Edit tour

Windows Analysis Report
http://telemgram-rv.org/

Overview

General Information

Sample URL:	http://telemgram-rv.org/
Analysis ID:	1591406
Infos:

Detection

HTMLPhisher

Score:	68
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus / Scanner detection for submitted sample

Antivirus detection for URL or domain

Yara detected BlockedWebSite

AI detected suspicious URL

Detected non-DNS traffic on DNS port

Stores files to the Windows start menu directory

Suricata IDS alerts with low severity for network traffic

Classification

Process Tree

System is w10x64

chrome.exe (PID: 3240 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)

chrome.exe (PID: 6856 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2268 --field-trial-handle=2012,i,3801474200455821677,17563955628542786674,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)

chrome.exe (PID: 2940 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://telemgram-rv.org/" MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)

cleanup

Yara Signatures

Dropped Files

Source	Rule	Description	Author	Strings
dropped/chromecache_304	JoeSecurity_BlockedWebSite	Yara detected BlockedWebSite	Joe Security
dropped/chromecache_215	JoeSecurity_BlockedWebSite	Yara detected BlockedWebSite	Joe Security

HTML

Source	Rule	Description	Author	Strings
1.0.pages.csv	JoeSecurity_BlockedWebSite	Yara detected BlockedWebSite	Joe Security

Suricata Signatures

ET EXPLOIT_KIT Possible Nuclear EK Landing Nov 17 2015

Timestamp	SID	Severity	Classtype	Source IP	Source Port	Destination IP	Destination Port	Protocol
2025-01-15T00:17:52.502972+0100	2022112	1	Exploit Kit Activity Detected	192.168.2.11	52093	162.159.140.229	443	TCP
2025-01-15T00:17:52.552376+0100	2022112	1	Exploit Kit Activity Detected	192.168.2.11	52096	104.244.42.3	443	TCP
2025-01-15T00:17:53.632241+0100	2022112	1	Exploit Kit Activity Detected	192.168.2.11	52130	104.18.26.193	443	TCP

HTTP traffic detected: POST /report/v4?s=lOHtGUqBFDKf8fWIZOaVjDZ0tzOi2B9aTOAl%2FrPEggtEkUi2f3Vc2%2FNGhk2JEJdMyIiJJ5Pa7VfSk3lUj4Z49K7zNrZxpNrpwy0pg6owpXWKO4BgJr8ji%2B7wmbuEm9nGbRxl HTTP/1.1Host: a.nel.cloudflare.comConnection: keep-aliveContent-Length: 388Content-Type: application/reports+jsonUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Tue, 14 Jan 2025 23:17:29 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeX-Frame-Options: SAMEORIGINReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lOHtGUqBFDKf8fWIZOaVjDZ0tzOi2B9aTOAl%2FrPEggtEkUi2f3Vc2%2FNGhk2JEJdMyIiJJ5Pa7VfSk3lUj4Z49K7zNrZxpNrpwy0pg6owpXWKO4BgJr8ji%2B7wmbuEm9nGbRxl"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 902156fb7c57aac5-YYZ
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Tue, 14 Jan 2025 23:17:33 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeX-Frame-Options: SAMEORIGINReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4%2FpaJx62l6D2GGHJvvjI7Khfywao7EEWsHNE8iwSxPKZWN3qOwN%2Fpu%2B2wmOB7al2pP%2FHRvP79AgyYXKZfY9pgp3dKJFmgNsQ8BjfipcWDjZMRQyhCUCKiere47A%2FM9tL7FSP"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 90215711efe5a2d0-YUL
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Tue, 14 Jan 2025 23:17:49 GMTContent-Type: application/json; charset=UTF-8Content-Length: 24Connection: closeAccess-Control-Allow-Origin: https://www.cloudflare.comAccess-Control-Allow-Credentials: trueAccess-Control-Allow-Headers: Content-Type,AcceptAccess-Control-Allow-Methods: GET,POST,OPTIONSX-Robots-Tag: noindexReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EKo709iALXQLIJLmHJRCS%2BmWqs2hZXRLXqMIS5FIWjYwdbwM5iUpa4vjfVMC%2F87%2FM2FMfInmXIto71AoMBlovmEgOYrj1c3OqxZ7gWkgl%2F78bFMuO0HsWxBsSoCYSlNOIWltKyJG884%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 9021577909e64234-EWRalt-svc: h3=":443"; ma=86400
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundx-request-id: 47cd7f05-23e8-47a0-84a0-e75a8cee1e48vary: Origindate: Tue, 14 Jan 2025 23:17:53 GMTx-konductor: 25.1.0-HOTFIXTIMECONSENT:bb9729eacx-adobe-edge: IRL1;6server: jagcontent-length: 0strict-transport-security: max-age=31536000; includeSubDomainscache-control: no-cache, no-store, max-age=0, no-transform, privatex-xss-protection: 1; mode=blockx-content-type-options: nosniffconnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundx-request-id: 4c6fcddc-f5ca-4de5-8cd7-3b1834180a3bvary: Origindate: Tue, 14 Jan 2025 23:17:54 GMTx-konductor: 25.1.0-HOTFIXTIMECONSENT:bb9729eacx-adobe-edge: IRL1;6server: jagcontent-length: 0strict-transport-security: max-age=31536000; includeSubDomainscache-control: no-cache, no-store, max-age=0, no-transform, privatex-xss-protection: 1; mode=blockx-content-type-options: nosniffconnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 14 Jan 2025 23:18:06 GMTContent-Type: text/plain;charset=UTF-8Content-Length: 13Connection: closeAccess-Control-Allow-Origin: access-control-allow-headers: access-control-allow-methods: timing-allow-origin: Strict-Transport-Security: max-age=15552000; includeSubDomainsX-Content-Type-Options: nosniffServer: cloudflareCF-RAY: 902157dfcade0fab-EWRalt-svc: h3=":443"; ma=86400

Source: chromecache_310.2.dr	String found in binary or memory: https://ad.doubleclick.net
Source: chromecache_243.2.dr, chromecache_289.2.dr, chromecache_213.2.dr, chromecache_310.2.dr	String found in binary or memory: https://ade.googlesyndication.com
Source: chromecache_310.2.dr	String found in binary or memory: https://adservice.google.com/pagead/regclk?
Source: chromecache_196.2.dr	String found in binary or memory: https://alb.reddit.com/rp.gif?event=PageVisit&id=t2_1upmecjq&ts=1736896669698&uuid=759d4eff-dbc3-45c
Source: chromecache_218.2.dr, chromecache_306.2.dr	String found in binary or memory: https://api.www.cloudflare.com/api/v1
Source: chromecache_171.2.dr, chromecache_245.2.dr	String found in binary or memory: https://app.qualified.com
Source: chromecache_205.2.dr, chromecache_257.2.dr	String found in binary or memory: https://assets.adobedtm.com/extensions/EPc7341b33570d4c988798fc9f0093d4b2/AppMeasurement.js
Source: chromecache_187.2.dr, chromecache_253.2.dr	String found in binary or memory: https://assets.adobedtm.com/extensions/EPc7341b33570d4c988798fc9f0093d4b2/AppMeasurement_Module_Acti
Source: chromecache_260.2.dr	String found in binary or memory: https://assets.adobedtm.com/f597f8065f97/065ba81630d7/8472fc7436be/RC1fcad5185a1b4a039b5df05c7d2b704
Source: chromecache_282.2.dr, chromecache_251.2.dr	String found in binary or memory: https://assets.adobedtm.com/f597f8065f97/065ba81630d7/8472fc7436be/RC392ad6d4bbf94c7283b4eda6cbf689a
Source: chromecache_228.2.dr, chromecache_296.2.dr	String found in binary or memory: https://assets.adobedtm.com/f597f8065f97/065ba81630d7/launch-efab6d095ce0.js
Source: chromecache_161.2.dr, chromecache_232.2.dr	String found in binary or memory: https://blog.cloudflare.com/cloudflare-waap-named-leader-gartner-magic-quadrant-2022/
Source: chromecache_243.2.dr, chromecache_313.2.dr, chromecache_290.2.dr, chromecache_289.2.dr, chromecache_213.2.dr, chromecache_310.2.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: chromecache_161.2.dr, chromecache_232.2.dr	String found in binary or memory: https://cf-assets.www.cloudflare.com/slt3lc6tev37/17RhepZZwxiD452Hs0gKFk/5324e2c81dcdef79c74efea2c60
Source: chromecache_247.2.dr	String found in binary or memory: https://cf-assets.www.cloudflare.com/slt3lc6tev37/2fMg89go9MegG1EDg39mNy/5a42817cd388ae352f77f56e53b
Source: chromecache_165.2.dr, chromecache_168.2.dr	String found in binary or memory: https://cf-assets.www.cloudflare.com/slt3lc6tev37/42XkFj9Uywkm8Jahf62RtP/0563d91cc1fa54da2bf2c50bad8
Source: chromecache_165.2.dr, chromecache_168.2.dr	String found in binary or memory: https://cf-assets.www.cloudflare.com/slt3lc6tev37/4sfL2iS6H10uq2waT6ehym/ad18b77fa469ce07f23d22e19ab
Source: chromecache_247.2.dr	String found in binary or memory: https://cf-assets.www.cloudflare.com/slt3lc6tev37/6bNeiYhSx0RGvbzxS5Fi8c/3ff83bcc36e86e85170201f8264
Source: chromecache_166.2.dr, chromecache_299.2.dr	String found in binary or memory: https://cf-assets.www.cloudflare.com/slt3lc6tev37/6i8d186tH2iueYvgwVRaJf/ab27fd31033bdd31aea69065480
Source: chromecache_166.2.dr, chromecache_299.2.dr	String found in binary or memory: https://cf-assets.www.cloudflare.com/slt3lc6tev37/mJZqOomHta2MLLB73P8Hs/9378861761815b3adf7bcb7734d6
Source: chromecache_281.2.dr, chromecache_170.2.dr, chromecache_234.2.dr, chromecache_235.2.dr	String found in binary or memory: https://developers.marketo.com/MunchkinLicense.pdf
Source: chromecache_203.2.dr	String found in binary or memory: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=18&expiry=1752535072&external_user_id=6c3d5ec
Source: chromecache_247.2.dr	String found in binary or memory: https://github.com/jonsuh/hamburgers
Source: chromecache_176.2.dr, chromecache_292.2.dr	String found in binary or memory: https://github.com/js-cookie/js-cookie
Source: chromecache_213.2.dr	String found in binary or memory: https://google.com
Source: chromecache_213.2.dr	String found in binary or memory: https://googleads.g.doubleclick.net
Source: chromecache_247.2.dr	String found in binary or memory: https://jonsuh.com/hamburgers
Source: chromecache_171.2.dr, chromecache_245.2.dr	String found in binary or memory: https://js.qualified.com
Source: chromecache_310.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: chromecache_243.2.dr, chromecache_313.2.dr, chromecache_290.2.dr, chromecache_289.2.dr, chromecache_213.2.dr, chromecache_310.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: chromecache_203.2.dr	String found in binary or memory: https://partners.tremorhub.com/sync?UIDM=6c3d5ec4-4f44-4751-8aa7-96a8643419ee
Source: chromecache_203.2.dr	String found in binary or memory: https://pixel.rubiconproject.com/tap.php?nid=5578&put=6c3d5ec4-4f44-4751-8aa7-96a8643419ee&v
Source: chromecache_196.2.dr	String found in binary or memory: https://px.ads.linkedin.com/collect/?fmt=js&v=2&url=https%3A%2F%2Fwww.cloudflare.com%2Flearning%2Fac
Source: chromecache_196.2.dr, chromecache_238.2.dr	String found in binary or memory: https://px.ads.linkedin.com/collect/?pid=28851&fmt=gif
Source: chromecache_171.2.dr, chromecache_245.2.dr	String found in binary or memory: https://schedule.qualified.com
Source: chromecache_232.2.dr, chromecache_247.2.dr	String found in binary or memory: https://schema.org/Answer
Source: chromecache_247.2.dr	String found in binary or memory: https://schema.org/FAQPage
Source: chromecache_232.2.dr, chromecache_247.2.dr	String found in binary or memory: https://schema.org/Question
Source: chromecache_196.2.dr, chromecache_238.2.dr	String found in binary or memory: https://scout-cdn.salesloft.com/sl.js
Source: chromecache_177.2.dr, chromecache_256.2.dr	String found in binary or memory: https://scout.us4.salesloft.com
Source: chromecache_196.2.dr, chromecache_238.2.dr	String found in binary or memory: https://snap.licdn.com/li.lms-analytics/insight.min.js
Source: chromecache_175.2.dr, chromecache_192.2.dr	String found in binary or memory: https://staging.mrk.cfdata.org/mrk/redwood-blade-repository/
Source: chromecache_196.2.dr	String found in binary or memory: https://static.ads-twitter.com/uwt.js
Source: chromecache_313.2.dr, chromecache_290.2.dr	String found in binary or memory: https://stats.g.doubleclick.net/g/collect
Source: chromecache_196.2.dr	String found in binary or memory: https://tag.demandbase.com/1be41a80498a5b73.min.js
Source: chromecache_243.2.dr, chromecache_313.2.dr, chromecache_290.2.dr, chromecache_289.2.dr, chromecache_213.2.dr, chromecache_310.2.dr	String found in binary or memory: https://td.doubleclick.net
Source: chromecache_218.2.dr, chromecache_306.2.dr	String found in binary or memory: https://www.cloudflare.com
Source: chromecache_304.2.dr, chromecache_215.2.dr	String found in binary or memory: https://www.cloudflare.com/5xx-error-landing
Source: chromecache_161.2.dr, chromecache_232.2.dr	String found in binary or memory: https://www.cloudflare.com/application-services/solutions/
Source: chromecache_161.2.dr, chromecache_232.2.dr	String found in binary or memory: https://www.cloudflare.com/application-services/solutions/app-performance-monitoring/
Source: chromecache_161.2.dr, chromecache_232.2.dr	String found in binary or memory: https://www.cloudflare.com/learning/access-management/how-to-implement-zero-trust/
Source: chromecache_304.2.dr, chromecache_215.2.dr	String found in binary or memory: https://www.cloudflare.com/learning/access-management/phishing-attack/
Source: chromecache_161.2.dr, chromecache_232.2.dr	String found in binary or memory: https://www.cloudflare.com/learning/security/glossary/what-is-zero-trust/
Source: chromecache_161.2.dr, chromecache_232.2.dr	String found in binary or memory: https://www.cloudflare.com/learning/security/what-is-data-exfiltration/
Source: chromecache_171.2.dr, chromecache_245.2.dr	String found in binary or memory: https://www.cloudflare.com/lp/multi-channel-phishing-demo?utm_medium=banner
Source: chromecache_161.2.dr, chromecache_232.2.dr	String found in binary or memory: https://www.cloudflare.com/network-services/solutions/enterprise-network-security/
Source: chromecache_161.2.dr, chromecache_232.2.dr	String found in binary or memory: https://www.cloudflare.com/network-services/solutions/network-monitoring-tools/
Source: chromecache_161.2.dr, chromecache_232.2.dr	String found in binary or memory: https://www.cloudflare.com/products/zero-trust/threat-defense/
Source: chromecache_259.2.dr, chromecache_204.2.dr	String found in binary or memory: https://www.cloudflare.com/saas/)
Source: chromecache_248.2.dr	String found in binary or memory: https://www.cloudflare.com/static/z/s.js?z=
Source: chromecache_238.2.dr	String found in binary or memory: https://www.cloudflare.com/static/z/t
Source: chromecache_161.2.dr, chromecache_232.2.dr	String found in binary or memory: https://www.cloudflare.com/zero-trust/
Source: chromecache_310.2.dr	String found in binary or memory: https://www.google.com
Source: chromecache_243.2.dr, chromecache_289.2.dr, chromecache_213.2.dr, chromecache_310.2.dr	String found in binary or memory: https://www.google.com/gmp/conversion/?
Source: chromecache_213.2.dr, chromecache_310.2.dr	String found in binary or memory: https://www.googleadservices.com
Source: chromecache_310.2.dr	String found in binary or memory: https://www.googletagmanager.com
Source: chromecache_313.2.dr, chromecache_290.2.dr, chromecache_289.2.dr, chromecache_213.2.dr	String found in binary or memory: https://www.googletagmanager.com/a?
Source: chromecache_243.2.dr, chromecache_289.2.dr, chromecache_213.2.dr, chromecache_310.2.dr	String found in binary or memory: https://www.googletagmanager.com/dclk/ns/v1.js
Source: chromecache_313.2.dr, chromecache_290.2.dr, chromecache_289.2.dr, chromecache_213.2.dr	String found in binary or memory: https://www.googletagmanager.com/static/service_worker/
Source: chromecache_313.2.dr, chromecache_290.2.dr	String found in binary or memory: https://www.merchant-center-analytics.goog

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51944
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51945
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51942
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51943
Source: unknown	Network traffic detected: HTTP traffic on port 52290 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51946
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51947
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51940
Source: unknown	Network traffic detected: HTTP traffic on port 51914 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51937 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52014 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 52335 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51955
Source: unknown	Network traffic detected: HTTP traffic on port 52186 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51953
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51954
Source: unknown	Network traffic detected: HTTP traffic on port 52002 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51957
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51958
Source: unknown	Network traffic detected: HTTP traffic on port 52048 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52323 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51952
Source: unknown	Network traffic detected: HTTP traffic on port 51995 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51926 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52221 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51964
Source: unknown	Network traffic detected: HTTP traffic on port 52141 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51968
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51969
Source: unknown	Network traffic detected: HTTP traffic on port 51973 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51996 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52061 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51962
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51963
Source: unknown	Network traffic detected: HTTP traffic on port 52231 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52174 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52197 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52129 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51925 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51975
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51976
Source: unknown	Network traffic detected: HTTP traffic on port 52300 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52163 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51970
Source: unknown	Network traffic detected: HTTP traffic on port 52025 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51973
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51974
Source: unknown	Network traffic detected: HTTP traffic on port 52152 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52118 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52036 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51962 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52336 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52176 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52130 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 52027 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51915
Source: unknown	Network traffic detected: HTTP traffic on port 52115 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52165 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51914
Source: unknown	Network traffic detected: HTTP traffic on port 51936 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51974 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52253 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49671 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52199 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52334 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51947 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52038 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52093 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51926
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51927
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51925
Source: unknown	Network traffic detected: HTTP traffic on port 51958 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52324 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51935 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52264 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51928
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51929
Source: unknown	Network traffic detected: HTTP traffic on port 51963 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 52094 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51937
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51938
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51935
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51936
Source: unknown	Network traffic detected: HTTP traffic on port 52060 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51930
Source: unknown	Network traffic detected: HTTP traffic on port 52198 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52015 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52131 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51939
Source: unknown	Network traffic detected: HTTP traffic on port 52137 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52108 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51975 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52326 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51946 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52092 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51957 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49700 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52126 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52298 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51964 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52338 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52183 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52160 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52234 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52000 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52058 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52305
Source: unknown	Network traffic detected: HTTP traffic on port 51976 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52306
Source: unknown	Network traffic detected: HTTP traffic on port 52138 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52309
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52300
Source: unknown	Network traffic detected: HTTP traffic on port 52194 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52325 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52149 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51987 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51945 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52162 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51988
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51989
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51987
Source: unknown	Network traffic detected: HTTP traffic on port 52001 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52047 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52288 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51982
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51983
Source: unknown	Network traffic detected: HTTP traffic on port 52316 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51988 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52056 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52079 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52222 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52245 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51991
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51990
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51995
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51996
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51993
Source: unknown	Network traffic detected: HTTP traffic on port 52327 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52150 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52013 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52139 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52068 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52012 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52035 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52337 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51944 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51955 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52184 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52289 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52315 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52057 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52118
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52234
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52110
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52231
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52111
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52115
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52236
Source: unknown	Network traffic detected: HTTP traffic on port 51990 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52077 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52008
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52129
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52009
Source: unknown	Network traffic detected: HTTP traffic on port 52111 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52031 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52295 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52002
Source: unknown	Network traffic detected: HTTP traffic on port 52192 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52214 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52245
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52000
Source: unknown	Network traffic detected: HTTP traffic on port 52157 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52001
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52122
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52248
Source: unknown	Network traffic detected: HTTP traffic on port 52306 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52125
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52126
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52247
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52130
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52131
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52252
Source: unknown	Network traffic detected: HTTP traffic on port 51989 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52284 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52181 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52317 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51943 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51954 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52328 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52019
Source: unknown	Network traffic detected: HTTP traffic on port 52305 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52330 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52248 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52135 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52013
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52014
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52135
Source: unknown	Network traffic detected: HTTP traffic on port 52215 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52253
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52012
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52017
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52138
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52139
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52015
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52136
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52016
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52137
Source: unknown	Network traffic detected: HTTP traffic on port 52090 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52141
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52021
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52263
Source: unknown	Network traffic detected: HTTP traffic on port 52180 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52008 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52145
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52025
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52264
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52028
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52149
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52029
Source: unknown	Network traffic detected: HTTP traffic on port 52067 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52147
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52027
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52270
Source: unknown	Network traffic detected: HTTP traffic on port 52019 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52031
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52152
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52274
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52150
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52271
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52030
Source: unknown	Network traffic detected: HTTP traffic on port 52110 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52318
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52319
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52316
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52317
Source: unknown	Network traffic detected: HTTP traffic on port 49676 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52310
Source: unknown	Network traffic detected: HTTP traffic on port 52009 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52236 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52315
Source: unknown	Network traffic detected: HTTP traffic on port 52213 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51942 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52339 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52021 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52329
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52206
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52327
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52328
Source: unknown	Network traffic detected: HTTP traffic on port 52109 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52274 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52136 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52321
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52322
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52320
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52325
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52205
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52326
Source: unknown	Network traffic detected: HTTP traffic on port 51953 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52202
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52323
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52324
Source: unknown	Network traffic detected: HTTP traffic on port 51991 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51968 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52147 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52225 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52076 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51929 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52338
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52339
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52332
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52333
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52330
Source: unknown	Network traffic detected: HTTP traffic on port 52193 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52331
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52215
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52336
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52337
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52213
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52334
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52214
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52335
Source: unknown	Network traffic detected: HTTP traffic on port 52125 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52065 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52224 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52318 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51930 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52054 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52109
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52108
Source: unknown	Network traffic detected: HTTP traffic on port 52159 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52247 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52222
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52221
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52224
Source: unknown	Network traffic detected: HTTP traffic on port 52329 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52225
Source: unknown	Network traffic detected: HTTP traffic on port 52202 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52028 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52079
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52077
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52198
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52199
Source: unknown	Network traffic detected: HTTP traffic on port 52252 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52063 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51952 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51969 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52270 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52052 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52178 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51970 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52017 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52093
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52094
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52092
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52097
Source: unknown	Network traffic detected: HTTP traffic on port 52154 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52096
Source: unknown	Network traffic detected: HTTP traffic on port 52263 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52097 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52090
Source: unknown	Network traffic detected: HTTP traffic on port 52177 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52320 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51939 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52016 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51982 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51940 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52333 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52293 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52064 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51993 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52166 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52206 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51928 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52319 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52030 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49700
Source: unknown	Network traffic detected: HTTP traffic on port 52294 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52271 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52035
Source: unknown	Network traffic detected: HTTP traffic on port 52179 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52322 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52157
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52036
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52154
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52038
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52159
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52160
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52163
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52284
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52041
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52162
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52283
Source: unknown	Network traffic detected: HTTP traffic on port 52096 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52331 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51927 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52288
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52047
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52289
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52165
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52166
Source: unknown	Network traffic detected: HTTP traffic on port 51915 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52048
Source: unknown	Network traffic detected: HTTP traffic on port 52041 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52290
Source: unknown	Network traffic detected: HTTP traffic on port 52122 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52174
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52295
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52054
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52293
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52052
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52294
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52057
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52178
Source: unknown	Network traffic detected: HTTP traffic on port 52309 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52058
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52179
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52176
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52056
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52177
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52298
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52060
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52181
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52061
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52180
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52064
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52065
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52186
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52183
Source: unknown	Network traffic detected: HTTP traffic on port 52283 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52063
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52184
Source: unknown	Network traffic detected: HTTP traffic on port 52310 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52205 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52029 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52068
Source: unknown	Network traffic detected: HTTP traffic on port 52321 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52067
Source: unknown	Network traffic detected: HTTP traffic on port 51938 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52192
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52193
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52076
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52197
Source: unknown	Network traffic detected: HTTP traffic on port 52145 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52194
Source: unknown	Network traffic detected: HTTP traffic on port 51983 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52332 -> 443

Source: classification engine

Classification label: mal68.phis.win@22/241@226/61

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2268 --field-trial-handle=2012,i,3801474200455821677,17563955628542786674,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://telemgram-rv.org/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2268 --field-trial-handle=2012,i,3801474200455821677,17563955628542786674,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	1 Drive-by Compromise	Windows Management Instrumentation	1 Browser Extensions	1 Process Injection	1 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	1 Registry Run Keys / Startup Folder	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	4 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	5 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	3 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
http://telemgram-rv.org/	100%	Avira URL Cloud	phishing

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

Source	Detection	Scanner	Label
https://scout.us4.salesloft.com	0%	Avira URL Cloud	safe
https://d37vlkgj6jn9t1.cloudfront.net/?test=2820656aa63ed5463d0abe7e0520dcbfeabdb8f499c7b5228388cc64e2036749&img=1&r=80949527	0%	Avira URL Cloud	safe
https://telemgram-rv.org/cdn-cgi/images/icon-exclamation.png?1376755637	100%	Avira URL Cloud	phishing
https://telemgram-rv.org/favicon.ico	100%	Avira URL Cloud	phishing

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
jsdelivr.map.fastly.net	151.101.1.229	true	false	high
benchmark.1e100cdn.net	35.190.26.57	true	false	high
prod-default.lb.logrocket.network	104.198.23.205	true	false	high
static.cloudflareinsights.com	104.16.79.73	true	false	high
benchmarks.cdn.compute-pipe.com	104.18.30.19	true	false	high
s.dsp-prod.demandbase.com	34.96.71.22	true	false	high
scout.us1.salesloft.com	35.153.197.139	true	false	high
d37vlkgj6jn9t1.cloudfront.net	3.161.75.24	true	false	unknown
platform.twitter.map.fastly.net	146.75.120.157	true	false	high
stats.g.doubleclick.net	66.102.1.157	true	false	high
ot.www.cloudflare.com	104.16.123.96	true	false	high
jsdelivr.b-cdn.net	169.150.247.37	true	false	high
tag.demandbase.com	18.245.46.89	true	false	high
t.co	162.159.140.229	true	false	high
performance.radar.cloudflare.com	104.18.31.78	true	false	high
serverless-benchmarks-js.compute-pipe.com	104.18.0.248	true	false	high
www.google.com	142.250.186.132	true	false	high
demdex.net.ssl.sc.omtrdc.net	63.140.62.27	true	false	high
serverless-benchmarks-rust.compute-pipe.com	104.18.0.248	true	false	high
api.www.cloudflare.com	104.16.123.96	true	false	high
dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com	54.229.91.192	true	false	high
partners-1864332697.us-east-1.elb.amazonaws.com	52.23.60.190	true	false	high
d1inq1x5xtur5k.cloudfront.net	13.32.121.78	true	false	unknown
cf-assets.www.cloudflare.com	104.16.123.96	true	false	high
id.rlcdn.com	35.244.174.68	true	false	high
ecp.map.fastly.net	151.101.1.51	true	false	high
tag-logger.demandbase.com	18.173.205.117	true	false	high
telemgram-rv.org	172.67.216.218	true	true	unknown
a.nel.cloudflare.com	35.190.80.1	true	false	high
s.twitter.com	104.244.42.3	true	false	high
js.qualified.com	104.18.16.5	true	false	high
ws6.qualified.com	104.18.16.5	true	false	high
prod.cedexis-ssl.map.fastly.net	151.101.2.6	true	false	high
ax-0001.ax-msedge.net	150.171.28.10	true	false	high
di.rlcdn.com	35.244.174.68	true	false	high
p36.cedexis-test.com.wsoversea.com	163.171.132.42	true	false	high
www.cloudflare.com	104.16.124.96	true	false	high
cdn.logr-ingest.com	104.21.80.1	true	false	high
reddit.map.fastly.net	151.101.1.140	true	false	high
dsum-sec.casalemedia.com	104.18.26.193	true	false	high
ptcfc.com	162.159.140.203	true	false	high
challenges.cloudflare.com	104.18.94.41	true	false	high
adobedc.net.ssl.sc.omtrdc.net	63.140.62.27	true	false	high
cs481.wpc.edgecastcdn.net	152.195.34.116	true	false	high
api.company-target.com	18.66.102.85	true	false	high
713-xsc-918.mktoresp.com	192.28.144.124	true	false	high
app.qualified.com	104.18.16.5	true	false	high
alb.reddit.com	unknown	unknown	false	high
static.ads-twitter.com	unknown	unknown	false	high
scout.salesloft.com	unknown	unknown	false	high
scout-cdn.salesloft.com	unknown	unknown	false	high
p36.cedexis-test.com	unknown	unknown	false	high
cm.everesttech.net	unknown	unknown	false	high
testingcf.jsdelivr.net	unknown	unknown	false	high
adobedc.demdex.net	unknown	unknown	false	high
p16999.cedexis-test.com	unknown	unknown	false	high
s.company-target.com	unknown	unknown	false	high
assets.adobedtm.com	unknown	unknown	false	high
pixel.rubiconproject.com	unknown	unknown	false	high
px.ads.linkedin.com	unknown	unknown	false	high
munchkin.marketo.net	unknown	unknown	false	high
r.logr-ingest.com	unknown	unknown	false	high
fastly.jsdelivr.net	unknown	unknown	false	high
partners.tremorhub.com	unknown	unknown	false	high
p29.cedexis-test.com	unknown	unknown	false	high
exactly-huge-arachnid.edgecompute.app	unknown	unknown	false	high
w3-reporting-nel.reddit.com	unknown	unknown	false	high
cdn.bizibly.com	unknown	unknown	false	high
cloudflareinc.demdex.net	unknown	unknown	false	high
cdn.bizible.com	unknown	unknown	false	high
dpm.demdex.net	unknown	unknown	false	high
uniquely-peaceful-hagfish.edgecompute.app	unknown	unknown	false	high
www.linkedin.com	unknown	unknown	false	high
analytics.twitter.com	unknown	unknown	false	high
snap.licdn.com	unknown	unknown	false	high
fastly.cedexis-test.com	unknown	unknown	false	high
edge.adobedc.net	unknown	unknown	false	high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://www.cloudflare.com/learning/access-management/phishing-attack/	false		high
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015	false		high
https://www.cloudflare.com/page-data/learning/access-management/what-is-identity-and-access-management/page-data.json	false		high
https://p29.cedexis-test.com/img/r20-100KB.png?r=37960703	false		high
https://id.rlcdn.com/464526.gif	false		high
https://www.cloudflare.com/component---src-components-page-page-template-tsx-c7ec2b92ba43b220ad2d.js	false		high
https://cloudflareinc.demdex.net/dest5.html?d_nsid=0	false		high
https://app.qualified.com/w/1/37pXYrro6wCZbsU7/events/trace	false		high
https://ot.www.cloudflare.com/public/vendor/onetrust/scripttemplates/202407.2.0/otBannerSdk.js	false		high
https://benchmarks.cdn.compute-pipe.com/r20-100KB.png?r=6350829	false		high
https://w3-reporting-nel.reddit.com/reports	false		high
https://www.cloudflare.com/static/z/i.js	false		high
https://exactly-huge-arachnid.edgecompute.app/?test=2820656aa63ed5463d0abe7e0520dcbfeabdb8f499c7b5228388cc64e2036749&img=1&r=14390436	false		high
https://analytics.twitter.com/1/i/adsct?bci=4&dv=America%2FNew_York%26en-US%2Cen%26Google%20Inc.%26Win32%26255%261280%261024%264%2624%261280%26984%260%26na&eci=3&event=%7B%7D&event_id=53d284f1-d386-4183-8364-7efdf7e9923a&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=4429b130-cd6b-4510-8bf2-4c2448e7ada6&restricted_data_use=restrict_optimization&tw_document_href=https%3A%2F%2Fwww.cloudflare.com%2Flearning%2Faccess-management%2Fphishing-attack%2F&tw_iframe_status=0&txn_id=nvldc&type=javascript&version=2.3.31	false		high
https://r.logr-ingest.com/i?a=ykolez%2Fcloudflarecom&r=6-0194671b-e0c3-716f-88a8-80247edb67e7&t=ccd552f2-44cf-4402-bedf-8c24c6836fa5&s=0&u=d838ad04-0dba-4306-a6bd-1ee1d548a62c&is=1&rs=0%2Cu	false		high
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/90215774796543dd/1736896670729/2izN7ey23nDhtAD	false		high
https://a.nel.cloudflare.com/report/v4?s=EKo709iALXQLIJLmHJRCS%2BmWqs2hZXRLXqMIS5FIWjYwdbwM5iUpa4vjfVMC%2F87%2FM2FMfInmXIto71AoMBlovmEgOYrj1c3OqxZ7gWkgl%2F78bFMuO0HsWxBsSoCYSlNOIWltKyJG884%3D	false		high
https://www.cloudflare.com/page-data/sq/d/3934964512.json	false		high
https://cdn.logr-ingest.com/logger-1.min.js	false		high
https://www.cloudflare.com/page-data/plans/page-data.json	false		high
https://scout.salesloft.com/i	false		high
https://challenges.cloudflare.com/turnstile/v0/b/e0c90b6a3ed1/api.js	false		high
https://tag.demandbase.com/1be41a80498a5b73.min.js	false		high
https://performance.radar.cloudflare.com/api/beacon	false		high
https://adobedc.demdex.net/ee/v1/identity/acquire?configId=715c679b-19c8-4402-8093-423571ad58c4&requestId=47cd7f05-23e8-47a0-84a0-e75a8cee1e48	false		high
https://cf-assets.www.cloudflare.com/slt3lc6tev37/6bNeiYhSx0RGvbzxS5Fi8c/3ff83bcc36e86e85170201f8264b2c1c/banner-new.png	false		high
https://www.cloudflare.com/page-data/plans/enterprise/contact/page-data.json	false		high
https://api.www.cloudflare.com/api/v1/marketo/form/2459	false		high
https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=8AD56F28618A50850A495FB6%40AdobeOrg&d_nsid=0&ts=1736896669265	false		high
https://www.cloudflare.com/img/learning/security/threats/phishing-attack/diagram-phishing-attack.png	false		high
https://fastly.cedexis-test.com/img/20367/r20-100KB.png?r=17749553	false		high
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=90215774796543dd&lang=auto	false		high
https://www.cloudflare.com/a06cff934e9579536ce1c10bad21c1d6d7f63ae0-90484db4602d401d94ca.js	false		high
https://api.company-target.com/api/v3/ip.json?referrer=https%3A%2F%2Ftelemgram-rv.org%2F&page=https%3A%2F%2Fwww.cloudflare.com%2Flearning%2Faccess-management%2Fphishing-attack%2F&page_title=What%20is%20a%20phishing%20attack%3F%20%7C%20Cloudflare	false		high
https://fastly.jsdelivr.net/gh/jimaek/testobjects@0.0.1/r20-100KB.png?r=59346551	false		high
https://alb.reddit.com/rp.gif?event=PageVisit&id=t2_1upmecjq&ts=1736896669698&uuid=759d4eff-dbc3-45c9-af90-f5bb5d086826&integration=reddit&opt_out=0&v=rdt_65e23bc4&sh=1024&sw=1280	false		high
https://serverless-benchmarks-js.compute-pipe.com/?test=2820656aa63ed5463d0abe7e0520dcbfeabdb8f499c7b5228388cc64e2036749&img=1&r=45381774	false		high
https://static.ads-twitter.com/uwt.js	false		high
https://www.cloudflare.com/174-242772ef10d8d161ae24.js	false		high
https://713-xsc-918.mktoresp.com/webevents/visitWebPage?_mchNc=1736896671200&_mchCn=&_mchId=713-XSC-918&_mchTk=_mch-cloudflare.com-8ff5adef3fe3ea948f9c17913b559789&_mchHo=www.cloudflare.com&_mchPo=&_mchRu=%2Flearning%2Faccess-management%2Fphishing-attack%2F&_mchPc=https%3A&_mchVr=164&_mchEcid=8AD56F28618A50850A495FB6%40AdobeOrg%3A6%3A84066600415956217832380584489059136826&_mchHa=&_mchRe=https%3A%2F%2Ftelemgram-rv.org%2F&_mchQp=	false		high
https://serverless-benchmarks-rust.compute-pipe.com/?test=2820656aa63ed5463d0abe7e0520dcbfeabdb8f499c7b5228388cc64e2036749&img=1&r=3846049	false		high
https://telemgram-rv.org/cdn-cgi/images/icon-exclamation.png?1376755637	false	Avira URL Cloud: phishing	unknown
https://www.cloudflare.com/app-9b4cbf0f5c3a56b8766d.js	false		high
https://www.cloudflare.com/static/z/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyV2hhdCUyMGlzJTIwYSUyMHBoaXNoaW5nJTIwYXR0YWNrJTNGJTIwJTdDJTIwQ2xvdWRmbGFyZSUyMiUyQyUyMnglMjIlM0EwLjI4NTkzNDkzMjU1ODA2JTJDJTIydyUyMiUzQTEyODAlMkMlMjJoJTIyJTNBMTAyNCUyQyUyMmolMjIlM0E5MDclMkMlMjJlJTIyJTNBMTI4MCUyQyUyMmwlMjIlM0ElMjJodHRwcyUzQSUyRiUyRnd3dy5jbG91ZGZsYXJlLmNvbSUyRmxlYXJuaW5nJTJGYWNjZXNzLW1hbmFnZW1lbnQlMkZwaGlzaGluZy1hdHRhY2slMkYlMjIlMkMlMjJyJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZ0ZWxlbWdyYW0tcnYub3JnJTJGJTIyJTJDJTIyayUyMiUzQTI0JTJDJTIybiUyMiUzQSUyMlVURi04JTIyJTJDJTIybyUyMiUzQTMwMCUyQyUyMnElMjIlM0ElNUIlNUQlN0Q=	false		high
https://jsdelivr.b-cdn.net/gh/jimaek/testobjects@0.0.1/r20-100KB.png?r=20101793	false		high
https://p36.cedexis-test.com/img/17653/r20-100KB.png?r=10725371	false		high
https://d37vlkgj6jn9t1.cloudfront.net/?test=2820656aa63ed5463d0abe7e0520dcbfeabdb8f499c7b5228388cc64e2036749&img=1&r=80949527	false	Avira URL Cloud: safe	unknown
https://www.cloudflare.com/page-data/app-data.json	false		high
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&v=1&_v=j86&tid=G-PGV1K2BN4M&cid=53ce1176-1c68-44d5-9ee7-a8073a639e9e&_u=KGDAAEADQAAAAC%7E&z=1556212052&slf_rd=1	false		high
https://di.rlcdn.com/710030.gif?pdata=d=desktop,lc=US,ref=telemgram-rv.org	false		high
https://benchmark.1e100cdn.net/r20-100KB.png?r=449292	false		high
https://a.nel.cloudflare.com/report/v4?s=VBcGoeL1ysNQw8iuDL0VocMKmKrTHP4FXnV6Z3NNOrnuqG6kaCO4GW7pZzPYEhL4gb%2FDrctRAnFTNwCIRzdUOQ4GAqd%2FOi50DHUBJPqiTdNabDL1aFaYi8BUHujVvGIudKzGQPv6gi4%3D	false		high
https://ws6.qualified.com/cable?wv=9&token=37pXYrro6wCZbsU7&vu=0df18161-6c9c-4dc2-8b51-6eeeffacee7f&wu=6e1042b9-d6e6-4abf-a189-c9f87c70ac34&ca=2025-01-14T23%3A17%3A51.065Z&tz=America%2FNew_York&bis=5&referrer=https%3A%2F%2Ftelemgram-rv.org%2F&pv=1&fv=2025-01-14-960c1486b9&iml=false&bl=en-US&ic=true	false		high
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Z4bwnwAAAB0s_gO5	false		high
https://stats.g.doubleclick.net/g/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=G-PGV1K2BN4M&cid=53ce1176-1c68-44d5-9ee7-a8073a639e9e&_u=KGDAAEADQAAAAC%7E&z=1556212052	false		high
https://p16999.cedexis-test.com/img/16999/r20-100KB.png?r=71586602	false		high
https://www.cloudflare.com/cdn-cgi/rum?	false		high
https://www.cloudflare.com/webpack-runtime-4c72ecef988f809df573.js	false		high
https://www.cloudflare.com/page-data/sq/d/3199558980.json	false		high
https://performance.radar.cloudflare.com/beacon.js	false		high
https://ptcfc.com/img/284/r20-100KB.png?r=98758669	false		high
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1579256893:1736892778:tqI2Sa1A0s4ziart4mkk6J5dNr20RSuPTS-7nKHdo88/90215774796543dd/PwAjIcJFkXWv3EQon.gGyTLMG4rsWEerXLQe7EbzfEg-1736896668-1.1.1.1-NQu_qgTjVYPiNvROXTRxWgySJh7Cgu41IWMV73NZlv8uuT96HQON8dDicpWGjEDf	false		high
https://telemgram-rv.org/favicon.ico	false	Avira URL Cloud: phishing	unknown
https://edge.adobedc.net/ee/irl1/v1/interact?configId=715c679b-19c8-4402-8093-423571ad58c4&requestId=4c6fcddc-f5ca-4de5-8cd7-3b1834180a3b	false		high
https://s.company-target.com/s/sync?exc=lr	false		high
https://www.cloudflare.com/page-data/learning/access-management/what-is-sase/page-data.json	false		high
https://ot.www.cloudflare.com/public/vendor/onetrust/consent/b1e05d49-f072-4bae-9116-bdb78af15448/b1e05d49-f072-4bae-9116-bdb78af15448.json	false		high
https://js.qualified.com/qualified.js?token=37pXYrro6wCZbsU7	false		high

