Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://mychaseexclusive.ru/case?token

Overview

General Information

Sample URL:https://mychaseexclusive.ru/case?token
Analysis ID:1502389
Infos:

Detection

HTMLPhisher
Score:48
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Yara detected BlockedWebSite
Detected non-DNS traffic on DNS port
HTML page contains hidden javascript code

Classification

Process Tree

  • System is w10x64
  • chrome.exe (PID: 3548 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 1860 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2080 --field-trial-handle=2036,i,9328697437574807042,17108672982110021698,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 6428 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://mychaseexclusive.ru/case?token" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

HTML

SourceRuleDescriptionAuthorStrings
2.2.pages.csvJoeSecurity_BlockedWebSiteYara detected BlockedWebSiteJoe Security

    Sigma Signatures

    No Sigma rule has matched

    Suricata Signatures

    No Suricata rule has matched

    Joe Sandbox Signatures

    Click to jump to signature section

    Show All Signature Results

    Phishing

    barindex
    Yara detected BlockedWebSite
    Source: Yara matchFile source: 2.2.pages.csv, type: HTML
    Source: https://mychaseexclusive.ru/case?tokenHTTP Parser: Base64 decoded: 1725158639.000000
    Source: https://mychaseexclusive.ru/case?tokenHTTP Parser: No favicon
    Source: http://mychaseexclusive.ru/case/?tokenHTTP Parser: No favicon
    Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49749 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49752 version: TLS 1.2
    Source: global trafficTCP traffic: 192.168.2.4:56917 -> 1.1.1.1:53
    Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.32
    Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.32
    Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
    Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
    Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
    Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
    Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
    Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
    Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
    Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
    Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
    Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
    Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
    Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
    Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
    Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
    Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
    Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
    Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
    Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
    Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
    Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
    Source: global trafficHTTP traffic detected: GET /case?token HTTP/1.1Host: mychaseexclusive.ruConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1Host: mychaseexclusive.ruConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: BjcNjmN0-Pwccipeh5u98tXumNg=RlMmlDqDAXMD2-sDZQQTD_9Mt2w; vqvcV5FxXiC4lW3fXi-mk7Yniek=1725158636; rGQwSEOPwsEnpuR_hxDoi1LFJeM=1725245036; wEI2HLjHeHotR_BkdPbIlSz3B8Y=sMYomJlrBlmZzSyhoQA_hM4cdKE; NldLEC59kpxzgTjcuFdxCQh5s_s=_5wsorF3p1b651uGRwNr9-nLbuA; kXCmMa_0GiSRnNULyrGxWbTQpY0=cRrl2AzWkJYyEFavDJ0CEiHqe8Y
    Source: global trafficHTTP traffic detected: GET /case?token HTTP/1.1Host: mychaseexclusive.ruConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://mychaseexclusive.ru/case?tokenAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: BjcNjmN0-Pwccipeh5u98tXumNg=RlMmlDqDAXMD2-sDZQQTD_9Mt2w; vqvcV5FxXiC4lW3fXi-mk7Yniek=1725158636; rGQwSEOPwsEnpuR_hxDoi1LFJeM=1725245036; wEI2HLjHeHotR_BkdPbIlSz3B8Y=sMYomJlrBlmZzSyhoQA_hM4cdKE; NldLEC59kpxzgTjcuFdxCQh5s_s=_5wsorF3p1b651uGRwNr9-nLbuA; kXCmMa_0GiSRnNULyrGxWbTQpY0=cRrl2AzWkJYyEFavDJ0CEiHqe8Y; gSaS8avy_wI_yiRmm2mEqhqzNfw=1725158639; Uk7aT3LVFyyC59E7GXZA4bh_PBs=1725245039; Ry9hFaaXTCPp9EgROrpabb_CLbY=Rt5BjAUrllMrhOMZaImIP9FoQhE
    Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/e7cf9275f425/main.js? HTTP/1.1Host: mychaseexclusive.ruConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: BjcNjmN0-Pwccipeh5u98tXumNg=RlMmlDqDAXMD2-sDZQQTD_9Mt2w; vqvcV5FxXiC4lW3fXi-mk7Yniek=1725158636; rGQwSEOPwsEnpuR_hxDoi1LFJeM=1725245036; wEI2HLjHeHotR_BkdPbIlSz3B8Y=sMYomJlrBlmZzSyhoQA_hM4cdKE; NldLEC59kpxzgTjcuFdxCQh5s_s=_5wsorF3p1b651uGRwNr9-nLbuA; kXCmMa_0GiSRnNULyrGxWbTQpY0=cRrl2AzWkJYyEFavDJ0CEiHqe8Y; gSaS8avy_wI_yiRmm2mEqhqzNfw=1725158639; Uk7aT3LVFyyC59E7GXZA4bh_PBs=1725245039; Ry9hFaaXTCPp9EgROrpabb_CLbY=Rt5BjAUrllMrhOMZaImIP9FoQhE
    Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/e7cf9275f425/main.js? HTTP/1.1Host: mychaseexclusive.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: BjcNjmN0-Pwccipeh5u98tXumNg=RlMmlDqDAXMD2-sDZQQTD_9Mt2w; vqvcV5FxXiC4lW3fXi-mk7Yniek=1725158636; rGQwSEOPwsEnpuR_hxDoi1LFJeM=1725245036; wEI2HLjHeHotR_BkdPbIlSz3B8Y=sMYomJlrBlmZzSyhoQA_hM4cdKE; NldLEC59kpxzgTjcuFdxCQh5s_s=_5wsorF3p1b651uGRwNr9-nLbuA; kXCmMa_0GiSRnNULyrGxWbTQpY0=cRrl2AzWkJYyEFavDJ0CEiHqe8Y; gSaS8avy_wI_yiRmm2mEqhqzNfw=1725158639; Uk7aT3LVFyyC59E7GXZA4bh_PBs=1725245039; Ry9hFaaXTCPp9EgROrpabb_CLbY=Rt5BjAUrllMrhOMZaImIP9FoQhE
    Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: mychaseexclusive.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://mychaseexclusive.ru/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
    Source: global trafficHTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
    Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/jsd/r/8bc1ea757ae2437f HTTP/1.1Host: mychaseexclusive.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: BjcNjmN0-Pwccipeh5u98tXumNg=RlMmlDqDAXMD2-sDZQQTD_9Mt2w; vqvcV5FxXiC4lW3fXi-mk7Yniek=1725158636; rGQwSEOPwsEnpuR_hxDoi1LFJeM=1725245036; wEI2HLjHeHotR_BkdPbIlSz3B8Y=sMYomJlrBlmZzSyhoQA_hM4cdKE; NldLEC59kpxzgTjcuFdxCQh5s_s=_5wsorF3p1b651uGRwNr9-nLbuA; kXCmMa_0GiSRnNULyrGxWbTQpY0=cRrl2AzWkJYyEFavDJ0CEiHqe8Y; gSaS8avy_wI_yiRmm2mEqhqzNfw=1725158639; Uk7aT3LVFyyC59E7GXZA4bh_PBs=1725245039; Ry9hFaaXTCPp9EgROrpabb_CLbY=Rt5BjAUrllMrhOMZaImIP9FoQhE
    Source: global trafficHTTP traffic detected: GET /cdn-cgi/images/icon-exclamation.png?1376755637 HTTP/1.1Host: mychaseexclusive.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: BjcNjmN0-Pwccipeh5u98tXumNg=RlMmlDqDAXMD2-sDZQQTD_9Mt2w; vqvcV5FxXiC4lW3fXi-mk7Yniek=1725158636; rGQwSEOPwsEnpuR_hxDoi1LFJeM=1725245036; wEI2HLjHeHotR_BkdPbIlSz3B8Y=sMYomJlrBlmZzSyhoQA_hM4cdKE; NldLEC59kpxzgTjcuFdxCQh5s_s=_5wsorF3p1b651uGRwNr9-nLbuA; kXCmMa_0GiSRnNULyrGxWbTQpY0=cRrl2AzWkJYyEFavDJ0CEiHqe8Y; gSaS8avy_wI_yiRmm2mEqhqzNfw=1725158639; Uk7aT3LVFyyC59E7GXZA4bh_PBs=1725245039; Ry9hFaaXTCPp9EgROrpabb_CLbY=Rt5BjAUrllMrhOMZaImIP9FoQhE
    Source: global trafficHTTP traffic detected: GET /case/?token HTTP/1.1Host: mychaseexclusive.ruConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: BjcNjmN0-Pwccipeh5u98tXumNg=RlMmlDqDAXMD2-sDZQQTD_9Mt2w; vqvcV5FxXiC4lW3fXi-mk7Yniek=1725158636; rGQwSEOPwsEnpuR_hxDoi1LFJeM=1725245036; wEI2HLjHeHotR_BkdPbIlSz3B8Y=sMYomJlrBlmZzSyhoQA_hM4cdKE; NldLEC59kpxzgTjcuFdxCQh5s_s=_5wsorF3p1b651uGRwNr9-nLbuA; kXCmMa_0GiSRnNULyrGxWbTQpY0=cRrl2AzWkJYyEFavDJ0CEiHqe8Y; gSaS8avy_wI_yiRmm2mEqhqzNfw=1725158639; Uk7aT3LVFyyC59E7GXZA4bh_PBs=1725245039; Ry9hFaaXTCPp9EgROrpabb_CLbY=Rt5BjAUrllMrhOMZaImIP9FoQhE
    Source: global trafficHTTP traffic detected: GET /cdn-cgi/styles/cf.errors.css HTTP/1.1Host: mychaseexclusive.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/css,*/*;q=0.1Referer: http://mychaseexclusive.ru/case/?tokenAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: BjcNjmN0-Pwccipeh5u98tXumNg=RlMmlDqDAXMD2-sDZQQTD_9Mt2w; vqvcV5FxXiC4lW3fXi-mk7Yniek=1725158636; rGQwSEOPwsEnpuR_hxDoi1LFJeM=1725245036; wEI2HLjHeHotR_BkdPbIlSz3B8Y=sMYomJlrBlmZzSyhoQA_hM4cdKE; NldLEC59kpxzgTjcuFdxCQh5s_s=_5wsorF3p1b651uGRwNr9-nLbuA; kXCmMa_0GiSRnNULyrGxWbTQpY0=cRrl2AzWkJYyEFavDJ0CEiHqe8Y; gSaS8avy_wI_yiRmm2mEqhqzNfw=1725158639; Uk7aT3LVFyyC59E7GXZA4bh_PBs=1725245039; Ry9hFaaXTCPp9EgROrpabb_CLbY=Rt5BjAUrllMrhOMZaImIP9FoQhE
    Source: global trafficHTTP traffic detected: GET /cdn-cgi/images/icon-exclamation.png?1376755637 HTTP/1.1Host: mychaseexclusive.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Referer: http://mychaseexclusive.ru/cdn-cgi/styles/cf.errors.cssAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: BjcNjmN0-Pwccipeh5u98tXumNg=RlMmlDqDAXMD2-sDZQQTD_9Mt2w; vqvcV5FxXiC4lW3fXi-mk7Yniek=1725158636; rGQwSEOPwsEnpuR_hxDoi1LFJeM=1725245036; wEI2HLjHeHotR_BkdPbIlSz3B8Y=sMYomJlrBlmZzSyhoQA_hM4cdKE; NldLEC59kpxzgTjcuFdxCQh5s_s=_5wsorF3p1b651uGRwNr9-nLbuA; kXCmMa_0GiSRnNULyrGxWbTQpY0=cRrl2AzWkJYyEFavDJ0CEiHqe8Y; gSaS8avy_wI_yiRmm2mEqhqzNfw=1725158639; Uk7aT3LVFyyC59E7GXZA4bh_PBs=1725245039; Ry9hFaaXTCPp9EgROrpabb_CLbY=Rt5BjAUrllMrhOMZaImIP9FoQhE
    Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: mychaseexclusive.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Referer: http://mychaseexclusive.ru/case/?tokenAccept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: BjcNjmN0-Pwccipeh5u98tXumNg=RlMmlDqDAXMD2-sDZQQTD_9Mt2w; vqvcV5FxXiC4lW3fXi-mk7Yniek=1725158636; rGQwSEOPwsEnpuR_hxDoi1LFJeM=1725245036; wEI2HLjHeHotR_BkdPbIlSz3B8Y=sMYomJlrBlmZzSyhoQA_hM4cdKE; NldLEC59kpxzgTjcuFdxCQh5s_s=_5wsorF3p1b651uGRwNr9-nLbuA; kXCmMa_0GiSRnNULyrGxWbTQpY0=cRrl2AzWkJYyEFavDJ0CEiHqe8Y; gSaS8avy_wI_yiRmm2mEqhqzNfw=1725158639; Uk7aT3LVFyyC59E7GXZA4bh_PBs=1725245039; Ry9hFaaXTCPp9EgROrpabb_CLbY=Rt5BjAUrllMrhOMZaImIP9FoQhE
    Source: global trafficDNS traffic detected: DNS query: mychaseexclusive.ru
    Source: global trafficDNS traffic detected: DNS query: a.nel.cloudflare.com
    Source: global trafficDNS traffic detected: DNS query: www.google.com
    Source: unknownHTTP traffic detected: POST /case?token HTTP/1.1Host: mychaseexclusive.ruConnection: keep-aliveContent-Length: 22sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"X-Requested-TimeStamp-Expire: sec-ch-ua-mobile: ?0X-Requested-TimeStamp-Combination: X-Requested-Type-Combination: GETContent-type: application/x-www-form-urlencodedX-Requested-Type: GETUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36ZaOHwFApya53RTC4BTqa5t59QUs: 50322854X-Requested-with: XMLHttpRequestX-Requested-TimeStamp: sec-ch-ua-platform: "Windows"Accept: */*Origin: https://mychaseexclusive.ruSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://mychaseexclusive.ru/case?tokenAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: BjcNjmN0-Pwccipeh5u98tXumNg=RlMmlDqDAXMD2-sDZQQTD_9Mt2w; vqvcV5FxXiC4lW3fXi-mk7Yniek=1725158636; rGQwSEOPwsEnpuR_hxDoi1LFJeM=1725245036; wEI2HLjHeHotR_BkdPbIlSz3B8Y=sMYomJlrBlmZzSyhoQA_hM4cdKE; NldLEC59kpxzgTjcuFdxCQh5s_s=_5wsorF3p1b651uGRwNr9-nLbuA; kXCmMa_0GiSRnNULyrGxWbTQpY0=cRrl2AzWkJYyEFavDJ0CEiHqe8Y
    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sun, 01 Sep 2024 02:44:03 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: closeVary: Accept-EncodingX-Content-Type-Options: nosniffX-Content-Type-Options: nosniffX-XSS-Protection: 1; mode=blockX-XSS-Protection: 1; mode=blockCache-Control: public, max-age=315360000, stale-while-revalidate=315360000, stale-if-error=315360000, immutablePragma: publicCF-Cache-Status: HITAge: 814140Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ldypmoCwgyqJ%2FHVWxHY419f5RqLdMoOKP2p8kXZHnMnhfuFj%2FOvuriyxS9qDPyUNFh2b2nzi4DK2OwNMprh4v9ORGkD3Q7zY6FWCOJrDc%2FZTLX3cUbM%2Bpw4qaDYwSJRQ6xV8Cytz"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 8bc1ea920cd21921-EWRalt-svc: h3=":443"; ma=86400
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
    Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 56923 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 56925 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 56921 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
    Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
    Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 56925
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 56921
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 56922
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 56923
    Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 56924
    Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 56922 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 56924 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
    Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
    Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
    Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49749 version: TLS 1.2
    Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49752 version: TLS 1.2
    Source: classification engineClassification label: mal48.phis.win@22/10@18/6
    Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2080 --field-trial-handle=2036,i,9328697437574807042,17108672982110021698,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
    Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://mychaseexclusive.ru/case?token"
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2080 --field-trial-handle=2036,i,9328697437574807042,17108672982110021698,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
    Source: Window RecorderWindow detected: More than 3 window changes detected

