Edit tour

Windows Analysis Report
https://case-id-1000228223704.counselschambers.co.uk/

Overview

General Information

Sample URL:	https://case-id-1000228223704.counselschambers.co.uk/
Analysis ID:	1636955
Infos:

Detection

HTMLPhisher

Score:	60
Range:	0 - 100
Confidence:	100%

Signatures

Antivirus / Scanner detection for submitted sample

Yara detected BlockedWebSite

AI detected suspicious Javascript

Creates files inside the system directory

Deletes files inside the Windows folder

Detected non-DNS traffic on DNS port

Classification

Process Tree

System is w10x64

chrome.exe (PID: 6104 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: E81F54E6C1129887AEA47E7D092680BF)

chrome.exe (PID: 6152 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2324,i,8983884021095793227,17932107360871888839,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2348 /prefetch:3 MD5: E81F54E6C1129887AEA47E7D092680BF)

chrome.exe (PID: 1044 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://case-id-1000228223704.counselschambers.co.uk/" MD5: E81F54E6C1129887AEA47E7D092680BF)

cleanup

Yara Signatures

HTML

Source	Rule	Description	Author	Strings
0.0.pages.csv	JoeSecurity_BlockedWebSite	Yara detected BlockedWebSite	Joe Security

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

Antivirus / Scanner detection for submitted sample

Source: https://case-id-1000228223704.counselschambers.co.uk/

Avira URL Cloud: detection malicious, Label: malware

Phishing

Yara detected BlockedWebSite

Source: Yara match

File source: 0.0.pages.csv, type: HTML

AI detected suspicious Javascript

Source: 1.50.d.script.csv

Joe Sandbox AI: Detected suspicious JavaScript with source url: anonymous function... This script exhibits several high-risk behaviors, including dynamic code execution, data exfiltration, and obfuscated code. It appears to be collecting sensitive information (user agent, platform, and error message) and sending it to an unknown domain. The script also attempts to clear the interval, which could be a tactic to hide its activities. Overall, the combination of these behaviors suggests this is a highly suspicious and potentially malicious script.

Source: https://case-id-1000228223704.counselschambers.co.uk/	HTTP Parser: No favicon
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: No favicon
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: No favicon
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: No favicon
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: No favicon
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: No favicon
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: No favicon
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: No favicon
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: No favicon
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: No favicon
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: No favicon
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: No favicon
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: No favicon
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: No favicon