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://stats.g.doubleclick.net/g/collect	chromecache_313.2.dr, chromecache_290.2.dr	false		high
https://www.cloudflare.com/network-services/solutions/network-monitoring-tools/	chromecache_161.2.dr, chromecache_232.2.dr	false		high
https://px.ads.linkedin.com/collect/?pid=28851&fmt=gif	chromecache_196.2.dr, chromecache_238.2.dr	false		high
https://www.cloudflare.com/network-services/solutions/enterprise-network-security/	chromecache_161.2.dr, chromecache_232.2.dr	false		high
https://cf-assets.www.cloudflare.com/slt3lc6tev37/6i8d186tH2iueYvgwVRaJf/ab27fd31033bdd31aea69065480	chromecache_166.2.dr, chromecache_299.2.dr	false		high
https://www.cloudflare.com/saas/)	chromecache_259.2.dr, chromecache_204.2.dr	false		high
https://assets.adobedtm.com/extensions/EPc7341b33570d4c988798fc9f0093d4b2/AppMeasurement_Module_Acti	chromecache_187.2.dr, chromecache_253.2.dr	false		high
https://cf-assets.www.cloudflare.com/slt3lc6tev37/4sfL2iS6H10uq2waT6ehym/ad18b77fa469ce07f23d22e19ab	chromecache_165.2.dr, chromecache_168.2.dr	false		high
https://www.cloudflare.com/learning/security/glossary/what-is-zero-trust/	chromecache_161.2.dr, chromecache_232.2.dr	false		high
https://www.google.com	chromecache_310.2.dr	false		high
https://www.cloudflare.com/learning/access-management/how-to-implement-zero-trust/	chromecache_161.2.dr, chromecache_232.2.dr	false		high
https://schema.org/FAQPage	chromecache_247.2.dr	false		high
https://www.cloudflare.com/learning/security/what-is-data-exfiltration/	chromecache_161.2.dr, chromecache_232.2.dr	false		high
https://cf-assets.www.cloudflare.com/slt3lc6tev37/42XkFj9Uywkm8Jahf62RtP/0563d91cc1fa54da2bf2c50bad8	chromecache_165.2.dr, chromecache_168.2.dr	false		high
https://scout.us4.salesloft.com	chromecache_177.2.dr, chromecache_256.2.dr	false	Avira URL Cloud: safe	unknown
https://www.cloudflare.com/zero-trust/	chromecache_161.2.dr, chromecache_232.2.dr	false		high
https://schema.org/Answer	chromecache_232.2.dr, chromecache_247.2.dr	false		high
https://blog.cloudflare.com/cloudflare-waap-named-leader-gartner-magic-quadrant-2022/	chromecache_161.2.dr, chromecache_232.2.dr	false		high
https://cf-assets.www.cloudflare.com/slt3lc6tev37/6bNeiYhSx0RGvbzxS5Fi8c/3ff83bcc36e86e85170201f8264	chromecache_247.2.dr	false		high
https://www.cloudflare.com/static/z/s.js?z=	chromecache_248.2.dr	false		high
https://www.cloudflare.com	chromecache_218.2.dr, chromecache_306.2.dr	false		high
https://cf-assets.www.cloudflare.com/slt3lc6tev37/17RhepZZwxiD452Hs0gKFk/5324e2c81dcdef79c74efea2c60	chromecache_161.2.dr, chromecache_232.2.dr	false		high
https://cct.google/taggy/agent.js	chromecache_243.2.dr, chromecache_313.2.dr, chromecache_290.2.dr, chromecache_289.2.dr, chromecache_213.2.dr, chromecache_310.2.dr	false		high
https://scout-cdn.salesloft.com/sl.js	chromecache_196.2.dr, chromecache_238.2.dr	false		high
https://www.cloudflare.com/5xx-error-landing	chromecache_304.2.dr, chromecache_215.2.dr	false		high
https://developers.marketo.com/MunchkinLicense.pdf	chromecache_281.2.dr, chromecache_170.2.dr, chromecache_234.2.dr, chromecache_235.2.dr	false		high
https://github.com/js-cookie/js-cookie	chromecache_176.2.dr, chromecache_292.2.dr	false		high
https://staging.mrk.cfdata.org/mrk/redwood-blade-repository/	chromecache_175.2.dr, chromecache_192.2.dr	false		high
https://alb.reddit.com/rp.gif?event=PageVisit&id=t2_1upmecjq&ts=1736896669698&uuid=759d4eff-dbc3-45c	chromecache_196.2.dr	false		high
https://js.qualified.com	chromecache_171.2.dr, chromecache_245.2.dr	false		high
https://assets.adobedtm.com/f597f8065f97/065ba81630d7/launch-efab6d095ce0.js	chromecache_228.2.dr, chromecache_296.2.dr	false		high
https://www.cloudflare.com/lp/multi-channel-phishing-demo?utm_medium=banner	chromecache_171.2.dr, chromecache_245.2.dr	false		high

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
104.18.0.248	serverless-benchmarks-js.compute-pipe.com	United States	13335	CLOUDFLARENETUS	false
192.28.144.124	713-xsc-918.mktoresp.com	United States	15224	OMNITUREUS	false
151.101.1.51	ecp.map.fastly.net	United States	54113	FASTLYUS	false
52.23.60.190	partners-1864332697.us-east-1.elb.amazonaws.com	United States	14618	AMAZON-AESUS	false
169.150.247.39	unknown	United States	2711	SPIRITTEL-ASUS	false
104.21.80.1	cdn.logr-ingest.com	United States	13335	CLOUDFLARENETUS	false
169.150.247.37	jsdelivr.b-cdn.net	United States	2711	SPIRITTEL-ASUS	false
66.102.1.157	stats.g.doubleclick.net	United States	15169	GOOGLEUS	false
104.198.23.205	prod-default.lb.logrocket.network	United States	15169	GOOGLEUS	false
18.173.205.127	unknown	United States	3	MIT-GATEWAYSUS	false
35.190.80.1	a.nel.cloudflare.com	United States	15169	GOOGLEUS	false
3.222.176.75	unknown	United States	14618	AMAZON-AESUS	false
104.16.124.96	www.cloudflare.com	United States	13335	CLOUDFLARENETUS	false
18.245.46.89	tag.demandbase.com	United States	16509	AMAZON-02US	false
3.161.75.24	d37vlkgj6jn9t1.cloudfront.net	United States	16509	AMAZON-02US	false
162.159.140.229	t.co	United States	13335	CLOUDFLARENETUS	false
34.96.71.22	s.dsp-prod.demandbase.com	United States	15169	GOOGLEUS	false
104.21.16.237	unknown	United States	13335	CLOUDFLARENETUS	false
104.18.95.41	unknown	United States	13335	CLOUDFLARENETUS	false
63.140.62.17	unknown	United States	15224	OMNITUREUS	false
13.32.121.78	d1inq1x5xtur5k.cloudfront.net	United States	16509	AMAZON-02US	false
104.18.16.5	js.qualified.com	United States	13335	CLOUDFLARENETUS	false
54.77.158.239	unknown	United States	16509	AMAZON-02US	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
35.190.26.57	benchmark.1e100cdn.net	United States	15169	GOOGLEUS	false
104.18.31.78	performance.radar.cloudflare.com	United States	13335	CLOUDFLARENETUS	false
146.75.120.157	platform.twitter.map.fastly.net	Sweden	30051	SCCGOVUS	false
172.66.0.201	unknown	United States	13335	CLOUDFLARENETUS	false
35.244.174.68	id.rlcdn.com	United States	15169	GOOGLEUS	false
18.66.102.75	unknown	United States	3	MIT-GATEWAYSUS	false
216.58.212.164	unknown	United States	15169	GOOGLEUS	false
104.18.94.41	challenges.cloudflare.com	United States	13335	CLOUDFLARENETUS	false
152.195.34.116	cs481.wpc.edgecastcdn.net	United States	15133	EDGECASTUS	false
54.76.51.91	unknown	United States	16509	AMAZON-02US	false
35.153.197.139	scout.us1.salesloft.com	United States	14618	AMAZON-AESUS	false
63.140.62.27	demdex.net.ssl.sc.omtrdc.net	United States	15224	OMNITUREUS	false
163.171.132.42	p36.cedexis-test.com.wsoversea.com	European Union	54994	QUANTILNETWORKSUS	false
151.101.2.6	prod.cedexis-ssl.map.fastly.net	United States	54113	FASTLYUS	false
104.21.96.1	unknown	United States	13335	CLOUDFLARENETUS	false
172.67.216.218	telemgram-rv.org	United States	13335	CLOUDFLARENETUS	true
104.18.30.19	benchmarks.cdn.compute-pipe.com	United States	13335	CLOUDFLARENETUS	false
142.250.186.132	www.google.com	United States	15169	GOOGLEUS	false
18.245.46.25	unknown	United States	16509	AMAZON-02US	false
3.161.75.41	unknown	United States	16509	AMAZON-02US	false
104.16.79.73	static.cloudflareinsights.com	United States	13335	CLOUDFLARENETUS	false
18.66.102.85	api.company-target.com	United States	3	MIT-GATEWAYSUS	false
151.101.1.229	jsdelivr.map.fastly.net	United States	54113	FASTLYUS	false
162.159.140.203	ptcfc.com	United States	13335	CLOUDFLARENETUS	false
104.244.42.67	unknown	United States	13414	TWITTERUS	false
54.229.91.192	dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com	United States	16509	AMAZON-02US	false
104.18.26.193	dsum-sec.casalemedia.com	United States	13335	CLOUDFLARENETUS	false
104.244.42.3	s.twitter.com	United States	13414	TWITTERUS	false
151.101.1.140	reddit.map.fastly.net	United States	54113	FASTLYUS	false
216.58.206.68	unknown	United States	15169	GOOGLEUS	false
104.18.17.5	unknown	United States	13335	CLOUDFLARENETUS	false
18.173.205.117	tag-logger.demandbase.com	United States	3	MIT-GATEWAYSUS	false
65.9.66.27	unknown	United States	16509	AMAZON-02US	false
172.66.0.227	unknown	United States	13335	CLOUDFLARENETUS	false
104.16.123.96	ot.www.cloudflare.com	United States	13335	CLOUDFLARENETUS	false

Private

IP
192.168.2.4
192.168.2.11

General Information

Joe Sandbox version:	42.0.0 Malachite
Analysis ID:	1591406
Start date and time:	2025-01-15 00:16:17 +01:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 4m 20s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	http://telemgram-rv.org/
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	10
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal68.phis.win@22/241@226/61
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, SIHClient.exe, conhost.exe, backgroundTaskHost.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 142.250.184.227, 142.250.185.142, 74.125.71.84, 142.250.185.110, 142.250.184.238, 142.250.184.206, 199.232.214.172, 2.17.190.73, 216.58.212.174, 142.250.74.206, 104.18.186.31, 104.18.187.31, 2.23.227.143, 2.23.227.131, 142.250.185.168, 2.23.241.90, 142.250.185.138, 142.250.186.42, 142.250.186.74, 216.58.206.74, 142.250.185.202, 172.217.18.106, 142.250.186.106, 216.58.212.138, 142.250.181.234, 172.217.16.202, 142.250.184.234, 142.250.185.74, 142.250.186.170, 142.250.185.234, 216.58.206.42, 142.250.185.170, 88.221.110.227, 88.221.110.136, 104.16.71.105, 104.16.72.105, 13.107.42.14, 2.16.168.121, 2.16.168.109, 104.102.43.106, 184.28.89.29, 172.217.16.200, 142.250.185.98, 34.255.64.61, 34.255.155.228, 54.75.135.140, 2.16.168.107, 2.16.168.112, 172.64.146.215, 104.18.41.41, 69.173.144.165, 69.173.144.138, 69.173.144.139, 2.20.245.133, 2.20.245.136, 142.250.186.174, 2.16.168.219, 2.16.168.196, 142.250.186.46, 172.217.18.110, 216.58.206.67, 142.250.181.226, 142.250.185.66, 1
Excluded domains from analysis (whitelisted): pixel.rubiconproject.net.akadns.net, slscr.update.microsoft.com, testingcf.jsdelivr.net.cdn.cloudflare.net, cn-assets.adobedtm.com.edgekey.net, scout-cdn.salesloft.com.cdn.cloudflare.net, clientservices.googleapis.com, e10776.b.akamaiedge.net, wildcard.marketo.net.edgekey.net, dns.msftncsi.com, l-0005.l-msedge.net, essl-cdxs.edgekey.net, clients2.google.com, ade.googlesyndication.com, ocsp.digicert.com, redirector.gvt1.com, cdn.bizible.com.edgesuite.net, www.googletagmanager.com, cedexis-test.akamaized.net, e31668.dsca.akamaiedge.net, bat.bing.com, update.googleapis.com, www-linkedin-com.l-0005.l-msedge.net, a798.dscd.akamai.net, a1851.dscw121.akamai.net, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, otelrules.azureedge.net, cm.everesttech.net.akadns.net, ctldl.windowsupdate.com, pagead2.googlesyndication.com, od.linkedin.edgesuite.net, cedexis-ssl.wpc.apr-b30d.edgecastdns.net, fe3cr.delivery.mp.microsoft.com, www.linkedin.com.cdn.cloudfl
HTTPS sessions have been limited to 150. Please view the PCAPs for the complete data.
Not all processes where analyzed, report is missing behavior information
Report size exceeded maximum capacity and may have missing network information.
Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
VT rate limit hit for: http://telemgram-rv.org/

Simulations

Behavior and APIs

⊘No simulations

LLM Input / Output

Input	Output
URL: http://telemgram-rv.org Model: Joe Sandbox AI	{ "typosquatting": true, "unusual_query_string": false, "suspicious_tld": false, "ip_in_url": false, "long_subdomain": false, "malicious_keywords": false, "encoded_characters": false, "redirection": false, "contains_email_address": false, "known_domain": false, "brand_spoofing_attempt": true, "third_party_hosting": true }
URL: http://telemgram-rv.org
URL: https://telemgram-rv.org/... Model: Joe Sandbox AI	{ "risk_score": 1, "reasoning": "This script checks if cookies are enabled in the user's browser and displays a cookie alert if they are not. This is a common practice to inform users about cookie usage and does not demonstrate any high-risk behaviors." }
if (!navigator.cookieEnabled) { window.addEventListener('DOMContentLoaded', function () { var cookieEl = document.getElementById('cookie-alert'); cookieEl.style.display = 'block'; }) }
URL: https://telemgram-rv.org/ Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "Suspected Phishing", "prominent_button_name": "Learn More", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": true, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": true }

URL: https://www.cloudflare.com/learning/access-management/phishing-attack/ Model: Joe Sandbox AI	{ "contains_trigger_text": false, "trigger_text": "unknown", "prominent_button_name": "unknown", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://telemgram-rv.org/ Model: Joe Sandbox AI	{ "brands": "unknown" }
	{ "brands": "unknown" }
URL: https://www.cloudflare.com/learning/access-management/phishing-attack/ Model: Joe Sandbox AI	{ "brands": [ "Cloudflare" ] }
	{ "brands": [ "Cloudflare" ] }
URL: https://www.cloudflare.com/learning/access-management/phishing-attack/ Model: Joe Sandbox AI	{ "contains_trigger_text": false, "trigger_text": "unknown", "prominent_button_name": "unknown", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://www.cloudflare.com/learning/access-management/phishing-attack/ Model: Joe Sandbox AI	{ "brands": [ "Cloudflare" ] }
	{ "brands": [ "Cloudflare" ] }
URL: https://www.cloudflare.com/learning/access-management/phishing-attack/ Model: Joe Sandbox AI	{ "contains_trigger_text": false, "trigger_text": "unknown", "prominent_button_name": "unknown", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false } The provided image appears to be a webpage from Cloudflare that discusses what a phishing attack is. It does not contain any visible trigger text, prominent buttons, text input fields, PDF icons, CAPTCHAs, urgent text, QR codes, Chinese text, or fake security alerts. The page appears to be informational in nature, providing an overview of phishing attacks.

URL: https://www.cloudflare.com/learning/access-management/phishing-attack/ Model: Joe Sandbox AI	{ "brands": [ "Cloudflare" ] }
	{ "brands": [ "Cloudflare" ] }

Joe Sandbox View / Context

IPs

⊘No context

Domains

⊘No context

ASNs

⊘No context

JA3 Fingerprints

⊘No context

Dropped Files

⊘No context

Source: https://telemgram-rv.org/cdn-cgi/images/icon-exclamation.png?1376755637	Avira URL Cloud: Label: phishing
Source: https://telemgram-rv.org/favicon.ico	Avira URL Cloud: Label: phishing

Source: Yara match	File source: 1.0.pages.csv, type: HTML
Source: Yara match	File source: dropped/chromecache_304, type: DROPPED
Source: Yara match	File source: dropped/chromecache_215, type: DROPPED

Source: URL	Joe Sandbox AI: AI detected Brand spoofing attempt in URL: http://telemgram-rv.org
Source: URL	Joe Sandbox AI: AI detected Typosquatting in URL: http://telemgram-rv.org

Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: Iframe src: https://cloudflareinc.demdex.net/dest5.html?d_nsid=0#https%3A%2F%2Fwww.cloudflare.com
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: Iframe src: https://cloudflareinc.demdex.net/dest5.html?d_nsid=0#https%3A%2F%2Fwww.cloudflare.com
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: Iframe src: https://s.company-target.com/s/sync?exc=lr
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: Iframe src: https://cloudflareinc.demdex.net/dest5.html?d_nsid=0#https%3A%2F%2Fwww.cloudflare.com
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: Iframe src: https://s.company-target.com/s/sync?exc=lr
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: Iframe src: https://cloudflareinc.demdex.net/dest5.html?d_nsid=0#https%3A%2F%2Fwww.cloudflare.com
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: Iframe src: https://s.company-target.com/s/sync?exc=lr
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: Iframe src: https://cloudflareinc.demdex.net/dest5.html?d_nsid=0#https%3A%2F%2Fwww.cloudflare.com
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: Iframe src: https://s.company-target.com/s/sync?exc=lr

Source: https://telemgram-rv.org/	HTTP Parser: No favicon
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: No favicon
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: No favicon
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: No favicon
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: No favicon
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: No favicon
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: No favicon
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: No favicon
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: No favicon
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: No favicon
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: No favicon

Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: No <meta name="author".. found
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: No <meta name="author".. found
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: No <meta name="author".. found
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: No <meta name="author".. found
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: No <meta name="author".. found
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: No <meta name="author".. found

Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: No <meta name="copyright".. found
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: No <meta name="copyright".. found
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: No <meta name="copyright".. found
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: No <meta name="copyright".. found
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: No <meta name="copyright".. found
Source: https://www.cloudflare.com/learning/access-management/phishing-attack/	HTTP Parser: No <meta name="copyright".. found

Source: global traffic	TCP traffic: 192.168.2.11:52085 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.11:51888 -> 1.1.1.1:53

Source: Network traffic	Suricata IDS: 2022112 - Severity 1 - ET EXPLOIT_KIT Possible Nuclear EK Landing Nov 17 2015 : 192.168.2.11:52093 -> 162.159.140.229:443
Source: Network traffic	Suricata IDS: 2022112 - Severity 1 - ET EXPLOIT_KIT Possible Nuclear EK Landing Nov 17 2015 : 192.168.2.11:52096 -> 104.244.42.3:443
Source: Network traffic	Suricata IDS: 2022112 - Severity 1 - ET EXPLOIT_KIT Possible Nuclear EK Landing Nov 17 2015 : 192.168.2.11:52130 -> 104.18.26.193:443

Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.3
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.3
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.42
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.42
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.3
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.3
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.3
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.3
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.42
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.42
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.42
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.3
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: chromecache_196.2.dr	String found in binary or memory: -->`;document.body.appendChild(d);};{\n!function(e,t,n,s,u,a){e.twq\|\|(s=e.twq=function(){s.exe?s.exe.apply(s,arguments):s.queue.push(arguments);\n},s.version='1.1',s.queue=[],u=t.createElement(n),u.async=!0,u.src='https://static.ads-twitter.com/uwt.js',\na=t.getElementsByTagName(n)[0],a.parentNode.insertBefore(u,a))}(window,document,'script');\n// Insert Twitter Advertiser ID\ntwq('config','nvldc', {\n restricted_data_use: 'restrict_optimization' // or 'off'\n});\n};{const d = document.createElement('div');d.innerHTML = `<!-- Qualified -->\n\n\n<!-- End Qualified -->`;document.body.appendChild(d);};{\n(function(w,q){w['QualifiedObject']=q;w[q]=w[q]\|\|function(){\n(w[q].q=w[q].q\|\|[]).push(arguments)};})(window,'qualified')\n\n};{const el = document.createElement('script');Object.entries(JSON.parse(decodeURIComponent(`%7B%22async%22%3A%22%22%2C%22src%22%3A%22https%3A%2F%2Fjs.qualified.com%2Fqualified.js%3Ftoken%3D37pXYrro6wCZbsU7%22%2C%22onload%22%3A%22%7Bdocument.dispatchEvent(new%20Event(%5C%22loaded-a5063daa-9cb6-45ad-a7a5-b926d6ed7ce0%5C%22))%7D%22%2C%22order-id%22%3A%22a5063daa-9cb6-45ad-a7a5-b926d6ed7ce0%22%7D`))).forEach(([k, v]) => {el.setAttribute(k, v);});document.head.appendChild(el);};{const d = document.createElement('div');d.innerHTML = ``;document.body.appendChild(d);};{\n(function() {\n var didInit = false;\n function initMunchkin() {\n if(didInit === false) {\n didInit = true;\n Munchkin.init('713-XSC-918');\n }\n }\n var s = document.createElement('script');\n s.type = 'text/javascript';\n s.async = true;\n s.src = '//munchkin.marketo.net/munchkin-beta.js';\n s.onreadystatechange = function() {\n if (this.readyState == 'complete' \|\| this.readyState == 'loaded') {\n initMunchkin();\n }\n };\n s.onload = initMunchkin;\n document.getElementsByTagName('head')[0].appendChild(s);\n})();\n};{const d = document.createElement('div');d.innerHTML = ``;document.body.appendChild(d);};{const el = document.createElement('script');Object.entries(JSON.parse(decodeURIComponent(`%7B%22type%22%3A%22text%2Fjavascript%22%2C%22src%22%3A%22https%3A%2F%2Fcdn.bizible.com%2Fscripts%2Fbizible.js%22%2C%22async%22%3A%22%22%2C%22onload%22%3A%22%7Bdocument.dispatchEvent(new%20Event(%5C%22loaded-74e1aebb-4cfc-4814-81a6-31de110b9ad0%5C%22))%7D%22%2C%22order-id%22%3A%2274e1aebb-4cfc-4814-81a6-31de110b9ad0%22%7D`))).forEach(([k, v]) => {el.setAttribute(k, v);});document.head.appendChild(el);};{const d = document.createElement('div');d.innerHTML = ``;document.body.appendChild(d);};{\nwindow.dataLayer = window.dataLayer \|\| [];\nwindow.dataLayer.push({'zarazGaClientId': ''});\n};{\n(function(d,b,a,s,e){ var t = b.createElement(a), \n fs = b.getElementsByTagName(a)[0]; t.async=1; t.id=e; t.src=s; \n fs.parentNode.insertBefore(t, fs); })\n(window,document,'script','https://tag.demandbase.com/1be41a80498a5b73.min.js','demandbase_js_lib'); \n}})(window,document)"],"f":[["https://px.ads.linkedin.com/collect/?fmt=js&v=2&url=https%
Source: chromecache_196.2.dr	String found in binary or memory: -->`;document.body.appendChild(d);};{\n!function(e,t,n,s,u,a){e.twq\|\|(s=e.twq=function(){s.exe?s.exe.apply(s,arguments):s.queue.push(arguments);\n},s.version='1.1',s.queue=[],u=t.createElement(n),u.async=!0,u.src='https://static.ads-twitter.com/uwt.js',\na=t.getElementsByTagName(n)[0],a.parentNode.insertBefore(u,a))}(window,document,'script');\n// Insert Twitter Advertiser ID\ntwq('config','nvldc', {\n restricted_data_use: 'restrict_optimization' // or 'off'\n});\n};{const d = document.createElement('div');d.innerHTML = `<!-- Qualified -->\n\n\n<!-- End Qualified -->`;document.body.appendChild(d);};{\n(function(w,q){w['QualifiedObject']=q;w[q]=w[q]\|\|function(){\n(w[q].q=w[q].q\|\|[]).push(arguments)};})(window,'qualified')\n\n};{const el = document.createElement('script');Object.entries(JSON.parse(decodeURIComponent(`%7B%22async%22%3A%22%22%2C%22src%22%3A%22https%3A%2F%2Fjs.qualified.com%2Fqualified.js%3Ftoken%3D37pXYrro6wCZbsU7%22%2C%22onload%22%3A%22%7Bdocument.dispatchEvent(new%20Event(%5C%22loaded-a5063daa-9cb6-45ad-a7a5-b926d6ed7ce0%5C%22))%7D%22%2C%22order-id%22%3A%22a5063daa-9cb6-45ad-a7a5-b926d6ed7ce0%22%7D`))).forEach(([k, v]) => {el.setAttribute(k, v);});document.head.appendChild(el);};{const d = document.createElement('div');d.innerHTML = ``;document.body.appendChild(d);};{\n(function() {\n var didInit = false;\n function initMunchkin() {\n if(didInit === false) {\n didInit = true;\n Munchkin.init('713-XSC-918');\n }\n }\n var s = document.createElement('script');\n s.type = 'text/javascript';\n s.async = true;\n s.src = '//munchkin.marketo.net/munchkin-beta.js';\n s.onreadystatechange = function() {\n if (this.readyState == 'complete' \|\| this.readyState == 'loaded') {\n initMunchkin();\n }\n };\n s.onload = initMunchkin;\n document.getElementsByTagName('head')[0].appendChild(s);\n})();\n};{const d = document.createElement('div');d.innerHTML = ``;document.body.appendChild(d);};{const el = document.createElement('script');Object.entries(JSON.parse(decodeURIComponent(`%7B%22type%22%3A%22text%2Fjavascript%22%2C%22src%22%3A%22https%3A%2F%2Fcdn.bizible.com%2Fscripts%2Fbizible.js%22%2C%22async%22%3A%22%22%2C%22onload%22%3A%22%7Bdocument.dispatchEvent(new%20Event(%5C%22loaded-74e1aebb-4cfc-4814-81a6-31de110b9ad0%5C%22))%7D%22%2C%22order-id%22%3A%2274e1aebb-4cfc-4814-81a6-31de110b9ad0%22%7D`))).forEach(([k, v]) => {el.setAttribute(k, v);});document.head.appendChild(el);};{const d = document.createElement('div');d.innerHTML = ``;document.body.appendChild(d);};{\nwindow.dataLayer = window.dataLayer \|\| [];\nwindow.dataLayer.push({'zarazGaClientId': ''});\n};{\n(function(d,b,a,s,e){ var t = b.createElement(a), \n fs = b.getElementsByTagName(a)[0]; t.async=1; t.id=e; t.src=s; \n fs.parentNode.insertBefore(t, fs); })\n(window,document,'script','https://tag.demandbase.com/1be41a80498a5b73.min.js','demandbase_js_lib'); \n}})(window,document)"],"f":[["https://px.ads.linkedin.com/collect/?fmt=js&v=2&url=https%
Source: chromecache_243.2.dr, chromecache_313.2.dr, chromecache_290.2.dr, chromecache_289.2.dr, chromecache_213.2.dr, chromecache_310.2.dr	String found in binary or memory: return b}QE.F="internal.enableAutoEventOnTimer";var Vb=wa(["data-gtm-yt-inspected-"]),SE=["www.youtube.com","www.youtube-nocookie.com"],TE,UE=!1; equals www.youtube.com (Youtube)
Source: chromecache_238.2.dr	String found in binary or memory: return fetch("https://www.cloudflare.com/static/z/t",{credentials:"include",method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify(em)})})).then((function(ev){zarazData._let=(new Date).getTime();ev.ok\|\|el();return 204!==ev.status&&ev.json()})).then((async eu=>{await zaraz._p(eu);"function"==typeof ej&&ej()})).finally((()=>ek()))}))};zaraz.set=function(ew,ex,ey){try{ex=JSON.stringify(ex)}catch(ez){return}prefixedKey="_zaraz_"+ew;sessionStorage&&sessionStorage.removeItem(prefixedKey);localStorage&&localStorage.removeItem(prefixedKey);delete zaraz.pageVariables[ew];if(void 0!==ex){ey&&"session"==ey.scope?sessionStorage&&sessionStorage.setItem(prefixedKey,ex):ey&&"page"==ey.scope?zaraz.pageVariables[ew]=ex:localStorage&&localStorage.setItem(prefixedKey,ex);zaraz.__watchVar={key:ew,value:ex}}};for(const{m:eA,a:eB}of zarazData.q.filter((({m:eC})=>["debug","set"].includes(eC))))zaraz[eA](...eB);for(const{m:eD,a:eE}of zaraz.q)zaraz[eD](...eE);delete zaraz.q;delete zarazData.q;zaraz.spaPageview=()=>{zarazData.l=d.location.href;zarazData.t=d.title;zaraz.pageVariables={};zaraz.__zarazMCListeners={};zaraz.track("__zarazSPA")};zaraz.fulfilTrigger=function(dy,dz,dA,dB){zaraz.__zarazTriggerMap\|\|(zaraz.__zarazTriggerMap={});zaraz.__zarazTriggerMap[dy]\|\|(zaraz.__zarazTriggerMap[dy]="");zaraz.__zarazTriggerMap[dy]+=""+dz+"";zaraz.track("__zarazEmpty",{...dA,__zarazClientTriggers:zaraz.__zarazTriggerMap[dy]},dB)};zaraz._c=cZ=>{const{event:c$,...da}=cZ;zaraz.track(c$,{...da,__zarazClientEvent:!0})};zaraz._syncedAttributes=["altKey","clientX","clientY","pageX","pageY","button"];zaraz.__zcl.track=!0;zaraz._p({"e":["(function(w,d){(function(){if(\"function\"!=typeof zaraz._timeout){zaraz._timeouts=[];zaraz._timeout=(dU,dV,dW,dX)=>{dW=parseInt(dW,10);dX=parseInt(dX,10);if(0==dW)return;const dY=setTimeout((function(){zaraz.fulfilTrigger(dU,dV);zaraz._timeout(dU,dV,--dW,dX)}),dX);zaraz._timeouts.push(dY)}}zaraz._timeout(\"IFsU\",\"BKpn\",\"1\",\"30000\");})();(function(){const dJ=\"25%,50%,75%,100%\",dK=[];for(let dM=0;dM<dJ.split(\",\").length;dM+=1){const dN=dJ.split(\",\")[dM].trim().match(/^([0-9]{1,999999999})(px\|%)?$/);dN&&dN[1]&&dK.push([parseInt(dN[1],10),dN[2]\|\|\"%\"])}let dL=()=>{const dO=d.scrollingElement\|\|d.documentElement,dP=dO.scrollHeight-dO.clientHeight,dQ=dO.scrollTop/dP*100;for(let dR=0;dR<dK.length;dR+=1)if(dK[dR]){const[dS,dT]=dK[dR];if(\"%\"===dT&&dQ>=dS\|\|\"px\"===dT&&dO.scrollTop>=dS){delete dK[dR];zaraz.fulfilTrigger(\"zDVF\",\"Frnx\",{scrollDepth:dS+dT})}}};w.zaraz._al(d,\"scroll\",dL);w.zaraz._al(w,\"resize\",dL);dL();})();;w.zarazData.executed.push(\"Pageview\");})(window,document)","(function(w,d){{const d = document.createElement('div');d.innerHTML = `<noscript>\n<img height=\"1\" width=\"1\" style=\"display:none;\" alt=\"\" src=\"https://px.ads.linkedin.com/collect/?pid=28851&fmt=gif\" />\n</noscript>`;document.body.appendChild(d);};{\n_linkedin_partner_id = \"28851\";\nwindow._linkedin_data_partner_ids = window._link
Source: chromecache_289.2.dr, chromecache_213.2.dr	String found in binary or memory: var eE=function(a,b,c,d,e){var f=VB("fsl",c?"nv.mwt":"mwt",0),g;g=c?VB("fsl","nv.ids",[]):VB("fsl","ids",[]);if(!g.length)return!0;var k=$B(a,"gtm.formSubmit",g),m=a.action;m&&m.tagName&&(m=a.cloneNode(!1).action);U(121);if(m==="https://www.facebook.com/tr/")return U(122),!0;k["gtm.elementUrl"]=m;k["gtm.formCanceled"]=c;a.getAttribute("name")!=null&&(k["gtm.interactedFormName"]=a.getAttribute("name"));e&&(k["gtm.formSubmitElement"]=e,k["gtm.formSubmitElementText"]=e.value);if(d&&f){if(!FA(k,HA(b, equals www.facebook.com (Facebook)

Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: telemgram-rv.org
Source: global traffic	DNS traffic detected: DNS query: a.nel.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: www.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: static.cloudflareinsights.com
Source: global traffic	DNS traffic detected: DNS query: cf-assets.www.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: performance.radar.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: challenges.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: ot.www.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: ptcfc.com
Source: global traffic	DNS traffic detected: DNS query: cdn.logr-ingest.com
Source: global traffic	DNS traffic detected: DNS query: testingcf.jsdelivr.net
Source: global traffic	DNS traffic detected: DNS query: assets.adobedtm.com
Source: global traffic	DNS traffic detected: DNS query: api.www.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: fastly.jsdelivr.net
Source: global traffic	DNS traffic detected: DNS query: dpm.demdex.net
Source: global traffic	DNS traffic detected: DNS query: di.rlcdn.com
Source: global traffic	DNS traffic detected: DNS query: snap.licdn.com
Source: global traffic	DNS traffic detected: DNS query: scout-cdn.salesloft.com
Source: global traffic	DNS traffic detected: DNS query: static.ads-twitter.com
Source: global traffic	DNS traffic detected: DNS query: js.qualified.com
Source: global traffic	DNS traffic detected: DNS query: munchkin.marketo.net
Source: global traffic	DNS traffic detected: DNS query: cdn.bizible.com
Source: global traffic	DNS traffic detected: DNS query: px.ads.linkedin.com
Source: global traffic	DNS traffic detected: DNS query: alb.reddit.com
Source: global traffic	DNS traffic detected: DNS query: tag.demandbase.com
Source: global traffic	DNS traffic detected: DNS query: stats.g.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: d37vlkgj6jn9t1.cloudfront.net
Source: global traffic	DNS traffic detected: DNS query: scout.salesloft.com
Source: global traffic	DNS traffic detected: DNS query: adobedc.demdex.net
Source: global traffic	DNS traffic detected: DNS query: cloudflareinc.demdex.net
Source: global traffic	DNS traffic detected: DNS query: cm.everesttech.net
Source: global traffic	DNS traffic detected: DNS query: cdn.bizibly.com
Source: global traffic	DNS traffic detected: DNS query: r.logr-ingest.com
Source: global traffic	DNS traffic detected: DNS query: t.co
Source: global traffic	DNS traffic detected: DNS query: www.linkedin.com
Source: global traffic	DNS traffic detected: DNS query: analytics.twitter.com
Source: global traffic	DNS traffic detected: DNS query: ws6.qualified.com
Source: global traffic	DNS traffic detected: DNS query: uniquely-peaceful-hagfish.edgecompute.app
Source: global traffic	DNS traffic detected: DNS query: api.company-target.com
Source: global traffic	DNS traffic detected: DNS query: s.company-target.com
Source: global traffic	DNS traffic detected: DNS query: id.rlcdn.com
Source: global traffic	DNS traffic detected: DNS query: serverless-benchmarks-rust.compute-pipe.com
Source: global traffic	DNS traffic detected: DNS query: dsum-sec.casalemedia.com
Source: global traffic	DNS traffic detected: DNS query: partners.tremorhub.com
Source: global traffic	DNS traffic detected: DNS query: pixel.rubiconproject.com
Source: global traffic	DNS traffic detected: DNS query: 713-xsc-918.mktoresp.com
Source: global traffic	DNS traffic detected: DNS query: tag-logger.demandbase.com
Source: global traffic	DNS traffic detected: DNS query: exactly-huge-arachnid.edgecompute.app
Source: global traffic	DNS traffic detected: DNS query: edge.adobedc.net
Source: global traffic	DNS traffic detected: DNS query: serverless-benchmarks-js.compute-pipe.com
Source: global traffic	DNS traffic detected: DNS query: benchmark.1e100cdn.net
Source: global traffic	DNS traffic detected: DNS query: fastly.cedexis-test.com
Source: global traffic	DNS traffic detected: DNS query: p29.cedexis-test.com
Source: global traffic	DNS traffic detected: DNS query: benchmarks.cdn.compute-pipe.com
Source: global traffic	DNS traffic detected: DNS query: p16999.cedexis-test.com
Source: global traffic	DNS traffic detected: DNS query: jsdelivr.b-cdn.net
Source: global traffic	DNS traffic detected: DNS query: p36.cedexis-test.com
Source: global traffic	DNS traffic detected: DNS query: app.qualified.com
Source: global traffic	DNS traffic detected: DNS query: w3-reporting-nel.reddit.com

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Jan 14 22:17:23 2025, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2675
Entropy (8bit):	3.981305998671639
Encrypted:	false
SSDEEP:	48:8XAdzTU+iiJHdidAKZdA1nehwiZUklqehmy+3:8Xo8ivhy
MD5:	F11DACFA5D7D724754608D3A0BBB74A2
SHA1:	B29C4442A204865F3F6356461614CC884AB126C9
SHA-256:	5342D63DCAF58428316DC4B580DD725E2981DEDFC96BBB350C7B4C9AD44C23BA
SHA-512:	14B77EC991CB5489ADF66EF39C095A68C428ECCC1DB5D313B9D74860F518108D99D4072769F9EC19C8D051ACA6F2F2D0ACF8ECF7DD8D70B3328D7AC166E12B1C
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.....frw.f......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....EWXX..PROGRA~1..t......O.I.Z.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.Z.....L.....................p+j.G.o.o.g.l.e.....T.1.....EW.V..Chrome..>......CW.V.Z.....M.....................g.u.C.h.r.o.m.e.....`.1.....EW.V..APPLIC~1..H......CW.V.Z...........................g.u.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.V.Z,.............................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i....................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

Timestamp	Bytes transferred	Direction	Data
2025-01-14 23:17:29 UTC	659	OUT	GET / HTTP/1.1 Host: telemgram-rv.org Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-14 23:17:29 UTC	552	IN	HTTP/1.1 403 Forbidden Date: Tue, 14 Jan 2025 23:17:29 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Frame-Options: SAMEORIGIN Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lOHtGUqBFDKf8fWIZOaVjDZ0tzOi2B9aTOAl%2FrPEggtEkUi2f3Vc2%2FNGhk2JEJdMyIiJJ5Pa7VfSk3lUj4Z49K7zNrZxpNrpwy0pg6owpXWKO4BgJr8ji%2B7wmbuEm9nGbRxl"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 902156fb7c57aac5-YYZ
2025-01-14 23:17:29 UTC	817	IN	Data Raw: 31 31 63 31 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 21 2d 2d 5b 69 66 20 6c 74 20 49 45 20 37 5d 3e 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 36 20 6f 6c 64 69 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 21 2d 2d 5b 69 66 20 49 45 20 37 5d 3e 20 20 20 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 37 20 6f 6c 64 69 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 21 2d 2d 5b 69 66 20 49 45 20 38 5d 3e 20 20 20 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 38 20 6f 6c 64 69 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 21 2d 2d 5b 69 66 20 Data Ascii: 11c1<!DOCTYPE html>...[if lt IE 7]> <html class="no-js ie6 oldie" lang="en-US"> <![endif]-->...[if IE 7]> <html class="no-js ie7 oldie" lang="en-US"> <![endif]-->...[if IE 8]> <html class="no-js ie8 oldie" lang="en-US"> <![endif]-->...[if
2025-01-14 23:17:29 UTC	1369	IN	Data Raw: 2f 63 66 2e 65 72 72 6f 72 73 2e 69 65 2e 63 73 73 22 20 2f 3e 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 3c 2f 73 74 79 6c 65 3e 0a 0a 0a 3c 21 2d 2d 5b 69 66 20 67 74 65 20 49 45 20 31 30 5d 3e 3c 21 2d 2d 3e 0a 3c 73 63 72 69 70 74 3e 0a 20 20 69 66 20 28 21 6e 61 76 69 67 61 74 6f 72 2e 63 6f 6f 6b 69 65 45 6e 61 62 6c 65 64 29 20 7b 0a 20 20 20 20 77 69 6e 64 6f 77 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 27 44 4f 4d 43 6f 6e 74 65 6e 74 4c 6f 61 64 65 64 27 2c 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 20 20 20 20 20 20 76 61 72 20 63 6f 6f 6b 69 65 45 6c 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 27 63 6f 6f Data Ascii: /cf.errors.ie.css" /><![endif]--><style>body{margin:0;padding:0}</style>...[if gte IE 10]>...><script> if (!navigator.cookieEnabled) { window.addEventListener('DOMContentLoaded', function () { var cookieEl = document.getElementById('coo
2025-01-14 23:17:29 UTC	1369	IN	Data Raw: 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 2f 6c 65 61 72 6e 69 6e 67 2f 61 63 63 65 73 73 2d 6d 61 6e 61 67 65 6d 65 6e 74 2f 70 68 69 73 68 69 6e 67 2d 61 74 74 61 63 6b 2f 22 20 63 6c 61 73 73 3d 22 63 66 2d 62 74 6e 22 20 73 74 79 6c 65 3d 22 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 34 30 34 30 34 30 3b 20 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 20 62 6f 72 64 65 72 3a 20 30 3b 22 3e 4c 65 61 72 6e 20 4d 6f 72 65 3c 2f 61 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 66 6f 72 6d 20 61 63 74 69 6f 6e 3d 22 2f 63 Data Ascii: <a href="https://www.cloudflare.com/learning/access-management/phishing-attack/" class="cf-btn" style="background-color: #404040; color: #fff; border: 0;">Learn More</a> <form action="/c
2025-01-14 23:17:29 UTC	998	IN	Data Raw: 74 65 72 2d 69 70 2d 72 65 76 65 61 6c 2d 62 74 6e 22 3e 43 6c 69 63 6b 20 74 6f 20 72 65 76 65 61 6c 3c 2f 62 75 74 74 6f 6e 3e 0a 20 20 20 20 20 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 68 69 64 64 65 6e 22 20 69 64 3d 22 63 66 2d 66 6f 6f 74 65 72 2d 69 70 22 3e 38 2e 34 36 2e 31 32 33 2e 31 38 39 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 20 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 63 66 2d 66 6f 6f 74 65 72 2d 73 65 70 61 72 61 74 6f 72 20 73 6d 3a 68 69 64 64 65 6e 22 3e 26 62 75 6c 6c 3b 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 63 66 2d 66 6f 6f 74 65 72 2d 69 74 65 6d 20 73 6d 3a 62 6c 6f 63 6b 20 73 6d 3a 6d 62 2d 31 22 3e 3c 73 70 61 6e 3e 50 65 72 66 6f 72 6d 61 6e 63 65 20 26 61 Data Ascii: ter-ip-reveal-btn">Click to reveal</button> <span class="hidden" id="cf-footer-ip">8.46.123.189</span> <span class="cf-footer-separator sm:hidden">•</span> </span> <span class="cf-footer-item sm:block sm:mb-1"><span>Performance &a
2025-01-14 23:17:29 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2025-01-14 23:17:30 UTC	535	OUT	OPTIONS /report/v4?s=lOHtGUqBFDKf8fWIZOaVjDZ0tzOi2B9aTOAl%2FrPEggtEkUi2f3Vc2%2FNGhk2JEJdMyIiJJ5Pa7VfSk3lUj4Z49K7zNrZxpNrpwy0pg6owpXWKO4BgJr8ji%2B7wmbuEm9nGbRxl HTTP/1.1 Host: a.nel.cloudflare.com Connection: keep-alive Origin: https://telemgram-rv.org Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-14 23:17:30 UTC	336	IN	HTTP/1.1 200 OK Content-Length: 0 access-control-max-age: 86400 access-control-allow-methods: OPTIONS, POST access-control-allow-origin: * access-control-allow-headers: content-type, content-length date: Tue, 14 Jan 2025 23:17:29 GMT Via: 1.1 google Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close

Timestamp	Bytes transferred	Direction	Data
2025-01-14 23:17:30 UTC	559	OUT	GET /cdn-cgi/styles/cf.errors.css HTTP/1.1 Host: telemgram-rv.org Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://telemgram-rv.org/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-14 23:17:30 UTC	411	IN	HTTP/1.1 200 OK Date: Tue, 14 Jan 2025 23:17:30 GMT Content-Type: text/css Content-Length: 24051 Connection: close Last-Modified: Tue, 07 Jan 2025 14:31:40 GMT ETag: "677d3acc-5df3" Server: cloudflare CF-RAY: 90215702e8da43be-EWR X-Frame-Options: DENY X-Content-Type-Options: nosniff Expires: Wed, 15 Jan 2025 01:17:30 GMT Cache-Control: max-age=7200 Cache-Control: public Accept-Ranges: bytes
2025-01-14 23:17:30 UTC	1369	IN	Data Raw: 23 63 66 2d 77 72 61 70 70 65 72 20 61 2c 23 63 66 2d 77 72 61 70 70 65 72 20 61 62 62 72 2c 23 63 66 2d 77 72 61 70 70 65 72 20 61 72 74 69 63 6c 65 2c 23 63 66 2d 77 72 61 70 70 65 72 20 61 73 69 64 65 2c 23 63 66 2d 77 72 61 70 70 65 72 20 62 2c 23 63 66 2d 77 72 61 70 70 65 72 20 62 69 67 2c 23 63 66 2d 77 72 61 70 70 65 72 20 62 6c 6f 63 6b 71 75 6f 74 65 2c 23 63 66 2d 77 72 61 70 70 65 72 20 62 6f 64 79 2c 23 63 66 2d 77 72 61 70 70 65 72 20 63 61 6e 76 61 73 2c 23 63 66 2d 77 72 61 70 70 65 72 20 63 61 70 74 69 6f 6e 2c 23 63 66 2d 77 72 61 70 70 65 72 20 63 65 6e 74 65 72 2c 23 63 66 2d 77 72 61 70 70 65 72 20 63 69 74 65 2c 23 63 66 2d 77 72 61 70 70 65 72 20 63 6f 64 65 2c 23 63 66 2d 77 72 61 70 70 65 72 20 64 64 2c 23 63 66 2d 77 72 61 70 70 Data Ascii: #cf-wrapper a,#cf-wrapper abbr,#cf-wrapper article,#cf-wrapper aside,#cf-wrapper b,#cf-wrapper big,#cf-wrapper blockquote,#cf-wrapper body,#cf-wrapper canvas,#cf-wrapper caption,#cf-wrapper center,#cf-wrapper cite,#cf-wrapper code,#cf-wrapper dd,#cf-wrapp
2025-01-14 23:17:30 UTC	1369	IN	Data Raw: 70 65 72 20 64 65 74 61 69 6c 73 2c 23 63 66 2d 77 72 61 70 70 65 72 20 66 69 67 63 61 70 74 69 6f 6e 2c 23 63 66 2d 77 72 61 70 70 65 72 20 66 69 67 75 72 65 2c 23 63 66 2d 77 72 61 70 70 65 72 20 66 6f 6f 74 65 72 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 65 61 64 65 72 2c 23 63 66 2d 77 72 61 70 70 65 72 20 68 67 72 6f 75 70 2c 23 63 66 2d 77 72 61 70 70 65 72 20 6d 65 6e 75 2c 23 63 66 2d 77 72 61 70 70 65 72 20 6e 61 76 2c 23 63 66 2d 77 72 61 70 70 65 72 20 73 65 63 74 69 6f 6e 2c 23 63 66 2d 77 72 61 70 70 65 72 20 73 75 6d 6d 61 72 79 7b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 7d 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 63 6f 6c 75 6d 6e 73 3a 61 66 74 65 72 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 63 6f 6c 75 6d 6e 73 3a 62 65 66 Data Ascii: per details,#cf-wrapper figcaption,#cf-wrapper figure,#cf-wrapper footer,#cf-wrapper header,#cf-wrapper hgroup,#cf-wrapper menu,#cf-wrapper nav,#cf-wrapper section,#cf-wrapper summary{display:block}#cf-wrapper .cf-columns:after,#cf-wrapper .cf-columns:bef
2025-01-14 23:17:30 UTC	1369	IN	Data Raw: 20 2e 63 66 2d 63 6f 6c 75 6d 6e 73 20 69 6d 67 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 63 6f 6c 75 6d 6e 73 20 69 6e 70 75 74 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 63 6f 6c 75 6d 6e 73 20 6f 62 6a 65 63 74 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 63 6f 6c 75 6d 6e 73 20 73 65 6c 65 63 74 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 63 6f 6c 75 6d 6e 73 20 74 65 78 74 61 72 65 61 7b 6d 61 78 2d 77 69 64 74 68 3a 31 30 30 25 7d 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 63 6f 6c 75 6d 6e 73 3e 2e 63 66 2d 63 6f 6c 75 6d 6e 7b 66 6c 6f 61 74 3a 6c 65 66 74 3b 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a 34 35 70 78 3b 77 69 64 74 68 3a 31 30 30 25 3b 62 6f 78 2d 73 69 7a 69 6e 67 3a 62 6f 72 64 65 72 2d 62 6f 78 Data Ascii: .cf-columns img,#cf-wrapper .cf-columns input,#cf-wrapper .cf-columns object,#cf-wrapper .cf-columns select,#cf-wrapper .cf-columns textarea{max-width:100%}#cf-wrapper .cf-columns>.cf-column{float:left;padding-bottom:45px;width:100%;box-sizing:border-box
2025-01-14 23:17:30 UTC	1369	IN	Data Raw: 6d 6e 3a 6e 74 68 2d 63 68 69 6c 64 28 6f 64 64 29 7b 63 6c 65 61 72 3a 6c 65 66 74 7d 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 63 6f 6c 75 6d 6e 73 2e 63 6f 6c 73 2d 33 3e 2e 63 66 2d 63 6f 6c 75 6d 6e 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 63 6f 6c 75 6d 6e 73 2e 74 68 72 65 65 3e 2e 63 66 2d 63 6f 6c 75 6d 6e 7b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 33 30 70 78 3b 77 69 64 74 68 3a 33 33 2e 33 33 33 33 33 33 33 33 33 33 33 33 33 25 7d 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 63 6f 6c 75 6d 6e 73 2e 63 6f 6c 73 2d 33 3e 2e 63 66 2d 63 6f 6c 75 6d 6e 3a 66 69 72 73 74 2d 63 68 69 6c 64 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 63 6f 6c 75 6d 6e 73 2e 63 6f 6c 73 2d 33 3e 2e 63 66 2d 63 6f 6c 75 6d 6e 3a 6e 74 68 2d 63 Data Ascii: mn:nth-child(odd){clear:left}#cf-wrapper .cf-columns.cols-3>.cf-column,#cf-wrapper .cf-columns.three>.cf-column{padding-left:30px;width:33.3333333333333%}#cf-wrapper .cf-columns.cols-3>.cf-column:first-child,#cf-wrapper .cf-columns.cols-3>.cf-column:nth-c
2025-01-14 23:17:30 UTC	1369	IN	Data Raw: 6f 6c 75 6d 6e 73 2e 66 6f 75 72 3e 2e 63 66 2d 63 6f 6c 75 6d 6e 3a 6e 74 68 2d 63 68 69 6c 64 28 34 6e 2b 32 29 7b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 31 31 2e 32 35 70 78 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 32 2e 35 70 78 7d 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 63 6f 6c 75 6d 6e 73 2e 63 6f 6c 73 2d 34 3e 2e 63 66 2d 63 6f 6c 75 6d 6e 3a 6e 74 68 2d 63 68 69 6c 64 28 34 6e 2b 33 29 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 63 6f 6c 75 6d 6e 73 2e 66 6f 75 72 3e 2e 63 66 2d 63 6f 6c 75 6d 6e 3a 6e 74 68 2d 63 68 69 6c 64 28 34 6e 2b 33 29 7b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 32 32 2e 35 70 78 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 31 31 2e 32 35 70 78 7d 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 63 6f Data Ascii: olumns.four>.cf-column:nth-child(4n+2){padding-left:11.25px;padding-right:22.5px}#cf-wrapper .cf-columns.cols-4>.cf-column:nth-child(4n+3),#cf-wrapper .cf-columns.four>.cf-column:nth-child(4n+3){padding-left:22.5px;padding-right:11.25px}#cf-wrapper .cf-co
2025-01-14 23:17:30 UTC	1369	IN	Data Raw: 2c 23 63 66 2d 77 72 61 70 70 65 72 20 75 6c 7b 6c 69 73 74 2d 73 74 79 6c 65 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 33 65 6d 7d 23 63 66 2d 77 72 61 70 70 65 72 20 75 6c 7b 6c 69 73 74 2d 73 74 79 6c 65 2d 74 79 70 65 3a 64 69 73 63 7d 23 63 66 2d 77 72 61 70 70 65 72 20 6f 6c 7b 6c 69 73 74 2d 73 74 79 6c 65 2d 74 79 70 65 3a 64 65 63 69 6d 61 6c 7d 23 63 66 2d 77 72 61 70 70 65 72 20 65 6d 7b 66 6f 6e 74 2d 73 74 79 6c 65 3a 69 74 61 6c 69 63 7d 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 73 75 62 68 65 61 64 6c 69 6e 65 7b 63 6f 6c 6f 72 3a 23 35 39 35 39 35 39 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 33 30 30 7d 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 74 65 78 74 2d 65 72 72 6f 72 7b 63 6f 6c 6f 72 3a 23 62 64 32 34 32 36 7d Data Ascii: ,#cf-wrapper ul{list-style:none;margin-left:3em}#cf-wrapper ul{list-style-type:disc}#cf-wrapper ol{list-style-type:decimal}#cf-wrapper em{font-style:italic}#cf-wrapper .cf-subheadline{color:#595959;font-weight:300}#cf-wrapper .cf-text-error{color:#bd2426}
2025-01-14 23:17:30 UTC	1369	IN	Data Raw: 65 6c 65 63 74 3a 6e 6f 6e 65 3b 75 73 65 72 2d 73 65 6c 65 63 74 3a 6e 6f 6e 65 3b 64 69 73 70 6c 61 79 3a 2d 6d 6f 7a 2d 69 6e 6c 69 6e 65 2d 73 74 61 63 6b 3b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 76 65 72 74 69 63 61 6c 2d 61 6c 69 67 6e 3a 6d 69 64 64 6c 65 3b 7a 6f 6f 6d 3a 31 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 32 70 78 3b 62 6f 78 2d 73 69 7a 69 6e 67 3a 62 6f 72 64 65 72 2d 62 6f 78 3b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 69 74 69 6f 6e 3a 61 6c 6c 20 2e 32 73 20 65 61 73 65 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 61 6c 6c 20 2e 32 73 20 65 61 73 65 7d 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 62 74 6e 3a 68 6f 76 65 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 62 66 62 66 62 66 3b 62 6f 72 64 Data Ascii: elect:none;user-select:none;display:-moz-inline-stack;display:inline-block;vertical-align:middle;zoom:1;border-radius:2px;box-sizing:border-box;-webkit-transition:all .2s ease;transition:all .2s ease}#cf-wrapper .cf-btn:hover{background-color:#bfbfbf;bord
2025-01-14 23:17:30 UTC	1369	IN	Data Raw: 69 76 65 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 62 74 6e 2d 64 61 6e 67 65 72 3a 66 6f 63 75 73 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 62 74 6e 2d 65 72 72 6f 72 2e 61 63 74 69 76 65 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 62 74 6e 2d 65 72 72 6f 72 3a 61 63 74 69 76 65 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 62 74 6e 2d 65 72 72 6f 72 3a 66 6f 63 75 73 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 62 74 6e 2d 69 6d 70 6f 72 74 61 6e 74 2e 61 63 74 69 76 65 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 62 74 6e 2d 69 6d 70 6f 72 74 61 6e 74 3a 61 63 74 69 76 65 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 62 74 6e 2d 69 6d 70 6f 72 74 61 6e 74 3a 66 6f 63 75 73 7b 62 61 63 6b 67 72 6f 75 6e 64 Data Ascii: ive,#cf-wrapper .cf-btn-danger:focus,#cf-wrapper .cf-btn-error.active,#cf-wrapper .cf-btn-error:active,#cf-wrapper .cf-btn-error:focus,#cf-wrapper .cf-btn-important.active,#cf-wrapper .cf-btn-important:active,#cf-wrapper .cf-btn-important:focus{background
2025-01-14 23:17:30 UTC	1369	IN	Data Raw: 62 6f 78 3b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 69 74 69 6f 6e 3a 61 6c 6c 20 2e 32 73 20 65 61 73 65 3b 74 72 61 6e 73 69 74 69 6f 6e 3a 61 6c 6c 20 2e 32 73 20 65 61 73 65 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 32 70 78 7d 23 63 66 2d 77 72 61 70 70 65 72 20 69 6e 70 75 74 3a 68 6f 76 65 72 2c 23 63 66 2d 77 72 61 70 70 65 72 20 73 65 6c 65 63 74 3a 68 6f 76 65 72 2c 23 63 66 2d 77 72 61 70 70 65 72 20 74 65 78 74 61 72 65 61 3a 68 6f 76 65 72 7b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 67 72 61 79 7d 23 63 66 2d 77 72 61 70 70 65 72 20 69 6e 70 75 74 3a 66 6f 63 75 73 2c 23 63 66 2d 77 72 61 70 70 65 72 20 73 65 6c 65 63 74 3a 66 6f 63 75 73 2c 23 63 66 2d 77 72 61 70 70 65 72 20 74 65 78 74 61 72 65 61 3a 66 6f 63 75 73 7b 62 6f 72 64 65 72 2d Data Ascii: box;-webkit-transition:all .2s ease;transition:all .2s ease;border-radius:2px}#cf-wrapper input:hover,#cf-wrapper select:hover,#cf-wrapper textarea:hover{border-color:gray}#cf-wrapper input:focus,#cf-wrapper select:focus,#cf-wrapper textarea:focus{border-
2025-01-14 23:17:30 UTC	1369	IN	Data Raw: 61 70 70 65 72 20 2e 63 66 2d 61 6c 65 72 74 2d 64 61 6e 67 65 72 2c 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 61 6c 65 72 74 2d 65 72 72 6f 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 64 65 35 30 35 32 3b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 23 35 32 31 30 31 30 3b 63 6f 6c 6f 72 3a 23 66 66 66 7d 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 61 6c 65 72 74 2d 73 75 63 63 65 73 73 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 62 61 64 61 37 61 3b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 23 35 31 36 62 31 64 3b 63 6f 6c 6f 72 3a 23 35 31 36 62 31 64 7d 23 63 66 2d 77 72 61 70 70 65 72 20 2e 63 66 2d 61 6c 65 72 74 2d 77 61 72 6e 69 6e 67 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 66 39 62 31 36 39 3b 62 6f Data Ascii: apper .cf-alert-danger,#cf-wrapper .cf-alert-error{background-color:#de5052;border-color:#521010;color:#fff}#cf-wrapper .cf-alert-success{background-color:#bada7a;border-color:#516b1d;color:#516b1d}#cf-wrapper .cf-alert-warning{background-color:#f9b169;bo