    Mitre Att&ck Matrix

    ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
    Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management InstrumentationPath Interception1
    Process Injection    		1
    Process Injection    		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
    Encrypted Channel    		Exfiltration Over Other Network MediumAbuse Accessibility Features
    CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsRootkitLSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media4
    Non-Application Layer Protocol    		Exfiltration Over BluetoothNetwork Denial of Service
    Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive5
    Application Layer Protocol    		Automated ExfiltrationData Encrypted for Impact
    Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture3
    Ingress Tool Transfer    		Traffic DuplicationData Destruction

    Behavior Graph

    Hide Legend

    Legend:

    • Process
    • Signature
    • Created File
    • DNS/IP Info
    • Is Dropped
    • Is Windows Process
    • Number of created Registry Values
    • Number of created Files
    • Visual Basic
    • Delphi
    • Java
    • .Net C# or VB.NET
    • C, C++ or other language
    • Is malicious
    • Internet

    Screenshots

    Thumbnails

    This section contains all screenshots as thumbnails, including those not shown in the slideshow.


    windows-stand

    Antivirus, Machine Learning and Genetic Malware Detection

    Initial Sample

    SourceDetectionScannerLabelLink
    https://mychaseexclusive.ru/case?token0%Avira URL Cloudsafe
    https://mychaseexclusive.ru/case?token4%VirustotalBrowse

    Dropped Files

    No Antivirus matches

    Unpacked PE Files

    No Antivirus matches

    Domains

    SourceDetectionScannerLabelLink
    www.google.com0%VirustotalBrowse
    a.nel.cloudflare.com0%VirustotalBrowse
    mychaseexclusive.ru4%VirustotalBrowse
    fp2e7a.wpc.phicdn.net0%VirustotalBrowse

    URLs

    SourceDetectionScannerLabelLink
    https://a.nel.cloudflare.com/report/v4?s=mdahbD%2FjwG7qm03aphoIs4bAVE42ANheSYBpOhJZMKaukDh3aC6hoM02nvcC%2BuyBuXzk4y3S74v8eiXUsc2dQUdpBPxBvlRWV7vGyVHTmSRB6C2HEyHwhORilGfKhKN9%2Bb%2BvRWup0%Avira URL Cloudsafe
    https://a.nel.cloudflare.com/report/v4?s=rxlO9UktNCk1WpZt%2FRaLyVhjO9TyCiJJCa50qqChPRe%2FipDkm8B8exLp0dwMNty1umuPXK0xfftqKtHo3qa6HzvRCxRh9%2F%2FOS1KcFW1ypy33u3haqq%2FnV0XK4JvezsmF9UfwpJIU0%Avira URL Cloudsafe
    https://mychaseexclusive.ru/cdn-cgi/challenge-platform/scripts/jsd/main.js0%Avira URL Cloudsafe
    https://mychaseexclusive.ru/cdn-cgi/challenge-platform/h/g/scripts/jsd/e7cf9275f425/main.js?0%Avira URL Cloudsafe
    https://mychaseexclusive.ru/cdn-cgi/images/icon-exclamation.png?13767556370%Avira URL Cloudsafe
    http://mychaseexclusive.ru/cdn-cgi/styles/cf.errors.css0%Avira URL Cloudsafe
    http://mychaseexclusive.ru/cdn-cgi/images/icon-exclamation.png?13767556370%Avira URL Cloudsafe
    https://a.nel.cloudflare.com/report/v4?s=ldypmoCwgyqJ%2FHVWxHY419f5RqLdMoOKP2p8kXZHnMnhfuFj%2FOvuriyxS9qDPyUNFh2b2nzi4DK2OwNMprh4v9ORGkD3Q7zY6FWCOJrDc%2FZTLX3cUbM%2Bpw4qaDYwSJRQ6xV8Cytz0%Avira URL Cloudsafe
    http://mychaseexclusive.ru/favicon.ico0%Avira URL Cloudsafe
    https://mychaseexclusive.ru/cdn-cgi/challenge-platform/h/g/jsd/r/8bc1ea757ae2437f0%Avira URL Cloudsafe
    https://mychaseexclusive.ru/favicon.ico0%Avira URL Cloudsafe