Source: unknown

HTTPS traffic detected: 204.79.197.222:443 -> 192.168.2.4:49734 version: TLS 1.2

Source: global traffic

TCP traffic: 192.168.2.4:49735 -> 1.1.1.1:53

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknown	TCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknown	TCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknown	TCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknown	TCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknown	TCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknown	TCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknown	TCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknown	TCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.222
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.222
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.222
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.222
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.222
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.222
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.222
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.222
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.222
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.222
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.222
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.186.35
Source: unknown	TCP traffic detected without corresponding DNS query: 142.250.186.35
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.222
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /learning/access-management/phishing-attack/ HTTP/1.1Host: www.cloudflare.comConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://case-id-1000228223704.counselschambers.co.uk/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/learning/security/threats/phishing-attack/diagram-phishing-attack.png HTTP/1.1Host: www.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.cloudflare.com/learning/access-management/phishing-attack/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _cfms_willow=enable; __cf_bm=BRcnPTsunMw_71CgTb1Ygn0kNnAfhbKNajoUG3DQBKQ-1741855334-1.0.1.1-o1d5TFKUwz9tp.7iirdPuIpcfBTSH3gdFs1zxVVW1ocff0g6CtZAE.9nFAGhrIOU0x._ByCgyWe4pX.nzORvbuPeTJ1yfB5H8V0GxbuiFsKfe71BHQOE8RINTZO3zA_A
Source: global traffic	HTTP traffic detected: GET /slt3lc6tev37/2fMg89go9MegG1EDg39mNy/5a42817cd388ae352f77f56e53b1ff81/card-new.png HTTP/1.1Host: cf-assets.www.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.cloudflare.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _cfms_willow=enable; __cf_bm=BRcnPTsunMw_71CgTb1Ygn0kNnAfhbKNajoUG3DQBKQ-1741855334-1.0.1.1-o1d5TFKUwz9tp.7iirdPuIpcfBTSH3gdFs1zxVVW1ocff0g6CtZAE.9nFAGhrIOU0x._ByCgyWe4pX.nzORvbuPeTJ1yfB5H8V0GxbuiFsKfe71BHQOE8RINTZO3zA_A
Source: global traffic	HTTP traffic detected: GET /slt3lc6tev37/6bNeiYhSx0RGvbzxS5Fi8c/3ff83bcc36e86e85170201f8264b2c1c/banner-new.png HTTP/1.1Host: cf-assets.www.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.cloudflare.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _cfms_willow=enable; __cf_bm=BRcnPTsunMw_71CgTb1Ygn0kNnAfhbKNajoUG3DQBKQ-1741855334-1.0.1.1-o1d5TFKUwz9tp.7iirdPuIpcfBTSH3gdFs1zxVVW1ocff0g6CtZAE.9nFAGhrIOU0x._ByCgyWe4pX.nzORvbuPeTJ1yfB5H8V0GxbuiFsKfe71BHQOE8RINTZO3zA_A
Source: global traffic	HTTP traffic detected: GET /img/privacyoptions.svg HTTP/1.1Host: www.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.cloudflare.com/learning/access-management/phishing-attack/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _cfms_willow=enable; __cf_bm=BRcnPTsunMw_71CgTb1Ygn0kNnAfhbKNajoUG3DQBKQ-1741855334-1.0.1.1-o1d5TFKUwz9tp.7iirdPuIpcfBTSH3gdFs1zxVVW1ocff0g6CtZAE.9nFAGhrIOU0x._ByCgyWe4pX.nzORvbuPeTJ1yfB5H8V0GxbuiFsKfe71BHQOE8RINTZO3zA_A
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1Host: www.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.cloudflare.com/learning/access-management/phishing-attack/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _cfms_willow=enable; __cf_bm=BRcnPTsunMw_71CgTb1Ygn0kNnAfhbKNajoUG3DQBKQ-1741855334-1.0.1.1-o1d5TFKUwz9tp.7iirdPuIpcfBTSH3gdFs1zxVVW1ocff0g6CtZAE.9nFAGhrIOU0x._ByCgyWe4pX.nzORvbuPeTJ1yfB5H8V0GxbuiFsKfe71BHQOE8RINTZO3zA_A
Source: global traffic	HTTP traffic detected: GET /beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 HTTP/1.1Host: static.cloudflareinsights.comConnection: keep-aliveOrigin: https://www.cloudflare.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.cloudflare.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/learning/security/threats/phishing-attack/diagram-phishing-attack.png HTTP/1.1Host: www.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _cfms_willow=enable; __cf_bm=BRcnPTsunMw_71CgTb1Ygn0kNnAfhbKNajoUG3DQBKQ-1741855334-1.0.1.1-o1d5TFKUwz9tp.7iirdPuIpcfBTSH3gdFs1zxVVW1ocff0g6CtZAE.9nFAGhrIOU0x._ByCgyWe4pX.nzORvbuPeTJ1yfB5H8V0GxbuiFsKfe71BHQOE8RINTZO3zA_A
Source: global traffic	HTTP traffic detected: GET /public/vendor/onetrust/scripttemplates/otSDKStub.js HTTP/1.1Host: ot.www.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.cloudflare.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _cfms_willow=enable; __cf_bm=BRcnPTsunMw_71CgTb1Ygn0kNnAfhbKNajoUG3DQBKQ-1741855334-1.0.1.1-o1d5TFKUwz9tp.7iirdPuIpcfBTSH3gdFs1zxVVW1ocff0g6CtZAE.9nFAGhrIOU0x._ByCgyWe4pX.nzORvbuPeTJ1yfB5H8V0GxbuiFsKfe71BHQOE8RINTZO3zA_A
Source: global traffic	HTTP traffic detected: GET /webpack-runtime-9510a2e22c3debbfcadd.js HTTP/1.1Host: www.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.cloudflare.com/learning/access-management/phishing-attack/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _cfms_willow=enable; __cf_bm=BRcnPTsunMw_71CgTb1Ygn0kNnAfhbKNajoUG3DQBKQ-1741855334-1.0.1.1-o1d5TFKUwz9tp.7iirdPuIpcfBTSH3gdFs1zxVVW1ocff0g6CtZAE.9nFAGhrIOU0x._ByCgyWe4pX.nzORvbuPeTJ1yfB5H8V0GxbuiFsKfe71BHQOE8RINTZO3zA_A
Source: global traffic	HTTP traffic detected: GET /framework-957a522640f43541ca6a.js HTTP/1.1Host: www.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.cloudflare.com/learning/access-management/phishing-attack/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _cfms_willow=enable; __cf_bm=BRcnPTsunMw_71CgTb1Ygn0kNnAfhbKNajoUG3DQBKQ-1741855334-1.0.1.1-o1d5TFKUwz9tp.7iirdPuIpcfBTSH3gdFs1zxVVW1ocff0g6CtZAE.9nFAGhrIOU0x._ByCgyWe4pX.nzORvbuPeTJ1yfB5H8V0GxbuiFsKfe71BHQOE8RINTZO3zA_A
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/api.js?render=explicit HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.cloudflare.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /app-435b8291d068da48aef5.js HTTP/1.1Host: www.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.cloudflare.com/learning/access-management/phishing-attack/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _cfms_willow=enable; __cf_bm=BRcnPTsunMw_71CgTb1Ygn0kNnAfhbKNajoUG3DQBKQ-1741855334-1.0.1.1-o1d5TFKUwz9tp.7iirdPuIpcfBTSH3gdFs1zxVVW1ocff0g6CtZAE.9nFAGhrIOU0x._ByCgyWe4pX.nzORvbuPeTJ1yfB5H8V0GxbuiFsKfe71BHQOE8RINTZO3zA_A
Source: global traffic	HTTP traffic detected: GET /img/privacyoptions.svg HTTP/1.1Host: www.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _cfms_willow=enable; __cf_bm=BRcnPTsunMw_71CgTb1Ygn0kNnAfhbKNajoUG3DQBKQ-1741855334-1.0.1.1-o1d5TFKUwz9tp.7iirdPuIpcfBTSH3gdFs1zxVVW1ocff0g6CtZAE.9nFAGhrIOU0x._ByCgyWe4pX.nzORvbuPeTJ1yfB5H8V0GxbuiFsKfe71BHQOE8RINTZO3zA_A
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.cloudflare.com/learning/access-management/phishing-attack/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _cfms_willow=enable; __cf_bm=BRcnPTsunMw_71CgTb1Ygn0kNnAfhbKNajoUG3DQBKQ-1741855334-1.0.1.1-o1d5TFKUwz9tp.7iirdPuIpcfBTSH3gdFs1zxVVW1ocff0g6CtZAE.9nFAGhrIOU0x._ByCgyWe4pX.nzORvbuPeTJ1yfB5H8V0GxbuiFsKfe71BHQOE8RINTZO3zA_A
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/g/f3b948d8acb8/api.js HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.cloudflare.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _cfms_willow=enable; __cf_bm=BRcnPTsunMw_71CgTb1Ygn0kNnAfhbKNajoUG3DQBKQ-1741855334-1.0.1.1-o1d5TFKUwz9tp.7iirdPuIpcfBTSH3gdFs1zxVVW1ocff0g6CtZAE.9nFAGhrIOU0x._ByCgyWe4pX.nzORvbuPeTJ1yfB5H8V0GxbuiFsKfe71BHQOE8RINTZO3zA_A
Source: global traffic	HTTP traffic detected: GET /page-data/app-data.json HTTP/1.1Host: www.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.cloudflare.com/learning/access-management/phishing-attack/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _cfms_willow=enable; __cf_bm=BRcnPTsunMw_71CgTb1Ygn0kNnAfhbKNajoUG3DQBKQ-1741855334-1.0.1.1-o1d5TFKUwz9tp.7iirdPuIpcfBTSH3gdFs1zxVVW1ocff0g6CtZAE.9nFAGhrIOU0x._ByCgyWe4pX.nzORvbuPeTJ1yfB5H8V0GxbuiFsKfe71BHQOE8RINTZO3zA_A
Source: global traffic	HTTP traffic detected: GET /page-data/learning/access-management/phishing-attack/page-data.json HTTP/1.1Host: www.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.cloudflare.com/learning/access-management/phishing-attack/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _cfms_willow=enable; __cf_bm=BRcnPTsunMw_71CgTb1Ygn0kNnAfhbKNajoUG3DQBKQ-1741855334-1.0.1.1-o1d5TFKUwz9tp.7iirdPuIpcfBTSH3gdFs1zxVVW1ocff0g6CtZAE.9nFAGhrIOU0x._ByCgyWe4pX.nzORvbuPeTJ1yfB5H8V0GxbuiFsKfe71BHQOE8RINTZO3zA_A
Source: global traffic	HTTP traffic detected: GET /page-data/app-data.json HTTP/1.1Host: www.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _cfms_willow=enable; __cf_bm=BRcnPTsunMw_71CgTb1Ygn0kNnAfhbKNajoUG3DQBKQ-1741855334-1.0.1.1-o1d5TFKUwz9tp.7iirdPuIpcfBTSH3gdFs1zxVVW1ocff0g6CtZAE.9nFAGhrIOU0x._ByCgyWe4pX.nzORvbuPeTJ1yfB5H8V0GxbuiFsKfe71BHQOE8RINTZO3zA_A
Source: global traffic	HTTP traffic detected: GET /page-data/sq/d/1048862057.json HTTP/1.1Host: www.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.cloudflare.com/learning/access-management/phishing-attack/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _cfms_willow=enable; __cf_bm=BRcnPTsunMw_71CgTb1Ygn0kNnAfhbKNajoUG3DQBKQ-1741855334-1.0.1.1-o1d5TFKUwz9tp.7iirdPuIpcfBTSH3gdFs1zxVVW1ocff0g6CtZAE.9nFAGhrIOU0x._ByCgyWe4pX.nzORvbuPeTJ1yfB5H8V0GxbuiFsKfe71BHQOE8RINTZO3zA_A
Source: global traffic	HTTP traffic detected: GET /page-data/learning/access-management/phishing-attack/page-data.json HTTP/1.1Host: www.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _cfms_willow=enable; __cf_bm=BRcnPTsunMw_71CgTb1Ygn0kNnAfhbKNajoUG3DQBKQ-1741855334-1.0.1.1-o1d5TFKUwz9tp.7iirdPuIpcfBTSH3gdFs1zxVVW1ocff0g6CtZAE.9nFAGhrIOU0x._ByCgyWe4pX.nzORvbuPeTJ1yfB5H8V0GxbuiFsKfe71BHQOE8RINTZO3zA_A
Source: global traffic	HTTP traffic detected: GET /page-data/sq/d/3199558980.json HTTP/1.1Host: www.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.cloudflare.com/learning/access-management/phishing-attack/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _cfms_willow=enable; __cf_bm=BRcnPTsunMw_71CgTb1Ygn0kNnAfhbKNajoUG3DQBKQ-1741855334-1.0.1.1-o1d5TFKUwz9tp.7iirdPuIpcfBTSH3gdFs1zxVVW1ocff0g6CtZAE.9nFAGhrIOU0x._ByCgyWe4pX.nzORvbuPeTJ1yfB5H8V0GxbuiFsKfe71BHQOE8RINTZO3zA_A
Source: global traffic	HTTP traffic detected: GET /page-data/sq/d/333361657.json HTTP/1.1Host: www.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.cloudflare.com/learning/access-management/phishing-attack/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _cfms_willow=enable; __cf_bm=BRcnPTsunMw_71CgTb1Ygn0kNnAfhbKNajoUG3DQBKQ-1741855334-1.0.1.1-o1d5TFKUwz9tp.7iirdPuIpcfBTSH3gdFs1zxVVW1ocff0g6CtZAE.9nFAGhrIOU0x._ByCgyWe4pX.nzORvbuPeTJ1yfB5H8V0GxbuiFsKfe71BHQOE8RINTZO3zA_A
Source: global traffic	HTTP traffic detected: GET /page-data/sq/d/3934964512.json HTTP/1.1Host: www.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.cloudflare.com/learning/access-management/phishing-attack/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _cfms_willow=enable; __cf_bm=BRcnPTsunMw_71CgTb1Ygn0kNnAfhbKNajoUG3DQBKQ-1741855334-1.0.1.1-o1d5TFKUwz9tp.7iirdPuIpcfBTSH3gdFs1zxVVW1ocff0g6CtZAE.9nFAGhrIOU0x._ByCgyWe4pX.nzORvbuPeTJ1yfB5H8V0GxbuiFsKfe71BHQOE8RINTZO3zA_A
Source: global traffic	HTTP traffic detected: GET /a06cff934e9579536ce1c10bad21c1d6d7f63ae0-90484db4602d401d94ca.js HTTP/1.1Host: www.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.cloudflare.com/learning/access-management/phishing-attack/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _cfms_willow=enable; __cf_bm=BRcnPTsunMw_71CgTb1Ygn0kNnAfhbKNajoUG3DQBKQ-1741855334-1.0.1.1-o1d5TFKUwz9tp.7iirdPuIpcfBTSH3gdFs1zxVVW1ocff0g6CtZAE.9nFAGhrIOU0x._ByCgyWe4pX.nzORvbuPeTJ1yfB5H8V0GxbuiFsKfe71BHQOE8RINTZO3zA_A
Source: global traffic	HTTP traffic detected: GET /component---src-components-learning-center-templates-learning-center-article-template-tsx-49a0a9ee350debcad655.js HTTP/1.1Host: www.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.cloudflare.com/learning/access-management/phishing-attack/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _cfms_willow=enable; __cf_bm=BRcnPTsunMw_71CgTb1Ygn0kNnAfhbKNajoUG3DQBKQ-1741855334-1.0.1.1-o1d5TFKUwz9tp.7iirdPuIpcfBTSH3gdFs1zxVVW1ocff0g6CtZAE.9nFAGhrIOU0x._ByCgyWe4pX.nzORvbuPeTJ1yfB5H8V0GxbuiFsKfe71BHQOE8RINTZO3zA_A
Source: global traffic	HTTP traffic detected: GET /page-data/sq/d/1048862057.json HTTP/1.1Host: www.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _cfms_willow=enable; __cf_bm=BRcnPTsunMw_71CgTb1Ygn0kNnAfhbKNajoUG3DQBKQ-1741855334-1.0.1.1-o1d5TFKUwz9tp.7iirdPuIpcfBTSH3gdFs1zxVVW1ocff0g6CtZAE.9nFAGhrIOU0x._ByCgyWe4pX.nzORvbuPeTJ1yfB5H8V0GxbuiFsKfe71BHQOE8RINTZO3zA_A
Source: global traffic	HTTP traffic detected: GET /page-data/sq/d/3199558980.json HTTP/1.1Host: www.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _cfms_willow=enable; __cf_bm=BRcnPTsunMw_71CgTb1Ygn0kNnAfhbKNajoUG3DQBKQ-1741855334-1.0.1.1-o1d5TFKUwz9tp.7iirdPuIpcfBTSH3gdFs1zxVVW1ocff0g6CtZAE.9nFAGhrIOU0x._ByCgyWe4pX.nzORvbuPeTJ1yfB5H8V0GxbuiFsKfe71BHQOE8RINTZO3zA_A
Source: global traffic	HTTP traffic detected: GET /page-data/sq/d/3934964512.json HTTP/1.1Host: www.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _cfms_willow=enable; __cf_bm=BRcnPTsunMw_71CgTb1Ygn0kNnAfhbKNajoUG3DQBKQ-1741855334-1.0.1.1-o1d5TFKUwz9tp.7iirdPuIpcfBTSH3gdFs1zxVVW1ocff0g6CtZAE.9nFAGhrIOU0x._ByCgyWe4pX.nzORvbuPeTJ1yfB5H8V0GxbuiFsKfe71BHQOE8RINTZO3zA_A
Source: global traffic	HTTP traffic detected: GET /page-data/sq/d/333361657.json HTTP/1.1Host: www.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _cfms_willow=enable; __cf_bm=BRcnPTsunMw_71CgTb1Ygn0kNnAfhbKNajoUG3DQBKQ-1741855334-1.0.1.1-o1d5TFKUwz9tp.7iirdPuIpcfBTSH3gdFs1zxVVW1ocff0g6CtZAE.9nFAGhrIOU0x._ByCgyWe4pX.nzORvbuPeTJ1yfB5H8V0GxbuiFsKfe71BHQOE8RINTZO3zA_A
Source: global traffic	HTTP traffic detected: GET /174-242772ef10d8d161ae24.js HTTP/1.1Host: www.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.cloudflare.com/learning/access-management/phishing-attack/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _cfms_willow=enable; __cf_bm=BRcnPTsunMw_71CgTb1Ygn0kNnAfhbKNajoUG3DQBKQ-1741855334-1.0.1.1-o1d5TFKUwz9tp.7iirdPuIpcfBTSH3gdFs1zxVVW1ocff0g6CtZAE.9nFAGhrIOU0x._ByCgyWe4pX.nzORvbuPeTJ1yfB5H8V0GxbuiFsKfe71BHQOE8RINTZO3zA_A
Source: global traffic	HTTP traffic detected: GET /static/z/i.js HTTP/1.1Host: www.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.cloudflare.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _cfms_willow=enable; __cf_bm=BRcnPTsunMw_71CgTb1Ygn0kNnAfhbKNajoUG3DQBKQ-1741855334-1.0.1.1-o1d5TFKUwz9tp.7iirdPuIpcfBTSH3gdFs1zxVVW1ocff0g6CtZAE.9nFAGhrIOU0x._ByCgyWe4pX.nzORvbuPeTJ1yfB5H8V0GxbuiFsKfe71BHQOE8RINTZO3zA_A; _lr_tabs_-ykolez%2Fcloudflarecom={%22recordingID%22:%226-01958eab-4e9c-753e-a790-1e79c86da389%22%2C%22sessionID%22:0%2C%22lastActivity%22:1741855348637%2C%22hasActivity%22:false}; _lr_hb_-ykolez%2Fcloudflarecom={%22heartbeat%22:1741855348637}; _lr_uf_-ykolez=6e54c726-aa98-444e-bfa1-db8d674aaf99
Source: global traffic	HTTP traffic detected: GET /api/v1/marketo/form/2459 HTTP/1.1Host: api.www.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Origin: https://www.cloudflare.comSec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.cloudflare.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _cfms_willow=enable; __cf_bm=BRcnPTsunMw_71CgTb1Ygn0kNnAfhbKNajoUG3DQBKQ-1741855334-1.0.1.1-o1d5TFKUwz9tp.7iirdPuIpcfBTSH3gdFs1zxVVW1ocff0g6CtZAE.9nFAGhrIOU0x._ByCgyWe4pX.nzORvbuPeTJ1yfB5H8V0GxbuiFsKfe71BHQOE8RINTZO3zA_A
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/3hpyo/0x4AAAAAAAnv2jFa1hO0Znbl/light/fbE/new/normal/auto/ HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.cloudflare.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /f597f8065f97/065ba81630d7/launch-efab6d095ce0.min.js HTTP/1.1Host: assets.adobedtm.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://www.cloudflare.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/z/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyV2hhdCUyMGlzJTIwYSUyMHBoaXNoaW5nJTIwYXR0YWNrJTNGJTIwJTdDJTIwQ2xvdWRmbGFyZSUyMiUyQyUyMnglMjIlM0EwLjUzNjA1MDcxMTE0NzM4ODklMkMlMjJ3JTIyJTNBMTI4MCUyQyUyMmglMjIlM0ExMDI0JTJDJTIyaiUyMiUzQTg5NyUyQyUyMmUlMjIlM0ExMjgwJTJDJTIybCUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGd3d3LmNsb3VkZmxhcmUuY29tJTJGbGVhcm5pbmclMkZhY2Nlc3MtbWFuYWdlbWVudCUyRnBoaXNoaW5nLWF0dGFjayUyRiUyMiUyQyUyMnIlMjIlM0ElMjJodHRwcyUzQSUyRiUyRmNhc2UtaWQtMTAwMDIyODIyMzcwNC5jb3Vuc2Vsc2NoYW1iZXJzLmNvLnVrJTJGJTIyJTJDJTIyayUyMiUzQTI0JTJDJTIybiUyMiUzQSUyMlVURi04JTIyJTJDJTIybyUyMiUzQTI0MCUyQyUyMnElMjIlM0ElNUIlNUQlN0Q= HTTP/1.1Host: www.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.cloudflare.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _cfms_willow=enable; __cf_bm=BRcnPTsunMw_71CgTb1Ygn0kNnAfhbKNajoUG3DQBKQ-1741855334-1.0.1.1-o1d5TFKUwz9tp.7iirdPuIpcfBTSH3gdFs1zxVVW1ocff0g6CtZAE.9nFAGhrIOU0x._ByCgyWe4pX.nzORvbuPeTJ1yfB5H8V0GxbuiFsKfe71BHQOE8RINTZO3zA_A; _lr_tabs_-ykolez%2Fcloudflarecom={%22recordingID%22:%226-01958eab-4e9c-753e-a790-1e79c86da389%22%2C%22sessionID%22:0%2C%22lastActivity%22:1741855348637%2C%22hasActivity%22:false}; _lr_hb_-ykolez%2Fcloudflarecom={%22heartbeat%22:1741855348637}; _lr_uf_-ykolez=6e54c726-aa98-444e-bfa1-db8d674aaf99
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=91fa3d0c7d334fc9&lang=auto HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/3hpyo/0x4AAAAAAAnv2jFa1hO0Znbl/light/fbE/new/normal/auto/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/cmg/1 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/3hpyo/0x4AAAAAAAnv2jFa1hO0Znbl/light/fbE/new/normal/auto/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /page-data/plans/enterprise/contact/page-data.json HTTP/1.1Host: www.cloudflare.comConnection: keep-aliveOrigin: https://www.cloudflare.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: application/signed-exchange;v=b3;q=0.7,/;q=0.8Purpose: prefetchSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.cloudflare.com/learning/access-management/phishing-attack/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _cfms_willow=enable; __cf_bm=BRcnPTsunMw_71CgTb1Ygn0kNnAfhbKNajoUG3DQBKQ-1741855334-1.0.1.1-o1d5TFKUwz9tp.7iirdPuIpcfBTSH3gdFs1zxVVW1ocff0g6CtZAE.9nFAGhrIOU0x._ByCgyWe4pX.nzORvbuPeTJ1yfB5H8V0GxbuiFsKfe71BHQOE8RINTZO3zA_A; _lr_hb_-ykolez%2Fcloudflarecom={%22heartbeat%22:1741855348637}; _lr_uf_-ykolez=6e54c726-aa98-444e-bfa1-db8d674aaf99; _lr_tabs_-ykolez%2Fcloudflarecom={%22recordingID%22:%226-01958eab-4e9c-753e-a790-1e79c86da389%22%2C%22sessionID%22:0%2C%22lastActivity%22:1741855351538%2C%22hasActivity%22:true}
Source: global traffic	HTTP traffic detected: GET /page-data/learning/access-management/what-is-sase/page-data.json HTTP/1.1Host: www.cloudflare.comConnection: keep-aliveOrigin: https://www.cloudflare.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: application/signed-exchange;v=b3;q=0.7,/;q=0.8Purpose: prefetchSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.cloudflare.com/learning/access-management/phishing-attack/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _cfms_willow=enable; __cf_bm=BRcnPTsunMw_71CgTb1Ygn0kNnAfhbKNajoUG3DQBKQ-1741855334-1.0.1.1-o1d5TFKUwz9tp.7iirdPuIpcfBTSH3gdFs1zxVVW1ocff0g6CtZAE.9nFAGhrIOU0x._ByCgyWe4pX.nzORvbuPeTJ1yfB5H8V0GxbuiFsKfe71BHQOE8RINTZO3zA_A; _lr_hb_-ykolez%2Fcloudflarecom={%22heartbeat%22:1741855348637}; _lr_uf_-ykolez=6e54c726-aa98-444e-bfa1-db8d674aaf99; _lr_tabs_-ykolez%2Fcloudflarecom={%22recordingID%22:%226-01958eab-4e9c-753e-a790-1e79c86da389%22%2C%22sessionID%22:0%2C%22lastActivity%22:1741855351538%2C%22hasActivity%22:true}
Source: global traffic	HTTP traffic detected: GET /page-data/learning/access-management/what-is-identity-and-access-management/page-data.json HTTP/1.1Host: www.cloudflare.comConnection: keep-aliveOrigin: https://www.cloudflare.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: application/signed-exchange;v=b3;q=0.7,/;q=0.8Purpose: prefetchSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.cloudflare.com/learning/access-management/phishing-attack/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _cfms_willow=enable; __cf_bm=BRcnPTsunMw_71CgTb1Ygn0kNnAfhbKNajoUG3DQBKQ-1741855334-1.0.1.1-o1d5TFKUwz9tp.7iirdPuIpcfBTSH3gdFs1zxVVW1ocff0g6CtZAE.9nFAGhrIOU0x._ByCgyWe4pX.nzORvbuPeTJ1yfB5H8V0GxbuiFsKfe71BHQOE8RINTZO3zA_A; _lr_hb_-ykolez%2Fcloudflarecom={%22heartbeat%22:1741855348637}; _lr_uf_-ykolez=6e54c726-aa98-444e-bfa1-db8d674aaf99; _lr_tabs_-ykolez%2Fcloudflarecom={%22recordingID%22:%226-01958eab-4e9c-753e-a790-1e79c86da389%22%2C%22sessionID%22:0%2C%22lastActivity%22:1741855351538%2C%22hasActivity%22:true}
Source: global traffic	HTTP traffic detected: GET /page-data/plans/page-data.json HTTP/1.1Host: www.cloudflare.comConnection: keep-aliveOrigin: https://www.cloudflare.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: application/signed-exchange;v=b3;q=0.7,/;q=0.8Purpose: prefetchSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.cloudflare.com/learning/access-management/phishing-attack/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _cfms_willow=enable; __cf_bm=BRcnPTsunMw_71CgTb1Ygn0kNnAfhbKNajoUG3DQBKQ-1741855334-1.0.1.1-o1d5TFKUwz9tp.7iirdPuIpcfBTSH3gdFs1zxVVW1ocff0g6CtZAE.9nFAGhrIOU0x._ByCgyWe4pX.nzORvbuPeTJ1yfB5H8V0GxbuiFsKfe71BHQOE8RINTZO3zA_A; _lr_hb_-ykolez%2Fcloudflarecom={%22heartbeat%22:1741855348637}; _lr_uf_-ykolez=6e54c726-aa98-444e-bfa1-db8d674aaf99; _lr_tabs_-ykolez%2Fcloudflarecom={%22recordingID%22:%226-01958eab-4e9c-753e-a790-1e79c86da389%22%2C%22sessionID%22:0%2C%22lastActivity%22:1741855351538%2C%22hasActivity%22:true}
Source: global traffic	HTTP traffic detected: GET /id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=8AD56F28618A50850A495FB6%40AdobeOrg&d_nsid=0&ts=1741855352505 HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Content-Type: application/x-www-form-urlencodedsec-ch-ua-mobile: ?0Accept: /Origin: https://www.cloudflare.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeReferer: https://www.cloudflare.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/cmg/1 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: AMCV_8AD56F28618A50850A495FB6%40AdobeOrg=179643557%7CMCIDTS%7C20161%7CvVersion%7C5.5.0; cfz_facebook-pixel=%7B%22OwdI_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1658193088%22%2C%22e%22%3A1773391354011%7D%2C%22VVgx_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1993518844%22%2C%22e%22%3A1773391354011%7D%2C%22bHox_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1485756976%22%2C%22e%22%3A1773391354011%7D%2C%22elKW_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1558078048%22%2C%22e%22%3A1773391354011%7D%7D; cfz_reddit=%7B%22fZaD_reddit_uuid%22%3A%7B%22v%22%3A%221741855354011.8599f7ff-b0ec-462a-acb2-fafef2230bc5%22%2C%22e%22%3A1773391354011%7D%7D
Source: global traffic	HTTP traffic detected: GET /page-data/plans/enterprise/contact/page-data.json HTTP/1.1Host: www.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.cloudflare.com/learning/access-management/phishing-attack/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _cfms_willow=enable; __cf_bm=BRcnPTsunMw_71CgTb1Ygn0kNnAfhbKNajoUG3DQBKQ-1741855334-1.0.1.1-o1d5TFKUwz9tp.7iirdPuIpcfBTSH3gdFs1zxVVW1ocff0g6CtZAE.9nFAGhrIOU0x._ByCgyWe4pX.nzORvbuPeTJ1yfB5H8V0GxbuiFsKfe71BHQOE8RINTZO3zA_A; _lr_hb_-ykolez%2Fcloudflarecom={%22heartbeat%22:1741855348637}; _lr_uf_-ykolez=6e54c726-aa98-444e-bfa1-db8d674aaf99; _lr_tabs_-ykolez%2Fcloudflarecom={%22recordingID%22:%226-01958eab-4e9c-753e-a790-1e79c86da389%22%2C%22sessionID%22:0%2C%22lastActivity%22:1741855351538%2C%22hasActivity%22:true}; AMCV_8AD56F28618A50850A495FB6%40AdobeOrg=179643557%7CMCIDTS%7C20161%7CvVersion%7C5.5.0; cfz_facebook-pixel=%7B%22OwdI_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1658193088%22%2C%22e%22%3A1773391354011%7D%2C%22VVgx_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1993518844%22%2C%22e%22%3A1773391354011%7D%2C%22bHox_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1485756976%22%2C%22e%22%3A1773391354011%7D%2C%22elKW_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1558078048%22%2C%22e%22%3A1773391354011%7D%7D; cfz_reddit=%7B%22fZaD_reddit_uuid%22%3A%7B%22v%22%3A%221741855354011.8599f7ff-b0ec-462a-acb2-fafef2230bc5%22%2C%22e%22%3A1773391354011%7D%7DIf-None-Match: W/"3d0fe1338314bc639300fdd71c5b3776"
Source: global traffic	HTTP traffic detected: GET /rp.gif?event=PageVisit&id=t2_1upmecjq&ts=1741855354011&uuid=8599f7ff-b0ec-462a-acb2-fafef2230bc5&integration=reddit&opt_out=0&v=rdt_65e23bc4&sh=1024&sw=1280 HTTP/1.1Host: alb.reddit.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeReferer: https://www.cloudflare.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /page-data/learning/access-management/what-is-sase/page-data.json HTTP/1.1Host: www.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.cloudflare.com/learning/access-management/phishing-attack/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _cfms_willow=enable; __cf_bm=BRcnPTsunMw_71CgTb1Ygn0kNnAfhbKNajoUG3DQBKQ-1741855334-1.0.1.1-o1d5TFKUwz9tp.7iirdPuIpcfBTSH3gdFs1zxVVW1ocff0g6CtZAE.9nFAGhrIOU0x._ByCgyWe4pX.nzORvbuPeTJ1yfB5H8V0GxbuiFsKfe71BHQOE8RINTZO3zA_A; _lr_hb_-ykolez%2Fcloudflarecom={%22heartbeat%22:1741855348637}; _lr_uf_-ykolez=6e54c726-aa98-444e-bfa1-db8d674aaf99; _lr_tabs_-ykolez%2Fcloudflarecom={%22recordingID%22:%226-01958eab-4e9c-753e-a790-1e79c86da389%22%2C%22sessionID%22:0%2C%22lastActivity%22:1741855351538%2C%22hasActivity%22:true}; AMCV_8AD56F28618A50850A495FB6%40AdobeOrg=179643557%7CMCIDTS%7C20161%7CvVersion%7C5.5.0; cfz_facebook-pixel=%7B%22OwdI_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1658193088%22%2C%22e%22%3A1773391354011%7D%2C%22VVgx_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1993518844%22%2C%22e%22%3A1773391354011%7D%2C%22bHox_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1485756976%22%2C%22e%22%3A1773391354011%7D%2C%22elKW_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1558078048%22%2C%22e%22%3A1773391354011%7D%7D; cfz_reddit=%7B%22fZaD_reddit_uuid%22%3A%7B%22v%22%3A%221741855354011.8599f7ff-b0ec-462a-acb2-fafef2230bc5%22%2C%22e%22%3A1773391354011%7D%7DIf-None-Match: W/"ee8ac42ae8011b00f9d27d9cd528abb6"
Source: global traffic	HTTP traffic detected: GET /collect/?fmt=js&v=2&url=https%3A%2F%2Fwww.cloudflare.com%2Flearning%2Faccess-management%2Fphishing-attack%2F&time=1741855354011&pid=28851&conversionId=13043044 HTTP/1.1Host: px.ads.linkedin.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeReferer: https://www.cloudflare.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /page-data/learning/access-management/what-is-identity-and-access-management/page-data.json HTTP/1.1Host: www.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.cloudflare.com/learning/access-management/phishing-attack/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _cfms_willow=enable; __cf_bm=BRcnPTsunMw_71CgTb1Ygn0kNnAfhbKNajoUG3DQBKQ-1741855334-1.0.1.1-o1d5TFKUwz9tp.7iirdPuIpcfBTSH3gdFs1zxVVW1ocff0g6CtZAE.9nFAGhrIOU0x._ByCgyWe4pX.nzORvbuPeTJ1yfB5H8V0GxbuiFsKfe71BHQOE8RINTZO3zA_A; _lr_hb_-ykolez%2Fcloudflarecom={%22heartbeat%22:1741855348637}; _lr_uf_-ykolez=6e54c726-aa98-444e-bfa1-db8d674aaf99; _lr_tabs_-ykolez%2Fcloudflarecom={%22recordingID%22:%226-01958eab-4e9c-753e-a790-1e79c86da389%22%2C%22sessionID%22:0%2C%22lastActivity%22:1741855351538%2C%22hasActivity%22:true}; AMCV_8AD56F28618A50850A495FB6%40AdobeOrg=179643557%7CMCIDTS%7C20161%7CvVersion%7C5.5.0; cfz_facebook-pixel=%7B%22OwdI_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1658193088%22%2C%22e%22%3A1773391354011%7D%2C%22VVgx_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1993518844%22%2C%22e%22%3A1773391354011%7D%2C%22bHox_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1485756976%22%2C%22e%22%3A1773391354011%7D%2C%22elKW_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1558078048%22%2C%22e%22%3A1773391354011%7D%7D; cfz_reddit=%7B%22fZaD_reddit_uuid%22%3A%7B%22v%22%3A%221741855354011.8599f7ff-b0ec-462a-acb2-fafef2230bc5%22%2C%22e%22%3A1773391354011%7D%7DIf-None-Match: W/"108941dd9061eb0359283875891a94ff"
Source: global traffic	HTTP traffic detected: GET /page-data/plans/page-data.json HTTP/1.1Host: www.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.cloudflare.com/learning/access-management/phishing-attack/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _cfms_willow=enable; __cf_bm=BRcnPTsunMw_71CgTb1Ygn0kNnAfhbKNajoUG3DQBKQ-1741855334-1.0.1.1-o1d5TFKUwz9tp.7iirdPuIpcfBTSH3gdFs1zxVVW1ocff0g6CtZAE.9nFAGhrIOU0x._ByCgyWe4pX.nzORvbuPeTJ1yfB5H8V0GxbuiFsKfe71BHQOE8RINTZO3zA_A; _lr_hb_-ykolez%2Fcloudflarecom={%22heartbeat%22:1741855348637}; _lr_uf_-ykolez=6e54c726-aa98-444e-bfa1-db8d674aaf99; _lr_tabs_-ykolez%2Fcloudflarecom={%22recordingID%22:%226-01958eab-4e9c-753e-a790-1e79c86da389%22%2C%22sessionID%22:0%2C%22lastActivity%22:1741855351538%2C%22hasActivity%22:true}; AMCV_8AD56F28618A50850A495FB6%40AdobeOrg=179643557%7CMCIDTS%7C20161%7CvVersion%7C5.5.0; cfz_facebook-pixel=%7B%22OwdI_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1658193088%22%2C%22e%22%3A1773391354011%7D%2C%22VVgx_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1993518844%22%2C%22e%22%3A1773391354011%7D%2C%22bHox_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1485756976%22%2C%22e%22%3A1773391354011%7D%2C%22elKW_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1558078048%22%2C%22e%22%3A1773391354011%7D%7D; cfz_reddit=%7B%22fZaD_reddit_uuid%22%3A%7B%22v%22%3A%221741855354011.8599f7ff-b0ec-462a-acb2-fafef2230bc5%22%2C%22e%22%3A1773391354011%7D%7DIf-None-Match: W/"df2df391a2dfb471df3766687f9a680a"
Source: global traffic	HTTP traffic detected: GET /dest5.html?d_nsid=0 HTTP/1.1Host: cloudflareinc.demdex.netConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: iframeSec-Fetch-Storage-Access: activeReferer: https://www.cloudflare.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: demdex=08700791949728329443240204663158695316
Source: global traffic	HTTP traffic detected: GET /id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=8AD56F28618A50850A495FB6%40AdobeOrg&d_nsid=0&ts=1741855352505 HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: demdex=08700791949728329443240204663158695316
Source: global traffic	HTTP traffic detected: GET /page-data/plans/enterprise/contact/page-data.json HTTP/1.1Host: www.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _cfms_willow=enable; __cf_bm=BRcnPTsunMw_71CgTb1Ygn0kNnAfhbKNajoUG3DQBKQ-1741855334-1.0.1.1-o1d5TFKUwz9tp.7iirdPuIpcfBTSH3gdFs1zxVVW1ocff0g6CtZAE.9nFAGhrIOU0x._ByCgyWe4pX.nzORvbuPeTJ1yfB5H8V0GxbuiFsKfe71BHQOE8RINTZO3zA_A; _lr_hb_-ykolez%2Fcloudflarecom={%22heartbeat%22:1741855348637}; _lr_uf_-ykolez=6e54c726-aa98-444e-bfa1-db8d674aaf99; cfz_facebook-pixel=%7B%22OwdI_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1658193088%22%2C%22e%22%3A1773391354011%7D%2C%22VVgx_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1993518844%22%2C%22e%22%3A1773391354011%7D%2C%22bHox_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1485756976%22%2C%22e%22%3A1773391354011%7D%2C%22elKW_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1558078048%22%2C%22e%22%3A1773391354011%7D%7D; cfz_reddit=%7B%22fZaD_reddit_uuid%22%3A%7B%22v%22%3A%221741855354011.8599f7ff-b0ec-462a-acb2-fafef2230bc5%22%2C%22e%22%3A1773391354011%7D%7D; AMCVS_8AD56F28618A50850A495FB6%40AdobeOrg=1; AMCV_8AD56F28618A50850A495FB6%40AdobeOrg=179643557%7CMCIDTS%7C20161%7CMCMID%7C05642032777902885222823989478245153710%7CMCAAMLH-1742460156%7C6%7CMCAAMB-1742460156%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1741862556s%7CNONE%7CvVersion%7C5.5.0; _lr_tabs_-ykolez%2Fcloudflarecom={%22recordingID%22:%226-01958eab-4e9c-753e-a790-1e79c86da389%22%2C%22sessionID%22:0%2C%22lastActivity%22:1741855356121%2C%22confirmed%22:false}
Source: global traffic	HTTP traffic detected: GET /rp.gif?event=PageVisit&id=t2_1upmecjq&ts=1741855354011&uuid=8599f7ff-b0ec-462a-acb2-fafef2230bc5&integration=reddit&opt_out=0&v=rdt_65e23bc4&sh=1024&sw=1280 HTTP/1.1Host: alb.reddit.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /page-data/learning/access-management/what-is-sase/page-data.json HTTP/1.1Host: www.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _cfms_willow=enable; __cf_bm=BRcnPTsunMw_71CgTb1Ygn0kNnAfhbKNajoUG3DQBKQ-1741855334-1.0.1.1-o1d5TFKUwz9tp.7iirdPuIpcfBTSH3gdFs1zxVVW1ocff0g6CtZAE.9nFAGhrIOU0x._ByCgyWe4pX.nzORvbuPeTJ1yfB5H8V0GxbuiFsKfe71BHQOE8RINTZO3zA_A; _lr_hb_-ykolez%2Fcloudflarecom={%22heartbeat%22:1741855348637}; _lr_uf_-ykolez=6e54c726-aa98-444e-bfa1-db8d674aaf99; cfz_facebook-pixel=%7B%22OwdI_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1658193088%22%2C%22e%22%3A1773391354011%7D%2C%22VVgx_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1993518844%22%2C%22e%22%3A1773391354011%7D%2C%22bHox_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1485756976%22%2C%22e%22%3A1773391354011%7D%2C%22elKW_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1558078048%22%2C%22e%22%3A1773391354011%7D%7D; cfz_reddit=%7B%22fZaD_reddit_uuid%22%3A%7B%22v%22%3A%221741855354011.8599f7ff-b0ec-462a-acb2-fafef2230bc5%22%2C%22e%22%3A1773391354011%7D%7D; AMCVS_8AD56F28618A50850A495FB6%40AdobeOrg=1; AMCV_8AD56F28618A50850A495FB6%40AdobeOrg=179643557%7CMCIDTS%7C20161%7CMCMID%7C05642032777902885222823989478245153710%7CMCAAMLH-1742460156%7C6%7CMCAAMB-1742460156%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1741862556s%7CNONE%7CvVersion%7C5.5.0; _lr_tabs_-ykolez%2Fcloudflarecom={%22recordingID%22:%226-01958eab-4e9c-753e-a790-1e79c86da389%22%2C%22sessionID%22:0%2C%22lastActivity%22:1741855356121%2C%22confirmed%22:false}