Timestamp	Bytes transferred	Direction	Data
2025-01-14 23:17:30 UTC	476	OUT	POST /report/v4?s=lOHtGUqBFDKf8fWIZOaVjDZ0tzOi2B9aTOAl%2FrPEggtEkUi2f3Vc2%2FNGhk2JEJdMyIiJJ5Pa7VfSk3lUj4Z49K7zNrZxpNrpwy0pg6owpXWKO4BgJr8ji%2B7wmbuEm9nGbRxl HTTP/1.1 Host: a.nel.cloudflare.com Connection: keep-alive Content-Length: 388 Content-Type: application/reports+json User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-14 23:17:30 UTC	388	OUT	Data Raw: 5b 7b 22 61 67 65 22 3a 31 2c 22 62 6f 64 79 22 3a 7b 22 65 6c 61 70 73 65 64 5f 74 69 6d 65 22 3a 31 33 38 36 2c 22 6d 65 74 68 6f 64 22 3a 22 47 45 54 22 2c 22 70 68 61 73 65 22 3a 22 61 70 70 6c 69 63 61 74 69 6f 6e 22 2c 22 70 72 6f 74 6f 63 6f 6c 22 3a 22 68 74 74 70 2f 31 2e 31 22 2c 22 72 65 66 65 72 72 65 72 22 3a 22 22 2c 22 73 61 6d 70 6c 69 6e 67 5f 66 72 61 63 74 69 6f 6e 22 3a 31 2e 30 2c 22 73 65 72 76 65 72 5f 69 70 22 3a 22 31 37 32 2e 36 37 2e 32 31 36 2e 32 31 38 22 2c 22 73 74 61 74 75 73 5f 63 6f 64 65 22 3a 34 30 33 2c 22 74 79 70 65 22 3a 22 68 74 74 70 2e 65 72 72 6f 72 22 7d 2c 22 74 79 70 65 22 3a 22 6e 65 74 77 6f 72 6b 2d 65 72 72 6f 72 22 2c 22 75 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 74 65 6c 65 6d 67 72 61 6d 2d 72 76 2e 6f Data Ascii: [{"age":1,"body":{"elapsed_time":1386,"method":"GET","phase":"application","protocol":"http/1.1","referrer":"","sampling_fraction":1.0,"server_ip":"172.67.216.218","status_code":403,"type":"http.error"},"type":"network-error","url":"https://telemgram-rv.o
2025-01-14 23:17:30 UTC	168	IN	HTTP/1.1 200 OK Content-Length: 0 date: Tue, 14 Jan 2025 23:17:30 GMT Via: 1.1 google Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close

Timestamp	Bytes transferred	Direction	Data
2025-01-14 23:17:31 UTC	651	OUT	GET /cdn-cgi/images/icon-exclamation.png?1376755637 HTTP/1.1 Host: telemgram-rv.org Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://telemgram-rv.org/cdn-cgi/styles/cf.errors.css Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-14 23:17:31 UTC	409	IN	HTTP/1.1 200 OK Date: Tue, 14 Jan 2025 23:17:31 GMT Content-Type: image/png Content-Length: 452 Connection: close Last-Modified: Tue, 07 Jan 2025 14:31:40 GMT ETag: "677d3acc-1c4" Server: cloudflare CF-RAY: 9021570a5d8a064c-IAD X-Frame-Options: DENY X-Content-Type-Options: nosniff Expires: Wed, 15 Jan 2025 01:17:31 GMT Cache-Control: max-age=7200 Cache-Control: public Accept-Ranges: bytes
2025-01-14 23:17:31 UTC	452	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 36 00 00 00 36 08 03 00 00 00 bb 9b 9a ef 00 00 00 33 50 4c 54 45 c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f ab b2 22 ed 00 00 00 11 74 52 4e 53 00 40 30 10 60 8f bf ff ef 7f af 9f df 20 50 cf 70 60 82 c8 9b 00 00 01 2f 49 44 41 54 78 01 bd d3 05 d2 b4 30 10 06 e1 8e 6c de c1 36 dc ff b2 9f 2b 95 c9 12 7e 79 4a 91 46 22 b8 c2 8b c8 80 94 6f 45 1f ac 4c 81 33 f2 ac 03 5b 1e 95 69 32 b5 94 6e 98 57 79 4a c4 91 8a 7a 26 9a 82 a9 af a4 46 95 f5 d0 1a fb 95 c7 62 bf b2 f2 e9 70 7e e3 a7 a0 df ee 7c 3a 74 35 f1 6d b3 b3 99 66 70 af 69 f2 2f 65 ef c7 fa 99 25 de 25 1b c9 b4 f0 6e d2 50 a6 ed fb 65 Data Ascii: PNGIHDR663PLTEE?E?E?E?E?E?E?E?E?E?E?E?E?E?E?E?E?"tRNS@0` Pp`/IDATx0l6+~yJF"oEL3[i2nWyJz&Fbp~\|:t5mfpi/e%%nPe

Timestamp	Bytes transferred	Direction	Data
2025-01-14 23:17:32 UTC	386	OUT	GET /cdn-cgi/images/icon-exclamation.png?1376755637 HTTP/1.1 Host: telemgram-rv.org Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-14 23:17:33 UTC	409	IN	HTTP/1.1 200 OK Date: Tue, 14 Jan 2025 23:17:33 GMT Content-Type: image/png Content-Length: 452 Connection: close Last-Modified: Tue, 07 Jan 2025 14:31:40 GMT ETag: "677d3acc-1c4" Server: cloudflare CF-RAY: 90215711db41a304-YUL X-Frame-Options: DENY X-Content-Type-Options: nosniff Expires: Wed, 15 Jan 2025 01:17:33 GMT Cache-Control: max-age=7200 Cache-Control: public Accept-Ranges: bytes
2025-01-14 23:17:33 UTC	452	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 36 00 00 00 36 08 03 00 00 00 bb 9b 9a ef 00 00 00 33 50 4c 54 45 c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f ab b2 22 ed 00 00 00 11 74 52 4e 53 00 40 30 10 60 8f bf ff ef 7f af 9f df 20 50 cf 70 60 82 c8 9b 00 00 01 2f 49 44 41 54 78 01 bd d3 05 d2 b4 30 10 06 e1 8e 6c de c1 36 dc ff b2 9f 2b 95 c9 12 7e 79 4a 91 46 22 b8 c2 8b c8 80 94 6f 45 1f ac 4c 81 33 f2 ac 03 5b 1e 95 69 32 b5 94 6e 98 57 79 4a c4 91 8a 7a 26 9a 82 a9 af a4 46 95 f5 d0 1a fb 95 c7 62 bf b2 f2 e9 70 7e e3 a7 a0 df ee 7c 3a 74 35 f1 6d b3 b3 99 66 70 af 69 f2 2f 65 ef c7 fa 99 25 de 25 1b c9 b4 f0 6e d2 50 a6 ed fb 65 Data Ascii: PNGIHDR663PLTEE?E?E?E?E?E?E?E?E?E?E?E?E?E?E?E?E?"tRNS@0` Pp`/IDATx0l6+~yJF"oEL3[i2nWyJz&Fbp~\|:t5mfpi/e%%nPe

Timestamp	Bytes transferred	Direction	Data
2025-01-14 23:17:32 UTC	588	OUT	GET /favicon.ico HTTP/1.1 Host: telemgram-rv.org Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://telemgram-rv.org/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-14 23:17:33 UTC	556	IN	HTTP/1.1 403 Forbidden Date: Tue, 14 Jan 2025 23:17:33 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Frame-Options: SAMEORIGIN Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4%2FpaJx62l6D2GGHJvvjI7Khfywao7EEWsHNE8iwSxPKZWN3qOwN%2Fpu%2B2wmOB7al2pP%2FHRvP79AgyYXKZfY9pgp3dKJFmgNsQ8BjfipcWDjZMRQyhCUCKiere47A%2FM9tL7FSP"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 90215711efe5a2d0-YUL
2025-01-14 23:17:33 UTC	813	IN	Data Raw: 31 31 63 63 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 21 2d 2d 5b 69 66 20 6c 74 20 49 45 20 37 5d 3e 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 36 20 6f 6c 64 69 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 21 2d 2d 5b 69 66 20 49 45 20 37 5d 3e 20 20 20 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 37 20 6f 6c 64 69 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 21 2d 2d 5b 69 66 20 49 45 20 38 5d 3e 20 20 20 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 38 20 6f 6c 64 69 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 21 2d 2d 5b 69 66 20 Data Ascii: 11cc<!DOCTYPE html>...[if lt IE 7]> <html class="no-js ie6 oldie" lang="en-US"> <![endif]-->...[if IE 7]> <html class="no-js ie7 oldie" lang="en-US"> <![endif]-->...[if IE 8]> <html class="no-js ie8 oldie" lang="en-US"> <![endif]-->...[if
2025-01-14 23:17:33 UTC	1369	IN	Data Raw: 79 6c 65 73 2f 63 66 2e 65 72 72 6f 72 73 2e 69 65 2e 63 73 73 22 20 2f 3e 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 3c 2f 73 74 79 6c 65 3e 0a 0a 0a 3c 21 2d 2d 5b 69 66 20 67 74 65 20 49 45 20 31 30 5d 3e 3c 21 2d 2d 3e 0a 3c 73 63 72 69 70 74 3e 0a 20 20 69 66 20 28 21 6e 61 76 69 67 61 74 6f 72 2e 63 6f 6f 6b 69 65 45 6e 61 62 6c 65 64 29 20 7b 0a 20 20 20 20 77 69 6e 64 6f 77 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 27 44 4f 4d 43 6f 6e 74 65 6e 74 4c 6f 61 64 65 64 27 2c 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 20 20 20 20 20 20 76 61 72 20 63 6f 6f 6b 69 65 45 6c 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 Data Ascii: yles/cf.errors.ie.css" /><![endif]--><style>body{margin:0;padding:0}</style>...[if gte IE 10]>...><script> if (!navigator.cookieEnabled) { window.addEventListener('DOMContentLoaded', function () { var cookieEl = document.getElementById(
2025-01-14 23:17:33 UTC	1369	IN	Data Raw: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 2f 6c 65 61 72 6e 69 6e 67 2f 61 63 63 65 73 73 2d 6d 61 6e 61 67 65 6d 65 6e 74 2f 70 68 69 73 68 69 6e 67 2d 61 74 74 61 63 6b 2f 22 20 63 6c 61 73 73 3d 22 63 66 2d 62 74 6e 22 20 73 74 79 6c 65 3d 22 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 34 30 34 30 34 30 3b 20 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 20 62 6f 72 64 65 72 3a 20 30 3b 22 3e 4c 65 61 72 6e 20 4d 6f 72 65 3c 2f 61 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 66 6f 72 6d 20 61 63 74 69 6f 6e Data Ascii: <a href="https://www.cloudflare.com/learning/access-management/phishing-attack/" class="cf-btn" style="background-color: #404040; color: #fff; border: 0;">Learn More</a> <form action
2025-01-14 23:17:33 UTC	1013	IN	Data Raw: 22 20 63 6c 61 73 73 3d 22 63 66 2d 66 6f 6f 74 65 72 2d 69 70 2d 72 65 76 65 61 6c 2d 62 74 6e 22 3e 43 6c 69 63 6b 20 74 6f 20 72 65 76 65 61 6c 3c 2f 62 75 74 74 6f 6e 3e 0a 20 20 20 20 20 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 68 69 64 64 65 6e 22 20 69 64 3d 22 63 66 2d 66 6f 6f 74 65 72 2d 69 70 22 3e 38 2e 34 36 2e 31 32 33 2e 31 38 39 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 20 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 63 66 2d 66 6f 6f 74 65 72 2d 73 65 70 61 72 61 74 6f 72 20 73 6d 3a 68 69 64 64 65 6e 22 3e 26 62 75 6c 6c 3b 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 63 66 2d 66 6f 6f 74 65 72 2d 69 74 65 6d 20 73 6d 3a 62 6c 6f 63 6b 20 73 6d 3a 6d 62 2d 31 22 3e 3c 73 70 61 6e Data Ascii: " class="cf-footer-ip-reveal-btn">Click to reveal</button> <span class="hidden" id="cf-footer-ip">8.46.123.189</span> <span class="cf-footer-separator sm:hidden">•</span> </span> <span class="cf-footer-item sm:block sm:mb-1"><span
2025-01-14 23:17:33 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2025-01-14 23:17:43 UTC	746	OUT	GET /learning/access-management/phishing-attack/ HTTP/1.1 Host: www.cloudflare.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Referer: https://telemgram-rv.org/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-14 23:17:43 UTC	1216	IN	HTTP/1.1 200 OK Date: Tue, 14 Jan 2025 23:17:43 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close Cache-Control: public, max-age=0, must-revalidate Strict-Transport-Security: max-age=31536000; includeSubDomains Permissions-Policy: geolocation=(), camera=(), microphone=() Referrer-Policy: strict-origin-when-cross-origin X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-GWW-LOC: EN-US X-PGS-LOC: EN-US x-RM: GW X-XSS-Protection: 1; mode=block Set-Cookie: __cf_bm=n3y4Vw.9wY0YhMep_639CvwOXXC_1PgvhVD5bYt9r90-1736896663-1.0.1.1-NpCDUaQ9KPPIAX.3jkwh34o_FG7hfocSnR9IQ02erTgIpoaOaCWXKjO1uMUPqwm92V6ABVg1TA2wB3wG7VejxWVGh5VJNSu2E6pYYaj5MPM; path=/; expires=Tue, 14-Jan-25 23:47:43 GMT; domain=.www.cloudflare.com; HttpOnly; Secure; SameSite=None Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PXO3G6iIEvgDeMHCoICDyl8SxCo8IyMoXdh0dSuhc0kPNiES65ZgiUiVolcpX%2BHXd8ySARPJXKAfOfewqCgahjLymz2oAk0uQwvuJXrpS6OOx3LD5Zm3Fl1WTI8tbd9nsFEPCQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 90215750dc5042da-EWR alt-svc: h3=":443"; ma=86400
2025-01-14 23:17:43 UTC	153	IN	Data Raw: 37 61 66 31 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 75 73 22 3e 3c 68 65 61 64 3e 3c 73 63 72 69 70 74 3e 77 69 6e 64 6f 77 2e 72 65 64 77 6f 6f 64 3d 7b 22 63 6f 6e 73 65 6e 74 47 72 6f 75 70 73 22 3a 7b 22 43 30 30 30 31 22 3a 74 72 75 65 2c 22 43 30 30 30 32 22 3a 74 72 75 65 2c 22 43 30 30 30 33 22 3a 74 72 75 65 2c 22 43 30 30 30 34 22 3a 74 72 75 65 7d 2c 22 63 6f 75 6e 74 72 79 22 3a 22 55 53 Data Ascii: 7af1<!DOCTYPE html><html lang="en-us"><head><script>window.redwood={"consentGroups":{"C0001":true,"C0002":true,"C0003":true,"C0004":true},"country":"US
2025-01-14 23:17:43 UTC	1369	IN	Data Raw: 22 2c 22 63 6f 6c 6f 22 3a 22 45 57 52 22 2c 22 75 73 65 72 22 3a 6e 75 6c 6c 2c 22 72 76 31 22 3a 22 75 6f 69 22 2c 22 6c 6f 63 61 6c 65 22 3a 22 65 6e 2d 55 53 22 7d 3c 2f 73 63 72 69 70 74 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 76 61 72 20 4f 6e 65 54 72 75 73 74 3d 7b 22 67 65 6f 6c 6f 63 61 74 69 6f 6e 52 65 73 70 6f 6e 73 65 22 3a 7b 22 73 74 61 74 65 43 6f 64 65 22 3a 22 4e 59 22 2c 22 63 6f 75 6e 74 72 79 43 6f 64 65 22 3a 22 55 53 22 7d 7d 0a 20 20 20 20 3c 2f 73 63 72 69 70 74 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 0a 20 20 20 20 20 63 6f 6e 73 74 20 61 63 63 65 70 74 65 64 4c 6f 63 61 6c 65 73 20 3d 20 5b 0a 20 20 20 20 20 20 27 65 6e 2d 61 75 27 2c Data Ascii: ","colo":"EWR","user":null,"rv1":"uoi","locale":"en-US"}</script> <script type="text/javascript"> var OneTrust={"geolocationResponse":{"stateCode":"NY","countryCode":"US"}} </script> <script> const acceptedLocales = [ 'en-au',
2025-01-14 23:17:43 UTC	1369	IN	Data Raw: 2d 75 73 27 29 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6e 73 74 20 6c 61 6e 67 50 72 65 66 65 72 65 6e 63 65 20 3d 20 6c 6f 63 61 6c 53 74 6f 72 61 67 65 2e 67 65 74 49 74 65 6d 28 27 6c 61 6e 67 50 72 65 66 65 72 65 6e 63 65 27 29 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6e 73 74 20 73 70 6c 69 74 50 61 74 68 20 3d 20 77 69 6e 64 6f 77 2e 6c 6f 63 61 74 69 6f 6e 2e 70 61 74 68 6e 61 6d 65 2e 73 70 6c 69 74 28 27 2f 27 29 2e 66 69 6c 74 65 72 28 70 61 72 74 20 3d 3e 20 70 61 72 74 20 21 3d 3d 20 27 27 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6e 73 74 20 63 75 72 72 65 6e 74 4c 61 6e 67 20 3d 20 73 70 6c 69 74 50 61 74 68 5b 30 5d 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 69 66 20 28 21 Data Ascii: -us') { const langPreference = localStorage.getItem('langPreference').toLowerCase(); const splitPath = window.location.pathname.split('/').filter(part => part !== ''); const currentLang = splitPath[0]; if (!
2025-01-14 23:17:43 UTC	1369	IN	Data Raw: 68 20 26 26 20 21 69 67 6e 6f 72 65 4c 69 73 74 2e 69 6e 63 6c 75 64 65 73 28 6d 61 79 62 65 4c 6f 63 61 6c 65 29 29 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6c 6f 63 61 74 69 6f 6e 2e 72 65 70 6c 61 63 65 28 27 68 74 74 70 73 3a 2f 2f 27 20 2b 20 77 69 6e 64 6f 77 2e 6c 6f 63 61 74 69 6f 6e 2e 68 6f 73 74 6e 61 6d 65 20 2b 20 27 2f 27 20 2b 20 72 65 64 69 72 65 63 74 50 61 74 68 20 2b 20 27 2f 27 20 2b 20 77 69 6e 64 6f 77 2e 6c 6f 63 61 74 69 6f 6e 2e 73 65 61 72 63 68 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 7d 0a 20 20 20 20 7d 0a 20 20 20 20 3c 2f 73 63 72 69 70 74 3e 3c 6d 65 74 61 20 63 68 61 72 53 65 74 3d 22 75 74 66 2d 38 22 2f 3e 3c 6d 65 74 61 20 68 Data Ascii: h && !ignoreList.includes(maybeLocale)) { window.location.replace('https://' + window.location.hostname + '/' + redirectPath + '/' + window.location.search); } } } } </script><meta charSet="utf-8"/><meta h
2025-01-14 23:17:43 UTC	1369	IN	Data Raw: 6f 6e 74 65 6e 74 3d 22 50 68 69 73 68 69 6e 67 20 61 74 74 61 63 6b 73 20 69 6e 76 6f 6c 76 65 64 20 74 72 69 63 6b 69 6e 67 20 61 20 76 69 63 74 69 6d 20 69 6e 74 6f 20 74 61 6b 69 6e 67 20 73 6f 6d 65 20 61 63 74 69 6f 6e 20 74 68 61 74 20 62 65 6e 65 66 69 74 73 20 74 68 65 20 61 74 74 61 63 6b 65 72 2e 20 4c 65 61 72 6e 20 68 6f 77 20 74 6f 20 73 74 6f 70 20 70 68 69 73 68 69 6e 67 20 61 74 74 61 63 6b 73 2e 22 20 64 61 74 61 2d 67 61 74 73 62 79 2d 68 65 61 64 3d 22 74 72 75 65 22 2f 3e 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 6f 67 3a 74 69 74 6c 65 22 20 69 64 3d 22 6f 67 2d 74 69 74 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 57 68 61 74 20 69 73 20 61 20 70 68 69 73 68 69 6e 67 20 61 74 74 61 63 6b 3f 22 20 64 61 74 61 2d 67 61 74 73 62 79 2d Data Ascii: ontent="Phishing attacks involved tricking a victim into taking some action that benefits the attacker. Learn how to stop phishing attacks." data-gatsby-head="true"/><meta property="og:title" id="og-title" content="What is a phishing attack?" data-gatsby-
2025-01-14 23:17:43 UTC	1369	IN	Data Raw: 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 77 69 64 74 68 3a 31 30 30 30 70 78 29 7b 2e 73 74 69 63 6b 79 2d 72 69 63 68 2d 74 65 78 74 2d 72 65 6e 64 65 72 65 72 7b 6d 61 78 2d 68 65 69 67 68 74 3a 37 30 30 70 78 3b 6f 76 65 72 66 6c 6f 77 2d 79 3a 73 63 72 6f 6c 6c 3b 70 6f 73 69 74 69 6f 6e 3a 73 74 69 63 6b 79 3b 74 6f 70 3a 31 35 30 70 78 7d 7d 2e 62 72 2d 63 68 65 63 6b 62 6f 78 7b 2d 77 65 62 6b 69 74 2d 75 73 65 72 2d 73 65 6c 65 63 74 3a 6e 6f 6e 65 3b 75 73 65 72 2d 73 65 6c 65 63 74 3a 6e 6f 6e 65 7d 2e 62 72 2d 63 68 65 63 6b 62 6f 78 20 69 6e 70 75 74 7b 63 75 72 73 6f 72 3a 70 6f 69 6e 74 65 72 7d 2e 62 72 2d 63 68 65 63 6b 62 6f 78 20 69 6e 70 75 74 3a 63 68 65 63 6b 65 64 7e 2e 63 68 65 63 6b 6d 61 72 6b 7b 62 61 63 6b 67 72 Data Ascii: ia screen and (min-width:1000px){.sticky-rich-text-renderer{max-height:700px;overflow-y:scroll;position:sticky;top:150px}}.br-checkbox{-webkit-user-select:none;user-select:none}.br-checkbox input{cursor:pointer}.br-checkbox input:checked~.checkmark{backgr
2025-01-14 23:17:43 UTC	1369	IN	Data Raw: 6e 74 2d 72 65 73 6f 75 72 63 65 2d 63 61 72 64 2d 73 68 61 64 6f 77 7b 62 6f 78 2d 73 68 61 64 6f 77 3a 30 20 34 70 78 20 31 30 70 78 20 23 30 30 30 30 30 30 31 66 7d 2e 65 6c 65 6d 65 6e 74 2d 72 65 73 6f 75 72 63 65 2d 63 61 72 64 7b 68 65 69 67 68 74 3a 31 30 30 25 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 36 35 70 78 7d 2e 65 6c 65 6d 65 6e 74 2d 72 65 73 6f 75 72 63 65 2d 63 61 72 64 20 2e 72 6f 77 7b 68 65 69 67 68 74 3a 31 30 30 25 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 69 6e 68 65 72 69 74 7d 2e 65 6c 65 6d 65 6e 74 2d 72 65 73 6f 75 72 63 65 2d 63 61 72 64 20 2e 6c 65 61 72 6e 2d 6d 6f 72 65 7b 61 6c 69 67 6e 2d 73 65 6c 66 3a 66 6c 65 78 2d 73 74 61 72 74 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 34 70 78 3b 6c 65 74 74 65 72 2d 73 70 61 63 69 6e 67 3a 2d Data Ascii: nt-resource-card-shadow{box-shadow:0 4px 10px #0000001f}.element-resource-card{height:100%;min-height:165px}.element-resource-card .row{height:100%;min-height:inherit}.element-resource-card .learn-more{align-self:flex-start;font-size:14px;letter-spacing:-
2025-01-14 23:17:43 UTC	1369	IN	Data Raw: 6f 75 73 65 6c 2d 77 72 61 70 70 65 72 20 2e 73 6c 69 64 65 7b 6d 61 72 67 69 6e 3a 32 34 70 78 21 69 6d 70 6f 72 74 61 6e 74 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 37 35 30 70 78 29 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 31 30 30 31 70 78 29 7b 2e 62 6c 61 64 65 2d 63 61 72 64 2d 63 61 72 6f 75 73 65 6c 2d 77 72 61 70 70 65 72 20 2e 73 6c 69 64 65 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 30 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 62 6c 61 64 65 2d 63 61 72 64 2d 63 61 72 6f 75 73 65 6c 2d 77 72 61 70 70 65 72 20 2e 73 6c 69 64 65 3a 66 69 72 73 74 2d 63 68 69 6c 64 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 31 32 70 78 21 69 6d 70 6f 72 74 61 6e 74 7d 7d 2e 62 6c 61 64 65 2d 63 61 72 64 2d 63 61 72 6f 75 73 65 6c 2d 77 72 61 70 70 65 72 Data Ascii: ousel-wrapper .slide{margin:24px!important}@media (min-width:750px) and (max-width:1001px){.blade-card-carousel-wrapper .slide{margin-left:0!important}.blade-card-carousel-wrapper .slide:first-child{margin-left:12px!important}}.blade-card-carousel-wrapper
2025-01-14 23:17:43 UTC	1369	IN	Data Raw: 65 72 6f 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 2d 77 72 61 70 70 65 72 20 2e 66 65 61 74 75 72 65 73 2d 69 6d 61 67 65 2d 77 72 61 70 70 65 72 7b 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 66 6c 65 78 2d 64 69 72 65 63 74 69 6f 6e 3a 63 6f 6c 75 6d 6e 2d 72 65 76 65 72 73 65 3b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 34 38 70 78 7d 2e 62 6c 61 64 65 2d 66 75 6c 6c 2d 77 69 64 74 68 2d 68 65 72 6f 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 2d 77 72 61 70 70 65 72 20 2e 66 65 61 74 75 72 65 73 2d 69 6d 61 67 65 2d 77 72 61 70 70 65 72 20 2e 66 65 61 74 75 72 65 73 2d 69 6d 61 67 65 7b 6f 72 64 65 72 3a 32 7d 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 33 32 30 30 70 78 29 7b 2e 62 6c 61 64 65 2d 66 75 6c 6c 2d 77 69 64 74 68 Data Ascii: ero-background-image-wrapper .features-image-wrapper{display:flex;flex-direction:column-reverse;margin-bottom:48px}.blade-full-width-hero-background-image-wrapper .features-image-wrapper .features-image{order:2}}@media (min-width:3200px){.blade-full-width
2025-01-14 23:17:43 UTC	1369	IN	Data Raw: 3a 33 30 38 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 7d 2e 68 65 72 6f 2d 6d 65 64 69 61 20 69 6d 67 2c 2e 68 65 72 6f 2d 6d 65 64 69 61 20 76 69 64 65 6f 7b 68 65 69 67 68 74 3a 31 30 30 25 3b 77 69 64 74 68 3a 31 30 30 25 7d 2e 68 65 72 6f 2d 73 65 63 74 69 6f 6e 2d 62 6f 74 74 6f 6d 20 2e 63 6f 6c 7b 70 61 64 64 69 6e 67 3a 30 7d 2e 68 65 72 6f 2d 70 72 6f 6d 6f 74 69 6f 6e 61 6c 2d 62 61 6e 6e 65 72 2d 77 72 61 70 70 65 72 7b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 38 70 78 3b 62 6f 78 2d 73 68 61 64 6f 77 3a 30 20 34 70 78 20 31 32 70 78 20 30 20 23 30 30 30 30 30 30 31 66 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 7d 2e 68 65 72 6f 2d 70 72 6f 6d 6f 74 69 6f 6e 61 6c 2d Data Ascii: :308px;overflow:hidden;position:relative}.hero-media img,.hero-media video{height:100%;width:100%}.hero-section-bottom .col{padding:0}.hero-promotional-banner-wrapper{border-radius:8px;box-shadow:0 4px 12px 0 #0000001f;position:relative}.hero-promotional-

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report http://telemgram-rv.org/