    Domains and IPs

    Contacted Domains

    NameIPActiveMaliciousAntivirus DetectionReputation
    a.nel.cloudflare.com
    		35.190.80.1
    		truefalseunknown
    www.google.com
    		142.250.185.132
    		truefalseunknown
    mychaseexclusive.ru
    		104.21.7.89
    		truefalseunknown
    fp2e7a.wpc.phicdn.net
    		192.229.221.95
    		truefalseunknown

    Contacted URLs

    NameMaliciousAntivirus DetectionReputation
    https://mychaseexclusive.ru/cdn-cgi/challenge-platform/scripts/jsd/main.jsfalse
    • Avira URL Cloud: safe
    		unknown
    https://a.nel.cloudflare.com/report/v4?s=rxlO9UktNCk1WpZt%2FRaLyVhjO9TyCiJJCa50qqChPRe%2FipDkm8B8exLp0dwMNty1umuPXK0xfftqKtHo3qa6HzvRCxRh9%2F%2FOS1KcFW1ypy33u3haqq%2FnV0XK4JvezsmF9UfwpJIUfalse
    • Avira URL Cloud: safe
    		unknown
    https://a.nel.cloudflare.com/report/v4?s=mdahbD%2FjwG7qm03aphoIs4bAVE42ANheSYBpOhJZMKaukDh3aC6hoM02nvcC%2BuyBuXzk4y3S74v8eiXUsc2dQUdpBPxBvlRWV7vGyVHTmSRB6C2HEyHwhORilGfKhKN9%2Bb%2BvRWupfalse
    • Avira URL Cloud: safe
    		unknown
    http://mychaseexclusive.ru/case/?tokenfalse
      		unknown
      https://mychaseexclusive.ru/cdn-cgi/challenge-platform/h/g/scripts/jsd/e7cf9275f425/main.js?false
      • Avira URL Cloud: safe
      		unknown
      https://mychaseexclusive.ru/cdn-cgi/images/icon-exclamation.png?1376755637false
      • Avira URL Cloud: safe
      		unknown
      http://mychaseexclusive.ru/cdn-cgi/styles/cf.errors.cssfalse
      • Avira URL Cloud: safe
      		unknown
      http://mychaseexclusive.ru/cdn-cgi/images/icon-exclamation.png?1376755637false
      • Avira URL Cloud: safe
      		unknown
      https://mychaseexclusive.ru/case?tokenfalse
        		unknown
        https://a.nel.cloudflare.com/report/v4?s=ldypmoCwgyqJ%2FHVWxHY419f5RqLdMoOKP2p8kXZHnMnhfuFj%2FOvuriyxS9qDPyUNFh2b2nzi4DK2OwNMprh4v9ORGkD3Q7zY6FWCOJrDc%2FZTLX3cUbM%2Bpw4qaDYwSJRQ6xV8Cytzfalse
        • Avira URL Cloud: safe
        		unknown
        http://mychaseexclusive.ru/favicon.icofalse
        • Avira URL Cloud: safe
        		unknown
        https://mychaseexclusive.ru/cdn-cgi/challenge-platform/h/g/jsd/r/8bc1ea757ae2437ffalse
        • Avira URL Cloud: safe
        		unknown
        https://mychaseexclusive.ru/favicon.icofalse
        • Avira URL Cloud: safe
        		unknown

        World Map of Contacted IPs

        • No. of IPs < 25%
        • 25% < No. of IPs < 50%
        • 50% < No. of IPs < 75%
        • 75% < No. of IPs

        Public IPs

        IPDomainCountryFlagASNASN NameMalicious
        104.21.7.89
        		mychaseexclusive.ruUnited States
        		13335CLOUDFLARENETUSfalse
        239.255.255.250
        		unknownReserved
        		unknownunknownfalse
        35.190.80.1
        		a.nel.cloudflare.comUnited States
        		15169GOOGLEUSfalse
        142.250.185.132
        		www.google.comUnited States
        		15169GOOGLEUSfalse
        172.67.135.236
        		unknownUnited States
        		13335CLOUDFLARENETUSfalse

        Private

        IP
        192.168.2.4

        General Information

        Joe Sandbox version:40.0.0 Tourmaline
        Analysis ID:1502389
        Start date and time:2024-09-01 04:43:04 +02:00
        Joe Sandbox product:CloudBasic
        Overall analysis duration:0h 3m 0s
        Hypervisor based Inspection enabled:false
        Report type:full
        Cookbook file name:browseurl.jbs
        Sample URL:https://mychaseexclusive.ru/case?token
        Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
        Number of analysed new started processes analysed:7
        Number of new started drivers analysed:0
        Number of existing processes analysed:0
        Number of existing drivers analysed:0
        Number of injected processes analysed:0
        Technologies:
        • HCA enabled
        • EGA enabled
        • AMSI enabled
        Analysis Mode:default
        Analysis stop reason:Timeout
        Detection:MAL
        Classification:mal48.phis.win@22/10@18/6
        EGA Information:Failed
        HCA Information:
        • Successful, ratio: 100%
        • Number of executed functions: 0
        • Number of non-executed functions: 0