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/flow/ov1/2108338990:1741854312:kocPlZoEnL-Ur0xUSk6P20f_z_K-VIujT9HM11emwkI/91fa3d0c7d334fc9/adzcIIGKg9gQRm_Nf1j782bxd2mkL2du_Rhq24H07f4-1741855351-1.1.1.1-Evb1QqO9qVI.GzCJPhqEvrM3cXcqimy64hAWyE.mqD5lHPcTzDNdGcz022Dgw4Ln HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: cfz_facebook-pixel=%7B%22OwdI_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1658193088%22%2C%22e%22%3A1773391354011%7D%2C%22VVgx_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1993518844%22%2C%22e%22%3A1773391354011%7D%2C%22bHox_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1485756976%22%2C%22e%22%3A1773391354011%7D%2C%22elKW_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1558078048%22%2C%22e%22%3A1773391354011%7D%7D; cfz_reddit=%7B%22fZaD_reddit_uuid%22%3A%7B%22v%22%3A%221741855354011.8599f7ff-b0ec-462a-acb2-fafef2230bc5%22%2C%22e%22%3A1773391354011%7D%7D; AMCVS_8AD56F28618A50850A495FB6%40AdobeOrg=1; AMCV_8AD56F28618A50850A495FB6%40AdobeOrg=179643557%7CMCIDTS%7C20161%7CMCMID%7C05642032777902885222823989478245153710%7CMCAAMLH-1742460156%7C6%7CMCAAMB-1742460156%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1741862556s%7CNONE%7CvVersion%7C5.5.0
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/pat/91fa3d0c7d334fc9/1741855357449/143e90b3dcd67312f9ec4b30a0020819e9fb33e9183dd92fab01e6a2c66d505a/jlY0jueAKhQDqYT HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/3hpyo/0x4AAAAAAAnv2jFa1hO0Znbl/light/fbE/new/normal/auto/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: cfz_facebook-pixel=%7B%22OwdI_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1658193088%22%2C%22e%22%3A1773391354011%7D%2C%22VVgx_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1993518844%22%2C%22e%22%3A1773391354011%7D%2C%22bHox_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1485756976%22%2C%22e%22%3A1773391354011%7D%2C%22elKW_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1558078048%22%2C%22e%22%3A1773391354011%7D%7D; cfz_reddit=%7B%22fZaD_reddit_uuid%22%3A%7B%22v%22%3A%221741855354011.8599f7ff-b0ec-462a-acb2-fafef2230bc5%22%2C%22e%22%3A1773391354011%7D%7D; AMCVS_8AD56F28618A50850A495FB6%40AdobeOrg=1; AMCV_8AD56F28618A50850A495FB6%40AdobeOrg=179643557%7CMCIDTS%7C20161%7CMCMID%7C05642032777902885222823989478245153710%7CMCAAMLH-1742460156%7C6%7CMCAAMB-1742460156%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1741862556s%7CNONE%7CvVersion%7C5.5.0
Source: global traffic	HTTP traffic detected: GET /page-data/learning/access-management/what-is-identity-and-access-management/page-data.json HTTP/1.1Host: www.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _cfms_willow=enable; __cf_bm=BRcnPTsunMw_71CgTb1Ygn0kNnAfhbKNajoUG3DQBKQ-1741855334-1.0.1.1-o1d5TFKUwz9tp.7iirdPuIpcfBTSH3gdFs1zxVVW1ocff0g6CtZAE.9nFAGhrIOU0x._ByCgyWe4pX.nzORvbuPeTJ1yfB5H8V0GxbuiFsKfe71BHQOE8RINTZO3zA_A; _lr_hb_-ykolez%2Fcloudflarecom={%22heartbeat%22:1741855348637}; _lr_uf_-ykolez=6e54c726-aa98-444e-bfa1-db8d674aaf99; cfz_facebook-pixel=%7B%22OwdI_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1658193088%22%2C%22e%22%3A1773391354011%7D%2C%22VVgx_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1993518844%22%2C%22e%22%3A1773391354011%7D%2C%22bHox_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1485756976%22%2C%22e%22%3A1773391354011%7D%2C%22elKW_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1558078048%22%2C%22e%22%3A1773391354011%7D%7D; cfz_reddit=%7B%22fZaD_reddit_uuid%22%3A%7B%22v%22%3A%221741855354011.8599f7ff-b0ec-462a-acb2-fafef2230bc5%22%2C%22e%22%3A1773391354011%7D%7D; AMCVS_8AD56F28618A50850A495FB6%40AdobeOrg=1; AMCV_8AD56F28618A50850A495FB6%40AdobeOrg=179643557%7CMCIDTS%7C20161%7CMCMID%7C05642032777902885222823989478245153710%7CMCAAMLH-1742460156%7C6%7CMCAAMB-1742460156%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1741862556s%7CNONE%7CvVersion%7C5.5.0; _lr_tabs_-ykolez%2Fcloudflarecom={%22recordingID%22:%226-01958eab-4e9c-753e-a790-1e79c86da389%22%2C%22sessionID%22:0%2C%22lastActivity%22:1741855356121%2C%22confirmed%22:false}
Source: global traffic	HTTP traffic detected: GET /collect/?fmt=js&v=2&url=https%3A%2F%2Fwww.cloudflare.com%2Flearning%2Faccess-management%2Fphishing-attack%2F&time=1741855354011&pid=28851&conversionId=13043044&cookiesTest=true HTTP/1.1Host: px.ads.linkedin.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeReferer: https://www.cloudflare.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: li_sugr=50e59281-7f43-44f9-bb74-fdce41ae990a; bcookie="v=2&90eef08f-367a-4553-83f5-62d1c1745a62"; lidc="b=TGST03:s=T:r=T:a=T:p=T:g=3447:u=1:x=1:i=1741855358:t=1741941758:v=2:sig=AQEJgvf7R5lRYgyvYqCQjRZgjWz3m8fE"
Source: global traffic	HTTP traffic detected: GET /page-data/plans/page-data.json HTTP/1.1Host: www.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _cfms_willow=enable; __cf_bm=BRcnPTsunMw_71CgTb1Ygn0kNnAfhbKNajoUG3DQBKQ-1741855334-1.0.1.1-o1d5TFKUwz9tp.7iirdPuIpcfBTSH3gdFs1zxVVW1ocff0g6CtZAE.9nFAGhrIOU0x._ByCgyWe4pX.nzORvbuPeTJ1yfB5H8V0GxbuiFsKfe71BHQOE8RINTZO3zA_A; _lr_hb_-ykolez%2Fcloudflarecom={%22heartbeat%22:1741855348637}; _lr_uf_-ykolez=6e54c726-aa98-444e-bfa1-db8d674aaf99; cfz_facebook-pixel=%7B%22OwdI_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1658193088%22%2C%22e%22%3A1773391354011%7D%2C%22VVgx_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1993518844%22%2C%22e%22%3A1773391354011%7D%2C%22bHox_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1485756976%22%2C%22e%22%3A1773391354011%7D%2C%22elKW_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1558078048%22%2C%22e%22%3A1773391354011%7D%7D; cfz_reddit=%7B%22fZaD_reddit_uuid%22%3A%7B%22v%22%3A%221741855354011.8599f7ff-b0ec-462a-acb2-fafef2230bc5%22%2C%22e%22%3A1773391354011%7D%7D; AMCVS_8AD56F28618A50850A495FB6%40AdobeOrg=1; AMCV_8AD56F28618A50850A495FB6%40AdobeOrg=179643557%7CMCIDTS%7C20161%7CMCMID%7C05642032777902885222823989478245153710%7CMCAAMLH-1742460156%7C6%7CMCAAMB-1742460156%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1741862556s%7CNONE%7CvVersion%7C5.5.0; _lr_tabs_-ykolez%2Fcloudflarecom={%22recordingID%22:%226-01958eab-4e9c-753e-a790-1e79c86da389%22%2C%22sessionID%22:0%2C%22lastActivity%22:1741855356121%2C%22confirmed%22:false}
Source: global traffic	HTTP traffic detected: GET /ee/v1/identity/acquire?configId=715c679b-19c8-4402-8093-423571ad58c4&requestId=0b374856-c5db-428c-8a99-e7d6c484bf02 HTTP/1.1Host: adobedc.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: demdex=08700791949728329443240204663158695316
Source: global traffic	HTTP traffic detected: GET /extensions/EPc7341b33570d4c988798fc9f0093d4b2/AppMeasurement.min.js HTTP/1.1Host: assets.adobedtm.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://www.cloudflare.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /710030.gif?pdata=d=desktop,lc=US,ref=case-id-1000228223704.counselschambers.co.uk HTTP/1.1Host: di.rlcdn.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://www.cloudflare.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /extensions/EPc7341b33570d4c988798fc9f0093d4b2/AppMeasurement_Module_ActivityMap.min.js HTTP/1.1Host: assets.adobedtm.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://www.cloudflare.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/d/91fa3d0c7d334fc9/1741855357450/U561WI3Nb0jDDtL HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/3hpyo/0x4AAAAAAAnv2jFa1hO0Znbl/light/fbE/new/normal/auto/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: cfz_facebook-pixel=%7B%22OwdI_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1658193088%22%2C%22e%22%3A1773391354011%7D%2C%22VVgx_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1993518844%22%2C%22e%22%3A1773391354011%7D%2C%22bHox_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1485756976%22%2C%22e%22%3A1773391354011%7D%2C%22elKW_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1558078048%22%2C%22e%22%3A1773391354011%7D%7D; cfz_reddit=%7B%22fZaD_reddit_uuid%22%3A%7B%22v%22%3A%221741855354011.8599f7ff-b0ec-462a-acb2-fafef2230bc5%22%2C%22e%22%3A1773391354011%7D%7D; AMCVS_8AD56F28618A50850A495FB6%40AdobeOrg=1; AMCV_8AD56F28618A50850A495FB6%40AdobeOrg=179643557%7CMCIDTS%7C20161%7CMCMID%7C05642032777902885222823989478245153710%7CMCAAMLH-1742460156%7C6%7CMCAAMB-1742460156%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1741862556s%7CNONE%7CvVersion%7C5.5.0; kndctr_8AD56F28618A50850A495FB6_AdobeOrg_identity=CiYwNTY0MjAzMjc3NzkwMjg4NTIyMjgyMzk4OTQ3ODI0NTE1MzcxMFIRCIKDrvXYMhgBKgRJUkwxMAPwAYKDrvXYMg==; kndctr_8AD56F28618A50850A495FB6_AdobeOrg_cluster=irl1
Source: global traffic	HTTP traffic detected: GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%2F%3Ffmt%3Djs%26v%3D2%26url%3Dhttps%253A%252F%252Fwww.cloudflare.com%252Flearning%252Faccess-management%252Fphishing-attack%252F%26time%3D1741855354011%26pid%3D28851%26conversionId%3D13043044%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP/1.1Host: www.linkedin.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeReferer: https://www.cloudflare.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: li_sugr=50e59281-7f43-44f9-bb74-fdce41ae990a; bcookie="v=2&90eef08f-367a-4553-83f5-62d1c1745a62"; lidc="b=TGST03:s=T:r=T:a=T:p=T:g=3447:u=1:x=1:i=1741855358:t=1741941758:v=2:sig=AQEJgvf7R5lRYgyvYqCQjRZgjWz3m8fE"; UserMatchHistory=AQIy7vg2a_6kigAAAZWOq4jI12KxsHgbs3HC8sa-v6cbcxCT2thXJcXHPeuTgiFdxhFKXUT61mawkw; AnalyticsSyncHistory=AQKSQ1V11o64fAAAAZWOq4jIxfIx0ki2jUqcktVngP3Dc62MckRxyoRGlJVjWBVFTO8Mb1maCj4-AVpfh6Emzg
Source: global traffic	HTTP traffic detected: GET /sl.js HTTP/1.1Host: scout-cdn.salesloft.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://www.cloudflare.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /li.lms-analytics/insight.min.js HTTP/1.1Host: snap.licdn.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://www.cloudflare.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /munchkin-beta.js HTTP/1.1Host: munchkin.marketo.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://www.cloudflare.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /uwt.js HTTP/1.1Host: static.ads-twitter.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://www.cloudflare.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /collect/?fmt=js&v=2&url=https%3A%2F%2Fwww.cloudflare.com%2Flearning%2Faccess-management%2Fphishing-attack%2F&time=1741855354011&pid=28851&conversionId=13043044&cookiesTest=true&liSync=true HTTP/1.1Host: px.ads.linkedin.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeReferer: https://www.cloudflare.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: li_sugr=50e59281-7f43-44f9-bb74-fdce41ae990a; bcookie="v=2&90eef08f-367a-4553-83f5-62d1c1745a62"; lidc="b=TGST03:s=T:r=T:a=T:p=T:g=3447:u=1:x=1:i=1741855358:t=1741941758:v=2:sig=AQEJgvf7R5lRYgyvYqCQjRZgjWz3m8fE"; UserMatchHistory=AQIy7vg2a_6kigAAAZWOq4jI12KxsHgbs3HC8sa-v6cbcxCT2thXJcXHPeuTgiFdxhFKXUT61mawkw; AnalyticsSyncHistory=AQKSQ1V11o64fAAAAZWOq4jIxfIx0ki2jUqcktVngP3Dc62MckRxyoRGlJVjWBVFTO8Mb1maCj4-AVpfh6Emzg
Source: global traffic	HTTP traffic detected: GET /r?tid=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0IjoxMDkyNjh9.dguW7jthV1Y1wgRcAJfVrR_xsANK7zX9ZiD1wf0suvY HTTP/1.1Host: scout.salesloft.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Origin: https://www.cloudflare.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeReferer: https://www.cloudflare.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripts/bizible.js HTTP/1.1Host: cdn.bizible.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://www.cloudflare.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /attribution_trigger?pid=28851&time=1741855365451&url=https%3A%2F%2Fwww.cloudflare.com%2Flearning%2Faccess-management%2Fphishing-attack%2F HTTP/1.1Host: px.ads.linkedin.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: *sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Origin: https://www.cloudflare.comAttribution-Reporting-Eligible: trigger;navigation-sourceAttribution-Reporting-Support: webSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.cloudflare.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /i HTTP/1.1Host: scout.salesloft.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Origin: https://www.cloudflare.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeReferer: https://www.cloudflare.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /r?tid=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0IjoxMDkyNjh9.dguW7jthV1Y1wgRcAJfVrR_xsANK7zX9ZiD1wf0suvY HTTP/1.1Host: scout.salesloft.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /s/sync?exc=lr HTTP/1.1Host: s.company-target.comConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeSec-Fetch-Storage-Access: activeReferer: https://www.cloudflare.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /collect/?fmt=js&v=2&url=https%3A%2F%2Fwww.cloudflare.com%2Flearning%2Faccess-management%2Fphishing-attack%2F&time=1741855354011&pid=28851&conversionId=13043044&cookiesTest=true&liSync=true HTTP/1.1Host: px.ads.linkedin.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: li_sugr=50e59281-7f43-44f9-bb74-fdce41ae990a; bcookie="v=2&90eef08f-367a-4553-83f5-62d1c1745a62"; lidc="b=TGST03:s=T:r=T:a=T:p=T:g=3447:u=1:x=1:i=1741855358:t=1741941758:v=2:sig=AQEJgvf7R5lRYgyvYqCQjRZgjWz3m8fE"; UserMatchHistory=AQIy7vg2a_6kigAAAZWOq4jI12KxsHgbs3HC8sa-v6cbcxCT2thXJcXHPeuTgiFdxhFKXUT61mawkw; AnalyticsSyncHistory=AQKSQ1V11o64fAAAAZWOq4jIxfIx0ki2jUqcktVngP3Dc62MckRxyoRGlJVjWBVFTO8Mb1maCj4-AVpfh6Emzg
Source: global traffic	HTTP traffic detected: GET /f597f8065f97/065ba81630d7/6d3ddf5fffa8/RC55904e5e1abc4d38a5f1ac3dea0edaab-source.min.js HTTP/1.1Host: assets.adobedtm.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://www.cloudflare.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cm/dd?d_uuid=08700791949728329443240204663158695316 HTTP/1.1Host: cm.everesttech.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://www.cloudflare.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /attribution_trigger?pid=28851&time=1741855365451&url=https%3A%2F%2Fwww.cloudflare.com%2Flearning%2Faccess-management%2Fphishing-attack%2F HTTP/1.1Host: px.ads.linkedin.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: li_sugr=50e59281-7f43-44f9-bb74-fdce41ae990a; bcookie="v=2&90eef08f-367a-4553-83f5-62d1c1745a62"; lidc="b=TGST03:s=T:r=T:a=T:p=T:g=3447:u=1:x=1:i=1741855358:t=1741941758:v=2:sig=AQEJgvf7R5lRYgyvYqCQjRZgjWz3m8fE"; UserMatchHistory=AQIy7vg2a_6kigAAAZWOq4jI12KxsHgbs3HC8sa-v6cbcxCT2thXJcXHPeuTgiFdxhFKXUT61mawkw; AnalyticsSyncHistory=AQKSQ1V11o64fAAAAZWOq4jIxfIx0ki2jUqcktVngP3Dc62MckRxyoRGlJVjWBVFTO8Mb1maCj4-AVpfh6Emzg
Source: global traffic	HTTP traffic detected: GET /f597f8065f97/065ba81630d7/6d3ddf5fffa8/RC392ad6d4bbf94c7283b4eda6cbf689a0-source.min.js HTTP/1.1Host: assets.adobedtm.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://www.cloudflare.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /i HTTP/1.1Host: scout.salesloft.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sync?UIDM=7710d23f-1199-4276-ac6a-0ed3f8c4d1ca HTTP/1.1Host: partners.tremorhub.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=411&dpuuid=Z9KaigAAAEnIYwO- HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://www.cloudflare.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: demdex=08700791949728329443240204663158695316
Source: global traffic	HTTP traffic detected: GET /tap.php?nid=5578&put=7710d23f-1199-4276-ac6a-0ed3f8c4d1ca&v=1181926 HTTP/1.1Host: pixel.rubiconproject.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /164/munchkin.js HTTP/1.1Host: munchkin.marketo.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://www.cloudflare.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sync?UIDM=7710d23f-1199-4276-ac6a-0ed3f8c4d1ca HTTP/1.1Host: partners.tremorhub.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: tvid=ca0c2d06991e4012845e4e0d0b0cbe9f; tv_UIDM=7710d23f-1199-4276-ac6a-0ed3f8c4d1ca
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=411&dpuuid=Z9KaigAAAEnIYwO- HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: demdex=08700791949728329443240204663158695316; dpm=08700791949728329443240204663158695316
Source: global traffic	HTTP traffic detected: GET /tap.php?nid=5578&put=7710d23f-1199-4276-ac6a-0ed3f8c4d1ca&v=1181926 HTTP/1.1Host: pixel.rubiconproject.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: khaos=M873PRZH-K-4IYO; audit=1\|ro67tdqMeTveVkad+Vb1x+UH5VvgJmjiE/My6+wHvxwu7ZTtXHzuZw7J8Tfv7lgPvQrimP+sswuM1KxoLazIt5mwZQnb46mpTnZ8zABSQfp6oVQNrtwq9YTfQp8QH2+/fgEGahiUL/kNNsZ9Sxl4qSHXwWCNNcnncmESKmf2cwrTmoFL5pKQsaZr5ZVxLWDe
Source: global traffic	HTTP traffic detected: GET /static/z/t HTTP/1.1Host: www.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _cfms_willow=enable; _lr_hb_-ykolez%2Fcloudflarecom={%22heartbeat%22:1741855348637}; _lr_uf_-ykolez=6e54c726-aa98-444e-bfa1-db8d674aaf99; cfz_facebook-pixel=%7B%22OwdI_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1658193088%22%2C%22e%22%3A1773391354011%7D%2C%22VVgx_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1993518844%22%2C%22e%22%3A1773391354011%7D%2C%22bHox_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1485756976%22%2C%22e%22%3A1773391354011%7D%2C%22elKW_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1558078048%22%2C%22e%22%3A1773391354011%7D%7D; cfz_reddit=%7B%22fZaD_reddit_uuid%22%3A%7B%22v%22%3A%221741855354011.8599f7ff-b0ec-462a-acb2-fafef2230bc5%22%2C%22e%22%3A1773391354011%7D%7D; AMCVS_8AD56F28618A50850A495FB6%40AdobeOrg=1; kndctr_8AD56F28618A50850A495FB6_AdobeOrg_identity=CiYwNTY0MjAzMjc3NzkwMjg4NTIyMjgyMzk4OTQ3ODI0NTE1MzcxMFIRCIKDrvXYMhgBKgRJUkwxMAPwAYKDrvXYMg==; kndctr_8AD56F28618A50850A495FB6_AdobeOrg_cluster=irl1; slireg=https://scout.us4.salesloft.com; _biz_uid=c6818a2111814449f72993c4a3476ef8; _biz_nA=2; _biz_pendingA=%5B%22ipv%3F_biz_r%3Dhttps%253A%252F%252Fcase-id-1000228223704.counselschambers.co.uk%252F%26_biz_h%3D-1777624096%26_biz_u%3Dc6818a2111814449f72993c4a3476ef8%26_biz_l%3Dhttps%253A%252F%252Fwww.cloudflare.com%252Flearning%252Faccess-management%252Fphishing-attack%252F%26_biz_t%3D1741855367551%26_biz_i%3DWhat%2520is%2520a%2520phishing%2520attack%253F%2520%257C%2520Cloudflare%26_biz_n%3D0%26rnd%3D79654%22%2C%22u%3FmapType%3Decid%26mapValue%3D8AD56F28618A50850A495FB6%2540AdobeOrg_05642032777902885222823989478245153710%26_biz_u%3Dc6818a2111814449f72993c4a3476ef8%26_biz_l%3Dhttps%253A%252F%252Fwww.cloudflare.com%252Flearning%252Faccess-management%252Fphishing-attack%252F%26_biz_t%3D1741855367558%26_biz_i%3DWhat%2520is%2520a%2520phishing%2520attack%253F%2520%257C%2520Cloudflare%26_biz_n%3D1%26rnd%3D78974%22%5D; _biz_flagsA=%7B%22Version%22%3A1%2C%22Ecid%22%3A%22-301400296%22%7D; sliguid=59a687bd-d890-4353-9f6d-c64e53f3fd6a; slirequested=true; __q_state_37pXYrro6wCZbsU7=eyJ1dWlkIjoiZjRiMjIwOTgtODkwNC00YmNlLTgwZDItNWViZDM3Mzg2ZjU5IiwiY29va2llRG9tYWluIjoiY2xvdWRmbGFyZS5jb20ifQ==; _lr_tabs_-ykolez%2Fcloudflarecom={%22recordingID%22:%226-01958eab-4e9c-753e-a790-1e79c86da389%22%2C%22sessionID%22:0%2C%22lastActivity%22:1741855373044%2C%22hasActivity%22:true%2C%22recordingConditionThreshold%22:6.976063766181562}; AMCV_8AD56F28618A50850A495FB6%40AdobeOrg=179643557%7CMCIDTS%7C20161%7CMCMID%7C05642032777902885222823989478245153710%7CMCAAMLH-1742460156%7C6%7CMCAAMB-1742460156%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7
Source: global traffic	HTTP traffic detected: GET /collect?v=2&fmt=js&pid=28851&time=1741855365451&li_adsId=0d119822-40c7-45d2-8b87-39913f3f9312&url=https%3A%2F%2Fwww.cloudflare.com%2Flearning%2Faccess-management%2Fphishing-attack%2F HTTP/1.1Host: px.ads.linkedin.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://www.cloudflare.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: li_sugr=50e59281-7f43-44f9-bb74-fdce41ae990a; bcookie="v=2&90eef08f-367a-4553-83f5-62d1c1745a62"; lidc="b=TGST03:s=T:r=T:a=T:p=T:g=3447:u=1:x=1:i=1741855358:t=1741941758:v=2:sig=AQEJgvf7R5lRYgyvYqCQjRZgjWz3m8fE"; UserMatchHistory=AQIy7vg2a_6kigAAAZWOq4jI12KxsHgbs3HC8sa-v6cbcxCT2thXJcXHPeuTgiFdxhFKXUT61mawkw; AnalyticsSyncHistory=AQKSQ1V11o64fAAAAZWOq4jIxfIx0ki2jUqcktVngP3Dc62MckRxyoRGlJVjWBVFTO8Mb1maCj4-AVpfh6Emzg; ar_debug=1
Source: global traffic	HTTP traffic detected: GET /ipv?_biz_r=https%3A%2F%2Fcase-id-1000228223704.counselschambers.co.uk%2F&_biz_h=-1777624096&_biz_u=c6818a2111814449f72993c4a3476ef8&_biz_l=https%3A%2F%2Fwww.cloudflare.com%2Flearning%2Faccess-management%2Fphishing-attack%2F&_biz_t=1741855367551&_biz_i=What%20is%20a%20phishing%20attack%3F%20%7C%20Cloudflare&_biz_n=0&rnd=79654&cdn_o=a&_biz_z=1741855367553 HTTP/1.1Host: cdn.bizible.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://www.cloudflare.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /464526.gif HTTP/1.1Host: id.rlcdn.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://www.cloudflare.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcvCGSWDtdcXZIVIOPKiiBgdrIcnUCBSueMJKW1qlEE7TI-1741855351-1.3.1.1-Bg36sU4MslyTDYBtb72CbuDFZgxXoMH9aQunoXaaoUA/3hpyo/0x4AAAAAAAnv2jFa1hO0Znbl/light/fbE/failure_retry/normal/auto/ HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.cloudflare.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: cfz_facebook-pixel=%7B%22OwdI_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1658193088%22%2C%22e%22%3A1773391354011%7D%2C%22VVgx_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1993518844%22%2C%22e%22%3A1773391354011%7D%2C%22bHox_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1485756976%22%2C%22e%22%3A1773391354011%7D%2C%22elKW_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1558078048%22%2C%22e%22%3A1773391354011%7D%7D; cfz_reddit=%7B%22fZaD_reddit_uuid%22%3A%7B%22v%22%3A%221741855354011.8599f7ff-b0ec-462a-acb2-fafef2230bc5%22%2C%22e%22%3A1773391354011%7D%7D; AMCVS_8AD56F28618A50850A495FB6%40AdobeOrg=1; kndctr_8AD56F28618A50850A495FB6_AdobeOrg_identity=CiYwNTY0MjAzMjc3NzkwMjg4NTIyMjgyMzk4OTQ3ODI0NTE1MzcxMFIRCIKDrvXYMhgBKgRJUkwxMAPwAYKDrvXYMg==; kndctr_8AD56F28618A50850A495FB6_AdobeOrg_cluster=irl1; _biz_uid=c6818a2111814449f72993c4a3476ef8; AMCV_8AD56F28618A50850A495FB6%40AdobeOrg=179643557%7CMCIDTS%7C20161%7CMCMID%7C05642032777902885222823989478245153710%7CMCAAMLH-1742460156%7C6%7CMCAAMB-1742460156%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1741862556s%7CNONE%7CMCSYNCSOP%7C411-20168%7CvVersion%7C5.5.0; _mkto_trk=id:713-XSC-918&token:_mch-cloudflare.com-16cf1d72bfff4c0d587263a2ce22b58b; _biz_nA=3; _biz_pendingA=%5B%22ipv%3F_biz_r%3Dhttps%253A%252F%252Fcase-id-1000228223704.counselschambers.co.uk%252F%26_biz_h%3D-1777624096%26_biz_u%3Dc6818a2111814449f72993c4a3476ef8%26_biz_l%3Dhttps%253A%252F%252Fwww.cloudflare.com%252Flearning%252Faccess-management%252Fphishing-attack%252F%26_biz_t%3D1741855367551%26_biz_i%3DWhat%2520is%2520a%2520phishing%2520attack%253F%2520%257C%2520Cloudflare%26_biz_n%3D0%26rnd%3D79654%22%2C%22u%3FmapType%3Decid%26mapValue%3D8AD56F28618A50850A495FB6%2540AdobeOrg_05642032777902885222823989478245153710%26_biz_u%3Dc6818a2111814449f72993c4a3476ef8%26_biz_l%3Dhttps%253A%252F%252Fwww.cloudflare.com%252Flearning%252Faccess-management%252Fphishing-attack%252F%26_biz_t%3D1741855367558%26_biz_i%3DWhat%2520is%2520a%2520phishing%2520attack%253F%2520%257C%2520Cloudflare%26_biz_n%3D1%26rnd%3D7897
Source: global traffic	HTTP traffic detected: GET /collect?v=2&fmt=js&pid=28851&time=1741855365451&li_adsId=0d119822-40c7-45d2-8b87-39913f3f9312&url=https%3A%2F%2Fwww.cloudflare.com%2Flearning%2Faccess-management%2Fphishing-attack%2F HTTP/1.1Host: px.ads.linkedin.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: li_sugr=50e59281-7f43-44f9-bb74-fdce41ae990a; bcookie="v=2&90eef08f-367a-4553-83f5-62d1c1745a62"; lidc="b=TGST03:s=T:r=T:a=T:p=T:g=3447:u=1:x=1:i=1741855358:t=1741941758:v=2:sig=AQEJgvf7R5lRYgyvYqCQjRZgjWz3m8fE"; UserMatchHistory=AQIy7vg2a_6kigAAAZWOq4jI12KxsHgbs3HC8sa-v6cbcxCT2thXJcXHPeuTgiFdxhFKXUT61mawkw; AnalyticsSyncHistory=AQKSQ1V11o64fAAAAZWOq4jIxfIx0ki2jUqcktVngP3Dc62MckRxyoRGlJVjWBVFTO8Mb1maCj4-AVpfh6Emzg; ar_debug=1
Source: global traffic	HTTP traffic detected: GET /ipv?_biz_r=https%3A%2F%2Fcase-id-1000228223704.counselschambers.co.uk%2F&_biz_h=-1777624096&_biz_u=c6818a2111814449f72993c4a3476ef8&_biz_l=https%3A%2F%2Fwww.cloudflare.com%2Flearning%2Faccess-management%2Fphishing-attack%2F&_biz_t=1741855367551&_biz_i=What%20is%20a%20phishing%20attack%3F%20%7C%20Cloudflare&_biz_n=0&rnd=79654&cdn_o=a&_biz_z=1741855367553 HTTP/1.1Host: cdn.bizible.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _BUID=c6818a2111814449f72993c4a3476ef8
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=91fa3dc9ff6662d6&lang=auto HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcvCGSWDtdcXZIVIOPKiiBgdrIcnUCBSueMJKW1qlEE7TI-1741855351-1.3.1.1-Bg36sU4MslyTDYBtb72CbuDFZgxXoMH9aQunoXaaoUA/3hpyo/0x4AAAAAAAnv2jFa1hO0Znbl/light/fbE/failure_retry/normal/auto/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: cfz_facebook-pixel=%7B%22OwdI_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1658193088%22%2C%22e%22%3A1773391354011%7D%2C%22VVgx_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1993518844%22%2C%22e%22%3A1773391354011%7D%2C%22bHox_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1485756976%22%2C%22e%22%3A1773391354011%7D%2C%22elKW_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1558078048%22%2C%22e%22%3A1773391354011%7D%7D; cfz_reddit=%7B%22fZaD_reddit_uuid%22%3A%7B%22v%22%3A%221741855354011.8599f7ff-b0ec-462a-acb2-fafef2230bc5%22%2C%22e%22%3A1773391354011%7D%7D; AMCVS_8AD56F28618A50850A495FB6%40AdobeOrg=1; kndctr_8AD56F28618A50850A495FB6_AdobeOrg_identity=CiYwNTY0MjAzMjc3NzkwMjg4NTIyMjgyMzk4OTQ3ODI0NTE1MzcxMFIRCIKDrvXYMhgBKgRJUkwxMAPwAYKDrvXYMg==; kndctr_8AD56F28618A50850A495FB6_AdobeOrg_cluster=irl1; _biz_uid=c6818a2111814449f72993c4a3476ef8; AMCV_8AD56F28618A50850A495FB6%40AdobeOrg=179643557%7CMCIDTS%7C20161%7CMCMID%7C05642032777902885222823989478245153710%7CMCAAMLH-1742460156%7C6%7CMCAAMB-1742460156%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1741862556s%7CNONE%7CMCSYNCSOP%7C411-20168%7CvVersion%7C5.5.0; _mkto_trk=id:713-XSC-918&token:_mch-cloudflare.com-16cf1d72bfff4c0d587263a2ce22b58b; _biz_nA=3; _biz_pendingA=%5B%22ipv%3F_biz_r%3Dhttps%253A%252F%252Fcase-id-1000228223704.counselschambers.co.uk%252F%26_biz_h%3D-1777624096%26_biz_u%3Dc6818a2111814449f72993c4a3476ef8%26_biz_l%3Dhttps%253A%252F%252Fwww.cloudflare.com%252Flearning%252Faccess-management%252Fphishing-attack%252F%26_biz_t%3D1741855367551%26_biz_i%3DWhat%2520is%2520a%2520phishing%2520attack%253F%2520%257C%2520Cloudflare%26_biz_n%3D0%26rnd%3D79654%22%2C%22u%3FmapType%3Decid%26mapValue%3D8AD56F28618A50850A495FB6%2540AdobeOrg_05642032777902885222823989478245153710%26_biz_u%3Dc6818a2111814449f72993c4a3476ef8%26_biz_l%3Dhttps%253A%252F%252Fwww.cloudflare.com%252Flearning%252Faccess-management%252Fphishing-attack%252F%26_biz_t%3D1741855367558%26_biz_i%3DWhat%2520is%2520a%2520phishing%2520attack%253F%2520%257C%2520Cloudflare%26_biz_n%3D1%26rnd%3D78974%22%2C%22u%3FmapType%3Dmkto%26mapValue%3Did%253A713-XSC-918%2526token
Source: global traffic	HTTP traffic detected: GET /static/z/t HTTP/1.1Host: www.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _cfms_willow=enable; _lr_hb_-ykolez%2Fcloudflarecom={%22heartbeat%22:1741855348637}; _lr_uf_-ykolez=6e54c726-aa98-444e-bfa1-db8d674aaf99; cfz_facebook-pixel=%7B%22OwdI_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1658193088%22%2C%22e%22%3A1773391354011%7D%2C%22VVgx_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1993518844%22%2C%22e%22%3A1773391354011%7D%2C%22bHox_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1485756976%22%2C%22e%22%3A1773391354011%7D%2C%22elKW_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1558078048%22%2C%22e%22%3A1773391354011%7D%7D; cfz_reddit=%7B%22fZaD_reddit_uuid%22%3A%7B%22v%22%3A%221741855354011.8599f7ff-b0ec-462a-acb2-fafef2230bc5%22%2C%22e%22%3A1773391354011%7D%7D; AMCVS_8AD56F28618A50850A495FB6%40AdobeOrg=1; kndctr_8AD56F28618A50850A495FB6_AdobeOrg_identity=CiYwNTY0MjAzMjc3NzkwMjg4NTIyMjgyMzk4OTQ3ODI0NTE1MzcxMFIRCIKDrvXYMhgBKgRJUkwxMAPwAYKDrvXYMg==; kndctr_8AD56F28618A50850A495FB6_AdobeOrg_cluster=irl1; slireg=https://scout.us4.salesloft.com; _biz_uid=c6818a2111814449f72993c4a3476ef8; sliguid=59a687bd-d890-4353-9f6d-c64e53f3fd6a; slirequested=true; AMCV_8AD56F28618A50850A495FB6%40AdobeOrg=179643557%7CMCIDTS%7C20161%7CMCMID%7C05642032777902885222823989478245153710%7CMCAAMLH-1742460156%7C6%7CMCAAMB-1742460156%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1741862556s%7CNONE%7CMCSYNCSOP%7C411-20168%7CvVersion%7C5.5.0; _mkto_trk=id:713-XSC-918&token:_mch-cloudflare.com-16cf1d72bfff4c0d587263a2ce22b58b; __cf_bm=p8U1g3XRN5plcF7vxd0vP8K09xIl099fuaS.2vzkm5o-1741855374-1.0.1.1-03boDSgrQLvfvSIxvshd74aTQSpGpwzcoHbNZN6xgsHhmAoNPf5YJJaEfSZcaCMaPchIz4g_SrQoxCcg0Mg3Lr7IYK49eEU08KgqhzCV.g.joZyHjFeLGKFKOd7WUPrn; _biz_nA=3; _biz_pendingA=%5B%22ipv%3F_biz_r%3Dhttps%253A%252F%252Fcase-id-1000228223704.counselschambers.co.uk%252F%26_biz_h%3D-1777624096%26_biz_u%3Dc6818a2111814449f72993c4a3476ef8%26_biz_l%3Dhttps%253A%252F%252Fwww.cloudflare.com%252Flearning%252Faccess-management%252Fphishing-attack%252F%26_biz_t%3D1741855367551%26_biz_i%3DWhat%2520is%2520a%2520phishing%2520attack%253F%2520%257C%2520Cloudflare%26_biz_n%3D0%26rnd%3D79654%22%2C%22u%3FmapType%3Decid%26mapValue%3D8AD56F28618A50850A495FB6%2540AdobeOrg_05642032777902885222823989478245153710%26_biz_u%3Dc6818a2111814449f72993c4a3476ef8%26_biz_l%3Dhttps%253A%252F%252Fwww.cloudflare.com%252Flearning%252Faccess-management%252Fphishing-attack%252F%26_biz_t%3D1741855367558%26_biz_i%3DWhat%2520is%2520a%2520phishing%2520attack%253F%2520%257C%2520Cloudflare%26_biz_n%3D1%26rnd%3D78974%22%2C%22u%3FmapType%3Dmkto%26mapValue%3Did%253A713-XSC-918%2526token%253A_mch-cloudflar
Source: global traffic	HTTP traffic detected: GET /ipv?_biz_r=https%3A%2F%2Fcase-id-1000228223704.counselschambers.co.uk%2F&_biz_h=-1777624096&_biz_u=c6818a2111814449f72993c4a3476ef8&_biz_l=https%3A%2F%2Fwww.cloudflare.com%2Flearning%2Faccess-management%2Fphishing-attack%2F&_biz_t=1741855367551&_biz_i=What%20is%20a%20phishing%20attack%3F%20%7C%20Cloudflare&_biz_n=0&rnd=79654&cdn_o=a&_biz_z=1741855370560 HTTP/1.1Host: cdn.bizible.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://www.cloudflare.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _BUID=c6818a2111814449f72993c4a3476ef8
Source: global traffic	HTTP traffic detected: GET /collect/?fmt=js&v=2&url=https%3A%2F%2Fwww.cloudflare.com%2Flearning%2Faccess-management%2Fphishing-attack%2F&time=1741855387773&pid=28851&conversionId=20071137 HTTP/1.1Host: px.ads.linkedin.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeReferer: https://www.cloudflare.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: li_sugr=50e59281-7f43-44f9-bb74-fdce41ae990a; bcookie="v=2&90eef08f-367a-4553-83f5-62d1c1745a62"; lidc="b=TGST03:s=T:r=T:a=T:p=T:g=3447:u=1:x=1:i=1741855358:t=1741941758:v=2:sig=AQEJgvf7R5lRYgyvYqCQjRZgjWz3m8fE"; UserMatchHistory=AQIy7vg2a_6kigAAAZWOq4jI12KxsHgbs3HC8sa-v6cbcxCT2thXJcXHPeuTgiFdxhFKXUT61mawkw; AnalyticsSyncHistory=AQKSQ1V11o64fAAAAZWOq4jIxfIx0ki2jUqcktVngP3Dc62MckRxyoRGlJVjWBVFTO8Mb1maCj4-AVpfh6Emzg; ar_debug=1
Source: global traffic	HTTP traffic detected: GET /i?a=ykolez%2Fcloudflarecom&r=6-01958eab-4e9c-753e-a790-1e79c86da389&t=81ad2603-0910-4ac1-8556-51977cbf7b20&s=0&rs=0%2Ct&ct=6.976063766181562 HTTP/1.1Host: r.logr-ingest.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ipv?_biz_r=https%3A%2F%2Fcase-id-1000228223704.counselschambers.co.uk%2F&_biz_h=-1777624096&_biz_u=c6818a2111814449f72993c4a3476ef8&_biz_l=https%3A%2F%2Fwww.cloudflare.com%2Flearning%2Faccess-management%2Fphishing-attack%2F&_biz_t=1741855367551&_biz_i=What%20is%20a%20phishing%20attack%3F%20%7C%20Cloudflare&_biz_n=0&rnd=79654&cdn_o=a&_biz_z=1741855373569 HTTP/1.1Host: cdn.bizible.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://www.cloudflare.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _BUID=c6818a2111814449f72993c4a3476ef8
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/flow/ov1/1623600856:1741854404:M7KpCmSbWHDZpjbLRwsh69gZF1PEsq0IKE7m8p2GqXo/91fa3dc9ff6662d6/ZpxXGD6n3Z5sd33GEOMVkWohhKCd.Kx_wALJwVJEEWA-1741855382-1.1.1.1-lKvf0X7xmgAzcLkcyoC6G9pX3KHBUkYmhqK5S69eutJ0m.C0wA76wXWAVsPj9T5A HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: cfz_facebook-pixel=%7B%22OwdI_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1658193088%22%2C%22e%22%3A1773391354011%7D%2C%22VVgx_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1993518844%22%2C%22e%22%3A1773391354011%7D%2C%22bHox_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1485756976%22%2C%22e%22%3A1773391354011%7D%2C%22elKW_fb-pixel%22%3A%7B%22v%22%3A%22fb.2.1741855354011.1558078048%22%2C%22e%22%3A1773391354011%7D%7D; cfz_reddit=%7B%22fZaD_reddit_uuid%22%3A%7B%22v%22%3A%221741855354011.8599f7ff-b0ec-462a-acb2-fafef2230bc5%22%2C%22e%22%3A1773391354011%7D%7D; AMCVS_8AD56F28618A50850A495FB6%40AdobeOrg=1; kndctr_8AD56F28618A50850A495FB6_AdobeOrg_identity=CiYwNTY0MjAzMjc3NzkwMjg4NTIyMjgyMzk4OTQ3ODI0NTE1MzcxMFIRCIKDrvXYMhgBKgRJUkwxMAPwAYKDrvXYMg==; kndctr_8AD56F28618A50850A495FB6_AdobeOrg_cluster=irl1; _biz_uid=c6818a2111814449f72993c4a3476ef8; AMCV_8AD56F28618A50850A495FB6%40AdobeOrg=179643557%7CMCIDTS%7C20161%7CMCMID%7C05642032777902885222823989478245153710%7CMCAAMLH-1742460156%7C6%7CMCAAMB-1742460156%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1741862556s%7CNONE%7CMCSYNCSOP%7C411-20168%7CvVersion%7C5.5.0; _mkto_trk=id:713-XSC-918&token:_mch-cloudflare.com-16cf1d72bfff4c0d587263a2ce22b58b; _biz_nA=3; _biz_pendingA=%5B%22ipv%3F_biz_r%3Dhttps%253A%252F%252Fcase-id-1000228223704.counselschambers.co.uk%252F%26_biz_h%3D-1777624096%26_biz_u%3Dc6818a2111814449f72993c4a3476ef8%26_biz_l%3Dhttps%253A%252F%252Fwww.cloudflare.com%252Flearning%252Faccess-management%252Fphishing-attack%252F%26_biz_t%3D1741855367551%26_biz_i%3DWhat%2520is%2520a%2520phishing%2520attack%253F%2520%257C%2520Cloudflare%26_biz_n%3D0%26rnd%3D79654%22%2C%22u%3FmapType%3Decid%26mapValue%3D8AD56F28618A50850A495FB6%2540AdobeOrg_05642032777902885222823989478245153710%26_biz_u%3Dc6818a2111814449f72993c4a3476ef8%26_biz_l%3Dhttps%253A%252F%252Fwww.cloudflare.com%252Flearning%252Faccess-management%252Fphishing-attack%252F%26_biz_t%3D1741855367558%26_biz_i%3DWhat%2520is%2520a%2520phishing%2520attack%253F%2520%257C%2520Cloudflare%26_biz_n%3D1%26rnd%3D78974%22%2C%22u%3FmapType%3Dmkto%26mapValue%3Did%253A713-XSC-918%2526token%253A_mch-cloudflare.com-16cf1d72bfff4c0d587263a2ce22b58b%26_biz_u%3Dc6818a2111814449f72993c4a3476ef8%26_biz_l%3Dhttps%253A%252F%252Fwww.cloudflare.com%252Flearning%252Faccess-management%252Fphishing-attack%252F%26_b
Source: global traffic	HTTP traffic detected: GET /ipv?_biz_r=https%3A%2F%2Fcase-id-1000228223704.counselschambers.co.uk%2F&_biz_h=-1777624096&_biz_u=c6818a2111814449f72993c4a3476ef8&_biz_l=https%3A%2F%2Fwww.cloudflare.com%2Flearning%2Faccess-management%2Fphishing-attack%2F&_biz_t=1741855367551&_biz_i=What%20is%20a%20phishing%20attack%3F%20%7C%20Cloudflare&_biz_n=0&rnd=79654&cdn_o=a&_biz_z=1741855370560 HTTP/1.1Host: cdn.bizible.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: _BUID=c6818a2111814449f72993c4a3476ef8