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Dropped Files

HTML

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

AV Detection

Phishing

Networking

System Summary

Boot Survival

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

LLM Input / Output

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Chrome Cache Entry: 159

Chrome Cache Entry: 160

Chrome Cache Entry: 161

Chrome Cache Entry: 162

Chrome Cache Entry: 163

Chrome Cache Entry: 164

Chrome Cache Entry: 165

Chrome Cache Entry: 166

Chrome Cache Entry: 167

Chrome Cache Entry: 168

Chrome Cache Entry: 169

Chrome Cache Entry: 170

Chrome Cache Entry: 171

Chrome Cache Entry: 172

Chrome Cache Entry: 173

Chrome Cache Entry: 174

Chrome Cache Entry: 175

Chrome Cache Entry: 176

Chrome Cache Entry: 177

Windows Analysis Report
http://telemgram-rv.org/

Timestamp	Bytes transferred	Direction	Data
2025-01-14 23:17:43 UTC	885	OUT	GET /img/learning/security/threats/phishing-attack/diagram-phishing-attack.png HTTP/1.1 Host: www.cloudflare.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.cloudflare.com/learning/access-management/phishing-attack/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: __cf_bm=n3y4Vw.9wY0YhMep_639CvwOXXC_1PgvhVD5bYt9r90-1736896663-1.0.1.1-NpCDUaQ9KPPIAX.3jkwh34o_FG7hfocSnR9IQ02erTgIpoaOaCWXKjO1uMUPqwm92V6ABVg1TA2wB3wG7VejxWVGh5VJNSu2E6pYYaj5MPM
2025-01-14 23:17:43 UTC	904	IN	HTTP/1.1 200 OK Date: Tue, 14 Jan 2025 23:17:43 GMT Content-Type: image/webp Content-Length: 28858 Connection: close Accept-Ranges: bytes ETag: "f881ce0909c7585c5f12986f7499f9db" Strict-Transport-Security: max-age=31536000; includeSubDomains Permissions-Policy: geolocation=(), camera=(), microphone=() Referrer-Policy: strict-origin-when-cross-origin X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-GWW-LOC: EN-US X-PGS-LOC: EN-US X-XSS-Protection: 1; mode=block Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cdffrfjDAZJqGOR8WOK5IxfyKHWJwZ7r741KyfT0whN%2FJGgqeFycD1Biz4f1A4raGkSC0xdN1eQWp5zxaTN8ypby9PAw1jdeK4AdlQ6eExp6JYUUlGV%2B1tgVgCX6T1F4CU35Cg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 9021575459bf335a-EWR alt-svc: h3=":443"; ma=86400
2025-01-14 23:17:43 UTC	465	IN	Data Raw: 52 49 46 46 b2 70 00 00 57 45 42 50 56 50 38 4c a6 70 00 00 2f 72 c8 19 11 8f e4 2a b6 6d a7 59 08 c2 08 fe 55 f0 0f 29 b7 a5 c7 02 83 b6 91 1c f9 3b e0 27 f8 58 1e c5 b5 dd 65 dc b6 6d 20 76 8f bb 71 6e ff 61 ee 95 b6 4e dc d6 da f6 24 0f 39 c3 47 49 cd 00 8e a7 9d b5 f3 b8 88 0b e4 58 92 73 4a 30 35 1b 0a e4 7f 3a e7 1d 63 fb 5d 43 57 c0 35 e7 4d 3b 87 8a 7b ae d9 21 2e c8 f1 c0 03 39 72 e4 c8 66 1b 6c e8 68 ee 63 53 75 97 49 da 62 11 f3 50 19 72 85 8a 4b 45 a8 15 ec 4d 2d e4 ba 54 84 5a a1 a3 89 da 2c b1 e8 6c 72 85 ce 66 8e 90 6d 18 43 d9 f4 80 42 cc 83 c2 7d 1e 8e fe 13 73 ff 3b 3b b9 f5 62 6a 4e 31 ce fe de 37 58 51 61 45 89 05 13 7a cc a8 31 a1 c1 88 16 03 56 0c e8 d1 a3 c3 80 16 23 1a 4c a8 31 63 41 8b 05 25 56 14 d8 8e 77 1d f6 f8 6d d8 b0 21 10 Data Ascii: RIFFpWEBPVP8Lp/r*mYU);'Xem vqnaN$9GIXsJ05:c]CW5M;{!.9rflhcSuIbPrKEM-TZ,lrfmCB}s;;bjN17XQaEz1V#L1cA%Vwm!
2025-01-14 23:17:43 UTC	1369	IN	Data Raw: ff ff e5 38 ad 1e f6 7d 2b 69 b9 cf be d0 d0 86 10 6e 09 a1 97 d0 a4 21 e4 d9 ea da be f5 f8 e2 49 31 e2 da c4 35 d7 72 d3 24 0d b4 21 0b 49 cb 2b 84 2c 24 2f f2 2f 8f ce f9 fd 7e e7 a7 23 cd 48 d6 98 d1 e8 8c 74 a4 91 ac 88 fe 53 a0 6d ab 6e 1b 1d a4 ca fa fa c1 4c 23 02 88 87 9e 64 ab cb 92 6d bb 8d 24 49 0b e9 15 a9 a9 d6 62 54 bd 94 1e 75 6f 39 ab 9d 7c 00 69 74 02 04 1d 55 ed 5e e1 e6 91 22 22 fa 4f 01 92 24 41 6d 54 87 8c 40 c8 b1 b3 67 fd a1 59 d8 86 86 81 0f 6f b7 6d 67 a9 ad 6d db 7f 67 4f 44 99 ea 82 bf 6c c6 e8 19 30 59 e5 e0 d8 af 29 f4 48 82 51 88 e8 3f 25 48 92 24 49 91 55 cf 3d 80 65 b2 87 4b 0d 95 91 1d cd 7c 76 6d c7 e1 5e f8 4f fa 4f fa 4f fa 4f fa 4f fa cf 0b ff b9 39 c4 1f 66 ec 07 a1 c2 9f ac b5 2f fc c7 38 33 76 79 db 0d 7e 6f ed 9c Data Ascii: 8}+in!I15r$!I+,$//~#HtSmnL#dm$IbTuo9\|itU^""O$AmT@gYomgmgODl0Y)HQ?%H$IU=eK\|vm^OOOOO9f/83vy~o
2025-01-14 23:17:43 UTC	1369	IN	Data Raw: e7 59 40 9f 6e a7 00 d5 a3 ab 1c 3b e3 94 3d 96 72 8a 10 eb 8e 10 4f 70 72 21 12 63 0c da 94 51 27 37 28 26 15 97 91 a4 2e 45 b1 5b 63 94 27 3b 76 06 6e 1c 29 45 70 86 a8 88 2b c8 58 3a 8d e0 77 35 df 3c 1e a0 4f 45 dc e2 58 d2 7f 5e f8 4f fa 4f fa 4f fa 4f fa 8f 2e fd 1f 5f cd ff f8 e3 c9 b4 1a b2 9d 72 be fd 9a 05 47 53 57 43 b3 74 6f ce 88 e3 87 62 38 96 ea c3 59 71 fc 32 1d 8a ed 03 e7 c6 31 de b2 32 1c fa 1f f5 f3 47 82 ac cf 32 bb b5 74 3a 2e e5 ba c6 68 14 32 8c 02 ae 22 ae 9c 21 34 c5 16 12 de 99 cf 6a 8c 46 21 c3 28 e0 22 a2 f9 35 4b 8e 7a 8b 0b 36 a3 e7 d3 a4 0c 1e 1f e7 73 41 d1 85 79 42 b6 85 34 68 15 47 96 98 49 71 34 0a 19 26 af b6 5b 46 23 0b 67 0a df 6d 95 2d 32 c7 4c a6 0d ec 5e dd 7a 72 ed 5c e1 a7 2d 32 56 2d 2f b9 0d 20 b9 dd 92 22 cc Data Ascii: Y@n;=rOpr!cQ'7(&.E[c';vn)Ep+X:w5<OEX^OOOO._rGSWCtob8Yq212G2t:.h2"!4jF!("5Kz6sAyB4hGIq4&[F#gm-2L^zr\-2V-/ "
2025-01-14 23:17:43 UTC	1369	IN	Data Raw: ad 58 09 0e b3 49 5f 9e 3f 1d 65 fc ae 7c 12 53 d1 04 07 7b 37 d1 4b f5 83 6f 46 03 7b 5a c4 51 cc 04 88 6e 82 97 aa f5 d5 0a a4 4f e3 27 ca 20 31 9b 70 24 18 db f1 6d 81 71 dc 44 37 48 d8 32 a1 cb 4e a3 50 44 24 7f 6a 27 53 c1 ed 58 5b e7 0a 02 e6 8f e3 25 da 40 71 2b 91 4b 95 53 23 2f f5 b7 b4 e8 cb 74 f2 03 75 d1 a7 41 c2 95 0e 5b 3b 9f c4 65 4c 5a ab 69 15 2b 36 ad c6 3f 92 84 7d f6 38 3e a2 1b 2c ec bd c4 2d c5 98 56 cb 87 6f 35 87 4c 62 23 66 03 c6 ad a4 2d 8f 1b 42 3e ce 13 ce b2 ae 04 a1 7f 2c 02 82 2f 1d b6 b6 4d d8 f2 84 70 a5 55 a6 dc 72 e3 2f 9a c7 b1 10 dd a0 61 cb 44 2d 35 9e 38 22 98 55 d2 e7 17 a3 6f 63 20 36 6d e0 e8 26 69 69 d1 ed 4c 35 29 f6 3a 8e 7f 58 09 1e b3 c9 59 9e 63 9a 6a 47 4f f4 b9 04 60 4f 63 1f 6e 06 0f bb 92 94 a5 28 75 2a Data Ascii: XI_?e\|S{7KoF{ZQnO' 1p$mqD7H2NPD$j'SX[%@q+KS#/tuA[;eLZi+6?}8>,-Vo5Lb#f-B>,/MpUr/aD-58"Uoc 6m&iiL5):XYcjGO`Ocn(u*
2025-01-14 23:17:43 UTC	1369	IN	Data Raw: 91 71 65 ab 1b 16 dd 1f 54 06 fb 25 2e a7 be bb 0b f2 ec 08 06 5a d0 54 9b 6a 40 be 36 71 18 cf b9 ab 3d 7f cc c1 af bc 49 3a 3f e9 86 45 f7 07 94 c1 49 79 9d d4 7f ae 03 1b 89 5e a0 87 d3 1a 4d aa 01 79 64 62 31 a6 ec 55 90 3e 63 18 e7 2e b8 12 6f b0 66 ed a0 32 38 c4 58 f9 d8 ef 3c f1 de 60 19 1c 8d 5e 10 62 29 1a 28 c9 cf ca 2f 4d 24 e3 9b 29 e4 3e 7e 18 8a 4c d8 ab 03 7b c2 50 1b 08 77 22 4d 15 6b b0 88 33 38 b4 d7 63 8f 34 9f a1 7f 6d b7 00 cb e0 40 f4 82 90 17 b3 e3 4b 8f e7 0a 61 44 b2 d6 30 8e f3 30 e4 07 f0 a4 59 f4 18 fc c4 1e 72 53 cd b0 ee fe e0 d0 5e 8f e3 6c 5b 79 e7 e5 42 84 67 23 a7 a2 1b fe 56 0c 82 96 7d c5 89 68 5d 08 f2 13 5c 80 54 8b d9 96 df bb 71 06 f3 61 84 bd 1d 2e e3 d7 55 79 f3 a5 dd 2c 5c 91 47 23 17 a4 e3 6a 3f c9 f9 c1 8e f0 Data Ascii: qeT%.ZTj@6q=I:?EIy^Mydb1U>c.of28X<`^b)(/M$)>~L{Pw"Mk38c4m@KaD00YrS^l[yBg#V}h]\Tqa.Uy,\G#j?
2025-01-14 23:17:43 UTC	1369	IN	Data Raw: ad 55 1e b9 2c fb 34 47 88 6c 7d d8 9f 7e 75 33 d9 ef bc d0 5f 62 80 d3 af 5e 5b 50 cf 32 31 45 37 84 1a 22 b6 b2 8b 21 bb e9 56 11 9c 05 cf eb c2 19 69 c9 c8 05 a1 12 10 aa 93 ba 52 75 3f f8 b5 2c fe 57 30 91 ad 0f 0a 7a 2c f8 0b 7d da 14 df 35 85 22 27 11 1c 9e 58 cc fc bd 5d 01 5f 49 f9 83 a2 30 51 8e 0f e9 8f 7c b5 00 6f e8 c1 35 79 4e e4 42 4a 3c 61 38 59 a7 af c9 35 af 93 0f ee fd 30 87 88 6a 7d 18 f2 ad 92 f8 17 4e e3 d8 51 6a 99 ba 89 e8 dc 9d e5 3b 1b b7 8d 10 59 60 7e b2 c9 17 ff 2a 46 41 99 71 99 0f 9e f1 93 91 0b ac 12 10 25 f7 88 d6 2b 54 c0 9e dd 6f 22 17 05 5c d7 fa c3 d0 37 18 54 3f dd 6f 49 48 a0 4e b3 3c 72 c3 99 51 33 bf 06 54 17 12 e0 b7 23 56 f8 31 e1 49 87 b9 ab bb dd 27 25 ce 68 c1 8d d3 72 8b 4b 23 18 5f 53 35 c2 f9 d7 e4 f4 2f 01 Data Ascii: U,4Gl}~u3_b^[P21E7"!ViRu?,W0z,}5"'X]_I0Q\|o5yNBJ<a8Y50j}NQj;Y`~*FAq%+To"\7T?oIHN<rQ3T#V1I'%hrK#_S5/
2025-01-14 23:17:43 UTC	1369	IN	Data Raw: 7d 3b bb 74 fe cc 6e c2 ed 0c 96 10 22 56 c4 37 9d f8 16 ee 9f 3d 8f fa 98 7b 23 5d 18 28 6c 7d 7d 92 7a 2b 2c 9e 3e 07 de af 71 e8 7d 85 95 18 22 2e 78 38 3f 6b c4 2f b0 0c bf 9a c8 8f d9 bc d5 f7 b6 71 d7 04 d0 1d dd bb 9b d1 ed 1c 37 26 41 44 6c 02 f1 e5 70 14 03 60 cc da 7c 5f e3 66 40 8d 51 7a ea f0 1e b6 57 47 8d 49 16 11 7f d0 92 58 e2 66 fc de bc dd bf 36 99 8f 4c 60 dd a9 23 3b 1c ec eb bd 4a 88 30 d0 dd d8 c4 00 00 67 39 db a7 d6 0a fa 85 e9 a9 55 ef 36 d2 ea e0 09 63 92 48 98 1f 34 ef f5 c7 f9 3e 99 bd bd 19 06 77 8d f1 01 f2 3b ed 1c ac 8d 31 09 12 86 b9 1b 9b 00 e0 7a 9f e4 77 42 e3 93 9f 70 e2 c8 41 ec c8 99 ca 1c 2a bd 33 8f 4c 96 30 ca dd d8 c4 0e 18 33 ea 23 6f b7 b8 62 42 c6 9d 3a de b6 47 0e 8f 8f b6 ad 74 5c 4c c2 09 f3 bd a6 5f d8 68 Data Ascii: };tn"V7={#](l}}z+,>q}".x8?k/q7&ADlp`\|_f@QzWGIXf6L`#;J0g9U6cH4>w;1zwBpA*3L03#obB:Gt\L_h
2025-01-14 23:17:43 UTC	1369	IN	Data Raw: 41 c5 7d 0b 4f 89 ac 2b cd b3 dc 97 a4 85 26 71 a6 ee c6 ae a1 0a 17 e9 17 c8 d9 92 44 46 aa 9b 69 87 f2 5f b5 ba 4b 70 37 4b 56 f1 ef 2c f0 5c fd d0 6d 04 16 df 59 a0 5d f7 ae c2 8f 27 97 05 29 ba 54 0f 7f 2c 1f 71 2f 0d 8b b8 6a 5e 34 93 d2 bf f8 c9 5a 0d 5c 6d 85 a2 d8 a9 ef 99 ed 38 dc 0b ff 49 ff 49 ff 49 ff 49 ff 49 ff 49 ff 49 ff 49 ff 49 ff 49 ff 49 ff 79 e1 3f e9 3f e9 3f e9 3f e9 3f e9 3f e9 3f 2f fc e7 56 18 ef 5b cf fd 21 49 cc b2 b5 b6 70 fd 92 36 79 8c b3 6e 07 e2 b7 bd c7 1f ad e8 e6 92 e9 74 ac e7 96 68 c2 54 d0 73 a0 97 17 48 da 38 87 d4 4a 6e 35 91 8e 23 ee 52 5c 18 d7 0a 38 31 1e ae 95 49 13 e9 ac 4b bf c5 d2 a2 3f 31 de 88 03 30 e7 92 52 03 1d 92 28 3a 4c 4e f8 8e a6 e2 0f 7f a5 02 a8 b4 fd 4f ac b4 48 65 01 d7 e2 31 73 02 f9 8c 2e 24 Data Ascii: A}O+&qDFi_Kp7KV,\mY]')T,q/j^4Z\m8IIIIIIIIIIIy???????/V[!Ip6ynthTsH8Jn5#R\81IK?10R(:LNOHe1s.$
2025-01-14 23:17:43 UTC	1369	IN	Data Raw: ee 2a 2e 37 36 de 83 37 65 e4 8a 11 a0 d5 54 6a 20 47 6d 0c 59 94 56 f8 5f bd 14 cb 33 cd a1 71 12 47 fa ab 53 38 ee 2e 1a 4d 86 c5 f8 5d 59 d0 52 68 a5 3a 46 52 74 74 09 af f8 40 69 57 c1 36 36 ad d8 8e c3 bd f0 9f f4 9f f4 9f f4 9f f4 9f f4 9f f4 9f 17 fe 93 fe 93 fe 93 fe 93 fe 93 fe 93 fe 93 fe 93 fe 93 fe 93 fe 93 fe 93 fe 93 fe 93 fe e3 6e 9c 3c 7e ec b0 e8 ea 36 df 06 83 13 47 0e ee c3 bf 6e ed a7 93 6c 1b 0b ea e9 5e 85 6f 5d fb 7a 7b 8a 5c 9c 43 95 fa 77 bd fe 76 13 1c df 5f 70 38 d3 6e 33 f1 8a cb a5 db 46 bc c8 81 57 3c 0b 64 db 42 30 2e 48 ee cc 39 cf 9d a5 89 34 de 06 e2 68 dc 94 f4 a0 29 81 1e ab 2d 3b d9 d4 34 f8 4a db 3d 4c 3c 8a 1d 1e 93 4f af bf c7 f2 3c 6d 29 b7 75 e0 20 f2 38 4b b9 a8 f2 20 38 2a 2e 8d 60 11 0f 6e df c0 29 f8 dd 9a 2b Data Ascii: .767eTj GmYV_3qGS8.M]YRh:FRtt@iW66n<~6Gnl^o]z{\Cwv_p8n3FW<dB0.H94h)-;4J=L<O<m)u 8K 8.`n)+
2025-01-14 23:17:43 UTC	1369	IN	Data Raw: 6c 8f 85 f3 c1 c8 b2 5c 4b b2 e9 97 3b 2e f1 b6 36 fd f5 38 52 83 2d 97 5e 17 eb 4d 7b 97 87 49 10 9a a2 92 70 d3 2f 77 4a 3e 79 16 d6 9e a7 50 df 49 87 fc ce 46 75 5a d1 e3 cd 94 87 71 10 9a a2 92 74 d3 2f b7 47 3a f3 6a 96 9e f5 1c ac f7 c4 91 e9 87 a9 22 2f 0b 07 81 31 71 2d 38 ad 5f ba 9b 58 d3 2f 77 40 3a 8e 40 97 3e 3d 2b 6d 2b 8e 84 63 da 7b dc 68 6d d8 80 a4 9b 7e b9 23 0c b5 25 bc 05 a8 90 e3 9c 73 38 6e a5 12 5a 82 c0 c6 8d 40 14 93 8a a5 f4 cb b9 ea 9c 90 ef fe a6 a0 b8 57 94 9b 5c da c6 ad fc 46 48 3d 64 23 0d d6 df ad 95 59 58 bf 5c 34 fb 42 ae 52 a0 8f 95 5c 9e 13 b3 f2 5b a1 ed 29 e1 42 d2 4d bf dc 41 f9 48 02 66 54 c7 a7 31 2b 6f 16 3d de 81 09 81 e3 cf 93 6e fa e5 8e 49 5c d0 82 0b 12 75 bc ca bb c0 b4 30 59 2d f1 a6 5f 6e af ac 6e 4b 8b Data Ascii: l\K;.68R-^M{Ip/wJ>yPIFuZqt/G:j"/1q-8_X/w@:@>=+m+c{hm~#%s8nZ@W\FH=d#YX\4BR\[)BMAHfT1+o=nI\u0Y-_nnK

Timestamp	Bytes transferred	Direction	Data
2025-01-14 23:17:44 UTC	834	OUT	GET /img/privacyoptions.svg HTTP/1.1 Host: www.cloudflare.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.cloudflare.com/learning/access-management/phishing-attack/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: __cf_bm=n3y4Vw.9wY0YhMep_639CvwOXXC_1PgvhVD5bYt9r90-1736896663-1.0.1.1-NpCDUaQ9KPPIAX.3jkwh34o_FG7hfocSnR9IQ02erTgIpoaOaCWXKjO1uMUPqwm92V6ABVg1TA2wB3wG7VejxWVGh5VJNSu2E6pYYaj5MPM
2025-01-14 23:17:44 UTC	900	IN	HTTP/1.1 200 OK Date: Tue, 14 Jan 2025 23:17:44 GMT Content-Type: image/svg+xml Transfer-Encoding: chunked Connection: close ETag: W/"5a8d3dae7c1ddd64826cea94a93139d4" Strict-Transport-Security: max-age=31536000; includeSubDomains Permissions-Policy: geolocation=(), camera=(), microphone=() Referrer-Policy: strict-origin-when-cross-origin X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-GWW-LOC: EN-US X-PGS-LOC: EN-US X-XSS-Protection: 1; mode=block Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sQ07ocOn3qcyAyMUiOBKadKC6BREaOzVYiT0UxLrWEsC4IAkFwDAMXRLKByY6WwUk%2FzzhSFHtLNN%2FbfC94UuhJF3muW37uWQJHpm%2BjFoCI%2B%2Bwgq5YN3x%2FDtCq47TPcpIQImHGQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 902157575df60f3b-EWR alt-svc: h3=":443"; ma=86400
2025-01-14 23:17:44 UTC	1369	IN	Data Raw: 37 30 31 0d 0a 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0a 3c 21 2d 2d 20 47 65 6e 65 72 61 74 6f 72 3a 20 41 64 6f 62 65 20 49 6c 6c 75 73 74 72 61 74 6f 72 20 32 34 2e 33 2e 30 2c 20 53 56 47 20 45 78 70 6f 72 74 20 50 6c 75 67 2d 49 6e 20 2e 20 53 56 47 20 56 65 72 73 69 6f 6e 3a 20 36 2e 30 30 20 42 75 69 6c 64 20 30 29 20 20 2d 2d 3e 0a 3c 73 76 67 20 76 65 72 73 69 6f 6e 3d 22 31 2e 31 22 20 69 64 3d 22 4c 61 79 65 72 5f 31 22 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 22 20 78 6d 6c 6e 73 3a 78 6c 69 6e 6b 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 6c 69 6e 6b 22 20 78 3d 22 30 70 78 Data Ascii: 701<?xml version="1.0" encoding="utf-8"?>... Generator: Adobe Illustrator 24.3.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) --><svg version="1.1" id="Layer_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px
2025-01-14 23:17:44 UTC	431	IN	Data Raw: 2e 32 2c 30 2e 32 2d 30 2e 36 2c 30 2e 32 2d 30 2e 38 2c 30 63 2d 30 2e 32 2d 30 2e 32 2d 30 2e 32 2d 30 2e 36 2c 30 2d 30 2e 38 6c 30 2c 30 4c 32 30 2e 38 2c 37 6c 2d 32 2e 32 2d 32 2e 32 63 2d 30 2e 32 2d 30 2e 32 2d 30 2e 32 2d 30 2e 36 2c 30 2d 30 2e 38 0a 09 09 09 09 09 63 30 2e 32 2d 30 2e 32 2c 30 2e 36 2d 30 2e 32 2c 30 2e 38 2c 30 6c 30 2c 30 6c 32 2e 32 2c 32 2e 32 4c 32 33 2e 38 2c 34 43 32 34 2c 33 2e 38 2c 32 34 2e 34 2c 33 2e 38 2c 32 34 2e 36 2c 34 7a 22 2f 3e 0a 09 09 09 09 3c 70 61 74 68 20 69 64 3d 22 79 22 20 63 6c 61 73 73 3d 22 73 74 33 22 20 64 3d 22 4d 31 32 2e 37 2c 34 2e 31 63 30 2e 32 2c 30 2e 32 2c 30 2e 33 2c 30 2e 36 2c 30 2e 31 2c 30 2e 38 6c 30 2c 30 4c 38 2e 36 2c 39 2e 38 43 38 2e 35 2c 39 2e 39 2c 38 2e 34 2c 31 30 2c 38 Data Ascii: .2,0.2-0.6,0.2-0.8,0c-0.2-0.2-0.2-0.6,0-0.8l0,0L20.8,7l-2.2-2.2c-0.2-0.2-0.2-0.6,0-0.8c0.2-0.2,0.6-0.2,0.8,0l0,0l2.2,2.2L23.8,4C24,3.8,24.4,3.8,24.6,4z"/><path id="y" class="st3" d="M12.7,4.1c0.2,0.2,0.3,0.6,0.1,0.8l0,0L8.6,9.8C8.5,9.9,8.4,10,8
2025-01-14 23:17:44 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2025-01-14 23:17:44 UTC	858	OUT	GET /slt3lc6tev37/2fMg89go9MegG1EDg39mNy/5a42817cd388ae352f77f56e53b1ff81/card-new.png HTTP/1.1 Host: cf-assets.www.cloudflare.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.cloudflare.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: __cf_bm=n3y4Vw.9wY0YhMep_639CvwOXXC_1PgvhVD5bYt9r90-1736896663-1.0.1.1-NpCDUaQ9KPPIAX.3jkwh34o_FG7hfocSnR9IQ02erTgIpoaOaCWXKjO1uMUPqwm92V6ABVg1TA2wB3wG7VejxWVGh5VJNSu2E6pYYaj5MPM
2025-01-14 23:17:44 UTC	854	IN	HTTP/1.1 200 OK Date: Tue, 14 Jan 2025 23:17:44 GMT Content-Type: image/webp Content-Length: 2784 Connection: close CF-Ray: 902157578b75de97-EWR CF-Cache-Status: HIT Accept-Ranges: bytes Age: 25232 Cache-Control: max-age=604800 Content-Disposition: inline; filename="card-new.webp" ETag: "f4eb2a2f745f8799e3e6f6478ab2305d" Last-Modified: Wed, 21 Aug 2024 18:12:19 GMT Vary: Accept Cf-Bgj: imgq:85,h2pri Cf-Polished: origFmt=png, origSize=3908 Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QIJE5GJzItkZfaFSGAuIVP67h%2BVybuuiFyjeT6XSYXk3eloKSkWD9TuwP810sy%2BMJGfCJ1UNBFeaB96iHuE0cGKef5L3OCwiNBr963c28pVfdQrCT4fYvstYVWVVnUL65bkTvtWd6IhwL%2BFC%2FxE%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare alt-svc: h3=":443"; ma=86400
2025-01-14 23:17:44 UTC	515	IN	Data Raw: 52 49 46 46 d8 0a 00 00 57 45 42 50 56 50 38 4c cc 0a 00 00 2f 36 41 2b 10 19 45 6d db 40 ca 3b e5 cf 78 27 82 88 fe a7 7c aa 82 85 6c 14 b4 6d c3 18 44 f9 b3 ed 0e 03 c2 6c a3 22 ec 79 fe 64 87 22 16 4c f1 ce 70 ea bf c2 b6 6d 90 c2 78 8f a0 19 e1 43 91 fa 33 06 70 5d b2 c4 db 6d db 7a db d6 b6 36 41 8a ce ff ff 15 f9 b8 7e 5e 5e 31 59 8a 8c 97 89 f1 32 99 8f 1d ea 22 3b 0d 2d aa 38 6c db 46 92 e8 fb af ff 76 07 23 c8 91 24 29 92 3c 97 05 da 83 e7 e9 2f 0f 63 38 a8 ad 2d 68 ae 0d 8c 40 83 11 61 24 d8 9a e8 12 08 0d a4 89 26 70 11 fe 08 44 20 02 2d da 76 eb b6 91 d4 76 3c 12 20 5f 00 97 97 20 f3 fc 2e 2c 00 7e ef fe 1e ec 73 ed ff 7b b5 84 2d e7 15 30 38 8b 81 e5 29 58 9f 32 c2 35 00 98 bf 01 57 80 14 31 0d 91 16 d0 06 a2 b4 b8 3e 4f ad 30 26 00 fe d7 cb Data Ascii: RIFFWEBPVP8L/6A+Em@;x'\|lmDl"yd"LpmxC3p]mz6A~^^1Y2";-8lFv#$)</c8-h@a$&pD -vv< _ .,~s{-08)X25W1>O0&
2025-01-14 23:17:44 UTC	1369	IN	Data Raw: b1 d5 84 d9 ec f5 9c 41 af 57 ae 52 21 e0 de 8e 8a 39 f8 ce f4 93 98 03 b1 27 be e9 17 05 01 a9 49 f7 14 ed db 98 2d 4d ff 30 bb 7e a5 8e da de 49 92 02 08 58 cc 89 33 22 e1 5d 62 29 d1 a2 06 92 a0 26 89 a5 bd 80 de 28 84 7b 53 45 e6 b6 61 65 ad a9 f8 9d dc 3b 00 a7 b6 6d 4d b3 14 64 36 ed a4 fa da c2 6b b4 e5 d4 d6 96 da 4c a5 94 3d 50 83 bd 15 d5 bf 10 4d a7 97 2e ea 1f 03 f5 81 fb 36 c4 ec ca 6c ca 7e d0 64 df 0e b1 62 f3 e4 90 4b 3e 33 ab 4e bb 7a d2 2e 34 ad 64 ca 75 38 c6 2d 7e 64 9e ec a6 a8 99 4a 14 7b a6 3a fb 66 d8 0d d8 d5 8c 2c a2 d2 66 0e 85 db b0 ec 3e a9 b8 29 84 b5 85 cd 16 5f 85 09 90 21 c8 15 11 61 94 da ef 2e c3 9a 39 15 9f fe c8 e9 9e 46 35 89 01 bd 19 e1 47 f7 de b0 98 21 a9 0d 80 89 34 2c 64 d3 e0 35 9a 65 37 43 1b 3a 75 46 14 03 70 Data Ascii: AWR!9'I-M0~IX3"]b)&({SEae;mMd6kL=PM.6l~dbK>3Nz.4du8-~dJ{:f,f>)_!a.9F5G!4,d5e7C:uFp
2025-01-14 23:17:44 UTC	900	IN	Data Raw: 45 8e cd 08 f7 ad 21 48 ba 99 f2 39 3f 8f ef 0b 1e 2d c1 58 af 79 a5 ee 8c e6 e8 dc e1 e3 fb 07 68 f5 51 e8 4d 29 50 c5 8d 14 83 f9 f1 fa be 80 76 d4 e6 06 20 aa e8 dd 06 53 30 d8 7c 97 51 32 c2 77 f3 56 c5 0d 93 cf 16 24 af fb c1 18 1f ba 96 74 cb e4 73 ed 38 2e 71 bc c2 7c b0 5f ea bc 18 58 82 79 dc 8f 23 cc 0f 4d a1 2a cc 78 18 3d ab 09 14 fd 82 2f 30 d0 0f 9a 11 e4 23 06 dd d5 12 7e bf 35 67 19 cc 30 22 fd 68 1e 29 34 39 bb b1 4b f8 38 c7 a5 39 4b b0 9f 65 24 28 b2 d4 f5 02 0c 3f ce cd 17 67 39 8b 72 0a ea bf 7c 6e 46 73 9c e2 d2 9c 04 18 30 bb 17 e7 e8 91 18 c4 aa f3 e3 e3 1c 0f 80 1b ec fd 16 be b7 45 0c d6 71 3c be 3e d6 7d 83 d8 54 dc 2e 5b 80 c7 f9 f2 26 f7 a8 bf 9e 61 9a 71 9f 71 79 fd f8 fa 3a 0b 11 f5 55 b2 65 14 91 08 f6 71 2a af 27 c0 56 8c Data Ascii: E!H9?-XyhQM)Pv S0\|Q2wV$ts8.q\|_Xy#Mx=/0#~5g0"h)49K89Ke$(?g9r\|nFs0Eq<>}T.[&aqqy:Ueq'V