        Warnings

        • Exclude process from analysis (whitelisted): MpCmdRun.exe, SIHClient.exe, conhost.exe, svchost.exe
        • Excluded IPs from analysis (whitelisted): 172.217.18.3, 142.250.186.174, 74.125.133.84, 34.104.35.123, 20.12.23.50, 93.184.221.240, 192.229.221.95, 20.166.126.56, 13.85.23.206, 142.250.184.227
        • Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, ctldl.windowsupdate.com.delivery.microsoft.com, wu.ec.azureedge.net, clientservices.googleapis.com, ctldl.windowsupdate.com, wu.azureedge.net, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, ocsp.digicert.com, bg.apr-52dd2-0503.edgecastdns.net, cs11.wpc.v0cdn.net, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, hlb.apr-52dd2-0.edgecastdns.net, update.googleapis.com, clients.l.google.com, wu-b-net.trafficmanager.net, glb.sls.prod.dcat.dsp.trafficmanager.net
        • Not all processes where analyzed, report is missing behavior information
        • Report size getting too big, too many NtSetInformationFile calls found.

        Simulations

        Behavior and APIs

        No simulations

        LLM Input / Output

        InputOutput
        URL: https://mychaseexclusive.ru/case?token Model: jbxai
        {
"brand":["cloudflare"],
"contains_trigger_text":true,
"prominent_button_name":"Learn More",
"text_input_field_labels":["Your IP: Click to reveal"],
"pdf_icon_visible":false,
"has_visible_captcha":false,
"has_urgent_text":false,
"has_visible_qrcode":false}

        Joe Sandbox View / Context

        IPs

        No context

        Domains

        No context

        ASNs

        No context

        JA3 Fingerprints

        No context

        Dropped Files

        No context

        Created / dropped Files

        Chrome Cache Entry: 106

        Download File
        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
        File Type:gzip compressed data, from Unix, original size modulo 2^32 24051
        Category:downloaded
        Size (bytes):4515
        Entropy (8bit):7.956467386800229
        Encrypted:false
        SSDEEP:96:4p4l0h92B45gLm/Ie0f5G7dTj4URSht8vOcrIu9JL:I4l0hoW5gLNA7dH4Ucht8vOKX9JL
        MD5:99A8B213866426D482DB5C874E91CFC1
        SHA1:49BFFD206943C4A850376205EE720A87D08CE8CC
        SHA-256:D117A3A72EDA86BB4E103C5DAD01F6828F9454E9232CDD763806D57FF6D3DEBE
        SHA-512:CACDEA20F37A4FD5A551FAA04A2916D467E197CCF971E7104E18A2213CF1F1EA3C84B7389C3841C5249053A1854C28C92A86A5E0986244A8F26BFC35792F15C1
        Malicious:false
        Reputation:low
        URL:http://mychaseexclusive.ru/cdn-cgi/styles/cf.errors.css
        Preview:...........<..r.......F[:Z,..F. H.....O...%.6.H...n......I\%.3....R...bUI........6..,k.Gy....rK&?...\..._..+.p.!5.~.......r..{(S.#.v....B~.....T.....@o.....a.<fP&.`Yt.W..&.O.<.2C'.U).p+#.D.c,?&..V~L....A.`..[<4rS_.2B.......d.)A..T...%Y.`+.~..`=H.5.W.g..\^.,c.C......FY.Y.:P..;.k..U...v.P..-...&\.B.Ly.*.~(m2A=.].k........[..#...Yezy..HCy.@{F.!<6.(P}>.....l........lQO...}..(.?.{x.....D.......)...Jt....`.j.].....8.2K.u..&S.C..m..*.Q.f...5%.8PK-...'?..P....T..........h-..^.d..2y.5N.!hO.j.:..&..I...a..~.~9...N.-.gI.v.%.7:...".&......!...%...d..m.....;*...r.|T..zx...9.q{........m.j.WO.B....MSB...zXm..D.............1............gXo...u?l...o.lj...7.."Pn:Pw~.[tR.2..6W........... .zLFD.....~.....m........{...t.....D.3.%..6Q.I.M.<M..}....@.u.@.@..M......2..%.......MK.g..qu.a5...!...QS.0...0.x..R.......g..+.V........8.Z7....$H}.zN....^..`..M4....*p........Tb.M.Y..a.6Wq#e.J.....C~........^........K.jN..5.a.t......X .P..?....R?'O6....6q.2q..................m\