Source: chromecache_165.3.dr	String found in binary or memory: -->`;document.body.appendChild(d);};{\n!function(e,t,n,s,u,a){e.twq\|\|(s=e.twq=function(){s.exe?s.exe.apply(s,arguments):s.queue.push(arguments);\n},s.version='1.1',s.queue=[],u=t.createElement(n),u.async=!0,u.src='https://static.ads-twitter.com/uwt.js',\na=t.getElementsByTagName(n)[0],a.parentNode.insertBefore(u,a))}(window,document,'script');\n// Insert Twitter Advertiser ID\ntwq('config','nvldc', {\n restricted_data_use: 'restrict_optimization' // or 'off'\n});\n};{const d = document.createElement('div');d.innerHTML = ``;document.body.appendChild(d);};{\n(function() {\n var didInit = false;\n function initMunchkin() {\n if(didInit === false) {\n didInit = true;\n Munchkin.init('713-XSC-918');\n }\n }\n var s = document.createElement('script');\n s.type = 'text/javascript';\n s.async = true;\n s.src = '//munchkin.marketo.net/munchkin-beta.js';\n s.onreadystatechange = function() {\n if (this.readyState == 'complete' \|\| this.readyState == 'loaded') {\n initMunchkin();\n }\n };\n s.onload = initMunchkin;\n document.getElementsByTagName('head')[0].appendChild(s);\n})();\n};{const d = document.createElement('div');d.innerHTML = ``;document.body.appendChild(d);};{const el = document.createElement('script');Object.entries(JSON.parse(decodeURIComponent(`%7B%22type%22%3A%22text%2Fjavascript%22%2C%22src%22%3A%22https%3A%2F%2Fcdn.bizible.com%2Fscripts%2Fbizible.js%22%2C%22async%22%3A%22%22%2C%22onload%22%3A%22%7Bdocument.dispatchEvent(new%20Event(%5C%22loaded-e7aa9138-8236-41e7-8838-ded5105dd364%5C%22))%7D%22%2C%22order-id%22%3A%22e7aa9138-8236-41e7-8838-ded5105dd364%22%7D`))).forEach(([k, v]) => {el.setAttribute(k, v);});document.head.appendChild(el);};{const d = document.createElement('div');d.innerHTML = `<!-- Qualified -->\n\n\n<!-- End Qualified -->`;document.body.appendChild(d);};{\n(function(w,q){w['QualifiedObject']=q;w[q]=w[q]\|\|function(){\n(w[q].q=w[q].q\|\|[]).push(arguments)};})(window,'qualified')\n\n};{const el = document.createElement('script');Object.entries(JSON.parse(decodeURIComponent(`%7B%22async%22%3A%22%22%2C%22src%22%3A%22https%3A%2F%2Fjs.qualified.com%2Fqualified.js%3Ftoken%3D37pXYrro6wCZbsU7%22%2C%22onload%22%3A%22%7Bdocument.dispatchEvent(new%20Event(%5C%22loaded-df3e9ee1-1b87-4188-817d-0fe6033c7e9f%5C%22))%7D%22%2C%22order-id%22%3A%22df3e9ee1-1b87-4188-817d-0fe6033c7e9f%22%7D`))).forEach(([k, v]) => {el.setAttribute(k, v);});document.head.appendChild(el);}})(window,document)"],"f":[["https://px.ads.linkedin.com/collect/?fmt=js&v=2&url=https%3A%2F%2Fwww.cloudflare.com%2Flearning%2Faccess-management%2Fphishing-attack%2F&time=1741855354011&pid=28851&conversionId=13043044",{"credentials":"include","keepalive":true,"mode":"no-cors"}],["https://alb.reddit.com/rp.gif?event=PageVisit&id=t2_1upmecjq&ts=1741855354011&uuid=8599f7ff-b0ec-462a-acb2-fafef2230bc5&integration=reddit&opt_out=0&v=rdt_65e23bc4&sh=1024&sw=1280",{"mode":"no-cors","keepalive":true,"credentials":"include"}]]})})(window,document)}ca
Source: chromecache_165.3.dr	String found in binary or memory: -->`;document.body.appendChild(d);};{\n!function(e,t,n,s,u,a){e.twq\|\|(s=e.twq=function(){s.exe?s.exe.apply(s,arguments):s.queue.push(arguments);\n},s.version='1.1',s.queue=[],u=t.createElement(n),u.async=!0,u.src='https://static.ads-twitter.com/uwt.js',\na=t.getElementsByTagName(n)[0],a.parentNode.insertBefore(u,a))}(window,document,'script');\n// Insert Twitter Advertiser ID\ntwq('config','nvldc', {\n restricted_data_use: 'restrict_optimization' // or 'off'\n});\n};{const d = document.createElement('div');d.innerHTML = ``;document.body.appendChild(d);};{\n(function() {\n var didInit = false;\n function initMunchkin() {\n if(didInit === false) {\n didInit = true;\n Munchkin.init('713-XSC-918');\n }\n }\n var s = document.createElement('script');\n s.type = 'text/javascript';\n s.async = true;\n s.src = '//munchkin.marketo.net/munchkin-beta.js';\n s.onreadystatechange = function() {\n if (this.readyState == 'complete' \|\| this.readyState == 'loaded') {\n initMunchkin();\n }\n };\n s.onload = initMunchkin;\n document.getElementsByTagName('head')[0].appendChild(s);\n})();\n};{const d = document.createElement('div');d.innerHTML = ``;document.body.appendChild(d);};{const el = document.createElement('script');Object.entries(JSON.parse(decodeURIComponent(`%7B%22type%22%3A%22text%2Fjavascript%22%2C%22src%22%3A%22https%3A%2F%2Fcdn.bizible.com%2Fscripts%2Fbizible.js%22%2C%22async%22%3A%22%22%2C%22onload%22%3A%22%7Bdocument.dispatchEvent(new%20Event(%5C%22loaded-e7aa9138-8236-41e7-8838-ded5105dd364%5C%22))%7D%22%2C%22order-id%22%3A%22e7aa9138-8236-41e7-8838-ded5105dd364%22%7D`))).forEach(([k, v]) => {el.setAttribute(k, v);});document.head.appendChild(el);};{const d = document.createElement('div');d.innerHTML = `<!-- Qualified -->\n\n\n<!-- End Qualified -->`;document.body.appendChild(d);};{\n(function(w,q){w['QualifiedObject']=q;w[q]=w[q]\|\|function(){\n(w[q].q=w[q].q\|\|[]).push(arguments)};})(window,'qualified')\n\n};{const el = document.createElement('script');Object.entries(JSON.parse(decodeURIComponent(`%7B%22async%22%3A%22%22%2C%22src%22%3A%22https%3A%2F%2Fjs.qualified.com%2Fqualified.js%3Ftoken%3D37pXYrro6wCZbsU7%22%2C%22onload%22%3A%22%7Bdocument.dispatchEvent(new%20Event(%5C%22loaded-df3e9ee1-1b87-4188-817d-0fe6033c7e9f%5C%22))%7D%22%2C%22order-id%22%3A%22df3e9ee1-1b87-4188-817d-0fe6033c7e9f%22%7D`))).forEach(([k, v]) => {el.setAttribute(k, v);});document.head.appendChild(el);}})(window,document)"],"f":[["https://px.ads.linkedin.com/collect/?fmt=js&v=2&url=https%3A%2F%2Fwww.cloudflare.com%2Flearning%2Faccess-management%2Fphishing-attack%2F&time=1741855354011&pid=28851&conversionId=13043044",{"credentials":"include","keepalive":true,"mode":"no-cors"}],["https://alb.reddit.com/rp.gif?event=PageVisit&id=t2_1upmecjq&ts=1741855354011&uuid=8599f7ff-b0ec-462a-acb2-fafef2230bc5&integration=reddit&opt_out=0&v=rdt_65e23bc4&sh=1024&sw=1280",{"mode":"no-cors","keepalive":true,"credentials":"include"}]]})})(window,document)}ca
Source: chromecache_127.3.dr, chromecache_120.3.dr, chromecache_132.3.dr	String found in binary or memory: return f}CG.K="internal.enableAutoEventOnTimer";var cc=wa(["data-gtm-yt-inspected-"]),EG=["www.youtube.com","www.youtube-nocookie.com"],FG,GG=!1; equals www.youtube.com (Youtube)
Source: chromecache_120.3.dr	String found in binary or memory: var RF=function(a,b,c,d,e){var f=NC("fsl",c?"nv.mwt":"mwt",0),g;g=c?NC("fsl","nv.ids",[]):NC("fsl","ids",[]);if(!g.length)return!0;var k=SC(a,"gtm.formSubmit",g),m=a.action;m&&m.tagName&&(m=a.cloneNode(!1).action);Q(121);if(m==="https://www.facebook.com/tr/")return Q(122),!0;k["gtm.elementUrl"]=m;k["gtm.formCanceled"]=c;a.getAttribute("name")!=null&&(k["gtm.interactedFormName"]=a.getAttribute("name"));e&&(k["gtm.formSubmitElement"]=e,k["gtm.formSubmitElementText"]=e.value);if(d&&f){if(!AB(k,CB(b, equals www.facebook.com (Facebook)

Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: case-id-1000228223704.counselschambers.co.uk
Source: global traffic	DNS traffic detected: DNS query: a.nel.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: www.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: cf-assets.www.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: static.cloudflareinsights.com
Source: global traffic	DNS traffic detected: DNS query: performance.radar.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: challenges.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: ot.www.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: cdn.logr-ingest.com
Source: global traffic	DNS traffic detected: DNS query: assets.adobedtm.com
Source: global traffic	DNS traffic detected: DNS query: api.www.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: r.logr-ingest.com
Source: global traffic	DNS traffic detected: DNS query: dpm.demdex.net
Source: global traffic	DNS traffic detected: DNS query: px.ads.linkedin.com
Source: global traffic	DNS traffic detected: DNS query: alb.reddit.com
Source: global traffic	DNS traffic detected: DNS query: adobedc.demdex.net
Source: global traffic	DNS traffic detected: DNS query: cloudflareinc.demdex.net
Source: global traffic	DNS traffic detected: DNS query: di.rlcdn.com
Source: global traffic	DNS traffic detected: DNS query: edge.adobedc.net
Source: global traffic	DNS traffic detected: DNS query: www.linkedin.com
Source: global traffic	DNS traffic detected: DNS query: tag.demandbase.com
Source: global traffic	DNS traffic detected: DNS query: snap.licdn.com
Source: global traffic	DNS traffic detected: DNS query: scout-cdn.salesloft.com
Source: global traffic	DNS traffic detected: DNS query: static.ads-twitter.com
Source: global traffic	DNS traffic detected: DNS query: munchkin.marketo.net
Source: global traffic	DNS traffic detected: DNS query: cdn.bizible.com
Source: global traffic	DNS traffic detected: DNS query: scout.salesloft.com
Source: global traffic	DNS traffic detected: DNS query: js.qualified.com
Source: global traffic	DNS traffic detected: DNS query: cm.everesttech.net
Source: global traffic	DNS traffic detected: DNS query: api.company-target.com
Source: global traffic	DNS traffic detected: DNS query: s.company-target.com
Source: global traffic	DNS traffic detected: DNS query: dsum-sec.casalemedia.com
Source: global traffic	DNS traffic detected: DNS query: partners.tremorhub.com
Source: global traffic	DNS traffic detected: DNS query: pixel.rubiconproject.com
Source: global traffic	DNS traffic detected: DNS query: ws6.qualified.com
Source: global traffic	DNS traffic detected: DNS query: app.qualified.com
Source: global traffic	DNS traffic detected: DNS query: tag-logger.demandbase.com
Source: global traffic	DNS traffic detected: DNS query: t.co
Source: global traffic	DNS traffic detected: DNS query: analytics.twitter.com
Source: global traffic	DNS traffic detected: DNS query: id.rlcdn.com
Source: global traffic	DNS traffic detected: DNS query: w3-reporting-nel.reddit.com
Source: global traffic	DNS traffic detected: DNS query: beacons.gcp.gvt2.com
Source: global traffic	DNS traffic detected: DNS query: cdn.bizibly.com
Source: global traffic	DNS traffic detected: DNS query: beacons.gvt2.com