Timestamp	Bytes transferred	Direction	Data
2025-01-14 23:17:44 UTC	815	OUT	GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1 Host: www.cloudflare.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.cloudflare.com/learning/access-management/phishing-attack/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: __cf_bm=n3y4Vw.9wY0YhMep_639CvwOXXC_1PgvhVD5bYt9r90-1736896663-1.0.1.1-NpCDUaQ9KPPIAX.3jkwh34o_FG7hfocSnR9IQ02erTgIpoaOaCWXKjO1uMUPqwm92V6ABVg1TA2wB3wG7VejxWVGh5VJNSu2E6pYYaj5MPM
2025-01-14 23:17:44 UTC	764	IN	HTTP/1.1 200 OK Date: Tue, 14 Jan 2025 23:17:44 GMT Content-Type: application/javascript Content-Length: 12332 Connection: close Last-Modified: Tue, 07 Jan 2025 14:32:14 GMT ETag: "677d3aee-302c" Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lre9DL7%2BXlh5%2F8vgl2JuXt5eyw0paj2eusjfkhwVcHR3TQnEt3x7iny%2FP6osnq408vc9THl%2FlAd2oWNMxHj806BY3z6IwCO%2BOatvVBF0JoKD%2BwM6Ly8CXgnQmJBN0D5cqx9d5g%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 902157579ed9c33c-EWR X-Frame-Options: DENY X-Content-Type-Options: nosniff Expires: Thu, 16 Jan 2025 23:17:44 GMT Cache-Control: max-age=172800 Cache-Control: public Accept-Ranges: bytes
2025-01-14 23:17:44 UTC	605	IN	Data Raw: 21 66 75 6e 63 74 69 6f 6e 28 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 66 75 6e 63 74 69 6f 6e 20 74 28 29 7b 72 65 74 75 72 6e 22 63 66 2d 6d 61 72 6b 65 72 2d 22 2b 4d 61 74 68 2e 72 61 6e 64 6f 6d 28 29 2e 74 6f 53 74 72 69 6e 67 28 29 2e 73 6c 69 63 65 28 32 29 7d 66 75 6e 63 74 69 6f 6e 20 65 28 29 7b 66 6f 72 28 76 61 72 20 74 3d 5b 5d 2c 65 3d 30 3b 65 3c 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3b 65 2b 2b 29 74 5b 65 5d 3d 61 72 67 75 6d 65 6e 74 73 5b 65 5d 3b 28 6e 3d 63 6f 6e 73 6f 6c 65 2e 77 61 72 6e 7c 7c 63 6f 6e 73 6f 6c 65 2e 6c 6f 67 29 2e 63 61 6c 6c 2e 61 70 70 6c 79 28 6e 2c 5b 63 6f 6e 73 6f 6c 65 2c 22 5b 52 4f 43 4b 45 54 20 4c 4f 41 44 45 52 5d 20 22 5d 2e 63 6f 6e 63 61 74 28 74 29 29 3b 76 61 72 20 6e 7d 66 75 6e 63 Data Ascii: !function(){"use strict";function t(){return"cf-marker-"+Math.random().toString().slice(2)}function e(){for(var t=[],e=0;e<arguments.length;e++)t[e]=arguments[e];(n=console.warn\|\|console.log).call.apply(n,[console,"[ROCKET LOADER] "].concat(t));var n}func
2025-01-14 23:17:44 UTC	1369	IN	Data Raw: 63 74 69 6f 6e 20 63 28 74 29 7b 72 65 74 75 72 6e 20 61 28 74 2c 22 22 29 7d 66 75 6e 63 74 69 6f 6e 20 73 28 74 2c 65 29 7b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 69 66 28 65 28 29 2c 74 29 72 65 74 75 72 6e 20 74 2e 63 61 6c 6c 28 74 68 69 73 2c 6e 29 7d 7d 66 75 6e 63 74 69 6f 6e 20 75 28 74 2c 65 29 7b 74 2e 6f 6e 6c 6f 61 64 3d 73 28 74 2e 6f 6e 6c 6f 61 64 2c 65 29 2c 74 2e 6f 6e 65 72 72 6f 72 3d 73 28 74 2e 6f 6e 65 72 72 6f 72 2c 65 29 7d 66 75 6e 63 74 69 6f 6e 20 70 28 74 29 7b 76 61 72 20 65 3d 64 6f 63 75 6d 65 6e 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 4e 53 28 74 2e 6e 61 6d 65 73 70 61 63 65 55 52 49 2c 22 73 63 72 69 70 74 22 29 3b 65 2e 61 73 79 6e 63 3d 74 2e 68 61 73 41 74 74 72 69 62 75 74 65 28 22 61 73 79 6e Data Ascii: ction c(t){return a(t,"")}function s(t,e){return function(n){if(e(),t)return t.call(this,n)}}function u(t,e){t.onload=s(t.onload,e),t.onerror=s(t.onerror,e)}function p(t){var e=document.createElementNS(t.namespaceURI,"script");e.async=t.hasAttribute("asyn
2025-01-14 23:17:44 UTC	1369	IN	Data Raw: 65 28 52 29 3b 69 66 28 21 65 29 72 65 74 75 72 6e 20 6e 75 6c 6c 3b 76 61 72 20 6e 3d 65 2e 73 70 6c 69 74 28 54 29 3b 72 65 74 75 72 6e 7b 6e 6f 6e 63 65 3a 6e 5b 30 5d 2c 68 61 6e 64 6c 65 72 50 72 65 66 69 78 4c 65 6e 67 74 68 3a 2b 6e 5b 31 5d 2c 62 61 69 6c 6f 75 74 3a 21 74 2e 68 61 73 41 74 74 72 69 62 75 74 65 28 22 64 65 66 65 72 22 29 7d 7d 66 75 6e 63 74 69 6f 6e 20 67 28 74 29 7b 76 61 72 20 65 3d 42 2b 74 2e 6e 6f 6e 63 65 3b 41 72 72 61 79 2e 70 72 6f 74 6f 74 79 70 65 2e 66 6f 72 45 61 63 68 2e 63 61 6c 6c 28 64 6f 63 75 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 22 5b 22 2b 65 2b 22 5d 22 29 2c 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 6e 2e 72 65 6d 6f 76 65 41 74 74 72 69 62 75 74 65 28 65 29 2c 41 72 72 61 79 2e 70 72 Data Ascii: e(R);if(!e)return null;var n=e.split(T);return{nonce:n[0],handlerPrefixLength:+n[1],bailout:!t.hasAttribute("defer")}}function g(t){var e=B+t.nonce;Array.prototype.forEach.call(document.querySelectorAll("["+e+"]"),function(n){n.removeAttribute(e),Array.pr
2025-01-14 23:17:44 UTC	1369	IN	Data Raw: 70 74 31 2e 30 22 3a 21 30 2c 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 31 2e 31 22 3a 21 30 2c 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 31 2e 32 22 3a 21 30 2c 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 31 2e 33 22 3a 21 30 2c 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 31 2e 34 22 3a 21 30 2c 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 31 2e 35 22 3a 21 30 2c 22 74 65 78 74 2f 6a 73 63 72 69 70 74 22 3a 21 30 2c 22 74 65 78 74 2f 6c 69 76 65 73 63 72 69 70 74 22 3a 21 30 2c 22 74 65 78 74 2f 78 2d 65 63 6d 61 73 63 72 69 70 74 22 3a 21 30 2c 22 74 65 78 74 2f 78 2d 6a 61 76 61 73 63 72 69 70 74 22 3a 21 30 2c 6d 6f 64 75 6c 65 3a 21 30 7d 2c 6b 3d 76 6f 69 64 20 30 21 3d 3d 64 6f 63 75 6d 65 6e 74 2e 63 72 65 61 74 65 45 6c 65 Data Ascii: pt1.0":!0,"text/javascript1.1":!0,"text/javascript1.2":!0,"text/javascript1.3":!0,"text/javascript1.4":!0,"text/javascript1.5":!0,"text/jscript":!0,"text/livescript":!0,"text/x-ecmascript":!0,"text/x-javascript":!0,module:!0},k=void 0!==document.createEle
2025-01-14 23:17:44 UTC	1369	IN	Data Raw: 74 2e 70 72 6f 74 6f 74 79 70 65 2e 68 61 73 4e 6f 6e 63 65 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 30 3d 3d 3d 28 74 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 74 79 70 65 22 29 7c 7c 22 22 29 2e 69 6e 64 65 78 4f 66 28 74 68 69 73 2e 6e 6f 6e 63 65 29 7d 2c 74 2e 70 72 6f 74 6f 74 79 70 65 2e 72 65 6d 6f 76 65 4e 6f 6e 63 65 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 74 2e 74 79 70 65 3d 74 2e 74 79 70 65 2e 73 75 62 73 74 72 28 74 68 69 73 2e 6e 6f 6e 63 65 2e 6c 65 6e 67 74 68 29 7d 2c 74 2e 70 72 6f 74 6f 74 79 70 65 2e 6d 61 6b 65 4e 6f 6e 45 78 65 63 75 74 61 62 6c 65 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 74 2e 74 79 70 65 3d 74 68 69 73 2e 6e 6f 6e 63 65 2b 74 2e 74 79 70 65 7d 2c 74 2e 70 72 6f 74 6f 74 79 70 65 2e 69 73 50 65 Data Ascii: t.prototype.hasNonce=function(t){return 0===(t.getAttribute("type")\|\|"").indexOf(this.nonce)},t.prototype.removeNonce=function(t){t.type=t.type.substr(this.nonce.length)},t.prototype.makeNonExecutable=function(t){t.type=this.nonce+t.type},t.prototype.isPe
2025-01-14 23:17:44 UTC	1369	IN	Data Raw: 70 72 6f 74 6f 74 79 70 65 2e 65 6e 61 62 6c 65 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 76 61 72 20 65 3d 74 68 69 73 3b 74 68 69 73 2e 69 6e 73 65 72 74 69 6f 6e 50 6f 69 6e 74 4d 61 72 6b 65 72 3d 74 2c 74 68 69 73 2e 62 75 66 66 65 72 3d 22 22 2c 64 6f 63 75 6d 65 6e 74 2e 77 72 69 74 65 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 66 6f 72 28 76 61 72 20 74 3d 5b 5d 2c 6e 3d 30 3b 6e 3c 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3b 6e 2b 2b 29 74 5b 6e 5d 3d 61 72 67 75 6d 65 6e 74 73 5b 6e 5d 3b 72 65 74 75 72 6e 20 65 2e 77 72 69 74 65 28 74 2c 21 31 29 7d 2c 64 6f 63 75 6d 65 6e 74 2e 77 72 69 74 65 6c 6e 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 66 6f 72 28 76 61 72 20 74 3d 5b 5d 2c 6e 3d 30 3b 6e 3c 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3b 6e 2b Data Ascii: prototype.enable=function(t){var e=this;this.insertionPointMarker=t,this.buffer="",document.write=function(){for(var t=[],n=0;n<arguments.length;n++)t[n]=arguments[n];return e.write(t,!1)},document.writeln=function(){for(var t=[],n=0;n<arguments.length;n+
2025-01-14 23:17:44 UTC	1369	IN	Data Raw: 74 6f 74 79 70 65 2e 77 72 69 74 65 3d 66 75 6e 63 74 69 6f 6e 28 74 2c 65 29 7b 76 61 72 20 6e 3d 64 6f 63 75 6d 65 6e 74 2e 63 75 72 72 65 6e 74 53 63 72 69 70 74 3b 6e 26 26 69 28 6e 29 26 26 6e 2e 68 61 73 41 74 74 72 69 62 75 74 65 28 22 61 73 79 6e 63 22 29 3f 28 72 3d 65 3f 5f 3a 4c 29 2e 63 61 6c 6c 2e 61 70 70 6c 79 28 72 2c 5b 64 6f 63 75 6d 65 6e 74 5d 2e 63 6f 6e 63 61 74 28 74 29 29 3a 74 68 69 73 2e 62 75 66 66 65 72 2b 3d 74 2e 6d 61 70 28 53 74 72 69 6e 67 29 2e 6a 6f 69 6e 28 65 3f 22 5c 6e 22 3a 22 22 29 3b 76 61 72 20 72 7d 2c 74 7d 28 29 2c 6a 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 66 75 6e 63 74 69 6f 6e 20 74 28 29 7b 76 61 72 20 74 3d 74 68 69 73 3b 74 68 69 73 2e 73 69 6d 75 6c 61 74 65 64 52 65 61 64 79 53 74 61 74 65 3d 22 6c 6f 61 Data Ascii: totype.write=function(t,e){var n=document.currentScript;n&&i(n)&&n.hasAttribute("async")?(r=e?_:L).call.apply(r,[document].concat(t)):this.buffer+=t.map(String).join(e?"\n":"");var r},t}(),j=function(){function t(){var t=this;this.simulatedReadyState="loa
2025-01-14 23:17:44 UTC	1369	IN	Data Raw: 76 65 6e 74 73 49 6e 50 72 6f 78 69 65 73 3d 21 30 7d 2c 30 29 7d 2c 74 2e 70 72 6f 74 6f 74 79 70 65 2e 73 65 74 75 70 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 50 72 6f 78 79 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 74 3d 74 68 69 73 3b 28 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 45 76 65 6e 74 54 61 72 67 65 74 3f 5b 45 76 65 6e 74 54 61 72 67 65 74 2e 70 72 6f 74 6f 74 79 70 65 5d 3a 5b 4e 6f 64 65 2e 70 72 6f 74 6f 74 79 70 65 2c 57 69 6e 64 6f 77 2e 70 72 6f 74 6f 74 79 70 65 5d 29 2e 66 6f 72 45 61 63 68 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 74 2e 70 61 74 63 68 45 76 65 6e 74 54 61 72 67 65 74 4d 65 74 68 6f 64 73 28 65 29 7d 29 7d 2c 74 2e 70 72 6f 74 6f 74 79 70 65 2e 70 61 74 63 68 45 76 65 6e 74 54 Data Ascii: ventsInProxies=!0},0)},t.prototype.setupEventListenerProxy=function(){var t=this;("undefined"!=typeof EventTarget?[EventTarget.prototype]:[Node.prototype,Window.prototype]).forEach(function(e){return t.patchEventTargetMethods(e)})},t.prototype.patchEventT
2025-01-14 23:17:44 UTC	1369	IN	Data Raw: 73 53 69 6d 75 6c 61 74 6f 72 22 2c 7b 76 61 6c 75 65 3a 6e 65 77 20 6a 7d 29 2c 74 2e 5f 5f 72 6f 63 6b 65 74 4c 6f 61 64 65 72 4c 6f 61 64 50 72 6f 67 72 65 73 73 53 69 6d 75 6c 61 74 6f 72 7d 28 29 2c 57 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 66 75 6e 63 74 69 6f 6e 20 74 28 74 2c 65 29 7b 74 68 69 73 2e 73 63 72 69 70 74 53 74 61 63 6b 3d 74 2c 74 68 69 73 2e 73 65 74 74 69 6e 67 73 3d 65 2c 74 68 69 73 2e 70 72 65 6c 6f 61 64 48 69 6e 74 73 3d 5b 5d 7d 72 65 74 75 72 6e 20 74 2e 70 72 6f 74 6f 74 79 70 65 2e 69 6e 73 65 72 74 50 72 65 6c 6f 61 64 48 69 6e 74 73 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 74 3d 74 68 69 73 3b 74 68 69 73 2e 73 63 72 69 70 74 53 74 61 63 6b 2e 66 6f 72 45 61 63 68 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 69 66 28 61 28 Data Ascii: sSimulator",{value:new j}),t.__rocketLoaderLoadProgressSimulator}(),W=function(){function t(t,e){this.scriptStack=t,this.settings=e,this.preloadHints=[]}return t.prototype.insertPreloadHints=function(){var t=this;this.scriptStack.forEach(function(e){if(a(
2025-01-14 23:17:44 UTC	775	IN	Data Raw: 63 74 69 76 61 74 65 53 63 72 69 70 74 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 76 61 72 20 6e 3d 74 2e 73 63 72 69 70 74 2c 72 3d 74 2e 70 6c 61 63 65 68 6f 6c 64 65 72 2c 6f 3d 74 2e 65 78 74 65 72 6e 61 6c 2c 69 3d 74 2e 61 73 79 6e 63 2c 61 3d 72 2e 70 61 72 65 6e 74 4e 6f 64 65 3b 69 66 28 21 64 6f 63 75 6d 65 6e 74 2e 63 6f 6e 74 61 69 6e 73 28 72 29 29 72 65 74 75 72 6e 20 65 28 22 50 6c 61 63 65 68 6f 6c 64 65 72 20 66 6f 72 20 73 63 72 69 70 74 20 5c 6e 22 2b 6e 2e 6f 75 74 65 72 48 54 4d 4c 2b 22 5c 6e 20 77 61 73 20 64 65 74 61 63 68 65 64 20 66 72 6f 6d 20 64 6f 63 75 6d 65 6e 74 2e 22 2c 22 53 63 72 69 70 74 20 77 69 6c 6c 20 6e 6f 74 20 62 65 20 65 78 65 63 75 74 65 64 2e 22 29 2c 6e 75 6c 6c 3b 76 61 72 20 63 3d 74 68 69 73 2e 73 65 74 74 69 Data Ascii: ctivateScript=function(t){var n=t.script,r=t.placeholder,o=t.external,i=t.async,a=r.parentNode;if(!document.contains(r))return e("Placeholder for script \n"+n.outerHTML+"\n was detached from document.","Script will not be executed."),null;var c=this.setti

Timestamp	Bytes transferred	Direction	Data
2025-01-14 23:17:44 UTC	860	OUT	GET /slt3lc6tev37/6bNeiYhSx0RGvbzxS5Fi8c/3ff83bcc36e86e85170201f8264b2c1c/banner-new.png HTTP/1.1 Host: cf-assets.www.cloudflare.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.cloudflare.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: __cf_bm=n3y4Vw.9wY0YhMep_639CvwOXXC_1PgvhVD5bYt9r90-1736896663-1.0.1.1-NpCDUaQ9KPPIAX.3jkwh34o_FG7hfocSnR9IQ02erTgIpoaOaCWXKjO1uMUPqwm92V6ABVg1TA2wB3wG7VejxWVGh5VJNSu2E6pYYaj5MPM
2025-01-14 23:17:44 UTC	856	IN	HTTP/1.1 200 OK Date: Tue, 14 Jan 2025 23:17:44 GMT Content-Type: image/webp Content-Length: 2238 Connection: close CF-Ray: 902157577d530dc7-EWR CF-Cache-Status: HIT Accept-Ranges: bytes Age: 83201 Cache-Control: max-age=604800 Content-Disposition: inline; filename="banner-new.webp" ETag: "a9df8b6f62f4aeb1b4699a2ae4b291bb" Last-Modified: Thu, 22 Aug 2024 13:46:01 GMT Vary: Accept Cf-Bgj: imgq:85,h2pri Cf-Polished: origFmt=png, origSize=3127 Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YI1C5GcC2Qf%2FF3P2bSad9EdXWBsUTEhybWmKD6djtLowmqizfKnHmvgG%2BE1q%2FRmOGAYyACp0vZLsrB664%2FlhjDTJQaq9tPhc4DAOb805GkYj189Ihsg4RbpG8HJUuHHFuJwE4UTVGdVgjDoY7vc%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare alt-svc: h3=":443"; ma=86400
2025-01-14 23:17:44 UTC	513	IN	Data Raw: 52 49 46 46 b6 08 00 00 57 45 42 50 56 50 38 4c aa 08 00 00 2f 99 82 15 10 19 45 6d db 40 ca 3b e3 8f f8 1e 82 88 fe 4f 80 3c 36 b1 09 c4 86 4c da 26 fe 6d af d7 14 08 04 92 11 f2 a7 1b 65 10 fa 2f 24 48 b0 39 45 8e 59 a1 1f 18 05 25 49 92 e3 48 92 1b 7a 99 ff bf 62 8e f3 bc 7d 18 22 45 00 64 82 11 0e f6 8d 61 db b6 61 e8 b5 ff 5f 5c 4c 90 23 49 52 24 79 2e 0b b4 07 cf d3 5f 1e c6 70 50 5b 5b d0 5c 1b 18 81 06 fb 23 cc 04 5b 13 5c 02 a4 81 34 c1 04 2e 02 11 88 60 04 48 90 e4 c6 6d 24 e7 8e 52 0b 70 b1 5c 40 b9 de 62 11 04 e1 f7 ee 6f ec 13 fd 7f c3 92 90 e0 0c 08 3e cf 40 1e f8 c9 4f 70 3f 30 d0 5f b7 02 77 8a b3 66 70 30 d4 46 7c c7 2a 66 07 e0 8f 5e d6 3f bd 16 65 df 14 ed cd 51 1e d4 66 b1 c3 c8 d8 ce df fc 54 f1 7c 3d fd d9 db 2d 85 6d d6 07 8c 15 31 Data Ascii: RIFFWEBPVP8L/Em@;O<6L&me/$H9EY%IHzb}"Edaa_\L#IR$y._pP[[\#[\4.`Hm$Rp\@bo>@Op?0_wfp0F\|*f^?eQfT\|=-m1
2025-01-14 23:17:44 UTC	1369	IN	Data Raw: 52 a2 e9 55 14 0a 3f 50 7a 37 b5 69 9c f7 27 fd e0 2e 16 45 65 d2 82 1d 3a ff 9d a4 02 a4 0a 39 b0 c6 01 80 22 e9 01 ee 6e 0d 6e 5c 24 ab e5 4c b1 44 71 81 27 f1 4a 17 e1 8b f1 19 20 15 c6 c0 4d 80 8a e2 2b 06 b2 40 0c 14 2b 1b 50 05 30 70 91 37 90 3e e4 80 20 28 4a d3 59 00 c9 d7 54 72 eb 08 49 47 8c 74 08 03 25 e4 a6 76 99 3c 37 15 37 3e 29 f4 9e 03 e0 82 cd 02 28 91 57 85 51 3a 7b 26 03 70 b4 28 c0 44 14 20 b3 09 05 2e 82 00 f5 84 31 50 44 f7 36 65 7f 15 e6 b4 ce c6 66 b5 88 e9 07 ca 91 0e 58 da f4 32 df 9e 36 ef 42 d3 e7 f5 c0 e4 63 01 41 00 be 12 0d cc 6d a7 8a da 74 76 29 db 81 19 bb 03 81 1e c9 80 25 64 42 fe 1e d1 81 9b 11 05 92 26 0e d8 d0 26 90 00 ad a2 36 9b 5d bd 0c f4 44 9e 5c 37 fe c0 c4 81 09 c7 03 99 c2 0f 54 31 31 e6 ba 26 85 0d 19 ad 1f Data Ascii: RU?Pz7i'.Ee:9"nn\$LDq'J M+@+P0p7> (JYTrIGt%v<77>)(WQ:{&p(D .1PD6efX26BcAmtv)%dB&&6]D\7T11&
2025-01-14 23:17:44 UTC	356	IN	Data Raw: 2f 10 84 d4 9f 2b 53 bf 0e de ae fc 82 af 43 05 08 02 65 80 89 4c 20 29 92 09 6b 92 20 64 64 f6 62 1a 80 b0 7b e6 83 d9 41 11 28 dd ae 2e cc c5 f7 26 f7 15 c5 08 03 36 f8 49 fb a3 be 00 16 1c 2a 00 51 cc a0 20 d7 44 37 41 40 b0 45 b6 83 fa 57 a7 0f 09 e9 b6 ce 09 9f 3b 34 c4 c5 81 ac 8d 4e 51 9d 3b 92 9b 9f e1 9f fb 31 6e 1e d2 14 e9 3c 26 b4 01 e6 ac b0 e4 02 57 a0 07 a0 18 28 ad b8 a4 f6 e4 56 75 60 72 80 9b 01 05 6a 33 67 4d 82 c1 d7 17 32 bc e9 3f 7f 6a 46 fb 7f 2e c8 97 ce 3c 70 bd 36 60 0a 0a 9c 04 d2 26 5b 6e 14 92 86 15 e8 91 1b 21 68 28 02 4f ac 02 b0 4c a4 6d a7 8a 36 44 87 fb d3 58 25 b7 00 c9 dc 48 47 e0 e1 8c 35 ac 90 4c d0 c1 4f 70 04 4c 4f ab 37 5d ad ed a8 e2 2f 4e c8 39 32 10 48 ef 2d 80 91 25 03 89 31 83 1a ef f1 59 89 61 4d 10 fe bb b7 Data Ascii: /+SCeL )k ddb{A(.&6I*Q D7A@EW;4NQ;1n<&W(Vu`rj3gM2?jF.<p6`&[n!h(OLm6DX%HG5LOpLO7]/N92H-%1YaM

Timestamp	Bytes transferred	Direction	Data
2025-01-14 23:17:44 UTC	624	OUT	GET /beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 HTTP/1.1 Host: static.cloudflareinsights.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Origin: https://www.cloudflare.com sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: script Referer: https://www.cloudflare.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-14 23:17:44 UTC	373	IN	HTTP/1.1 200 OK Date: Tue, 14 Jan 2025 23:17:44 GMT Content-Type: text/javascript;charset=UTF-8 Content-Length: 19948 Connection: close Access-Control-Allow-Origin: * Cache-Control: public, max-age=86400 ETag: W/"2024.6.1" Last-Modified: Thu, 06 Jun 2024 15:52:56 GMT Cross-Origin-Resource-Policy: cross-origin Server: cloudflare CF-RAY: 90215757af310f78-EWR
2025-01-14 23:17:44 UTC	996	IN	Data Raw: 21 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 65 3d 7b 33 34 33 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 66 6f 72 28 76 61 72 20 74 3d 5b 5d 2c 6e 3d 30 3b 6e 3c 32 35 36 3b 2b 2b 6e 29 74 5b 6e 5d 3d 28 6e 2b 32 35 36 29 2e 74 6f 53 74 72 69 6e 67 28 31 36 29 2e 73 75 62 73 74 72 28 31 29 3b 65 2e 65 78 70 6f 72 74 73 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 6e 29 7b 76 61 72 20 72 3d 6e 7c 7c 30 2c 69 3d 74 3b 72 65 74 75 72 6e 5b 69 5b 65 5b 72 2b 2b 5d 5d 2c 69 5b 65 5b 72 2b 2b 5d 5d 2c 69 5b 65 5b 72 2b 2b 5d 5d 2c 69 5b 65 5b 72 2b 2b 5d 5d 2c 22 2d 22 2c 69 5b 65 5b 72 2b 2b 5d 5d 2c 69 5b 65 5b 72 2b 2b 5d 5d 2c 22 2d 22 2c 69 5b 65 5b 72 2b 2b 5d 5d 2c 69 5b 65 5b 72 2b 2b 5d 5d 2c 22 2d 22 2c 69 5b 65 5b 72 2b Data Ascii: !function(){var e={343:function(e){"use strict";for(var t=[],n=0;n<256;++n)t[n]=(n+256).toString(16).substr(1);e.exports=function(e,n){var r=n\|\|0,i=t;return[i[e[r++]],i[e[r++]],i[e[r++]],i[e[r++]],"-",i[e[r++]],i[e[r++]],"-",i[e[r++]],i[e[r++]],"-",i[e[r+
2025-01-14 23:17:44 UTC	1369	IN	Data Raw: 3b 69 66 28 61 5b 36 5d 3d 31 35 26 61 5b 36 5d 7c 36 34 2c 61 5b 38 5d 3d 36 33 26 61 5b 38 5d 7c 31 32 38 2c 74 29 66 6f 72 28 76 61 72 20 63 3d 30 3b 63 3c 31 36 3b 2b 2b 63 29 74 5b 6f 2b 63 5d 3d 61 5b 63 5d 3b 72 65 74 75 72 6e 20 74 7c 7c 69 28 61 29 7d 7d 2c 31 36 38 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 72 3d 74 68 69 73 26 26 74 68 69 73 2e 5f 5f 61 73 73 69 67 6e 7c 7c 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 72 3d 4f 62 6a 65 63 74 2e 61 73 73 69 67 6e 7c 7c 66 75 6e 63 74 69 6f 6e 28 65 29 7b 66 6f 72 28 76 61 72 20 74 2c 6e 3d 31 2c 72 3d 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3b 6e 3c 72 3b 6e 2b 2b 29 66 6f 72 28 76 61 72 20 69 20 69 6e 20 74 3d 61 72 67 Data Ascii: ;if(a[6]=15&a[6]\|64,a[8]=63&a[8]\|128,t)for(var c=0;c<16;++c)t[o+c]=a[c];return t\|\|i(a)}},168:function(e,t,n){"use strict";var r=this&&this.__assign\|\|function(){return r=Object.assign\|\|function(e){for(var t,n=1,r=arguments.length;n<r;n++)for(var i in t=arg
2025-01-14 23:17:44 UTC	1369	IN	Data Raw: 72 63 68 50 61 72 61 6d 73 29 7b 76 61 72 20 79 3d 6e 65 77 20 55 52 4c 53 65 61 72 63 68 50 61 72 61 6d 73 28 67 2e 72 65 70 6c 61 63 65 28 2f 5e 5b 5e 5c 3f 5d 2b 5c 3f 3f 2f 2c 22 22 29 29 2c 68 3d 79 2e 67 65 74 28 22 74 6f 6b 65 6e 22 29 3b 68 26 26 28 70 2e 74 6f 6b 65 6e 3d 68 29 3b 76 61 72 20 54 3d 79 2e 67 65 74 28 22 73 70 61 22 29 3b 70 2e 73 70 61 3d 6e 75 6c 6c 3d 3d 3d 54 7c 7c 22 74 72 75 65 22 3d 3d 3d 54 7d 7d 70 26 26 22 6d 75 6c 74 69 22 21 3d 3d 70 2e 6c 6f 61 64 26 26 28 70 2e 6c 6f 61 64 3d 22 73 69 6e 67 6c 65 22 29 2c 77 69 6e 64 6f 77 2e 5f 5f 63 66 42 65 61 63 6f 6e 3d 70 7d 69 66 28 73 26 26 70 26 26 70 2e 74 6f 6b 65 6e 29 7b 76 61 72 20 77 2c 53 2c 62 3d 21 31 3b 64 6f 63 75 6d 65 6e 74 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 Data Ascii: rchParams){var y=new URLSearchParams(g.replace(/^[^\?]+\??/,"")),h=y.get("token");h&&(p.token=h);var T=y.get("spa");p.spa=null===T\|\|"true"===T}}p&&"multi"!==p.load&&(p.load="single"),window.__cfBeacon=p}if(s&&p&&p.token){var w,S,b=!1;document.addEventList
2025-01-14 23:17:44 UTC	1369	IN	Data Raw: 2e 74 69 6d 69 6e 67 73 56 32 3d 7b 7d 2c 64 2e 76 65 72 73 69 6f 6e 73 2e 74 69 6d 69 6e 67 73 3d 32 2c 64 2e 64 74 3d 6d 5b 30 5d 2e 64 65 6c 69 76 65 72 79 54 79 70 65 2c 64 65 6c 65 74 65 20 64 2e 74 69 6d 69 6e 67 73 2c 74 28 6d 5b 30 5d 2c 64 2e 74 69 6d 69 6e 67 73 56 32 29 29 7d 31 3d 3d 3d 64 2e 76 65 72 73 69 6f 6e 73 2e 74 69 6d 69 6e 67 73 26 26 74 28 63 2c 64 2e 74 69 6d 69 6e 67 73 29 2c 74 28 75 2c 64 2e 6d 65 6d 6f 72 79 29 7d 65 6c 73 65 20 4f 28 64 29 3b 72 65 74 75 72 6e 20 64 2e 66 69 72 73 74 50 61 69 6e 74 3d 6b 28 22 66 69 72 73 74 2d 70 61 69 6e 74 22 29 2c 64 2e 66 69 72 73 74 43 6f 6e 74 65 6e 74 66 75 6c 50 61 69 6e 74 3d 6b 28 22 66 69 72 73 74 2d 63 6f 6e 74 65 6e 74 66 75 6c 2d 70 61 69 6e 74 22 29 2c 70 26 26 28 70 2e 69 63 Data Ascii: .timingsV2={},d.versions.timings=2,d.dt=m[0].deliveryType,delete d.timings,t(m[0],d.timingsV2))}1===d.versions.timings&&t(c,d.timings),t(u,d.memory)}else O(d);return d.firstPaint=k("first-paint"),d.firstContentfulPaint=k("first-contentful-paint"),p&&(p.ic
2025-01-14 23:17:44 UTC	1369	IN	Data Raw: 65 72 65 64 3a 21 30 7d 7d 3b 22 63 6f 6d 70 6c 65 74 65 22 3d 3d 3d 77 69 6e 64 6f 77 2e 64 6f 63 75 6d 65 6e 74 2e 72 65 61 64 79 53 74 61 74 65 3f 52 28 29 3a 77 69 6e 64 6f 77 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 6c 6f 61 64 22 2c 28 66 75 6e 63 74 69 6f 6e 28 29 7b 77 69 6e 64 6f 77 2e 73 65 74 54 69 6d 65 6f 75 74 28 52 29 7d 29 29 3b 76 61 72 20 41 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 4c 26 26 30 3d 3d 3d 76 2e 66 69 6c 74 65 72 28 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 65 2e 69 64 3d 3d 3d 6c 7d 29 29 2e 6c 65 6e 67 74 68 7d 2c 5f 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 2e 70 75 73 68 28 7b 69 64 3a 6c 2c 75 72 6c 3a 65 2c 74 73 3a 28 6e 65 77 20 44 61 74 65 29 2e 67 65 74 54 69 6d 65 Data Ascii: ered:!0}};"complete"===window.document.readyState?R():window.addEventListener("load",(function(){window.setTimeout(R)}));var A=function(){return L&&0===v.filter((function(e){return e.id===l})).length},_=function(e){v.push({id:l,url:e,ts:(new Date).getTime
2025-01-14 23:17:44 UTC	1369	IN	Data Raw: 72 63 65 4c 6f 61 64 54 69 6d 65 2c 45 2e 6c 63 70 2e 65 72 64 3d 63 2e 65 6c 65 6d 65 6e 74 52 65 6e 64 65 72 44 65 6c 61 79 2c 45 2e 6c 63 70 2e 69 74 3d 6e 75 6c 6c 3d 3d 3d 28 69 3d 63 2e 6c 63 70 52 65 73 6f 75 72 63 65 45 6e 74 72 79 29 7c 7c 76 6f 69 64 20 30 3d 3d 3d 69 3f 76 6f 69 64 20 30 3a 69 2e 69 6e 69 74 69 61 74 6f 72 54 79 70 65 2c 45 2e 6c 63 70 2e 66 70 3d 6e 75 6c 6c 3d 3d 3d 28 61 3d 6e 75 6c 6c 3d 3d 3d 28 6f 3d 63 2e 6c 63 70 45 6e 74 72 79 29 7c 7c 76 6f 69 64 20 30 3d 3d 3d 6f 3f 76 6f 69 64 20 30 3a 6f 2e 65 6c 65 6d 65 6e 74 29 7c 7c 76 6f 69 64 20 30 3d 3d 3d 61 3f 76 6f 69 64 20 30 3a 61 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 66 65 74 63 68 70 72 69 6f 72 69 74 79 22 29 29 3b 62 72 65 61 6b 3b 63 61 73 65 22 49 4e 50 22 Data Ascii: rceLoadTime,E.lcp.erd=c.elementRenderDelay,E.lcp.it=null===(i=c.lcpResourceEntry)\|\|void 0===i?void 0:i.initiatorType,E.lcp.fp=null===(a=null===(o=c.lcpEntry)\|\|void 0===o?void 0:o.element)\|\|void 0===a?void 0:a.getAttribute("fetchpriority"));break;case"INP"
2025-01-14 23:17:44 UTC	1369	IN	Data Raw: 64 65 64 42 6f 64 79 53 69 7a 65 26 26 28 72 2e 64 65 63 6f 64 65 64 42 6f 64 79 53 69 7a 65 3d 6e 5b 30 5d 2e 64 65 63 6f 64 65 64 42 6f 64 79 53 69 7a 65 29 2c 65 2e 64 74 3d 6e 5b 30 5d 2e 64 65 6c 69 76 65 72 79 54 79 70 65 29 2c 74 28 72 2c 65 2e 74 69 6d 69 6e 67 73 56 32 29 7d 7d 66 75 6e 63 74 69 6f 6e 20 6b 28 65 29 7b 76 61 72 20 74 3b 69 66 28 22 66 69 72 73 74 2d 63 6f 6e 74 65 6e 74 66 75 6c 2d 70 61 69 6e 74 22 3d 3d 3d 65 26 26 45 2e 66 63 70 26 26 45 2e 66 63 70 2e 76 61 6c 75 65 29 72 65 74 75 72 6e 20 45 2e 66 63 70 2e 76 61 6c 75 65 3b 69 66 28 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 73 2e 67 65 74 45 6e 74 72 69 65 73 42 79 54 79 70 65 29 7b 76 61 72 20 6e 3d 6e 75 6c 6c 3d 3d 3d 28 74 3d 73 2e 67 65 74 45 6e 74 72 69 Data Ascii: dedBodySize&&(r.decodedBodySize=n[0].decodedBodySize),e.dt=n[0].deliveryType),t(r,e.timingsV2)}}function k(e){var t;if("first-contentful-paint"===e&&E.fcp&&E.fcp.value)return E.fcp.value;if("function"==typeof s.getEntriesByType){var n=null===(t=s.getEntri
2025-01-14 23:17:44 UTC	1369	IN	Data Raw: 76 65 6e 74 54 79 70 65 3d 7b 7d 29 29 5b 72 2e 4c 6f 61 64 3d 31 5d 3d 22 4c 6f 61 64 22 2c 72 5b 72 2e 41 64 64 69 74 69 6f 6e 61 6c 3d 32 5d 3d 22 41 64 64 69 74 69 6f 6e 61 6c 22 2c 72 5b 72 2e 57 65 62 56 69 74 61 6c 73 56 32 3d 33 5d 3d 22 57 65 62 56 69 74 61 6c 73 56 32 22 2c 28 6e 3d 74 2e 46 65 74 63 68 50 72 69 6f 72 69 74 79 7c 7c 28 74 2e 46 65 74 63 68 50 72 69 6f 72 69 74 79 3d 7b 7d 29 29 2e 48 69 67 68 3d 22 68 69 67 68 22 2c 6e 2e 4c 6f 77 3d 22 6c 6f 77 22 2c 6e 2e 41 75 74 6f 3d 22 61 75 74 6f 22 7d 2c 31 30 34 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 21 66 75 6e 63 74 69 6f 6e 28 65 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 74 2c 6e 2c 72 2c 69 2c 6f 2c 61 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 77 Data Ascii: ventType={}))[r.Load=1]="Load",r[r.Additional=2]="Additional",r[r.WebVitalsV2=3]="WebVitalsV2",(n=t.FetchPriority\|\|(t.FetchPriority={})).High="high",n.Low="low",n.Auto="auto"},104:function(e,t){!function(e){"use strict";var t,n,r,i,o,a=function(){return w
2025-01-14 23:17:44 UTC	1369	IN	Data Raw: 30 3f 72 3d 22 70 72 65 72 65 6e 64 65 72 22 3a 64 6f 63 75 6d 65 6e 74 2e 77 61 73 44 69 73 63 61 72 64 65 64 3f 72 3d 22 72 65 73 74 6f 72 65 22 3a 6e 2e 74 79 70 65 26 26 28 72 3d 6e 2e 74 79 70 65 2e 72 65 70 6c 61 63 65 28 2f 5f 2f 67 2c 22 2d 22 29 29 29 2c 7b 6e 61 6d 65 3a 65 2c 76 61 6c 75 65 3a 76 6f 69 64 20 30 3d 3d 3d 74 3f 2d 31 3a 74 2c 72 61 74 69 6e 67 3a 22 67 6f 6f 64 22 2c 64 65 6c 74 61 3a 30 2c 65 6e 74 72 69 65 73 3a 5b 5d 2c 69 64 3a 22 76 33 2d 22 2e 63 6f 6e 63 61 74 28 44 61 74 65 2e 6e 6f 77 28 29 2c 22 2d 22 29 2e 63 6f 6e 63 61 74 28 4d 61 74 68 2e 66 6c 6f 6f 72 28 38 39 39 39 39 39 39 39 39 39 39 39 39 2a 4d 61 74 68 2e 72 61 6e 64 6f 6d 28 29 29 2b 31 65 31 32 29 2c 6e 61 76 69 67 61 74 69 6f 6e 54 79 70 65 3a 72 7d 7d 2c Data Ascii: 0?r="prerender":document.wasDiscarded?r="restore":n.type&&(r=n.type.replace(/_/g,"-"))),{name:e,value:void 0===t?-1:t,rating:"good",delta:0,entries:[],id:"v3-".concat(Date.now(),"-").concat(Math.floor(8999999999999*Math.random())+1e12),navigationType:r}},
2025-01-14 23:17:44 UTC	1369	IN	Data Raw: 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 6d 6f 76 65 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 76 69 73 69 62 69 6c 69 74 79 63 68 61 6e 67 65 22 2c 62 2c 21 30 29 2c 72 65 6d 6f 76 65 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 22 70 72 65 72 65 6e 64 65 72 69 6e 67 63 68 61 6e 67 65 22 2c 62 2c 21 30 29 7d 2c 43 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 77 3c 30 26 26 28 77 3d 53 28 29 2c 45 28 29 2c 6c 28 28 66 75 6e 63 74 69 6f 6e 28 29 7b 73 65 74 54 69 6d 65 6f 75 74 28 28 66 75 6e 63 74 69 6f 6e 28 29 7b 77 3d 53 28 29 2c 45 28 29 7d 29 2c 30 29 7d 29 29 29 2c 7b 67 65 74 20 66 69 72 73 74 48 69 64 64 65 6e 54 69 6d 65 28 29 7b 72 65 74 75 72 6e 20 77 7d 7d 7d 2c 50 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 64 6f 63 75 6d 65 6e 74 2e 70 Data Ascii: function(){removeEventListener("visibilitychange",b,!0),removeEventListener("prerenderingchange",b,!0)},C=function(){return w<0&&(w=S(),E(),l((function(){setTimeout((function(){w=S(),E()}),0)}))),{get firstHiddenTime(){return w}}},P=function(e){document.p