        Chrome Cache Entry: 107

        Download File
        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
        File Type:PNG image data, 54 x 54, 8-bit colormap, non-interlaced
        Category:downloaded
        Size (bytes):452
        Entropy (8bit):7.0936408308765495
        Encrypted:false
        SSDEEP:12:6v/7EljW8E6Cl2SYh8SZM4tf70FSDvMXDxJp6ScFChY9:U8hCl2SIdZBtAFSDUX/ozIhK
        MD5:C33DE66281E933259772399D10A6AFE8
        SHA1:B9F9D500F8814381451011D4DCF59CD2D90AD94F
        SHA-256:F1591A5221136C49438642155691AE6C68E25B7241F3D7EBE975B09A77662016
        SHA-512:5834FB9D66F550E6CECFE484B7B6A14F3FCA795405DECE8E652BD69AD917B94B6BBDCDF7639161B9C07F0D33EABD3E79580446B5867219F72F4FC43FD43B98C3
        Malicious:false
        Reputation:low
        URL:http://mychaseexclusive.ru/cdn-cgi/images/icon-exclamation.png?1376755637
        Preview:.PNG........IHDR...6...6............3PLTE.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?..".....tRNS.@0.`........ P.p`...../IDATx.....0...l..6....+...~yJ.F"....oE..L.3..[..i2..n.WyJ..z&.....F.......b....p~...|:t5.m...fp.i./e....%.%...n.P...enV.....!...,.......E........t![HW.B.g.R.\^.e..o+........%.&-j..q...f@..o...]... ....u0.x..2K.+C..8.U.L.Y.[=.....y...o.tF..]M..U.,4..........a.>/.)....C3gNI.i...R.=....Q7..K......IEND.B`.

        Chrome Cache Entry: 108

        Download File
        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
        File Type:gzip compressed data, from Unix, original size modulo 2^32 4405
        Category:downloaded
        Size (bytes):1786
        Entropy (8bit):7.859175318224479
        Encrypted:false
        SSDEEP:48:X1S7c0Xckgx2KH7wNh8fYowAacAtW0yL8oJ:FS7c0FGKOYoBacAhd0
        MD5:060CC8A327AA753B76B628C8A3BEAC83
        SHA1:3D76263F87FB36602219CDE99ED1B8A8E1BA1214
        SHA-256:2D59DAF42561A3914CBD79A3B052508D619ED1FE8BF84321EEC079E00A6B1DF2
        SHA-512:B15CB28367E64C138094EF32168949F6D0E840882F97763F1EA6CDC007291FBBB277189D45F3FCA1C2AA28626AD647754E51B8D534149F306640FBD4959A8B5D
        Malicious:false
        Reputation:low
        URL:http://mychaseexclusive.ru/case/?token
        Preview:...........X.o.6......$1.Jv^........E.kr..X..9..P..._...?P.G.......H..yp..0.O?]..v;..+d.?...@:..../..~....N......^..\`...|.."......~G.E........u..............O...>.!.H3.<..N8../s["s...;.*.+....J.9.$5.G.l/..Q`3j,.Ip...r.@...+.~...$...r.n]b...M..+.y.....P.M.. W.(.....]O'S.cg...N..S.lGPi.8..A.LK..{[....6..i)..M8..CR....NPI,..'..E.....$.n-...]..O..=.S.Y...`6."..a...e!....+.h7........E.@...Z....3..LR..O.5.P..........q...z.,Do.p..a/...%=.....E.".N..i.(p.h*.....R(..!.|.@.n.u....~..s.97.r....sB+8jw.,...X...f....stS.....k~tX..*........+.B.l)..&p.J...k..~...G.k{7....2..y.c.......e.&H*.j...,.M...T........p.(q.*+.C..}`.j!.$...E...Om.G\,:v4.VZ.GG..wfc...#{.X...2T...u6.......r5nfR..F'...x..i9/....#.......'.&.I,:..iEp.$-.w.X....)e...s........j...`."....*.x}i;.pRE".D..R....hv...v.@...P.`xQ.`0.:.~.0{..N.]..Vyr7....V.?..RD..=1".L.(.....M..=5T.wQ.U..w..h]X.sX...`.R....N,.......5dTZ.k(.Z.Y.@.....s.0..2y;Bq.g.......UV..t]R........]...[...RR..i..P..A-9......B.~.`A..'.

        Chrome Cache Entry: 109

        Download File
        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
        File Type:PNG image data, 54 x 54, 8-bit colormap, non-interlaced
        Category:dropped
        Size (bytes):452
        Entropy (8bit):7.0936408308765495
        Encrypted:false
        SSDEEP:12:6v/7EljW8E6Cl2SYh8SZM4tf70FSDvMXDxJp6ScFChY9:U8hCl2SIdZBtAFSDUX/ozIhK
        MD5:C33DE66281E933259772399D10A6AFE8
        SHA1:B9F9D500F8814381451011D4DCF59CD2D90AD94F
        SHA-256:F1591A5221136C49438642155691AE6C68E25B7241F3D7EBE975B09A77662016
        SHA-512:5834FB9D66F550E6CECFE484B7B6A14F3FCA795405DECE8E652BD69AD917B94B6BBDCDF7639161B9C07F0D33EABD3E79580446B5867219F72F4FC43FD43B98C3
        Malicious:false
        Reputation:low
        Preview:.PNG........IHDR...6...6............3PLTE.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?.E?..".....tRNS.@0.`........ P.p`...../IDATx.....0...l..6....+...~yJ.F"....oE..L.3..[..i2..n.WyJ..z&.....F.......b....p~...|:t5.m...fp.i./e....%.%...n.P...enV.....!...,.......E........t![HW.B.g.R.\^.e..o+........%.&-j..q...f@..o...]... ....u0.x..2K.+C..8.U.L.Y.[=.....y...o.tF..]M..U.,4..........a.>/.)....C3gNI.i...R.=....Q7..K......IEND.B`.