Source: unknown

HTTP traffic detected: POST /report/v4?s=IZVKZyW9d2HQXv%2F4LafB9EiNwO0dBw2l8WVMGsIwr%2FoJRLESVC%2BSsGeZkWgrCfu2ivuEMATDmSbXV8IX8a%2BXm9qz%2FXyAjJc0oFgQ1ahi%2BtLXXwe%2BmxNiqSTzyab7l713kqLWwlktDVf8DxMH2vPb8f7XEdcovm492mW3hVsCZQ%3D%3D HTTP/1.1Host: a.nel.cloudflare.comConnection: keep-aliveContent-Length: 409Content-Type: application/reports+jsonOrigin: https://case-id-1000228223704.counselschambers.co.ukUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9

Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenServer: cloudflareDate: Thu, 13 Mar 2025 08:42:17 GMTContent-Type: text/htmlContent-Length: 553Connection: closeCF-RAY: 91fa3cb40d664fd5-ORF
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenServer: cloudflareDate: Thu, 13 Mar 2025 08:42:17 GMTContent-Type: text/htmlContent-Length: 553Connection: closeCF-RAY: 91fa3cb43a5f4fe8-ORF
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenServer: cloudflareDate: Thu, 13 Mar 2025 08:42:19 GMTContent-Type: text/htmlContent-Length: 553Connection: closeCF-RAY: 91fa3cc2e8234fe8-ORF
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenServer: cloudflareDate: Thu, 13 Mar 2025 08:42:31 GMTContent-Type: text/htmlContent-Length: 553Connection: closeCF-RAY: 91fa3d0bef274fd2-ORF

Source: chromecache_132.3.dr	String found in binary or memory: https://ad.doubleclick.net
Source: chromecache_120.3.dr, chromecache_132.3.dr	String found in binary or memory: https://ade.googlesyndication.com
Source: chromecache_132.3.dr	String found in binary or memory: https://adservice.google.com/pagead/regclk?
Source: chromecache_165.3.dr	String found in binary or memory: https://alb.reddit.com/rp.gif?event=PageVisit&id=t2_1upmecjq&ts=1741855354011&uuid=8599f7ff-b0ec-462
Source: chromecache_123.3.dr, chromecache_162.3.dr	String found in binary or memory: https://api.www.cloudflare.com/api/v1
Source: chromecache_102.3.dr	String found in binary or memory: https://assets.adobedtm.com/f597f8065f97/065ba81630d7/6d3ddf5fffa8/RC392ad6d4bbf94c7283b4eda6cbf689a
Source: chromecache_148.3.dr	String found in binary or memory: https://assets.adobedtm.com/f597f8065f97/065ba81630d7/6d3ddf5fffa8/RC55904e5e1abc4d38a5f1ac3dea0edaa
Source: chromecache_159.3.dr	String found in binary or memory: https://assets.adobedtm.com/f597f8065f97/065ba81630d7/launch-efab6d095ce0.js
Source: chromecache_127.3.dr, chromecache_120.3.dr, chromecache_132.3.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: chromecache_131.3.dr, chromecache_97.3.dr	String found in binary or memory: https://cf-assets.www.cloudflare.com/slt3lc6tev37/17RhepZZwxiD452Hs0gKFk/5324e2c81dcdef79c74efea2c60
Source: chromecache_136.3.dr, chromecache_125.3.dr	String found in binary or memory: https://cf-assets.www.cloudflare.com/slt3lc6tev37/2dlg4oApldWlYGAWdzwN7C/3b0f1908d3e4ca00a193c2fd679
Source: chromecache_140.3.dr	String found in binary or memory: https://cf-assets.www.cloudflare.com/slt3lc6tev37/2fMg89go9MegG1EDg39mNy/5a42817cd388ae352f77f56e53b
Source: chromecache_131.3.dr, chromecache_97.3.dr	String found in binary or memory: https://cf-assets.www.cloudflare.com/slt3lc6tev37/3aiXyraQa82SPHcEOgsxLq/ace1025cc5204f2ca8885646b8b
Source: chromecache_98.3.dr, chromecache_101.3.dr	String found in binary or memory: https://cf-assets.www.cloudflare.com/slt3lc6tev37/42XkFj9Uywkm8Jahf62RtP/0563d91cc1fa54da2bf2c50bad8
Source: chromecache_98.3.dr, chromecache_101.3.dr	String found in binary or memory: https://cf-assets.www.cloudflare.com/slt3lc6tev37/4sfL2iS6H10uq2waT6ehym/ad18b77fa469ce07f23d22e19ab
Source: chromecache_140.3.dr	String found in binary or memory: https://cf-assets.www.cloudflare.com/slt3lc6tev37/6bNeiYhSx0RGvbzxS5Fi8c/3ff83bcc36e86e85170201f8264
Source: chromecache_99.3.dr, chromecache_160.3.dr	String found in binary or memory: https://cf-assets.www.cloudflare.com/slt3lc6tev37/6i8d186tH2iueYvgwVRaJf/ab27fd31033bdd31aea69065480
Source: chromecache_99.3.dr, chromecache_160.3.dr	String found in binary or memory: https://cf-assets.www.cloudflare.com/slt3lc6tev37/mJZqOomHta2MLLB73P8Hs/9378861761815b3adf7bcb7734d6
Source: chromecache_104.3.dr, chromecache_133.3.dr	String found in binary or memory: https://developers.marketo.com/MunchkinLicense.pdf
Source: chromecache_114.3.dr	String found in binary or memory: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1757752970&external_user_id=7710d23
Source: chromecache_140.3.dr	String found in binary or memory: https://github.com/jonsuh/hamburgers
Source: chromecache_120.3.dr	String found in binary or memory: https://google.com
Source: chromecache_120.3.dr	String found in binary or memory: https://googleads.g.doubleclick.net
Source: chromecache_140.3.dr	String found in binary or memory: https://jonsuh.com/hamburgers
Source: chromecache_132.3.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: chromecache_127.3.dr, chromecache_120.3.dr, chromecache_132.3.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: chromecache_114.3.dr	String found in binary or memory: https://partners.tremorhub.com/sync?UIDM=7710d23f-1199-4276-ac6a-0ed3f8c4d1ca
Source: chromecache_114.3.dr	String found in binary or memory: https://pixel.rubiconproject.com/tap.php?nid=5578&put=7710d23f-1199-4276-ac6a-0ed3f8c4d1ca&v
Source: chromecache_165.3.dr	String found in binary or memory: https://px.ads.linkedin.com/collect/?fmt=js&v=2&url=https%3A%2F%2Fwww.cloudflare.com%2Flearning%2Fac
Source: chromecache_165.3.dr	String found in binary or memory: https://px.ads.linkedin.com/collect/?pid=28851&fmt=gif
Source: chromecache_97.3.dr	String found in binary or memory: https://schema.org/Answer
Source: chromecache_140.3.dr	String found in binary or memory: https://schema.org/FAQPage
Source: chromecache_97.3.dr	String found in binary or memory: https://schema.org/Question
Source: chromecache_165.3.dr	String found in binary or memory: https://scout-cdn.salesloft.com/sl.js
Source: chromecache_145.3.dr, chromecache_106.3.dr	String found in binary or memory: https://scout.us4.salesloft.com
Source: chromecache_165.3.dr	String found in binary or memory: https://snap.licdn.com/li.lms-analytics/insight.min.js
Source: chromecache_111.3.dr	String found in binary or memory: https://staging.mrk.cfdata.org/mrk/redwood-blade-repository/
Source: chromecache_165.3.dr	String found in binary or memory: https://static.ads-twitter.com/uwt.js
Source: chromecache_127.3.dr	String found in binary or memory: https://stats.g.doubleclick.net/g/collect
Source: chromecache_127.3.dr	String found in binary or memory: https://stats.g.doubleclick.net/g/collect?v=2&
Source: chromecache_136.3.dr, chromecache_125.3.dr	String found in binary or memory: https://support.cloudflare.com/)
Source: chromecache_165.3.dr	String found in binary or memory: https://tag.demandbase.com/1be41a80498a5b73.min.js
Source: chromecache_127.3.dr, chromecache_120.3.dr, chromecache_132.3.dr	String found in binary or memory: https://td.doubleclick.net
Source: chromecache_131.3.dr, chromecache_97.3.dr	String found in binary or memory: https://unctad.org/page/data-protection-and-privacy-legislation-worldwide
Source: chromecache_123.3.dr, chromecache_162.3.dr	String found in binary or memory: https://www.cloudflare.com
Source: chromecache_131.3.dr, chromecache_97.3.dr	String found in binary or memory: https://www.cloudflare.com/learning/access-management/what-is-browser-isolation/
Source: chromecache_136.3.dr, chromecache_125.3.dr	String found in binary or memory: https://www.cloudflare.com/lp/forrester-tei-study-2024/
Source: chromecache_115.3.dr	String found in binary or memory: https://www.cloudflare.com/saas/)
Source: chromecache_132.3.dr	String found in binary or memory: https://www.google.com
Source: chromecache_120.3.dr, chromecache_132.3.dr	String found in binary or memory: https://www.google.com/gmp/conversion;
Source: chromecache_120.3.dr, chromecache_132.3.dr	String found in binary or memory: https://www.googleadservices.com
Source: chromecache_132.3.dr	String found in binary or memory: https://www.googletagmanager.com
Source: chromecache_127.3.dr, chromecache_120.3.dr, chromecache_132.3.dr	String found in binary or memory: https://www.googletagmanager.com/a?
Source: chromecache_120.3.dr, chromecache_132.3.dr	String found in binary or memory: https://www.googletagmanager.com/dclk/ns/v1.js
Source: chromecache_127.3.dr, chromecache_120.3.dr, chromecache_132.3.dr	String found in binary or memory: https://www.googletagmanager.com/static/service_worker/
Source: chromecache_127.3.dr	String found in binary or memory: https://www.merchant-center-analytics.goog

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49864
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49863
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49862
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49860
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49859
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49858
Source: unknown	Network traffic detected: HTTP traffic on port 49881 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49857
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49856
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49855
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 49841 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49854
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49853
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49858 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49893 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49915 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown	Network traffic detected: HTTP traffic on port 49886 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49846
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown	Network traffic detected: HTTP traffic on port 49869 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49844
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49843
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49841
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49840
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49839
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown	Network traffic detected: HTTP traffic on port 49904 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49680 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49836
Source: unknown	Network traffic detected: HTTP traffic on port 49921 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49833
Source: unknown	Network traffic detected: HTTP traffic on port 49887 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49832
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49864 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49870 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49853 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49916 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49868 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49885 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49899
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49897
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49896
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 49862 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49894
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49893
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49891
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49890
Source: unknown	Network traffic detected: HTTP traffic on port 49671 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49897 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49879 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49851 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49905 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49889
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49888
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49887
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49886
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49885
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 49863 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49884
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49883
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49881
Source: unknown	Network traffic detected: HTTP traffic on port 49840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49880
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49857 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49896 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49879
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49878
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49877
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49876
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 49891 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49874
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49873
Source: unknown	Network traffic detected: HTTP traffic on port 49923 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49872
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49871
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49870
Source: unknown	Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49917 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49874 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49880 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 49846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49869
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49868
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49867
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49866
Source: unknown	Network traffic detected: HTTP traffic on port 49890 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49878 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49889 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49900 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49866 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49872 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49855 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49901 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49844 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49918 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49873 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49856 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49913 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49867 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 49842 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49859 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49871 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49894 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49833 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 49902 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 49919 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49876 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49923
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49921
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49877 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49854 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49914 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49919
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49918
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49917
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49860 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49883 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49916
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49915
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49914
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49913
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49843 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49899 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49832 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49905
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49904
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49903
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49902
Source: unknown	Network traffic detected: HTTP traffic on port 49903 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49901
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49900
Source: unknown	Network traffic detected: HTTP traffic on port 49888 -> 443

Source: unknown

HTTPS traffic detected: 204.79.197.222:443 -> 192.168.2.4:49734 version: TLS 1.2

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Windows\SystemTemp\scoped_dir6104_127455605

Jump to behavior

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File deleted: C:\Windows\SystemTemp\scoped_dir6104_127455605

Jump to behavior

Source: classification engine

Classification label: mal60.phis.win@26/127@157/46

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2324,i,8983884021095793227,17932107360871888839,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2348 /prefetch:3
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://case-id-1000228223704.counselschambers.co.uk/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2324,i,8983884021095793227,17932107360871888839,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2348 /prefetch:3	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	1 Browser Extensions	1 Process Injection	1 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	4 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	1 File Deletion	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	5 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	3 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Source	Detection	Scanner	Label	Link
https://case-id-1000228223704.counselschambers.co.uk/	100%	Avira URL Cloud	malware

Source	Detection	Scanner	Label	Link
https://developers.marketo.com/MunchkinLicense.pdf	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
prod-default.lb.logrocket.network	104.198.23.205	true	false	high
static.cloudflareinsights.com	104.16.80.73	true	false	high
pixel.rubiconproject.net.akadns.net	69.173.144.138	true	false	high
beacons-handoff.gcp.gvt2.com	142.251.143.35	true	false	high
scout-cdn.salesloft.com.cdn.cloudflare.net	104.16.71.105	true	false	high
s.dsp-prod.demandbase.com	34.96.71.22	true	false	high
e10776.b.akamaiedge.net	104.73.230.208	true	false	high
scout.us1.salesloft.com	52.206.41.94	true	false	high
platform.twitter.map.fastly.net	146.75.120.157	true	false	high
beacons6.gvt2.com	142.250.185.67	true	false	high
ot.www.cloudflare.com	104.16.123.96	true	false	high
l-0005.l-msedge.net	13.107.42.14	true	false	high
tag.demandbase.com	18.245.46.44	true	false	high
t.co	162.159.140.229	true	false	high
performance.radar.cloudflare.com	104.18.31.78	true	false	high
www.google.com	142.250.185.132	true	false	high
demdex.net.ssl.sc.omtrdc.net	63.140.62.17	true	false	high
api.www.cloudflare.com	104.16.123.96	true	false	high
dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com	18.203.49.17	true	false	high
partners-1864332697.us-east-1.elb.amazonaws.com	52.55.67.121	true	false	high
cf-assets.www.cloudflare.com	104.16.123.96	true	false	high
id.rlcdn.com	35.244.174.68	true	false	high
tag-logger.demandbase.com	18.173.205.94	true	false	high
a798.dscd.akamai.net	2.22.242.136	true	false	high
a.nel.cloudflare.com	35.190.80.1	true	false	high
s.twitter.com	172.66.0.227	true	false	high
cm.everesttech.net.akadns.net	34.252.237.254	true	false	high
js.qualified.com	104.18.16.5	true	false	high
ws6.qualified.com	104.18.16.5	true	false	high
beacons.gvt2.com	142.250.185.163	true	false	high
ax-0001.ax-msedge.net	150.171.28.10	true	false	high
case-id-1000228223704.counselschambers.co.uk	104.21.70.234	true	false	unknown
di.rlcdn.com	35.244.174.68	true	false	high
www.cloudflare.com	104.16.124.96	true	false	high
cdn.logr-ingest.com	104.21.64.1	true	false	high
reddit.map.fastly.net	151.101.193.140	true	false	high
dsum-sec.casalemedia.com	104.18.27.193	true	false	high
e7808.dscg.akamaiedge.net	2.19.105.89	true	false	high
challenges.cloudflare.com	104.18.94.41	true	false	high
adobedc.net.ssl.sc.omtrdc.net	63.140.62.17	true	false	high
api.company-target.com	18.66.102.75	true	false	high
app.qualified.com	104.18.17.5	true	false	high
a1916.dscg2.akamai.net	88.221.110.136	true	false	high
alb.reddit.com	unknown	unknown	false	high
static.ads-twitter.com	unknown	unknown	false	high
scout.salesloft.com	unknown	unknown	false	high
scout-cdn.salesloft.com	unknown	unknown	false	high
beacons.gcp.gvt2.com	unknown	unknown	false	high
w3-reporting-nel.reddit.com	unknown	unknown	false	high
cm.everesttech.net	unknown	unknown	false	high
cdn.bizibly.com	unknown	unknown	false	high
cloudflareinc.demdex.net	unknown	unknown	false	high
adobedc.demdex.net	unknown	unknown	false	high
cdn.bizible.com	unknown	unknown	false	high
dpm.demdex.net	unknown	unknown	false	high
s.company-target.com	unknown	unknown	false	high
assets.adobedtm.com	unknown	unknown	false	high
www.linkedin.com	unknown	unknown	false	high
pixel.rubiconproject.com	unknown	unknown	false	high
px.ads.linkedin.com	unknown	unknown	false	high
munchkin.marketo.net	unknown	unknown	false	high
analytics.twitter.com	unknown	unknown	false	high
r.logr-ingest.com	unknown	unknown	false	high
snap.licdn.com	unknown	unknown	false	high
edge.adobedc.net	unknown	unknown	false	high
partners.tremorhub.com	unknown	unknown	false	high