Timestamp	Bytes transferred	Direction	Data
2025-01-14 23:17:44 UTC	791	OUT	GET /webpack-runtime-4c72ecef988f809df573.js HTTP/1.1 Host: www.cloudflare.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.cloudflare.com/learning/access-management/phishing-attack/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: __cf_bm=n3y4Vw.9wY0YhMep_639CvwOXXC_1PgvhVD5bYt9r90-1736896663-1.0.1.1-NpCDUaQ9KPPIAX.3jkwh34o_FG7hfocSnR9IQ02erTgIpoaOaCWXKjO1uMUPqwm92V6ABVg1TA2wB3wG7VejxWVGh5VJNSu2E6pYYaj5MPM
2025-01-14 23:17:44 UTC	956	IN	HTTP/1.1 200 OK Date: Tue, 14 Jan 2025 23:17:44 GMT Content-Type: application/javascript Transfer-Encoding: chunked Connection: close Cache-Control: public, max-age=0, must-revalidate ETag: W/"5dcec89203fd54497452872ce8969b2f" Strict-Transport-Security: max-age=31536000; includeSubDomains Permissions-Policy: geolocation=(), camera=(), microphone=() Referrer-Policy: strict-origin-when-cross-origin X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-GWW-LOC: EN-US X-PGS-LOC: EN-US X-XSS-Protection: 1; mode=block Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qx1Fwmq164nhcxdhjcq7JPkkc8Tuyk6mtX0gh8%2B2VwY0fMWBmyzu9aimoOtwB4jL11FcdREjAtHeoklldSOzqmicSngdRscLeFGSg5v4AxuxMe4DaCZt%2BFw%2BtGItNM%2FiRWm6Fw%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 9021575b7e75c32e-EWR alt-svc: h3=":443"; ma=86400
2025-01-14 23:17:44 UTC	413	IN	Data Raw: 31 38 65 33 0d 0a 21 66 75 6e 63 74 69 6f 6e 28 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 65 2c 74 2c 6e 2c 72 2c 6f 2c 63 3d 7b 7d 2c 61 3d 7b 7d 3b 66 75 6e 63 74 69 6f 6e 20 73 28 65 29 7b 76 61 72 20 74 3d 61 5b 65 5d 3b 69 66 28 76 6f 69 64 20 30 21 3d 3d 74 29 72 65 74 75 72 6e 20 74 2e 65 78 70 6f 72 74 73 3b 76 61 72 20 6e 3d 61 5b 65 5d 3d 7b 69 64 3a 65 2c 6c 6f 61 64 65 64 3a 21 31 2c 65 78 70 6f 72 74 73 3a 7b 7d 7d 3b 72 65 74 75 72 6e 20 63 5b 65 5d 2e 63 61 6c 6c 28 6e 2e 65 78 70 6f 72 74 73 2c 6e 2c 6e 2e 65 78 70 6f 72 74 73 2c 73 29 2c 6e 2e 6c 6f 61 64 65 64 3d 21 30 2c 6e 2e 65 78 70 6f 72 74 73 7d 73 2e 6d 3d 63 2c 65 3d 5b 5d 2c 73 2e 4f 3d 66 75 6e 63 74 69 6f 6e 28 74 2c 6e 2c 72 2c 6f 29 7b 69 66 28 21 6e 29 7b 76 Data Ascii: 18e3!function(){"use strict";var e,t,n,r,o,c={},a={};function s(e){var t=a[e];if(void 0!==t)return t.exports;var n=a[e]={id:e,loaded:!1,exports:{}};return c[e].call(n.exports,n,n.exports,s),n.loaded=!0,n.exports}s.m=c,e=[],s.O=function(t,n,r,o){if(!n){v
2025-01-14 23:17:44 UTC	1369	IN	Data Raw: 28 6e 5b 64 5d 29 7d 29 29 3f 6e 2e 73 70 6c 69 63 65 28 64 2d 2d 2c 31 29 3a 28 61 3d 21 31 2c 6f 3c 63 26 26 28 63 3d 6f 29 29 3b 69 66 28 61 29 7b 65 2e 73 70 6c 69 63 65 28 69 2d 2d 2c 31 29 3b 76 61 72 20 66 3d 72 28 29 3b 76 6f 69 64 20 30 21 3d 3d 66 26 26 28 74 3d 66 29 7d 7d 72 65 74 75 72 6e 20 74 7d 6f 3d 6f 7c 7c 30 3b 66 6f 72 28 76 61 72 20 69 3d 65 2e 6c 65 6e 67 74 68 3b 69 3e 30 26 26 65 5b 69 2d 31 5d 5b 32 5d 3e 6f 3b 69 2d 2d 29 65 5b 69 5d 3d 65 5b 69 2d 31 5d 3b 65 5b 69 5d 3d 5b 6e 2c 72 2c 6f 5d 7d 2c 73 2e 6e 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 65 26 26 65 2e 5f 5f 65 73 4d 6f 64 75 6c 65 3f 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 65 2e 64 65 66 61 75 6c 74 7d 3a 66 75 6e 63 74 69 6f 6e 28 29 7b Data Ascii: (n[d])}))?n.splice(d--,1):(a=!1,o<c&&(c=o));if(a){e.splice(i--,1);var f=r();void 0!==f&&(t=f)}}return t}o=o\|\|0;for(var i=e.length;i>0&&e[i-1][2]>o;i--)e[i]=e[i-1];e[i]=[n,r,o]},s.n=function(e){var t=e&&e.__esModule?function(){return e.default}:function(){
2025-01-14 23:17:44 UTC	1369	IN	Data Raw: 61 67 65 2d 74 73 78 22 2c 32 35 33 3a 22 61 30 36 63 66 66 39 33 34 65 39 35 37 39 35 33 36 63 65 31 63 31 30 62 61 64 32 31 63 31 64 36 64 37 66 36 33 61 65 30 22 2c 32 38 35 3a 22 63 6f 6d 70 6f 6e 65 6e 74 2d 2d 2d 73 72 63 2d 63 6f 6d 70 6f 6e 65 6e 74 73 2d 64 65 6d 6f 2d 70 61 67 65 73 2d 61 72 69 61 2d 6c 61 62 65 6c 73 2d 61 72 69 61 2d 6c 61 62 65 6c 73 2d 74 73 78 22 2c 32 39 37 3a 22 63 6f 6d 70 6f 6e 65 6e 74 2d 2d 2d 73 72 63 2d 63 6f 6d 70 6f 6e 65 6e 74 73 2d 70 61 67 65 2d 70 61 67 65 2d 74 65 6d 70 6c 61 74 65 2d 74 73 78 22 2c 33 30 39 3a 22 38 64 32 36 37 37 38 34 38 61 64 63 31 38 36 61 37 66 61 34 66 38 33 38 65 61 66 38 61 34 36 30 31 33 35 61 32 32 66 34 22 2c 33 32 38 3a 22 63 6f 6d 70 6f 6e 65 6e 74 2d 2d 2d 73 72 63 2d 63 6f 6d Data Ascii: age-tsx",253:"a06cff934e9579536ce1c10bad21c1d6d7f63ae0",285:"component---src-components-demo-pages-aria-labels-aria-labels-tsx",297:"component---src-components-page-page-template-tsx",309:"8d2677848adc186a7fa4f838eaf8a460135a22f4",328:"component---src-com
2025-01-14 23:17:44 UTC	1369	IN	Data Raw: 64 30 31 66 62 38 35 35 31 65 36 66 64 62 30 31 32 22 2c 39 32 3a 22 37 61 36 33 62 32 39 31 35 61 32 33 64 33 30 65 64 65 30 35 22 2c 39 38 3a 22 63 35 36 38 64 66 66 64 64 63 65 34 36 64 30 64 64 37 66 33 22 2c 31 32 34 3a 22 33 31 36 33 37 64 38 61 62 38 62 31 35 34 38 37 65 34 63 31 22 2c 31 36 36 3a 22 36 64 35 32 39 31 64 33 34 37 33 35 32 65 32 62 65 65 62 38 22 2c 31 37 34 3a 22 32 34 32 37 37 32 65 66 31 30 64 38 64 31 36 31 61 65 32 34 22 2c 32 32 33 3a 22 31 65 62 32 30 30 36 35 34 37 34 36 65 31 33 66 30 32 34 33 22 2c 32 35 33 3a 22 39 30 34 38 34 64 62 34 36 30 32 64 34 30 31 64 39 34 63 61 22 2c 32 37 38 3a 22 63 64 39 64 34 34 30 39 39 31 31 35 65 30 32 30 37 35 34 62 22 2c 32 38 35 3a 22 39 35 66 61 34 32 64 39 36 36 32 62 34 35 64 30 31 Data Ascii: d01fb8551e6fdb012",92:"7a63b2915a23d30ede05",98:"c568dffddce46d0dd7f3",124:"31637d8ab8b15487e4c1",166:"6d5291d347352e2beeb8",174:"242772ef10d8d161ae24",223:"1eb200654746e13f0243",253:"90484db4602d401d94ca",278:"cd9d44099115e020754b",285:"95fa42d9662b45d01
2025-01-14 23:17:44 UTC	1369	IN	Data Raw: 64 20 30 21 3d 3d 6e 29 66 6f 72 28 76 61 72 20 66 3d 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61 67 4e 61 6d 65 28 22 73 63 72 69 70 74 22 29 2c 69 3d 30 3b 69 3c 66 2e 6c 65 6e 67 74 68 3b 69 2b 2b 29 7b 76 61 72 20 75 3d 66 5b 69 5d 3b 69 66 28 75 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 73 72 63 22 29 3d 3d 65 7c 7c 75 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 64 61 74 61 2d 77 65 62 70 61 63 6b 22 29 3d 3d 6f 2b 6e 29 7b 61 3d 75 3b 62 72 65 61 6b 7d 7d 61 7c 7c 28 64 3d 21 30 2c 28 61 3d 64 6f 63 75 6d 65 6e 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 73 63 72 69 70 74 22 29 29 2e 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 2c 61 2e 74 69 6d 65 6f 75 74 3d 31 32 30 2c 73 2e 6e 63 26 26 61 2e 73 65 74 41 74 Data Ascii: d 0!==n)for(var f=document.getElementsByTagName("script"),i=0;i<f.length;i++){var u=f[i];if(u.getAttribute("src")==e\|\|u.getAttribute("data-webpack")==o+n){a=u;break}}a\|\|(d=!0,(a=document.createElement("script")).charset="utf-8",a.timeout=120,s.nc&&a.setAt
2025-01-14 23:17:44 UTC	490	IN	Data Raw: 68 75 6e 6b 4c 6f 61 64 45 72 72 6f 72 22 2c 61 2e 74 79 70 65 3d 6f 2c 61 2e 72 65 71 75 65 73 74 3d 63 2c 72 5b 31 5d 28 61 29 7d 7d 29 2c 22 63 68 75 6e 6b 2d 22 2b 74 2c 74 29 7d 7d 2c 73 2e 4f 2e 6a 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 30 3d 3d 3d 65 5b 74 5d 7d 3b 76 61 72 20 74 3d 66 75 6e 63 74 69 6f 6e 28 74 2c 6e 29 7b 76 61 72 20 72 2c 6f 2c 63 3d 6e 5b 30 5d 2c 61 3d 6e 5b 31 5d 2c 64 3d 6e 5b 32 5d 2c 66 3d 30 3b 69 66 28 63 2e 73 6f 6d 65 28 28 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 30 21 3d 3d 65 5b 74 5d 7d 29 29 29 7b 66 6f 72 28 72 20 69 6e 20 61 29 73 2e 6f 28 61 2c 72 29 26 26 28 73 2e 6d 5b 72 5d 3d 61 5b 72 5d 29 3b 69 66 28 64 29 76 61 72 20 69 3d 64 28 73 29 7d 66 6f 72 28 74 26 26 74 28 6e Data Ascii: hunkLoadError",a.type=o,a.request=c,r[1](a)}}),"chunk-"+t,t)}},s.O.j=function(t){return 0===e[t]};var t=function(t,n){var r,o,c=n[0],a=n[1],d=n[2],f=0;if(c.some((function(t){return 0!==e[t]}))){for(r in a)s.o(a,r)&&(s.m[r]=a[r]);if(d)var i=d(s)}for(t&&t(n
2025-01-14 23:17:44 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2025-01-14 23:17:44 UTC	785	OUT	GET /framework-957a522640f43541ca6a.js HTTP/1.1 Host: www.cloudflare.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.cloudflare.com/learning/access-management/phishing-attack/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: __cf_bm=n3y4Vw.9wY0YhMep_639CvwOXXC_1PgvhVD5bYt9r90-1736896663-1.0.1.1-NpCDUaQ9KPPIAX.3jkwh34o_FG7hfocSnR9IQ02erTgIpoaOaCWXKjO1uMUPqwm92V6ABVg1TA2wB3wG7VejxWVGh5VJNSu2E6pYYaj5MPM
2025-01-14 23:17:44 UTC	899	IN	HTTP/1.1 200 OK Date: Tue, 14 Jan 2025 23:17:44 GMT Content-Type: application/javascript Transfer-Encoding: chunked Connection: close ETag: W/"d711fa5a10b8d800843871fd03aeef22" Strict-Transport-Security: max-age=31536000; includeSubDomains Permissions-Policy: geolocation=(), camera=(), microphone=() Referrer-Policy: strict-origin-when-cross-origin X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-GWW-LOC: EN-US X-PGS-LOC: EN-US X-XSS-Protection: 1; mode=block Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Iho9fjsDkonErIRXTCvvo4iJKBsEHbj6nQYyDRFhd4RaJQJ43fpjfh7yQc8ys%2Forv5qpsGTD5usRrK2FFuMcGTW2uwQITItKQCCo2Ef3zBZJ16iVdglFPsswFVXTw44wDRLZ2A%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 9021575b79f543c7-EWR alt-svc: h3=":443"; ma=86400
2025-01-14 23:17:44 UTC	470	IN	Data Raw: 37 63 32 65 0d 0a 2f 2a 21 20 46 6f 72 20 6c 69 63 65 6e 73 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 70 6c 65 61 73 65 20 73 65 65 20 66 72 61 6d 65 77 6f 72 6b 2d 39 35 37 61 35 32 32 36 34 30 66 34 33 35 34 31 63 61 36 61 2e 6a 73 2e 4c 49 43 45 4e 53 45 2e 74 78 74 20 2a 2f 0a 28 73 65 6c 66 2e 77 65 62 70 61 63 6b 43 68 75 6e 6b 5f 63 6c 6f 75 64 66 6c 61 72 65 5f 6d 72 6b 65 6e 67 5f 72 65 64 77 6f 6f 64 3d 73 65 6c 66 2e 77 65 62 70 61 63 6b 43 68 75 6e 6b 5f 63 6c 6f 75 64 66 6c 61 72 65 5f 6d 72 6b 65 6e 67 5f 72 65 64 77 6f 6f 64 7c 7c 5b 5d 29 2e 70 75 73 68 28 5b 5b 35 39 33 5d 2c 7b 32 36 39 34 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 6e 2c 74 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 72 3d 74 28 36 39 32 35 29 3b 66 75 6e 63 74 69 Data Ascii: 7c2e/! For license information please see framework-957a522640f43541ca6a.js.LICENSE.txt /(self.webpackChunk_cloudflare_mrkeng_redwood=self.webpackChunk_cloudflare_mrkeng_redwood\|\|[]).push([[593],{2694:function(e,n,t){"use strict";var r=t(6925);functi
2025-01-14 23:17:44 UTC	1369	IN	Data Raw: 68 65 63 6b 50 72 6f 70 54 79 70 65 73 28 29 20 74 6f 20 63 61 6c 6c 20 74 68 65 6d 2e 20 52 65 61 64 20 6d 6f 72 65 20 61 74 20 68 74 74 70 3a 2f 2f 66 62 2e 6d 65 2f 75 73 65 2d 63 68 65 63 6b 2d 70 72 6f 70 2d 74 79 70 65 73 22 29 3b 74 68 72 6f 77 20 75 2e 6e 61 6d 65 3d 22 49 6e 76 61 72 69 61 6e 74 20 56 69 6f 6c 61 74 69 6f 6e 22 2c 75 7d 7d 66 75 6e 63 74 69 6f 6e 20 6e 28 29 7b 72 65 74 75 72 6e 20 65 7d 65 2e 69 73 52 65 71 75 69 72 65 64 3d 65 3b 76 61 72 20 74 3d 7b 61 72 72 61 79 3a 65 2c 62 69 67 69 6e 74 3a 65 2c 62 6f 6f 6c 3a 65 2c 66 75 6e 63 3a 65 2c 6e 75 6d 62 65 72 3a 65 2c 6f 62 6a 65 63 74 3a 65 2c 73 74 72 69 6e 67 3a 65 2c 73 79 6d 62 6f 6c 3a 65 2c 61 6e 79 3a 65 2c 61 72 72 61 79 4f 66 3a 6e 2c 65 6c 65 6d 65 6e 74 3a 65 2c 65 Data Ascii: heckPropTypes() to call them. Read more at http://fb.me/use-check-prop-types");throw u.name="Invariant Violation",u}}function n(){return e}e.isRequired=e;var t={array:e,bigint:e,bool:e,func:e,number:e,object:e,string:e,symbol:e,any:e,arrayOf:n,element:e,e
2025-01-14 23:17:44 UTC	1369	IN	Data Raw: 2d 5c 75 30 33 37 44 5c 75 30 33 37 46 2d 5c 75 31 46 46 46 5c 75 32 30 30 43 2d 5c 75 32 30 30 44 5c 75 32 30 37 30 2d 5c 75 32 31 38 46 5c 75 32 43 30 30 2d 5c 75 32 46 45 46 5c 75 33 30 30 31 2d 5c 75 44 37 46 46 5c 75 46 39 30 30 2d 5c 75 46 44 43 46 5c 75 46 44 46 30 2d 5c 75 46 46 46 44 5c 2d 2e 30 2d 39 5c 75 30 30 42 37 5c 75 30 33 30 30 2d 5c 75 30 33 36 46 5c 75 32 30 33 46 2d 5c 75 32 30 34 30 5d 2a 24 2f 2c 70 3d 7b 7d 2c 6d 3d 7b 7d 3b 66 75 6e 63 74 69 6f 6e 20 68 28 65 2c 6e 2c 74 2c 72 2c 6c 2c 61 2c 6f 29 7b 74 68 69 73 2e 61 63 63 65 70 74 73 42 6f 6f 6c 65 61 6e 73 3d 32 3d 3d 3d 6e 7c 7c 33 3d 3d 3d 6e 7c 7c 34 3d 3d 3d 6e 2c 74 68 69 73 2e 61 74 74 72 69 62 75 74 65 4e 61 6d 65 3d 72 2c 74 68 69 73 2e 61 74 74 72 69 62 75 74 65 4e 61 Data Ascii: -\u037D\u037F-\u1FFF\u200C-\u200D\u2070-\u218F\u2C00-\u2FEF\u3001-\uD7FF\uF900-\uFDCF\uFDF0-\uFFFD\-.0-9\u00B7\u0300-\u036F\u203F-\u2040]*$/,p={},m={};function h(e,n,t,r,l,a,o){this.acceptsBooleans=2===n\|\|3===n\|\|4===n,this.attributeName=r,this.attributeNa
2025-01-14 23:17:44 UTC	1369	IN	Data Raw: 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 5b 65 5d 3d 6e 65 77 20 68 28 65 2c 33 2c 21 30 2c 65 2c 6e 75 6c 6c 2c 21 31 2c 21 31 29 7d 29 29 2c 5b 22 63 61 70 74 75 72 65 22 2c 22 64 6f 77 6e 6c 6f 61 64 22 5d 2e 66 6f 72 45 61 63 68 28 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 5b 65 5d 3d 6e 65 77 20 68 28 65 2c 34 2c 21 31 2c 65 2c 6e 75 6c 6c 2c 21 31 2c 21 31 29 7d 29 29 2c 5b 22 63 6f 6c 73 22 2c 22 72 6f 77 73 22 2c 22 73 69 7a 65 22 2c 22 73 70 61 6e 22 5d 2e 66 6f 72 45 61 63 68 28 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 5b 65 5d 3d 6e 65 77 20 68 28 65 2c 36 2c 21 31 2c 65 2c 6e 75 6c 6c 2c 21 31 2c 21 31 29 7d 29 29 2c 5b 22 72 6f 77 53 70 61 6e 22 2c 22 73 74 61 72 74 22 5d 2e 66 6f 72 45 61 63 68 28 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 Data Ascii: (function(e){v[e]=new h(e,3,!0,e,null,!1,!1)})),["capture","download"].forEach((function(e){v[e]=new h(e,4,!1,e,null,!1,!1)})),["cols","rows","size","span"].forEach((function(e){v[e]=new h(e,6,!1,e,null,!1,!1)})),["rowSpan","start"].forEach((function(e){v
2025-01-14 23:17:44 UTC	1369	IN	Data Raw: 62 61 73 65 6c 69 6e 65 2d 73 68 69 66 74 20 63 61 70 2d 68 65 69 67 68 74 20 63 6c 69 70 2d 70 61 74 68 20 63 6c 69 70 2d 72 75 6c 65 20 63 6f 6c 6f 72 2d 69 6e 74 65 72 70 6f 6c 61 74 69 6f 6e 20 63 6f 6c 6f 72 2d 69 6e 74 65 72 70 6f 6c 61 74 69 6f 6e 2d 66 69 6c 74 65 72 73 20 63 6f 6c 6f 72 2d 70 72 6f 66 69 6c 65 20 63 6f 6c 6f 72 2d 72 65 6e 64 65 72 69 6e 67 20 64 6f 6d 69 6e 61 6e 74 2d 62 61 73 65 6c 69 6e 65 20 65 6e 61 62 6c 65 2d 62 61 63 6b 67 72 6f 75 6e 64 20 66 69 6c 6c 2d 6f 70 61 63 69 74 79 20 66 69 6c 6c 2d 72 75 6c 65 20 66 6c 6f 6f 64 2d 63 6f 6c 6f 72 20 66 6c 6f 6f 64 2d 6f 70 61 63 69 74 79 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 20 66 6f 6e 74 2d 73 69 7a 65 20 66 6f 6e 74 2d 73 69 7a 65 2d 61 64 6a 75 73 74 20 66 6f 6e 74 2d 73 74 Data Ascii: baseline-shift cap-height clip-path clip-rule color-interpolation color-interpolation-filters color-profile color-rendering dominant-baseline enable-background fill-opacity fill-rule flood-color flood-opacity font-family font-size font-size-adjust font-st
2025-01-14 23:17:44 UTC	1369	IN	Data Raw: 7b 76 61 72 20 6e 3d 65 2e 72 65 70 6c 61 63 65 28 67 2c 79 29 3b 76 5b 6e 5d 3d 6e 65 77 20 68 28 6e 2c 31 2c 21 31 2c 65 2c 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 58 4d 4c 2f 31 39 39 38 2f 6e 61 6d 65 73 70 61 63 65 22 2c 21 31 2c 21 31 29 7d 29 29 2c 5b 22 74 61 62 49 6e 64 65 78 22 2c 22 63 72 6f 73 73 4f 72 69 67 69 6e 22 5d 2e 66 6f 72 45 61 63 68 28 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 5b 65 5d 3d 6e 65 77 20 68 28 65 2c 31 2c 21 31 2c 65 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 2c 6e 75 6c 6c 2c 21 31 2c 21 31 29 7d 29 29 2c 76 2e 78 6c 69 6e 6b 48 72 65 66 3d 6e 65 77 20 68 28 22 78 6c 69 6e 6b 48 72 65 66 22 2c 31 2c 21 31 2c 22 78 6c 69 6e 6b 3a 68 72 65 66 22 2c 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f Data Ascii: {var n=e.replace(g,y);v[n]=new h(n,1,!1,e,"http://www.w3.org/XML/1998/namespace",!1,!1)})),["tabIndex","crossOrigin"].forEach((function(e){v[e]=new h(e,1,!1,e.toLowerCase(),null,!1,!1)})),v.xlinkHref=new h("xlinkHref",1,!1,"xlink:href","http://www.w3.org/
2025-01-14 23:17:44 UTC	1369	IN	Data Raw: 70 72 65 70 61 72 65 53 74 61 63 6b 54 72 61 63 65 3d 76 6f 69 64 20 30 3b 74 72 79 7b 69 66 28 6e 29 69 66 28 6e 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 72 6f 77 20 45 72 72 6f 72 28 29 7d 2c 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 28 6e 2e 70 72 6f 74 6f 74 79 70 65 2c 22 70 72 6f 70 73 22 2c 7b 73 65 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 72 6f 77 20 45 72 72 6f 72 28 29 7d 7d 29 2c 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 52 65 66 6c 65 63 74 26 26 52 65 66 6c 65 63 74 2e 63 6f 6e 73 74 72 75 63 74 29 7b 74 72 79 7b 52 65 66 6c 65 63 74 2e 63 6f 6e 73 74 72 75 63 74 28 6e 2c 5b 5d 29 7d 63 61 74 63 68 28 73 29 7b 76 61 72 20 72 3d 73 7d 52 65 66 6c 65 63 74 2e 63 6f 6e 73 74 72 75 63 74 28 65 2c 5b 5d 2c 6e 29 Data Ascii: prepareStackTrace=void 0;try{if(n)if(n=function(){throw Error()},Object.defineProperty(n.prototype,"props",{set:function(){throw Error()}}),"object"==typeof Reflect&&Reflect.construct){try{Reflect.construct(n,[])}catch(s){var r=s}Reflect.construct(e,[],n)
2025-01-14 23:17:44 UTC	1369	IN	Data Raw: 6e 22 53 75 73 70 65 6e 73 65 4c 69 73 74 22 7d 69 66 28 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 65 29 73 77 69 74 63 68 28 65 2e 24 24 74 79 70 65 6f 66 29 7b 63 61 73 65 20 50 3a 72 65 74 75 72 6e 28 65 2e 64 69 73 70 6c 61 79 4e 61 6d 65 7c 7c 22 43 6f 6e 74 65 78 74 22 29 2b 22 2e 43 6f 6e 73 75 6d 65 72 22 3b 63 61 73 65 20 43 3a 72 65 74 75 72 6e 28 65 2e 5f 63 6f 6e 74 65 78 74 2e 64 69 73 70 6c 61 79 4e 61 6d 65 7c 7c 22 43 6f 6e 74 65 78 74 22 29 2b 22 2e 50 72 6f 76 69 64 65 72 22 3b 63 61 73 65 20 4e 3a 76 61 72 20 6e 3d 65 2e 72 65 6e 64 65 72 3b 72 65 74 75 72 6e 28 65 3d 65 2e 64 69 73 70 6c 61 79 4e 61 6d 65 29 7c 7c 28 65 3d 22 22 21 3d 3d 28 65 3d 6e 2e 64 69 73 70 6c 61 79 4e 61 6d 65 7c 7c 6e 2e 6e 61 6d 65 7c 7c 22 22 29 3f Data Ascii: n"SuspenseList"}if("object"==typeof e)switch(e.$$typeof){case P:return(e.displayName\|\|"Context")+".Consumer";case C:return(e._context.displayName\|\|"Context")+".Provider";case N:var n=e.render;return(e=e.displayName)\|\|(e=""!==(e=n.displayName\|\|n.name\|\|"")?
2025-01-14 23:17:44 UTC	1369	IN	Data Raw: 65 3b 72 65 74 75 72 6e 28 65 3d 65 2e 6e 6f 64 65 4e 61 6d 65 29 26 26 22 69 6e 70 75 74 22 3d 3d 3d 65 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 26 26 28 22 63 68 65 63 6b 62 6f 78 22 3d 3d 3d 6e 7c 7c 22 72 61 64 69 6f 22 3d 3d 3d 6e 29 7d 66 75 6e 63 74 69 6f 6e 20 51 28 65 29 7b 65 2e 5f 76 61 6c 75 65 54 72 61 63 6b 65 72 7c 7c 28 65 2e 5f 76 61 6c 75 65 54 72 61 63 6b 65 72 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 6e 3d 57 28 65 29 3f 22 63 68 65 63 6b 65 64 22 3a 22 76 61 6c 75 65 22 2c 74 3d 4f 62 6a 65 63 74 2e 67 65 74 4f 77 6e 50 72 6f 70 65 72 74 79 44 65 73 63 72 69 70 74 6f 72 28 65 2e 63 6f 6e 73 74 72 75 63 74 6f 72 2e 70 72 6f 74 6f 74 79 70 65 2c 6e 29 2c 72 3d 22 22 2b 65 5b 6e 5d 3b 69 66 28 21 65 2e 68 61 73 4f 77 6e 50 72 Data Ascii: e;return(e=e.nodeName)&&"input"===e.toLowerCase()&&("checkbox"===n\|\|"radio"===n)}function Q(e){e._valueTracker\|\|(e._valueTracker=function(e){var n=W(e)?"checked":"value",t=Object.getOwnPropertyDescriptor(e.constructor.prototype,n),r=""+e[n];if(!e.hasOwnPr
2025-01-14 23:17:44 UTC	1369	IN	Data Raw: 3d 6e 2e 63 68 65 63 6b 65 64 3a 6e 75 6c 6c 21 3d 6e 2e 76 61 6c 75 65 7d 7d 66 75 6e 63 74 69 6f 6e 20 47 28 65 2c 6e 29 7b 6e 75 6c 6c 21 3d 28 6e 3d 6e 2e 63 68 65 63 6b 65 64 29 26 26 62 28 65 2c 22 63 68 65 63 6b 65 64 22 2c 6e 2c 21 31 29 7d 66 75 6e 63 74 69 6f 6e 20 5a 28 65 2c 6e 29 7b 47 28 65 2c 6e 29 3b 76 61 72 20 74 3d 48 28 6e 2e 76 61 6c 75 65 29 2c 72 3d 6e 2e 74 79 70 65 3b 69 66 28 6e 75 6c 6c 21 3d 74 29 22 6e 75 6d 62 65 72 22 3d 3d 3d 72 3f 28 30 3d 3d 3d 74 26 26 22 22 3d 3d 3d 65 2e 76 61 6c 75 65 7c 7c 65 2e 76 61 6c 75 65 21 3d 74 29 26 26 28 65 2e 76 61 6c 75 65 3d 22 22 2b 74 29 3a 65 2e 76 61 6c 75 65 21 3d 3d 22 22 2b 74 26 26 28 65 2e 76 61 6c 75 65 3d 22 22 2b 74 29 3b 65 6c 73 65 20 69 66 28 22 73 75 62 6d 69 74 22 3d 3d Data Ascii: =n.checked:null!=n.value}}function G(e,n){null!=(n=n.checked)&&b(e,"checked",n,!1)}function Z(e,n){G(e,n);var t=H(n.value),r=n.type;if(null!=t)"number"===r?(0===t&&""===e.value\|\|e.value!=t)&&(e.value=""+t):e.value!==""+t&&(e.value=""+t);else if("submit"==

