c 22 73 63 72 69 70 74 22 29 3b 65 2e 61 73 79 6e 63 3d 74 2e 68 61 73 41 74 74 72 69 62 75 74 65 28 22 61 73 79 6e 63 22 29 2c 65 2e 74 65 Data Ascii: t){return a(t,"")}function s(t,e){return function(n){if(e(),t)return t.call(this,n)}}function u(t,e){t.onload=s(t.onload,e),t.onerror=s(t.onerror,e)}function p(t){var e=document.createElementNS(t.namespaceURI,"script");e.async=t.hasAttribute("async"),e.te
2025-02-14 23:55:49 UTC	1369	IN	Data Raw: 21 65 29 72 65 74 75 72 6e 20 6e 75 6c 6c 3b 76 61 72 20 6e 3d 65 2e 73 70 6c 69 74 28 54 29 3b 72 65 74 75 72 6e 7b 6e 6f 6e 63 65 3a 6e 5b 30 5d 2c 68 61 6e 64 6c 65 72 50 72 65 66 69 78 4c 65 6e 67 74 68 3a 2b 6e 5b 31 5d 2c 62 61 69 6c 6f 75 74 3a 21 74 2e 68 61 73 41 74 74 72 69 62 75 74 65 28 22 64 65 66 6