Contacted URLs

Name	Malicious	Reputation
https://www.cloudflare.com/learning/access-management/phishing-attack/	false	high
https://cm.everesttech.net/cm/dd?d_uuid=08700791949728329443240204663158695316	false	high
https://a.nel.cloudflare.com/report/v4?s=IZVKZyW9d2HQXv%2F4LafB9EiNwO0dBw2l8WVMGsIwr%2FoJRLESVC%2BSsGeZkWgrCfu2ivuEMATDmSbXV8IX8a%2BXm9qz%2FXyAjJc0oFgQ1ahi%2BtLXXwe%2BmxNiqSTzyab7l713kqLWwlktDVf8DxMH2vPb8f7XEdcovm492mW3hVsCZQ%3D%3D	false	high
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015	false	high
https://www.cloudflare.com/page-data/learning/access-management/what-is-identity-and-access-management/page-data.json	false	high
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcvCGSWDtdcXZIVIOPKiiBgdrIcnUCBSueMJKW1qlEE7TI-1741855351-1.3.1.1-Bg36sU4MslyTDYBtb72CbuDFZgxXoMH9aQunoXaaoUA/3hpyo/0x4AAAAAAAnv2jFa1hO0Znbl/light/fbE/failure_retry/normal/auto/	false	high
https://id.rlcdn.com/464526.gif	false	high
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=91fa3d0c7d334fc9&lang=auto	false	high
https://cloudflareinc.demdex.net/dest5.html?d_nsid=0	false	high
https://w3-reporting-nel.reddit.com/reports	false	high
https://www.cloudflare.com/static/z/i.js	false	high
https://adobedc.demdex.net/ee/v1/identity/acquire?configId=715c679b-19c8-4402-8093-423571ad58c4&requestId=0b374856-c5db-428c-8a99-e7d6c484bf02	false	high
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=28851&time=1741855365451&li_adsId=0d119822-40c7-45d2-8b87-39913f3f9312&url=https%3A%2F%2Fwww.cloudflare.com%2Flearning%2Faccess-management%2Fphishing-attack%2F	false	high
https://partners.tremorhub.com/sync?UIDM=7710d23f-1199-4276-ac6a-0ed3f8c4d1ca	false	high
https://www.cloudflare.com/page-data/sq/d/3934964512.json	false	high
https://challenges.cloudflare.com/turnstile/v0/g/f3b948d8acb8/api.js	false	high
https://www.cloudflare.com/static/z/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyV2hhdCUyMGlzJTIwYSUyMHBoaXNoaW5nJTIwYXR0YWNrJTNGJTIwJTdDJTIwQ2xvdWRmbGFyZSUyMiUyQyUyMnglMjIlM0EwLjUzNjA1MDcxMTE0NzM4ODklMkMlMjJ3JTIyJTNBMTI4MCUyQyUyMmglMjIlM0ExMDI0JTJDJTIyaiUyMiUzQTg5NyUyQyUyMmUlMjIlM0ExMjgwJTJDJTIybCUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGd3d3LmNsb3VkZmxhcmUuY29tJTJGbGVhcm5pbmclMkZhY2Nlc3MtbWFuYWdlbWVudCUyRnBoaXNoaW5nLWF0dGFjayUyRiUyMiUyQyUyMnIlMjIlM0ElMjJodHRwcyUzQSUyRiUyRmNhc2UtaWQtMTAwMDIyODIyMzcwNC5jb3Vuc2Vsc2NoYW1iZXJzLmNvLnVrJTJGJTIyJTJDJTIyayUyMiUzQTI0JTJDJTIybiUyMiUzQSUyMlVURi04JTIyJTJDJTIybyUyMiUzQTI0MCUyQyUyMnElMjIlM0ElNUIlNUQlN0Q=	false	high
https://www.cloudflare.com/page-data/plans/page-data.json	false	high
https://scout.salesloft.com/i	false	high
https://munchkin.marketo.net/munchkin-beta.js	false	high
https://px.ads.linkedin.com/collect/?fmt=js&v=2&url=https%3A%2F%2Fwww.cloudflare.com%2Flearning%2Faccess-management%2Fphishing-attack%2F&time=1741855354011&pid=28851&conversionId=13043044	false	high
https://cf-assets.www.cloudflare.com/slt3lc6tev37/6bNeiYhSx0RGvbzxS5Fi8c/3ff83bcc36e86e85170201f8264b2c1c/banner-new.png	false	high
https://www.cloudflare.com/page-data/plans/enterprise/contact/page-data.json	false	high
https://cdn.bizible.com/ipv?_biz_r=https%3A%2F%2Fcase-id-1000228223704.counselschambers.co.uk%2F&_biz_h=-1777624096&_biz_u=c6818a2111814449f72993c4a3476ef8&_biz_l=https%3A%2F%2Fwww.cloudflare.com%2Flearning%2Faccess-management%2Fphishing-attack%2F&_biz_t=1741855367551&_biz_i=What%20is%20a%20phishing%20attack%3F%20%7C%20Cloudflare&_biz_n=0&rnd=79654&cdn_o=a&_biz_z=1741855367553	false	high
https://api.www.cloudflare.com/api/v1/marketo/form/2459	false	high
https://assets.adobedtm.com/f597f8065f97/065ba81630d7/6d3ddf5fffa8/RC55904e5e1abc4d38a5f1ac3dea0edaab-source.min.js	false	high
https://www.cloudflare.com/img/learning/security/threats/phishing-attack/diagram-phishing-attack.png	false	high
https://www.cloudflare.com/a06cff934e9579536ce1c10bad21c1d6d7f63ae0-90484db4602d401d94ca.js	false	high
https://px.ads.linkedin.com/collect/?fmt=js&v=2&url=https%3A%2F%2Fwww.cloudflare.com%2Flearning%2Faccess-management%2Fphishing-attack%2F&time=1741855354011&pid=28851&conversionId=13043044&cookiesTest=true&liSync=true	false	high
https://assets.adobedtm.com/extensions/EPc7341b33570d4c988798fc9f0093d4b2/AppMeasurement.min.js	false	high
https://scout-cdn.salesloft.com/sl.js	false	high
https://static.ads-twitter.com/uwt.js	false	high
https://www.cloudflare.com/174-242772ef10d8d161ae24.js	false	high
https://cdn.bizible.com/ipv?_biz_r=https%3A%2F%2Fcase-id-1000228223704.counselschambers.co.uk%2F&_biz_h=-1777624096&_biz_u=c6818a2111814449f72993c4a3476ef8&_biz_l=https%3A%2F%2Fwww.cloudflare.com%2Flearning%2Faccess-management%2Fphishing-attack%2F&_biz_t=1741855367551&_biz_i=What%20is%20a%20phishing%20attack%3F%20%7C%20Cloudflare&_biz_n=0&rnd=79654&cdn_o=a&_biz_z=1741855370560	false	high
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1623600856:1741854404:M7KpCmSbWHDZpjbLRwsh69gZF1PEsq0IKE7m8p2GqXo/91fa3dc9ff6662d6/ZpxXGD6n3Z5sd33GEOMVkWohhKCd.Kx_wALJwVJEEWA-1741855382-1.1.1.1-lKvf0X7xmgAzcLkcyoC6G9pX3KHBUkYmhqK5S69eutJ0m.C0wA76wXWAVsPj9T5A	false	high
https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=8AD56F28618A50850A495FB6%40AdobeOrg&d_nsid=0&ts=1741855352505	false	high
https://cdn.bizible.com/ipv?_biz_r=https%3A%2F%2Fcase-id-1000228223704.counselschambers.co.uk%2F&_biz_h=-1777624096&_biz_u=c6818a2111814449f72993c4a3476ef8&_biz_l=https%3A%2F%2Fwww.cloudflare.com%2Flearning%2Faccess-management%2Fphishing-attack%2F&_biz_t=1741855367551&_biz_i=What%20is%20a%20phishing%20attack%3F%20%7C%20Cloudflare&_biz_n=0&rnd=79654&cdn_o=a&_biz_z=1741855373569	false	high
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1	false	high
https://www.cloudflare.com/page-data/app-data.json	false	high
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/2108338990:1741854312:kocPlZoEnL-Ur0xUSk6P20f_z_K-VIujT9HM11emwkI/91fa3d0c7d334fc9/adzcIIGKg9gQRm_Nf1j782bxd2mkL2du_Rhq24H07f4-1741855351-1.1.1.1-Evb1QqO9qVI.GzCJPhqEvrM3cXcqimy64hAWyE.mqD5lHPcTzDNdGcz022Dgw4Ln	false	high
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%2F%3Ffmt%3Djs%26v%3D2%26url%3Dhttps%253A%252F%252Fwww.cloudflare.com%252Flearning%252Faccess-management%252Fphishing-attack%252F%26time%3D1741855354011%26pid%3D28851%26conversionId%3D13043044%26cookiesTest%3Dtrue%26liSync%3Dtrue	false	high
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/3hpyo/0x4AAAAAAAnv2jFa1hO0Znbl/light/fbE/new/normal/auto/	false	high
https://alb.reddit.com/rp.gif?event=PageVisit&id=t2_1upmecjq&ts=1741855354011&uuid=8599f7ff-b0ec-462a-acb2-fafef2230bc5&integration=reddit&opt_out=0&v=rdt_65e23bc4&sh=1024&sw=1280	false	high
https://px.ads.linkedin.com/wa/	false	high
https://assets.adobedtm.com/extensions/EPc7341b33570d4c988798fc9f0093d4b2/AppMeasurement_Module_ActivityMap.min.js	false	high
https://www.cloudflare.com/cdn-cgi/rum?	false	high
https://www.cloudflare.com/page-data/sq/d/3199558980.json	false	high
https://case-id-1000228223704.counselschambers.co.uk/	true	unknown
https://assets.adobedtm.com/f597f8065f97/065ba81630d7/6d3ddf5fffa8/RC392ad6d4bbf94c7283b4eda6cbf689a0-source.min.js	false	high
https://www.cloudflare.com/page-data/learning/access-management/what-is-sase/page-data.json	false	high
https://s.company-target.com/s/sync?exc=lr	false	high
https://www.cloudflare.com/component---src-components-learning-center-templates-learning-center-article-template-tsx-49a0a9ee350debcad655.js	false	high
https://cf-assets.www.cloudflare.com/slt3lc6tev37/2fMg89go9MegG1EDg39mNy/5a42817cd388ae352f77f56e53b1ff81/card-new.png	false	high
https://ot.www.cloudflare.com/public/vendor/onetrust/scripttemplates/otSDKStub.js	false	high
https://www.cloudflare.com/page-data/learning/access-management/phishing-attack/page-data.json	false	high
https://px.ads.linkedin.com/collect/?fmt=js&v=2&url=https%3A%2F%2Fwww.cloudflare.com%2Flearning%2Faccess-management%2Fphishing-attack%2F&time=1741855387773&pid=28851&conversionId=20071137	false	high
https://munchkin.marketo.net/164/munchkin.js	false	high
https://www.cloudflare.com/page-data/sq/d/1048862057.json	false	high
https://a.nel.cloudflare.com/report/v4?s=JlJQlMS02lZxBCdjAetP0aVmyMAYFoIpj1jcdr4v9c1WaHAPIAwg%2BfazO1GbH317L6RJ6ZjwdYVXuyDWFZgaPF7U%2F2fONitXZccHJtVqYG0s0%2FshiEhBSEN%2FiobkUcb9KJI0JyWTYAfWN1GH0HhzsmfvlLsmI8hotgl4RzZ55w%3D%3D	false	high
https://di.rlcdn.com/710030.gif?pdata=d=desktop,lc=US,ref=case-id-1000228223704.counselschambers.co.uk	false	high
https://pixel.rubiconproject.com/tap.php?nid=5578&put=7710d23f-1199-4276-ac6a-0ed3f8c4d1ca&v=1181926	false	high
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/d/91fa3d0c7d334fc9/1741855357450/U561WI3Nb0jDDtL	false	high
https://px.ads.linkedin.com/collect/?fmt=js&v=2&url=https%3A%2F%2Fwww.cloudflare.com%2Flearning%2Faccess-management%2Fphishing-attack%2F&time=1741855354011&pid=28851&conversionId=13043044&cookiesTest=true	false	high
https://cdn.bizible.com/scripts/bizible.js	false	high
https://www.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js	false	high
https://www.cloudflare.com/static/z/t	false	high
https://www.cloudflare.com/page-data/sq/d/333361657.json	false	high
https://www.cloudflare.com/app-435b8291d068da48aef5.js	false	high

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://stats.g.doubleclick.net/g/collect	chromecache_127.3.dr	false		high
https://px.ads.linkedin.com/collect/?pid=28851&fmt=gif	chromecache_165.3.dr	false		high
https://unctad.org/page/data-protection-and-privacy-legislation-worldwide	chromecache_131.3.dr, chromecache_97.3.dr	false		high
https://cf-assets.www.cloudflare.com/slt3lc6tev37/6i8d186tH2iueYvgwVRaJf/ab27fd31033bdd31aea69065480	chromecache_99.3.dr, chromecache_160.3.dr	false		high
https://www.cloudflare.com/saas/)	chromecache_115.3.dr	false		high
https://cf-assets.www.cloudflare.com/slt3lc6tev37/4sfL2iS6H10uq2waT6ehym/ad18b77fa469ce07f23d22e19ab	chromecache_98.3.dr, chromecache_101.3.dr	false		high
https://www.google.com	chromecache_132.3.dr	false		high
https://pixel.rubiconproject.com/tap.php?nid=5578&put=7710d23f-1199-4276-ac6a-0ed3f8c4d1ca&v	chromecache_114.3.dr	false		high
https://schema.org/FAQPage	chromecache_140.3.dr	false		high
https://cf-assets.www.cloudflare.com/slt3lc6tev37/42XkFj9Uywkm8Jahf62RtP/0563d91cc1fa54da2bf2c50bad8	chromecache_98.3.dr, chromecache_101.3.dr	false		high
https://tag.demandbase.com/1be41a80498a5b73.min.js	chromecache_165.3.dr	false		high
https://www.cloudflare.com/learning/access-management/what-is-browser-isolation/	chromecache_131.3.dr, chromecache_97.3.dr	false		high
https://www.google.com/gmp/conversion;	chromecache_120.3.dr, chromecache_132.3.dr	false		high
https://scout.us4.salesloft.com	chromecache_145.3.dr, chromecache_106.3.dr	false		high
https://schema.org/Answer	chromecache_97.3.dr	false		high
https://cf-assets.www.cloudflare.com/slt3lc6tev37/6bNeiYhSx0RGvbzxS5Fi8c/3ff83bcc36e86e85170201f8264	chromecache_140.3.dr	false		high
https://alb.reddit.com/rp.gif?event=PageVisit&id=t2_1upmecjq&ts=1741855354011&uuid=8599f7ff-b0ec-462	chromecache_165.3.dr	false		high
https://www.cloudflare.com	chromecache_123.3.dr, chromecache_162.3.dr	false		high
https://cf-assets.www.cloudflare.com/slt3lc6tev37/17RhepZZwxiD452Hs0gKFk/5324e2c81dcdef79c74efea2c60	chromecache_131.3.dr, chromecache_97.3.dr	false		high
https://cct.google/taggy/agent.js	chromecache_127.3.dr, chromecache_120.3.dr, chromecache_132.3.dr	false		high
https://www.cloudflare.com/lp/forrester-tei-study-2024/	chromecache_136.3.dr, chromecache_125.3.dr	false		high
https://developers.marketo.com/MunchkinLicense.pdf	chromecache_104.3.dr, chromecache_133.3.dr	false	Avira URL Cloud: safe	unknown
https://stats.g.doubleclick.net/g/collect?v=2&	chromecache_127.3.dr	false		high
https://cf-assets.www.cloudflare.com/slt3lc6tev37/2dlg4oApldWlYGAWdzwN7C/3b0f1908d3e4ca00a193c2fd679	chromecache_136.3.dr, chromecache_125.3.dr	false		high
https://staging.mrk.cfdata.org/mrk/redwood-blade-repository/	chromecache_111.3.dr	false		high
https://cf-assets.www.cloudflare.com/slt3lc6tev37/3aiXyraQa82SPHcEOgsxLq/ace1025cc5204f2ca8885646b8b	chromecache_131.3.dr, chromecache_97.3.dr	false		high
https://assets.adobedtm.com/f597f8065f97/065ba81630d7/launch-efab6d095ce0.js	chromecache_159.3.dr	false		high
https://px.ads.linkedin.com/collect/?fmt=js&v=2&url=https%3A%2F%2Fwww.cloudflare.com%2Flearning%2Fac	chromecache_165.3.dr	false		high
https://github.com/jonsuh/hamburgers	chromecache_140.3.dr	false		high
https://jonsuh.com/hamburgers	chromecache_140.3.dr	false		high
https://support.cloudflare.com/)	chromecache_136.3.dr, chromecache_125.3.dr	false		high
https://googleads.g.doubleclick.net	chromecache_120.3.dr	false		high

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
52.18.103.116	unknown	United States	16509	AMAZON-02US	false
18.203.49.17	dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com	United States	16509	AMAZON-02US	false
52.55.67.121	partners-1864332697.us-east-1.elb.amazonaws.com	United States	14618	AMAZON-AESUS	false
104.16.80.73	static.cloudflareinsights.com	United States	13335	CLOUDFLARENETUS	false
18.173.205.94	tag-logger.demandbase.com	United States	3	MIT-GATEWAYSUS	false
2.19.105.89	e7808.dscg.akamaiedge.net	European Union	16625	AKAMAI-ASUS	false
151.101.193.140	reddit.map.fastly.net	United States	54113	FASTLYUS	false
104.198.23.205	prod-default.lb.logrocket.network	United States	15169	GOOGLEUS	false
2.22.242.97	unknown	European Union	20940	AKAMAI-ASN1EU	false
63.140.62.222	unknown	United States	15224	OMNITUREUS	false
35.190.80.1	a.nel.cloudflare.com	United States	15169	GOOGLEUS	false
44.194.21.120	unknown	United States	14618	AMAZON-AESUS	false
18.245.46.44	tag.demandbase.com	United States	16509	AMAZON-02US	false
104.16.124.96	www.cloudflare.com	United States	13335	CLOUDFLARENETUS	false
88.221.110.136	a1916.dscg2.akamai.net	European Union	20940	AKAMAI-ASN1EU	false
104.21.70.234	case-id-1000228223704.counselschambers.co.uk	United States	13335	CLOUDFLARENETUS	false
162.159.140.229	t.co	United States	13335	CLOUDFLARENETUS	false
2.22.242.136	a798.dscd.akamai.net	European Union	20940	AKAMAI-ASN1EU	false
34.96.71.22	s.dsp-prod.demandbase.com	United States	15169	GOOGLEUS	false
104.73.230.208	e10776.b.akamaiedge.net	United States	16625	AKAMAI-ASUS	false
63.140.62.17	demdex.net.ssl.sc.omtrdc.net	United States	15224	OMNITUREUS	false
13.107.42.14	l-0005.l-msedge.net	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
104.16.71.105	scout-cdn.salesloft.com.cdn.cloudflare.net	United States	13335	CLOUDFLARENETUS	false
104.18.16.5	js.qualified.com	United States	13335	CLOUDFLARENETUS	false
104.18.31.78	performance.radar.cloudflare.com	United States	13335	CLOUDFLARENETUS	false
146.75.120.157	platform.twitter.map.fastly.net	Sweden	30051	SCCGOVUS	false
35.244.174.68	id.rlcdn.com	United States	15169	GOOGLEUS	false
18.66.102.75	api.company-target.com	United States	3	MIT-GATEWAYSUS	false
104.18.94.41	challenges.cloudflare.com	United States	13335	CLOUDFLARENETUS	false
104.21.64.1	cdn.logr-ingest.com	United States	13335	CLOUDFLARENETUS	false
34.252.237.254	cm.everesttech.net.akadns.net	United States	16509	AMAZON-02US	false
69.173.144.138	pixel.rubiconproject.net.akadns.net	United States	26667	RUBICONPROJECTUS	false
52.206.41.94	scout.us1.salesloft.com	United States	14618	AMAZON-AESUS	false
18.173.205.104	unknown	United States	3	MIT-GATEWAYSUS	false
104.18.27.193	dsum-sec.casalemedia.com	United States	13335	CLOUDFLARENETUS	false
142.250.185.132	www.google.com	United States	15169	GOOGLEUS	false
104.18.26.193	unknown	United States	13335	CLOUDFLARENETUS	false
172.67.168.191	unknown	United States	13335	CLOUDFLARENETUS	false
151.101.1.140	unknown	United States	54113	FASTLYUS	false
104.18.17.5	app.qualified.com	United States	13335	CLOUDFLARENETUS	false
2.16.164.8	unknown	European Union	20940	AKAMAI-ASN1EU	false
63.35.2.123	unknown	United States	16509	AMAZON-02US	false
172.66.0.227	s.twitter.com	United States	13335	CLOUDFLARENETUS	false
104.16.123.96	ot.www.cloudflare.com	United States	13335	CLOUDFLARENETUS	false

Private

IP
192.168.2.9
192.168.2.4

General Information

Joe Sandbox version:	42.0.0 Malachite
Analysis ID:	1636955
Start date and time:	2025-03-13 09:40:44 +01:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 3m 42s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	https://case-id-1000228223704.counselschambers.co.uk/
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	20
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal60.phis.win@26/127@157/46
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, audiodg.exe, RuntimeBroker.exe, ShellExperienceHost.exe, SIHClient.exe, SgrmBroker.exe, backgroundTaskHost.exe, conhost.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 142.250.184.206, 172.217.18.3, 142.250.185.142, 108.177.15.84, 142.250.185.110, 142.250.186.46, 216.58.206.46, 216.58.212.142, 142.250.186.110, 216.58.206.78, 142.250.186.136, 142.250.185.174, 172.217.18.14, 142.250.185.163, 142.250.185.206, 199.232.214.172, 142.250.186.130, 142.250.185.136, 23.199.214.10, 172.202.163.200, 150.171.28.10
Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, ctldl.windowsupdate.com, clientservices.googleapis.com, fe3cr.delivery.mp.microsoft.com, clients2.google.com, ade.googlesyndication.com, edgedl.me.gvt1.com, redirector.gvt1.com, www.googletagmanager.com, bat.bing.com, update.googleapis.com, clients.l.google.com, www.google-analytics.com
Not all processes where analyzed, report is missing behavior information
Report size getting too big, too many NtCreateFile calls found.
Report size getting too big, too many NtOpenFile calls found.
Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
VT rate limit hit for: https://case-id-1000228223704.counselschambers.co.uk/