Timestamp	Bytes transferred	Direction	Data
2025-01-14 23:17:44 UTC	779	OUT	GET /app-9b4cbf0f5c3a56b8766d.js HTTP/1.1 Host: www.cloudflare.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.cloudflare.com/learning/access-management/phishing-attack/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: __cf_bm=n3y4Vw.9wY0YhMep_639CvwOXXC_1PgvhVD5bYt9r90-1736896663-1.0.1.1-NpCDUaQ9KPPIAX.3jkwh34o_FG7hfocSnR9IQ02erTgIpoaOaCWXKjO1uMUPqwm92V6ABVg1TA2wB3wG7VejxWVGh5VJNSu2E6pYYaj5MPM
2025-01-14 23:17:44 UTC	958	IN	HTTP/1.1 200 OK Date: Tue, 14 Jan 2025 23:17:44 GMT Content-Type: application/javascript Transfer-Encoding: chunked Connection: close Cache-Control: public, max-age=0, must-revalidate ETag: W/"4860d064671c21c08413a006d3d9286c" Strict-Transport-Security: max-age=31536000; includeSubDomains Permissions-Policy: geolocation=(), camera=(), microphone=() Referrer-Policy: strict-origin-when-cross-origin X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-GWW-LOC: EN-US X-PGS-LOC: EN-US X-XSS-Protection: 1; mode=block Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gfh71tr2tkHjwQPXrxTG9sjU9lD%2FieSohCyC7ZD5kh7Lb15Ca1BvcOSQAvuMcDQZxd1HqKP%2BOekS%2B68RwGMjLT5mf7EKqO2Ks08LhuvdCaU60Nd9DMRVG6CLvf%2F2JY79pK5z%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 9021575b7cf1436e-EWR alt-svc: h3=":443"; ma=86400
2025-01-14 23:17:44 UTC	1369	IN	Data Raw: 37 66 66 32 0d 0a 2f 2a 21 20 46 6f 72 20 6c 69 63 65 6e 73 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 70 6c 65 61 73 65 20 73 65 65 20 61 70 70 2d 39 62 34 63 62 66 30 66 35 63 33 61 35 36 62 38 37 36 36 64 2e 6a 73 2e 4c 49 43 45 4e 53 45 2e 74 78 74 20 2a 2f 0a 28 73 65 6c 66 2e 77 65 62 70 61 63 6b 43 68 75 6e 6b 5f 63 6c 6f 75 64 66 6c 61 72 65 5f 6d 72 6b 65 6e 67 5f 72 65 64 77 6f 6f 64 3d 73 65 6c 66 2e 77 65 62 70 61 63 6b 43 68 75 6e 6b 5f 63 6c 6f 75 64 66 6c 61 72 65 5f 6d 72 6b 65 6e 67 5f 72 65 64 77 6f 6f 64 7c 7c 5b 5d 29 2e 70 75 73 68 28 5b 5b 35 32 34 5d 2c 7b 33 38 31 35 37 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 6e 2e 64 28 74 2c 7b 5a 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 Data Ascii: 7ff2/! For license information please see app-9b4cbf0f5c3a56b8766d.js.LICENSE.txt /(self.webpackChunk_cloudflare_mrkeng_redwood=self.webpackChunk_cloudflare_mrkeng_redwood\|\|[]).push([[524],{38157:function(e,t,n){"use strict";n.d(t,{Z:function(){retur
2025-01-14 23:17:44 UTC	1369	IN	Data Raw: 61 6d 65 3a 6f 2c 73 74 79 6c 65 3a 6e 3f 6c 3a 76 6f 69 64 20 30 7d 2c 74 29 7d 2c 6d 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 65 2e 73 72 63 2c 6e 3d 65 2e 63 75 73 74 6f 6d 65 72 43 6f 64 65 2c 6f 3d 65 2e 61 64 55 72 6c 2c 6c 3d 65 2e 63 6f 6e 74 72 6f 6c 73 2c 63 3d 76 6f 69 64 20 30 21 3d 3d 6c 26 26 6c 2c 6d 3d 65 2e 6d 75 74 65 64 2c 70 3d 76 6f 69 64 20 30 21 3d 3d 6d 26 26 6d 2c 66 3d 65 2e 61 75 74 6f 70 6c 61 79 2c 68 3d 76 6f 69 64 20 30 21 3d 3d 66 26 26 66 2c 67 3d 65 2e 6c 6f 6f 70 2c 5f 3d 76 6f 69 64 20 30 21 3d 3d 67 26 26 67 2c 76 3d 65 2e 70 72 65 6c 6f 61 64 2c 79 3d 76 6f 69 64 20 30 3d 3d 3d 76 3f 22 6d 65 74 61 64 61 74 61 22 3a 76 2c 62 3d 65 2e 70 72 69 6d 61 72 79 43 6f 6c 6f 72 2c 45 3d 65 2e 6c 65 74 74 65 72 Data Ascii: ame:o,style:n?l:void 0},t)},m=function(e){var t=e.src,n=e.customerCode,o=e.adUrl,l=e.controls,c=void 0!==l&&l,m=e.muted,p=void 0!==m&&m,f=e.autoplay,h=void 0!==f&&f,g=e.loop,_=void 0!==g&&g,v=e.preload,y=void 0===v?"metadata":v,b=e.primaryColor,E=e.letter
2025-01-14 23:17:44 UTC	1369	IN	Data Raw: 6c 65 74 74 65 72 62 6f 78 43 6f 6c 6f 72 3d 22 2b 65 6e 63 6f 64 65 55 52 49 43 6f 6d 70 6f 6e 65 6e 74 28 75 29 2c 6d 26 26 22 73 74 61 72 74 54 69 6d 65 3d 22 2b 6d 2c 6e 26 26 22 6d 75 74 65 64 3d 74 72 75 65 22 2c 6f 26 26 22 70 72 65 6c 6f 61 64 3d 22 2b 6f 2c 61 26 26 22 6c 6f 6f 70 3d 74 72 75 65 22 2c 69 26 26 22 61 75 74 6f 70 6c 61 79 3d 74 72 75 65 22 2c 21 73 26 26 22 63 6f 6e 74 72 6f 6c 73 3d 66 61 6c 73 65 22 5d 2e 66 69 6c 74 65 72 28 42 6f 6f 6c 65 61 6e 29 2e 6a 6f 69 6e 28 22 26 22 29 3b 72 65 74 75 72 6e 28 30 2c 72 2e 75 73 65 4d 65 6d 6f 29 28 28 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 66 3f 22 68 74 74 70 73 3a 2f 2f 63 75 73 74 6f 6d 65 72 2d 22 2b 66 2b 22 2e 63 6c 6f 75 64 66 6c 61 72 65 73 74 72 65 61 6d 2e 63 6f Data Ascii: letterboxColor="+encodeURIComponent(u),m&&"startTime="+m,n&&"muted=true",o&&"preload="+o,a&&"loop=true",i&&"autoplay=true",!s&&"controls=false"].filter(Boolean).join("&");return(0,r.useMemo)((function(){return f?"https://customer-"+f+".cloudflarestream.co
2025-01-14 23:17:44 UTC	1369	IN	Data Raw: 74 65 22 2c 75 65 2c 72 65 29 2c 73 28 22 76 6f 6c 75 6d 65 63 68 61 6e 67 65 22 2c 75 65 2c 6f 65 29 2c 73 28 22 77 61 69 74 69 6e 67 22 2c 75 65 2c 61 65 29 2c 73 28 22 73 74 72 65 61 6d 2d 61 64 73 74 61 72 74 22 2c 75 65 2c 69 65 29 2c 73 28 22 73 74 72 65 61 6d 2d 61 64 65 6e 64 22 2c 75 65 2c 73 65 29 2c 73 28 22 73 74 72 65 61 6d 2d 61 64 74 69 6d 65 6f 75 74 22 2c 75 65 2c 6c 65 29 2c 73 28 22 72 65 73 69 7a 65 22 2c 75 65 2c 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 69 66 28 75 65 2e 63 75 72 72 65 6e 74 29 7b 76 61 72 20 74 3d 75 65 2e 63 75 72 72 65 6e 74 2c 6e 3d 74 2e 76 69 64 65 6f 48 65 69 67 68 74 2c 72 3d 74 2e 76 69 64 65 6f 57 69 64 74 68 3b 70 65 28 7b 76 69 64 65 6f 48 65 69 67 68 74 3a 6e 2c 76 69 64 65 6f 57 69 64 74 68 3a 72 7d 29 2c Data Ascii: te",ue,re),s("volumechange",ue,oe),s("waiting",ue,ae),s("stream-adstart",ue,ie),s("stream-adend",ue,se),s("stream-adtimeout",ue,le),s("resize",ue,(function(e){if(ue.current){var t=ue.current,n=t.videoHeight,r=t.videoWidth;pe({videoHeight:n,videoWidth:r}),
2025-01-14 23:17:44 UTC	1369	IN	Data Raw: 41 44 49 4e 47 5f 32 3d 22 68 65 61 64 69 6e 67 2d 32 22 2c 65 2e 48 45 41 44 49 4e 47 5f 33 3d 22 68 65 61 64 69 6e 67 2d 33 22 2c 65 2e 48 45 41 44 49 4e 47 5f 34 3d 22 68 65 61 64 69 6e 67 2d 34 22 2c 65 2e 48 45 41 44 49 4e 47 5f 35 3d 22 68 65 61 64 69 6e 67 2d 35 22 2c 65 2e 48 45 41 44 49 4e 47 5f 36 3d 22 68 65 61 64 69 6e 67 2d 36 22 2c 65 2e 4f 4c 5f 4c 49 53 54 3d 22 6f 72 64 65 72 65 64 2d 6c 69 73 74 22 2c 65 2e 55 4c 5f 4c 49 53 54 3d 22 75 6e 6f 72 64 65 72 65 64 2d 6c 69 73 74 22 2c 65 2e 4c 49 53 54 5f 49 54 45 4d 3d 22 6c 69 73 74 2d 69 74 65 6d 22 2c 65 2e 48 52 3d 22 68 72 22 2c 65 2e 51 55 4f 54 45 3d 22 62 6c 6f 63 6b 71 75 6f 74 65 22 2c 65 2e 45 4d 42 45 44 44 45 44 5f 45 4e 54 52 59 3d 22 65 6d 62 65 64 64 65 64 2d 65 6e 74 72 79 Data Ascii: ADING_2="heading-2",e.HEADING_3="heading-3",e.HEADING_4="heading-4",e.HEADING_5="heading-5",e.HEADING_6="heading-6",e.OL_LIST="ordered-list",e.UL_LIST="unordered-list",e.LIST_ITEM="list-item",e.HR="hr",e.QUOTE="blockquote",e.EMBEDDED_ENTRY="embedded-entry
2025-01-14 23:17:44 UTC	1369	IN	Data Raw: 65 66 61 75 6c 74 7c 7c 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 65 26 26 65 2e 5f 5f 65 73 4d 6f 64 75 6c 65 3f 65 3a 7b 64 65 66 61 75 6c 74 3a 65 7d 7d 3b 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 28 74 2c 22 5f 5f 65 73 4d 6f 64 75 6c 65 22 2c 7b 76 61 6c 75 65 3a 21 30 7d 29 2c 74 2e 56 31 5f 4d 41 52 4b 53 3d 74 2e 56 31 5f 4e 4f 44 45 5f 54 59 50 45 53 3d 74 2e 54 45 58 54 5f 43 4f 4e 54 41 49 4e 45 52 53 3d 74 2e 48 45 41 44 49 4e 47 53 3d 74 2e 43 4f 4e 54 41 49 4e 45 52 53 3d 74 2e 56 4f 49 44 5f 42 4c 4f 43 4b 53 3d 74 2e 54 41 42 4c 45 5f 42 4c 4f 43 4b 53 3d 74 2e 4c 49 53 54 5f 49 54 45 4d 5f 42 4c 4f 43 4b 53 3d 74 2e 54 4f 50 5f 4c 45 56 45 4c 5f 42 4c 4f 43 4b 53 3d 76 6f 69 64 20 30 3b 76 61 72 20 61 Data Ascii: efault\|\|function(e){return e&&e.__esModule?e:{default:e}};Object.defineProperty(t,"__esModule",{value:!0}),t.V1_MARKS=t.V1_NODE_TYPES=t.TEXT_CONTAINERS=t.HEADINGS=t.CONTAINERS=t.VOID_BLOCKS=t.TABLE_BLOCKS=t.LIST_ITEM_BLOCKS=t.TOP_LEVEL_BLOCKS=void 0;var a
2025-01-14 23:17:44 UTC	1369	IN	Data Raw: 5d 3d 5b 75 2e 42 4c 4f 43 4b 53 2e 50 41 52 41 47 52 41 50 48 5d 2c 6e 5b 75 2e 42 4c 4f 43 4b 53 2e 54 41 42 4c 45 5f 48 45 41 44 45 52 5f 43 45 4c 4c 5d 3d 5b 75 2e 42 4c 4f 43 4b 53 2e 50 41 52 41 47 52 41 50 48 5d 2c 6e 29 2c 74 2e 48 45 41 44 49 4e 47 53 3d 5b 75 2e 42 4c 4f 43 4b 53 2e 48 45 41 44 49 4e 47 5f 31 2c 75 2e 42 4c 4f 43 4b 53 2e 48 45 41 44 49 4e 47 5f 32 2c 75 2e 42 4c 4f 43 4b 53 2e 48 45 41 44 49 4e 47 5f 33 2c 75 2e 42 4c 4f 43 4b 53 2e 48 45 41 44 49 4e 47 5f 34 2c 75 2e 42 4c 4f 43 4b 53 2e 48 45 41 44 49 4e 47 5f 35 2c 75 2e 42 4c 4f 43 4b 53 2e 48 45 41 44 49 4e 47 5f 36 5d 2c 74 2e 54 45 58 54 5f 43 4f 4e 54 41 49 4e 45 52 53 3d 72 28 5b 75 2e 42 4c 4f 43 4b 53 2e 50 41 52 41 47 52 41 50 48 5d 2c 74 2e 48 45 41 44 49 4e 47 53 Data Ascii: ]=[u.BLOCKS.PARAGRAPH],n[u.BLOCKS.TABLE_HEADER_CELL]=[u.BLOCKS.PARAGRAPH],n),t.HEADINGS=[u.BLOCKS.HEADING_1,u.BLOCKS.HEADING_2,u.BLOCKS.HEADING_3,u.BLOCKS.HEADING_4,u.BLOCKS.HEADING_5,u.BLOCKS.HEADING_6],t.TEXT_CONTAINERS=r([u.BLOCKS.PARAGRAPH],t.HEADINGS
2025-01-14 23:17:44 UTC	1369	IN	Data Raw: 74 3d 3d 3d 65 5b 72 5b 6e 5d 5d 29 72 65 74 75 72 6e 21 30 7d 72 65 74 75 72 6e 21 31 7d 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 28 74 2c 22 5f 5f 65 73 4d 6f 64 75 6c 65 22 2c 7b 76 61 6c 75 65 3a 21 30 7d 29 2c 74 2e 69 73 54 65 78 74 3d 74 2e 69 73 42 6c 6f 63 6b 3d 74 2e 69 73 49 6e 6c 69 6e 65 3d 76 6f 69 64 20 30 2c 74 2e 69 73 49 6e 6c 69 6e 65 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 6e 28 64 2e 49 4e 4c 49 4e 45 53 2c 65 2e 6e 6f 64 65 54 79 70 65 29 7d 2c 74 2e 69 73 42 6c 6f 63 6b 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 6e 28 75 2e 42 4c 4f 43 4b 53 2c 65 2e 6e 6f 64 65 54 79 70 65 29 7d 2c 74 2e 69 73 54 65 78 74 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 22 74 65 78 Data Ascii: t===e[r[n]])return!0}return!1}Object.defineProperty(t,"__esModule",{value:!0}),t.isText=t.isBlock=t.isInline=void 0,t.isInline=function(e){return n(d.INLINES,e.nodeType)},t.isBlock=function(e){return n(u.BLOCKS,e.nodeType)},t.isText=function(e){return"tex
2025-01-14 23:17:44 UTC	1369	IN	Data Raw: 74 2c 22 49 4e 4c 49 4e 45 53 22 2c 7b 65 6e 75 6d 65 72 61 62 6c 65 3a 21 30 2c 67 65 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 64 2e 49 4e 4c 49 4e 45 53 7d 7d 29 2c 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 28 74 2c 22 4d 41 52 4b 53 22 2c 7b 65 6e 75 6d 65 72 61 62 6c 65 3a 21 30 2c 67 65 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 69 28 6d 29 2e 64 65 66 61 75 6c 74 7d 7d 29 2c 6f 28 70 2c 74 29 2c 6f 28 66 2c 74 29 2c 6f 28 68 2c 74 29 2c 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 28 74 2c 22 45 4d 50 54 59 5f 44 4f 43 55 4d 45 4e 54 22 2c 7b 65 6e 75 6d 65 72 61 62 6c 65 3a 21 30 2c 67 65 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 69 28 67 29 2e 64 65 66 61 Data Ascii: t,"INLINES",{enumerable:!0,get:function(){return d.INLINES}}),Object.defineProperty(t,"MARKS",{enumerable:!0,get:function(){return i(m).default}}),o(p,t),o(f,t),o(h,t),Object.defineProperty(t,"EMPTY_DOCUMENT",{enumerable:!0,get:function(){return i(g).defa
2025-01-14 23:17:44 UTC	1369	IN	Data Raw: 65 6e 74 28 22 68 34 22 2c 6e 75 6c 6c 2c 74 29 7d 2c 79 5b 4d 2e 48 45 41 44 49 4e 47 5f 35 5d 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 20 61 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 68 35 22 2c 6e 75 6c 6c 2c 74 29 7d 2c 79 5b 4d 2e 48 45 41 44 49 4e 47 5f 36 5d 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 20 61 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 68 36 22 2c 6e 75 6c 6c 2c 74 29 7d 2c 79 5b 4d 2e 45 4d 42 45 44 44 45 44 5f 45 4e 54 52 59 5d 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 20 61 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 64 69 76 22 2c 6e 75 6c 6c 2c 74 29 7d 2c 79 5b 4d 2e 45 4d 42 45 44 44 45 44 5f 52 45 53 4f 55 52 43 45 5d 3d 66 75 6e 63 74 69 6f 6e 28 65 Data Ascii: ent("h4",null,t)},y[M.HEADING_5]=function(e,t){return a.createElement("h5",null,t)},y[M.HEADING_6]=function(e,t){return a.createElement("h6",null,t)},y[M.EMBEDDED_ENTRY]=function(e,t){return a.createElement("div",null,t)},y[M.EMBEDDED_RESOURCE]=function(e

Timestamp	Bytes transferred	Direction	Data
2025-01-14 23:17:44 UTC	761	OUT	GET /public/vendor/onetrust/scripttemplates/otSDKStub.js HTTP/1.1 Host: ot.www.cloudflare.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.cloudflare.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: __cf_bm=n3y4Vw.9wY0YhMep_639CvwOXXC_1PgvhVD5bYt9r90-1736896663-1.0.1.1-NpCDUaQ9KPPIAX.3jkwh34o_FG7hfocSnR9IQ02erTgIpoaOaCWXKjO1uMUPqwm92V6ABVg1TA2wB3wG7VejxWVGh5VJNSu2E6pYYaj5MPM
2025-01-14 23:17:44 UTC	790	IN	HTTP/1.1 200 OK Date: Tue, 14 Jan 2025 23:17:44 GMT Content-Type: application/javascript Transfer-Encoding: chunked Connection: close Access-Control-Allow-Origin: * ETag: W/"c26259f649def56fbb3b494c9ae5b5a1" referrer-policy: strict-origin-when-cross-origin x-content-type-options: nosniff X-Robots-Tag: noindex Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=votGdgzRWCTiUwB22wBmc1Yp0zuZt%2FwmFJsoNCRV5ux%2Bi7GBtgS1dOfmXbeWMiXMNVNWBikI0A0xFylcCyYq4gforNvNT8rugnkhd8BJp6ZAlncFuL1zpM6pmSyHaEv94MG1HXccIrE%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding CF-Cache-Status: HIT Age: 5790 Server: cloudflare CF-RAY: 9021575b7c576a4f-EWR alt-svc: h3=":443"; ma=86400
2025-01-14 23:17:44 UTC	579	IN	Data Raw: 35 32 65 65 0d 0a 76 61 72 20 4f 6e 65 54 72 75 73 74 53 74 75 62 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 61 2c 6f 2c 70 3d 6e 65 77 20 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 69 73 2e 6f 70 74 61 6e 6f 6e 43 6f 6f 6b 69 65 4e 61 6d 65 3d 22 4f 70 74 61 6e 6f 6e 43 6f 6e 73 65 6e 74 22 2c 74 68 69 73 2e 6f 70 74 61 6e 6f 6e 48 74 6d 6c 47 72 6f 75 70 44 61 74 61 3d 5b 5d 2c 74 68 69 73 2e 6f 70 74 61 6e 6f 6e 48 6f 73 74 44 61 74 61 3d 5b 5d 2c 74 68 69 73 2e 67 65 6e 56 65 6e 64 6f 72 73 44 61 74 61 3d 5b 5d 2c 74 68 69 73 2e 76 65 6e 64 6f 72 73 53 65 72 76 69 63 65 44 61 74 61 3d 5b 5d 2c 74 68 69 73 2e 49 41 42 43 6f 6f 6b 69 65 56 61 6c 75 65 3d 22 22 2c 74 68 69 73 2e 6f 6e 65 54 72 75 73 74 49 41 42 Data Ascii: 52eevar OneTrustStub=function(t){"use strict";var a,o,p=new function(){this.optanonCookieName="OptanonConsent",this.optanonHtmlGroupData=[],this.optanonHostData=[],this.genVendorsData=[],this.vendorsServiceData=[],this.IABCookieValue="",this.oneTrustIAB
2025-01-14 23:17:44 UTC	1369	IN	Data Raw: 73 74 75 62 46 69 6c 65 4e 61 6d 65 3d 22 6f 74 53 44 4b 53 74 75 62 22 2c 74 68 69 73 2e 44 41 54 41 46 49 4c 45 41 54 54 52 49 42 55 54 45 3d 22 64 61 74 61 2d 64 6f 6d 61 69 6e 2d 73 63 72 69 70 74 22 2c 74 68 69 73 2e 62 61 6e 6e 65 72 53 63 72 69 70 74 4e 61 6d 65 3d 22 6f 74 42 61 6e 6e 65 72 53 64 6b 2e 6a 73 22 2c 74 68 69 73 2e 6d 6f 62 69 6c 65 4f 6e 6c 69 6e 65 55 52 4c 3d 5b 5d 2c 74 68 69 73 2e 69 73 4d 69 67 72 61 74 65 64 55 52 4c 3d 21 31 2c 74 68 69 73 2e 6d 69 67 72 61 74 65 64 43 43 54 49 44 3d 22 5b 5b 4f 6c 64 43 43 54 49 44 5d 5d 22 2c 74 68 69 73 2e 6d 69 67 72 61 74 65 64 44 6f 6d 61 69 6e 49 64 3d 22 5b 5b 4e 65 77 44 6f 6d 61 69 6e 49 64 5d 5d 22 2c 74 68 69 73 2e 75 73 65 72 4c 6f 63 61 74 69 6f 6e 3d 7b 63 6f 75 6e 74 72 79 3a Data Ascii: stubFileName="otSDKStub",this.DATAFILEATTRIBUTE="data-domain-script",this.bannerScriptName="otBannerSdk.js",this.mobileOnlineURL=[],this.isMigratedURL=!1,this.migratedCCTID="[[OldCCTID]]",this.migratedDomainId="[[NewDomainId]]",this.userLocation={country:
2025-01-14 23:17:44 UTC	1369	IN	Data Raw: 74 72 69 6d 28 29 7d 72 65 74 75 72 6e 20 65 7d 2c 65 29 3b 66 75 6e 63 74 69 6f 6e 20 65 28 29 7b 76 61 72 20 74 3d 74 68 69 73 3b 74 68 69 73 2e 69 6d 70 6c 65 6d 65 6e 74 54 68 65 50 6f 6c 79 66 69 6c 6c 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 61 3d 74 2c 6f 3d 45 6c 65 6d 65 6e 74 2e 70 72 6f 74 6f 74 79 70 65 2e 73 65 74 41 74 74 72 69 62 75 74 65 3b 72 65 74 75 72 6e 20 45 6c 65 6d 65 6e 74 2e 70 72 6f 74 6f 74 79 70 65 2e 73 65 74 41 74 74 72 69 62 75 74 65 3d 66 75 6e 63 74 69 6f 6e 28 74 2c 65 29 7b 69 66 28 22 73 74 79 6c 65 22 21 3d 3d 74 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 26 26 6f 2e 61 70 70 6c 79 28 74 68 69 73 2c 5b 74 2c 65 5d 29 2c 22 73 74 79 6c 65 22 21 3d 3d 74 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 7c 7c 65 7c 7c 74 Data Ascii: trim()}return e},e);function e(){var t=this;this.implementThePolyfill=function(){var a=t,o=Element.prototype.setAttribute;return Element.prototype.setAttribute=function(t,e){if("style"!==t.toLowerCase()&&o.apply(this,[t,e]),"style"!==t.toLowerCase()\|\|e\|\|t
2025-01-14 23:17:44 UTC	1369	IN	Data Raw: 74 65 20 73 2e 77 69 6e 2e 5f 5f 67 70 70 3b 76 61 72 20 74 3d 64 6f 63 75 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 22 69 66 72 61 6d 65 5b 6e 61 6d 65 3d 22 2b 73 2e 4c 4f 43 41 54 4f 52 5f 4e 41 4d 45 2b 22 5d 22 29 5b 30 5d 3b 74 26 26 74 2e 70 61 72 65 6e 74 45 6c 65 6d 65 6e 74 2e 72 65 6d 6f 76 65 43 68 69 6c 64 28 74 29 7d 2c 74 68 69 73 2e 65 78 65 63 75 74 65 47 70 70 41 70 69 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 66 6f 72 28 76 61 72 20 74 3d 5b 5d 2c 65 3d 30 3b 65 3c 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3b 65 2b 2b 29 74 5b 65 5d 3d 61 72 67 75 6d 65 6e 74 73 5b 65 5d 3b 76 61 72 20 69 3d 6e 75 6c 6c 3d 3d 28 69 3d 73 2e 77 69 6e 29 3f 76 6f 69 64 20 30 3a 69 2e 5f 5f 67 70 70 3b 69 66 28 69 2e 71 75 65 75 65 Data Ascii: te s.win.__gpp;var t=document.querySelectorAll("iframe[name="+s.LOCATOR_NAME+"]")[0];t&&t.parentElement.removeChild(t)},this.executeGppApi=function(){for(var t=[],e=0;e<arguments.length;e++)t[e]=arguments[e];var i=null==(i=s.win)?void 0:i.__gpp;if(i.queue
2025-01-14 23:17:44 UTC	1369	IN	Data Raw: 74 6c 65 22 2c 22 47 50 50 20 4c 6f 63 61 74 6f 72 22 29 2c 69 2e 62 6f 64 79 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 65 29 29 3a 73 65 74 54 69 6d 65 6f 75 74 28 66 75 6e 63 74 69 6f 6e 28 29 7b 73 2e 61 64 64 46 72 61 6d 65 28 74 29 7d 2c 35 29 29 2c 21 6e 7d 2c 74 68 69 73 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 3d 66 75 6e 63 74 69 6f 6e 28 74 2c 65 29 7b 76 61 72 20 69 2c 6e 3d 73 2e 77 69 6e 2e 5f 5f 67 70 70 3b 72 65 74 75 72 6e 20 6e 2e 65 76 65 6e 74 73 3d 6e 2e 65 76 65 6e 74 73 7c 7c 5b 5d 2c 6e 75 6c 6c 21 3d 28 69 3d 6e 29 26 26 69 2e 6c 61 73 74 49 64 7c 7c 28 6e 2e 6c 61 73 74 49 64 3d 30 29 2c 6e 2e 6c 61 73 74 49 64 2b 2b 2c 6e 2e 65 76 65 6e 74 73 2e 70 75 73 68 28 7b 69 64 3a 6e 2e 6c 61 73 74 49 64 2c 63 61 6c 6c 62 61 63 6b Data Ascii: tle","GPP Locator"),i.body.appendChild(e)):setTimeout(function(){s.addFrame(t)},5)),!n},this.addEventListener=function(t,e){var i,n=s.win.__gpp;return n.events=n.events\|\|[],null!=(i=n)&&i.lastId\|\|(n.lastId=0),n.lastId++,n.events.push({id:n.lastId,callback
2025-01-14 23:17:44 UTC	1369	IN	Data Raw: 70 2e 73 74 75 62 53 63 72 69 70 74 45 6c 65 6d 65 6e 74 2e 6e 6f 6e 63 65 7c 7c 70 2e 73 74 75 62 53 63 72 69 70 74 45 6c 65 6d 65 6e 74 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 6e 6f 6e 63 65 22 29 7c 7c 6e 75 6c 6c 7d 2c 68 2e 70 72 6f 74 6f 74 79 70 65 2e 66 65 74 63 68 42 61 6e 6e 65 72 53 44 4b 44 65 70 65 6e 64 65 6e 63 79 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 69 73 2e 73 65 74 44 6f 6d 61 69 6e 44 61 74 61 46 69 6c 65 55 52 4c 28 29 2c 74 68 69 73 2e 63 72 6f 73 73 4f 72 69 67 69 6e 3d 70 2e 73 74 75 62 53 63 72 69 70 74 45 6c 65 6d 65 6e 74 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 63 72 6f 73 73 6f 72 69 67 69 6e 22 29 7c 7c 6e 75 6c 6c 2c 74 68 69 73 2e 70 72 65 76 69 65 77 4d 6f 64 65 3d 22 74 72 75 65 22 3d 3d 3d 70 2e 73 74 75 62 Data Ascii: p.stubScriptElement.nonce\|\|p.stubScriptElement.getAttribute("nonce")\|\|null},h.prototype.fetchBannerSDKDependency=function(){this.setDomainDataFileURL(),this.crossOrigin=p.stubScriptElement.getAttribute("crossorigin")\|\|null,this.previewMode="true"===p.stub
2025-01-14 23:17:44 UTC	1369	IN	Data Raw: 28 69 2e 63 6f 75 6e 74 72 79 43 6f 64 65 2c 69 2e 73 74 61 74 65 43 6f 64 65 29 2c 74 68 69 73 2e 61 64 64 42 61 6e 6e 65 72 53 44 4b 53 63 72 69 70 74 28 74 29 29 3a 28 69 3d 74 68 69 73 2e 72 65 61 64 43 6f 6f 6b 69 65 50 61 72 61 6d 28 70 2e 6f 70 74 61 6e 6f 6e 43 6f 6f 6b 69 65 4e 61 6d 65 2c 70 2e 67 65 6f 6c 6f 63 61 74 69 6f 6e 43 6f 6f 6b 69 65 73 50 61 72 61 6d 29 29 7c 7c 74 2e 53 6b 69 70 47 65 6f 6c 6f 63 61 74 69 6f 6e 3f 28 65 3d 69 2e 73 70 6c 69 74 28 22 3b 22 29 5b 30 5d 2c 69 3d 69 2e 73 70 6c 69 74 28 22 3b 22 29 5b 31 5d 2c 74 68 69 73 2e 73 65 74 47 65 6f 4c 6f 63 61 74 69 6f 6e 28 65 2c 69 29 2c 74 68 69 73 2e 61 64 64 42 61 6e 6e 65 72 53 44 4b 53 63 72 69 70 74 28 74 29 29 3a 74 68 69 73 2e 67 65 74 47 65 6f 4c 6f 63 61 74 69 6f Data Ascii: (i.countryCode,i.stateCode),this.addBannerSDKScript(t)):(i=this.readCookieParam(p.optanonCookieName,p.geolocationCookiesParam))\|\|t.SkipGeolocation?(e=i.split(";")[0],i=i.split(";")[1],this.setGeoLocation(e,i),this.addBannerSDKScript(t)):this.getGeoLocatio
2025-01-14 23:17:44 UTC	1369	IN	Data Raw: 79 3a 74 2c 73 74 61 74 65 3a 65 3d 76 6f 69 64 20 30 3d 3d 3d 65 3f 22 22 3a 65 7d 7d 2c 68 2e 70 72 6f 74 6f 74 79 70 65 2e 6f 74 46 65 74 63 68 3d 66 75 6e 63 74 69 6f 6e 28 74 2c 69 2c 65 2c 6e 2c 61 29 7b 76 6f 69 64 20 30 3d 3d 3d 65 26 26 28 65 3d 21 31 29 2c 76 6f 69 64 20 30 3d 3d 3d 6e 26 26 28 6e 3d 6e 75 6c 6c 29 3b 76 61 72 20 6f 3d 77 69 6e 64 6f 77 2e 73 65 73 73 69 6f 6e 53 74 6f 72 61 67 65 26 26 77 69 6e 64 6f 77 2e 73 65 73 73 69 6f 6e 53 74 6f 72 61 67 65 2e 67 65 74 49 74 65 6d 28 22 6f 74 50 72 65 76 69 65 77 44 61 74 61 22 29 3b 69 66 28 6e 65 77 20 52 65 67 45 78 70 28 22 5e 66 69 6c 65 3a 2f 2f 22 2c 22 69 22 29 2e 74 65 73 74 28 74 29 29 74 68 69 73 2e 6f 74 46 65 74 63 68 4f 66 66 6c 69 6e 65 46 69 6c 65 28 74 2c 69 29 3b 65 6c Data Ascii: y:t,state:e=void 0===e?"":e}},h.prototype.otFetch=function(t,i,e,n,a){void 0===e&&(e=!1),void 0===n&&(n=null);var o=window.sessionStorage&&window.sessionStorage.getItem("otPreviewData");if(new RegExp("^file://","i").test(t))this.otFetchOfflineFile(t,i);el
2025-01-14 23:17:44 UTC	1369	IN	Data Raw: 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 21 30 3d 3d 3d 74 2e 44 65 66 61 75 6c 74 7d 29 3b 69 66 28 21 61 2e 63 6f 75 6e 74 72 79 26 26 21 61 2e 73 74 61 74 65 29 72 65 74 75 72 6e 20 6f 26 26 30 3c 6f 2e 6c 65 6e 67 74 68 3f 6f 5b 30 5d 3a 6e 75 6c 6c 3b 66 6f 72 28 76 61 72 20 73 3d 61 2e 73 74 61 74 65 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 2c 72 3d 61 2e 63 6f 75 6e 74 72 79 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 2c 75 3d 30 3b 75 3c 74 2e 52 75 6c 65 53 65 74 2e 6c 65 6e 67 74 68 3b 75 2b 2b 29 69 66 28 21 30 3d 3d 3d 74 2e 52 75 6c 65 53 65 74 5b 75 5d 2e 47 6c 6f 62 61 6c 29 6e 3d 74 2e 52 75 6c 65 53 65 74 5b 75 5d 3b 65 6c 73 65 7b 76 61 72 20 6c 3d 74 2e 52 75 6c 65 53 65 74 5b 75 5d 2e 53 74 61 74 65 73 3b 69 66 28 6c 5b 72 5d 26 26 Data Ascii: ction(t){return!0===t.Default});if(!a.country&&!a.state)return o&&0<o.length?o[0]:null;for(var s=a.state.toLowerCase(),r=a.country.toLowerCase(),u=0;u<t.RuleSet.length;u++)if(!0===t.RuleSet[u].Global)n=t.RuleSet[u];else{var l=t.RuleSet[u].States;if(l[r]&&
2025-01-14 23:17:44 UTC	1369	IN	Data Raw: 69 65 4e 61 6d 65 29 29 3a 70 2e 69 73 53 74 75 62 52 65 61 64 79 3d 21 31 7d 2c 68 2e 70 72 6f 74 6f 74 79 70 65 2e 76 61 6c 69 64 61 74 65 49 41 42 47 44 50 52 41 70 70 6c 69 65 64 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 74 3d 74 68 69 73 2e 72 65 61 64 43 6f 6f 6b 69 65 50 61 72 61 6d 28 70 2e 6f 70 74 61 6e 6f 6e 43 6f 6f 6b 69 65 4e 61 6d 65 2c 70 2e 67 65 6f 6c 6f 63 61 74 69 6f 6e 43 6f 6f 6b 69 65 73 50 61 72 61 6d 29 2e 73 70 6c 69 74 28 22 3b 22 29 5b 30 5d 3b 74 3f 74 68 69 73 2e 69 73 42 6f 6f 6c 65 61 6e 28 74 29 3f 70 2e 6f 6e 65 54 72 75 73 74 49 41 42 67 64 70 72 41 70 70 6c 69 65 73 47 6c 6f 62 61 6c 6c 79 3d 22 74 72 75 65 22 3d 3d 3d 74 3a 70 2e 6f 6e 65 54 72 75 73 74 49 41 42 67 64 70 72 41 70 70 6c 69 65 73 47 6c 6f 62 61 6c Data Ascii: ieName)):p.isStubReady=!1},h.prototype.validateIABGDPRApplied=function(){var t=this.readCookieParam(p.optanonCookieName,p.geolocationCookiesParam).split(";")[0];t?this.isBoolean(t)?p.oneTrustIABgdprAppliesGlobally="true"===t:p.oneTrustIABgdprAppliesGlobal