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65448)
Category:	downloaded
Size (bytes):	141409
Entropy (8bit):	5.2689081924592935
Encrypted:	false
SSDEEP:	1536:vvRhq5eZ7j9fohDQde9yuYvBSyYnDQSTf3W5aUG+rdPAQ9l:vxE9oSfrf3W5Io9l
MD5:	5ECE435F1C64EEB216E3C40C34129DFF
SHA1:	12C84F3876589F43AC5DCFFAE6316420FD4750FC
SHA-256:	FC9585F08E201191E8269F67184DCB5A0DFF1354F6397C38E795E489ABBA4F4F
SHA-512:	215B97A411A051220A48C97A0C1A2A6CDFD73D8CF289C6900B09B5BD47633424FEE5F1AADC8B3E2AEDA384E3B1F31CF550A1C63ED8B84960420BBCF2EC25F329
Malicious:	false
Reputation:	low
URL:	https://www.cloudflare.com/framework-957a522640f43541ca6a.js
Preview:	/! For license information please see framework-957a522640f43541ca6a.js.LICENSE.txt /.(self.webpackChunk_cloudflare_mrkeng_redwood=self.webpackChunk_cloudflare_mrkeng_redwood\|\|[]).push([[593],{2694:function(e,n,t){"use strict";var r=t(6925);function l(){}function a(){}a.resetWarningCache=l,e.exports=function(){function e(e,n,t,l,a,o){if(o!==r){var u=new Error("Calling PropTypes validators directly is not supported by the `prop-types` package. Use PropTypes.checkPropTypes() to call them. Read more at http://fb.me/use-check-prop-types");throw u.name="Invariant Violation",u}}function n(){return e}e.isRequired=e;var t={array:e,bigint:e,bool:e,func:e,number:e,object:e,string:e,symbol:e,any:e,arrayOf:n,element:e,elementType:e,instanceOf:n,node:e,objectOf:n,oneOf:n,oneOfType:n,shape:n,exact:n,checkPropTypes:a,resetWarningCache:l};return t.PropTypes=t,t}},5556:function(e,n,t){e.exports=t(2694)()},6925:function(e){"use strict";e.exports="SECRET_DO_NOT_PASS_THIS_OR_YOU_WILL_BE_FIRED"},22551:fu

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Mar 13, 2025 09:41:48.393939018 CET	53	62714	1.1.1.1	192.168.2.4
Mar 13, 2025 09:41:48.407696009 CET	53	64716	1.1.1.1	192.168.2.4
Mar 13, 2025 09:41:52.082735062 CET	63069	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:41:52.083076954 CET	58849	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:41:52.089406967 CET	53	63069	1.1.1.1	192.168.2.4
Mar 13, 2025 09:41:52.090241909 CET	53	58849	1.1.1.1	192.168.2.4
Mar 13, 2025 09:41:52.121397018 CET	53	53317	1.1.1.1	192.168.2.4
Mar 13, 2025 09:41:52.358068943 CET	53	49320	1.1.1.1	192.168.2.4
Mar 13, 2025 09:41:54.165744066 CET	54557	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:41:54.166147947 CET	53640	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:41:54.174915075 CET	53	54557	1.1.1.1	192.168.2.4
Mar 13, 2025 09:41:54.177412987 CET	53	53640	1.1.1.1	192.168.2.4
Mar 13, 2025 09:41:58.078564882 CET	57429	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:41:58.078876019 CET	52124	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:41:58.085124969 CET	53	57429	1.1.1.1	192.168.2.4
Mar 13, 2025 09:41:58.085453987 CET	53	52124	1.1.1.1	192.168.2.4
Mar 13, 2025 09:41:58.942734003 CET	63254	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:41:58.942989111 CET	57206	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:41:58.952707052 CET	53	63254	1.1.1.1	192.168.2.4
Mar 13, 2025 09:41:58.954724073 CET	53	57206	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:09.369412899 CET	53	49695	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:12.126197100 CET	61351	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:12.126333952 CET	59684	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:12.132793903 CET	53	61351	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:12.133305073 CET	53	59684	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:15.497879028 CET	53311	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:15.498051882 CET	52377	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:15.504933119 CET	53	53311	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:15.505145073 CET	53	52377	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:15.580209970 CET	49307	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:15.580341101 CET	61352	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:15.588922977 CET	53	61352	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:15.588939905 CET	53	49307	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:16.188494921 CET	55762	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:16.188651085 CET	55844	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:16.195215940 CET	53	55762	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:16.195956945 CET	53	55844	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:17.888148069 CET	58554	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:17.888354063 CET	62033	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:17.888816118 CET	50359	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:17.889080048 CET	60574	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:17.889452934 CET	62980	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:17.889807940 CET	52382	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:17.895195961 CET	53	58554	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:17.895288944 CET	53	62033	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:17.895544052 CET	53	60574	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:17.895719051 CET	53	50359	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:17.898101091 CET	53	62980	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:17.899835110 CET	53	52382	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:22.497533083 CET	54055	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:22.497983932 CET	54356	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:22.506027937 CET	53	54055	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:22.509011984 CET	53	54356	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:28.499244928 CET	53	62077	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:29.441205978 CET	53882	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:29.441385984 CET	60025	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:29.447911024 CET	53	60025	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:29.448365927 CET	53	53882	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:29.459563017 CET	53	64776	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:29.480900049 CET	64753	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:29.481137037 CET	62354	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:29.489125013 CET	53	64753	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:29.490653992 CET	53	62354	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:30.461250067 CET	65440	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:30.461421967 CET	56764	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:30.469404936 CET	53	65440	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:30.471477985 CET	53	56764	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:33.316415071 CET	52438	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:33.316572905 CET	65449	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:33.323291063 CET	53	65449	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:33.323303938 CET	53	52438	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:33.521760941 CET	53	63222	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:34.307936907 CET	56856	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:34.308111906 CET	56857	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:34.308821917 CET	61677	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:34.309003115 CET	61965	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:34.315274954 CET	53	56856	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:34.315341949 CET	53	61677	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:34.316292048 CET	53	61965	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:34.357645988 CET	53	56857	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:34.625720024 CET	61901	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:34.626013041 CET	64463	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:34.632766962 CET	53	64463	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:34.632891893 CET	53	61901	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:36.922939062 CET	63417	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:36.923162937 CET	55498	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:36.929433107 CET	53	63417	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:36.930948973 CET	53	55498	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:36.951013088 CET	54365	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:36.951219082 CET	57478	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:36.959049940 CET	53	54365	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:36.964349985 CET	55027	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:36.964512110 CET	63183	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:36.971016884 CET	53	63183	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:36.971122026 CET	53	55027	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:36.984680891 CET	53	57478	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:37.899691105 CET	62356	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:37.899840117 CET	50905	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:37.906922102 CET	53	62356	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:37.906945944 CET	53	50905	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:39.614842892 CET	61484	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:39.614988089 CET	59260	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:39.622081041 CET	53	61484	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:39.623398066 CET	53	59260	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:39.632718086 CET	51189	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:39.632858038 CET	62744	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:39.640469074 CET	53	62744	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:39.640819073 CET	53	51189	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:39.642018080 CET	51478	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:39.642195940 CET	57603	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:39.650548935 CET	53	51478	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:39.650815010 CET	53	57603	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:41.546379089 CET	62233	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:41.546710014 CET	60485	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:41.553316116 CET	53	60485	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:41.553333044 CET	53	62233	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:42.855766058 CET	53246	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:42.855766058 CET	57780	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:42.856324911 CET	54483	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:42.856487989 CET	60308	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:42.856972933 CET	56843	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:42.856972933 CET	55344	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:42.858073950 CET	54514	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:42.858073950 CET	52704	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:42.858629942 CET	64505	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:42.858839035 CET	57451	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:42.863147974 CET	53	57780	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:42.864012957 CET	53	60308	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:42.864053965 CET	53	54483	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:42.864247084 CET	53	56843	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:42.864587069 CET	53	55344	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:42.864612103 CET	53	54514	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:42.866292000 CET	53	52704	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:42.882016897 CET	53	53246	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:42.883205891 CET	53	64505	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:43.103238106 CET	53	57451	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:45.393795967 CET	65194	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:45.394056082 CET	52470	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:45.394540071 CET	64574	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:45.394540071 CET	60431	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:45.403095961 CET	53	65194	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:45.403806925 CET	53	60431	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:45.442878962 CET	53	52470	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:45.443718910 CET	53	64574	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:47.694123983 CET	62050	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:47.694338083 CET	57972	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:47.701160908 CET	53	62050	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:47.703460932 CET	53	57972	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:47.795968056 CET	53	56507	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:47.857986927 CET	58403	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:47.858479977 CET	54916	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:47.859450102 CET	55044	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:47.859719038 CET	64488	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:47.862216949 CET	62747	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:47.862831116 CET	50170	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:47.865291119 CET	53	58403	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:47.866216898 CET	53	55044	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:47.866941929 CET	53	64488	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:47.869198084 CET	53	54916	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:47.869843006 CET	53	62747	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:47.870254040 CET	53	50170	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:47.915800095 CET	53901	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:47.918715000 CET	54497	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:47.920171976 CET	55019	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:47.920722008 CET	55698	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:47.923434019 CET	53	53901	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:47.926575899 CET	53	54497	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:47.927342892 CET	53	55019	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:47.951066017 CET	53	55698	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:50.223306894 CET	138	138	192.168.2.4	192.168.2.255
Mar 13, 2025 09:42:50.618942976 CET	51524	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:50.619393110 CET	62942	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:50.622364998 CET	54955	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:50.622576952 CET	57103	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:50.627099037 CET	53	62942	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:50.631417990 CET	53	54955	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:50.642482996 CET	53	57103	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:50.644937038 CET	53	51524	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:50.657706976 CET	64668	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:50.657927036 CET	64679	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:50.664546967 CET	53	64668	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:50.664794922 CET	53	64679	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:50.823777914 CET	53	61254	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:52.488009930 CET	59631	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:52.488506079 CET	61240	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:52.490876913 CET	53798	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:52.491043091 CET	58965	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:52.498049021 CET	53	61240	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:52.498064995 CET	53	59631	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:52.498519897 CET	53	53798	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:52.498832941 CET	53	58965	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:52.746289015 CET	61685	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:52.746707916 CET	54224	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:52.752578974 CET	64520	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:52.752876997 CET	65156	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:52.753607988 CET	53	61685	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:52.754259109 CET	53	54224	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:52.759479046 CET	53	65156	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:52.759634018 CET	53	64520	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:52.808124065 CET	53	63480	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:53.556659937 CET	61909	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:53.556828976 CET	60354	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:53.563087940 CET	53	61909	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:53.574933052 CET	53	60354	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:54.043355942 CET	59470	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:54.043718100 CET	55960	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:54.050632954 CET	53	59470	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:54.050681114 CET	53	55960	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:55.084287882 CET	53	59596	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:55.626064062 CET	61364	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:55.626602888 CET	58390	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:55.633028984 CET	53	58390	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:55.633505106 CET	53	61364	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:56.852890968 CET	53778	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:56.853307009 CET	62928	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:56.859559059 CET	53	53778	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:56.860172033 CET	53	62928	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:57.690985918 CET	55337	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:57.691153049 CET	60028	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:57.698586941 CET	53	60028	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:57.700535059 CET	53	55337	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:57.878418922 CET	49374	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:57.878568888 CET	60773	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:57.878815889 CET	49412	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:57.878931046 CET	56686	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:57.897490978 CET	54463	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:57.897804976 CET	54119	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:57.930279970 CET	58458	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:57.930943012 CET	53663	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:57.931129932 CET	52693	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:57.931262970 CET	63767	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:57.946060896 CET	52305	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:57.946336985 CET	51371	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:58.024525881 CET	51487	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:58.024928093 CET	57125	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:58.040326118 CET	56086	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:58.087944984 CET	54736	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:58.088449955 CET	56847	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:58.089102030 CET	58413	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:58.089262009 CET	51846	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:58.133344889 CET	61042	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:58.133512974 CET	59809	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:58.133670092 CET	50052	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:58.133794069 CET	57381	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:58.229628086 CET	52441	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:58.230709076 CET	62414	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:58.503165960 CET	56628	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:58.503611088 CET	60145	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:58.559684992 CET	54156	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:58.559962988 CET	62915	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:58.654687881 CET	59010	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:58.918289900 CET	53	49374	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:58.918308973 CET	53	60773	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:58.918319941 CET	53	49412	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:58.918330908 CET	53	56686	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:58.921590090 CET	53	52693	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:58.921921968 CET	53	63767	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:58.921932936 CET	53	54736	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:58.921942949 CET	53	58413	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:58.921952963 CET	53	58458	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:58.921964884 CET	53	57125	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:58.922314882 CET	53	52305	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:58.922323942 CET	53	51487	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:58.922403097 CET	53	51371	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:58.922430038 CET	53	56086	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:58.922456980 CET	53	51846	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:58.922552109 CET	53	53663	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:58.922832966 CET	53	54156	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:58.923002005 CET	53	60145	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:58.923012018 CET	53	56628	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:58.923022032 CET	53	54463	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:58.923031092 CET	53	62414	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:58.923162937 CET	53	56847	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:58.923257113 CET	53	59010	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:58.923278093 CET	53	57381	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:58.923288107 CET	53	50052	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:58.923320055 CET	53	62915	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:58.923748970 CET	53	61042	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:58.924005032 CET	53	59809	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:58.924117088 CET	53	52441	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:58.949006081 CET	53	54119	1.1.1.1	192.168.2.4
Mar 13, 2025 09:42:59.661461115 CET	59010	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:42:59.668174982 CET	53	59010	1.1.1.1	192.168.2.4
Mar 13, 2025 09:43:00.674237013 CET	59010	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:43:00.680973053 CET	53	59010	1.1.1.1	192.168.2.4
Mar 13, 2025 09:43:01.390218973 CET	53665	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:43:01.390368938 CET	59580	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:43:01.397507906 CET	53	59580	1.1.1.1	192.168.2.4
Mar 13, 2025 09:43:01.414195061 CET	53	53665	1.1.1.1	192.168.2.4
Mar 13, 2025 09:43:02.144193888 CET	57441	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:43:02.144539118 CET	64483	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:43:02.150657892 CET	53	57441	1.1.1.1	192.168.2.4
Mar 13, 2025 09:43:02.151113033 CET	53	64483	1.1.1.1	192.168.2.4
Mar 13, 2025 09:43:02.674772978 CET	59010	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:43:02.681997061 CET	53	59010	1.1.1.1	192.168.2.4
Mar 13, 2025 09:43:02.817159891 CET	62684	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:43:02.817368984 CET	61493	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:43:02.824557066 CET	53	61493	1.1.1.1	192.168.2.4
Mar 13, 2025 09:43:02.825490952 CET	53	62684	1.1.1.1	192.168.2.4
Mar 13, 2025 09:43:03.323528051 CET	54897	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:43:03.323822975 CET	63412	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:43:03.330718040 CET	53	54897	1.1.1.1	192.168.2.4
Mar 13, 2025 09:43:03.331480980 CET	53	63412	1.1.1.1	192.168.2.4
Mar 13, 2025 09:43:06.690895081 CET	59010	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:43:06.697515965 CET	53	59010	1.1.1.1	192.168.2.4
Mar 13, 2025 09:43:10.719846964 CET	54153	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:43:10.720029116 CET	55299	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:43:10.726654053 CET	53	54153	1.1.1.1	192.168.2.4
Mar 13, 2025 09:43:10.727516890 CET	53	55299	1.1.1.1	192.168.2.4
Mar 13, 2025 09:43:10.728511095 CET	53	62679	1.1.1.1	192.168.2.4
Mar 13, 2025 09:43:10.745995045 CET	54061	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:43:10.746315956 CET	56016	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:43:10.753417969 CET	53	54061	1.1.1.1	192.168.2.4
Mar 13, 2025 09:43:10.753912926 CET	53	56016	1.1.1.1	192.168.2.4
Mar 13, 2025 09:43:10.772871017 CET	61427	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:43:10.780062914 CET	53	61427	1.1.1.1	192.168.2.4
Mar 13, 2025 09:43:10.864396095 CET	61812	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:43:10.870985985 CET	53	61812	1.1.1.1	192.168.2.4
Mar 13, 2025 09:43:11.324569941 CET	50916	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:43:11.324743986 CET	53553	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:43:11.332581043 CET	53	53553	1.1.1.1	192.168.2.4
Mar 13, 2025 09:43:11.334132910 CET	53	50916	1.1.1.1	192.168.2.4
Mar 13, 2025 09:43:11.850730896 CET	61812	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:43:11.858078003 CET	53	61812	1.1.1.1	192.168.2.4
Mar 13, 2025 09:43:12.850740910 CET	61812	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:43:12.857671976 CET	53	61812	1.1.1.1	192.168.2.4
Mar 13, 2025 09:43:14.295959949 CET	53	64201	1.1.1.1	192.168.2.4
Mar 13, 2025 09:43:14.866355896 CET	61812	53	192.168.2.4	1.1.1.1
Mar 13, 2025 09:43:14.873358965 CET	53	61812	1.1.1.1	192.168.2.4

Timestamp	Source IP	Dest IP	Checksum	Code	Type
Mar 13, 2025 09:42:34.357728958 CET	192.168.2.4	1.1.1.1	c26f	(Port unreachable)	Destination Unreachable
Mar 13, 2025 09:42:36.984747887 CET	192.168.2.4	1.1.1.1	c2b5	(Port unreachable)	Destination Unreachable
Mar 13, 2025 09:42:43.103358030 CET	192.168.2.4	1.1.1.1	c274	(Port unreachable)	Destination Unreachable
Mar 13, 2025 09:42:45.444065094 CET	192.168.2.4	1.1.1.1	c26c	(Port unreachable)	Destination Unreachable
Mar 13, 2025 09:42:47.951221943 CET	192.168.2.4	1.1.1.1	c268	(Port unreachable)	Destination Unreachable
Mar 13, 2025 09:42:58.918394089 CET	192.168.2.4	1.1.1.1	c20b	(Port unreachable)	Destination Unreachable

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	downloaded
Size (bytes):	1135
Entropy (8bit):	5.195218939009382
Encrypted:	false
SSDEEP:	24:YgGXhXo4YAGKooB80ar1qhqo4YAGADwB0arE:YcKoaarUcarE
MD5:	EBEEA0414FED32193900E84E33F2BE1B
SHA1:	8EFBADFF74F2B75D7BC755254E2369B27DBE8F32
SHA-256:	911BA3DE8DCDA879031896EFB4FF7EAF448FF44FC448F6AFB1281B606BD5B323
SHA-512:	16F367EA2F09F67390F1083398F7D3B4AA5369259EC25819A0A93DDAA33334563B939315503B429996662E402CBBB6AA8A376DD7F4BC595D96938A2AACBB72FB
Malicious:	false
Reputation:	low
URL:	https://www.cloudflare.com/page-data/sq/d/3934964512.json
Preview:	{"data":{"gray":{"id":"67775c6d-87bd-5a24-a947-3518902c5081","altText":"Google Cloud Platform - GCP Gray Logo","title":"Google Cloud Platform - GCP Gray Logo","activeAsset":"Contentful Asset","locale":"en-US","contentfulAsset":{"file":{"publicURL":"https://cf-assets.www.cloudflare.com/slt3lc6tev37/4sfL2iS6H10uq2waT6ehym/ad18b77fa469ce07f23d22e19ab93d8d/button_bandwidth-calculator_google-cloud.svg"},"description":"Google Cloud Platform - GCP Gray Logo used as a button image on egress savings calculator"},"brandfolderAsset":null,"brandfolderAssetMobile":null},"orange":{"id":"e7dd6567-30d1-5534-921f-aa6f0713df49","altText":"Google Cloud Platform - GCP Orange Logo","title":"Google Cloud Platform - GCP Orange Logo","activeAsset":"Contentful Asset","locale":"en-US","contentfulAsset":{"file":{"publicURL":"https://cf-assets.www.cloudflare.com/slt3lc6tev37/42XkFj9Uywkm8Jahf62RtP/0563d91cc1fa54da2bf2c50bad815fa9/button_bandwidth-calculator_orange-google-cloud.svg"},"description":"Google Cloud Pl

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report https://case-id-1000228223704.counselschambers.co.uk/

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

HTML

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

Chrome Cache Entry: 100

Chrome Cache Entry: 101

Chrome Cache Entry: 102

Chrome Cache Entry: 103

Chrome Cache Entry: 104

Chrome Cache Entry: 105

Chrome Cache Entry: 106

Chrome Cache Entry: 107

Chrome Cache Entry: 108

Chrome Cache Entry: 109

Chrome Cache Entry: 110

Chrome Cache Entry: 111

Chrome Cache Entry: 112

Chrome Cache Entry: 113

Chrome Cache Entry: 114

Chrome Cache Entry: 115

Chrome Cache Entry: 116

Chrome Cache Entry: 117

Chrome Cache Entry: 118

Chrome Cache Entry: 119

Chrome Cache Entry: 120

Chrome Cache Entry: 121

Chrome Cache Entry: 122

Chrome Cache Entry: 123

Chrome Cache Entry: 124

Chrome Cache Entry: 125

Chrome Cache Entry: 126

Windows Analysis Report
https://case-id-1000228223704.counselschambers.co.uk/