        Chrome Cache Entry: 110

        Download File
        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
        File Type:ASCII text, with very long lines (7842), with no line terminators
        Category:dropped
        Size (bytes):7842
        Entropy (8bit):5.767195088917355
        Encrypted:false
        SSDEEP:192:T1Iaw06kQZ0OLQW0IppxElXiINB2oUNOGTyg:T1R56nZ0OLQW0Ipp6LNB23EGT7
        MD5:7E59DE4CCEB036EB0F7985F8AE96F2D5
        SHA1:CCCA549E98BDB990E4D6E34E60C43135051B8486
        SHA-256:668872DC768E78F73A76323F587E98C2AFBAFD0B7CE29F79CEA802E029B01E73
        SHA-512:BE08BF048588143E0D6B206ED9589A2CED49BDB665E9F7CAE0F33F269A393B5024027904BB66620FC64DBE2A51A24AF86968C1AC2F3640618422976F5B52AF97
        Malicious:false
        Reputation:low
        Preview:window._cf_chl_opt={cFPWv:'g'};~function(V,g,h,m,n,x,y,A){V=b,function(c,e,U,f,C){for(U=b,f=c();!![];)try{if(C=-parseInt(U(253))/1+-parseInt(U(303))/2+-parseInt(U(317))/3*(-parseInt(U(298))/4)+parseInt(U(304))/5*(parseInt(U(295))/6)+-parseInt(U(320))/7*(parseInt(U(324))/8)+parseInt(U(249))/9+-parseInt(U(250))/10*(-parseInt(U(252))/11),e===C)break;else f.push(f.shift())}catch(D){f.push(f.shift())}}(a,241261),g=this||self,h=g[V(326)],m={},m[V(315)]='o',m[V(269)]='s',m[V(312)]='u',m[V(242)]='z',m[V(328)]='n',m[V(256)]='I',n=m,g[V(248)]=function(C,D,E,F,a4,H,I,J,K,L,M){if(a4=V,D===null||D===void 0)return F;for(H=v(D),C[a4(279)][a4(259)]&&(H=H[a4(296)](C[a4(279)][a4(259)](D))),H=C[a4(301)][a4(282)]&&C[a4(271)]?C[a4(301)][a4(282)](new C[(a4(271))](H)):function(N,a5,O){for(a5=a4,N[a5(238)](),O=0;O<N[a5(260)];N[O+1]===N[O]?N[a5(318)](O+1,1):O+=1);return N}(H),I='nAsAaAb'.split('A'),I=I[a4(272)][a4(311)](I),J=0;J<H[a4(260)];K=H[J],L=s(C,D,K),I(L)?(M='s'===L&&!C[a4(291)](D[K]),a4(273)===E+K?G(E+

        Chrome Cache Entry: 111

        Download File
        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
        File Type:ASCII text, with very long lines (7847), with no line terminators
        Category:downloaded
        Size (bytes):7847
        Entropy (8bit):5.768353366801301
        Encrypted:false
        SSDEEP:192:PPEmdbJ5TM1GBId4gPbVAjySbnl714I9vki5v:PPE6bJ5TM1GBILeDbL4Ixl
        MD5:2495AC6A87C6E39D7D841C4E0B691490
        SHA1:63D72E347C4928A1F79B6C68AA62EE427150D5A7
        SHA-256:0FBF12A9F12492D51D6B1F0B707540BE4BC6E7FA53BBB750F48C960F5C8B6C03
        SHA-512:357A7E17562F854180EDE45AF6E16D289940ECDC81F35E98EAD1EEC4349A38D0C27A1E2B5B2F5C18DFFE688896FC8423044A485BC707EFB1863A0BBD55279E93
        Malicious:false
        Reputation:low
        URL:https://mychaseexclusive.ru/cdn-cgi/challenge-platform/h/g/scripts/jsd/e7cf9275f425/main.js?
        Preview:window._cf_chl_opt={cFPWv:'g'};~function(V,g,h,i,j,k,o,s){V=b,function(c,e,U,f,C){for(U=b,f=c();!![];)try{if(C=-parseInt(U(279))/1+-parseInt(U(196))/2+parseInt(U(234))/3+-parseInt(U(236))/4*(-parseInt(U(254))/5)+-parseInt(U(245))/6*(parseInt(U(288))/7)+-parseInt(U(260))/8*(-parseInt(U(208))/9)+parseInt(U(235))/10*(parseInt(U(281))/11),e===C)break;else f.push(f.shift())}catch(D){f.push(f.shift())}}(a,283969),g=this||self,h=g[V(227)],i=function(W,e,f,C){return W=V,e=String[W(211)],f={'h':function(D){return D==null?'':f.g(D,6,function(E,X){return X=b,X(207)[X(224)](E)})},'g':function(D,E,F,Y,G,H,I,J,K,L,M,N,O,P,Q,R,S,T){if(Y=W,D==null)return'';for(H={},I={},J='',K=2,L=3,M=2,N=[],O=0,P=0,Q=0;Q<D[Y(261)];Q+=1)if(R=D[Y(224)](Q),Object[Y(280)][Y(276)][Y(259)](H,R)||(H[R]=L++,I[R]=!0),S=J+R,Object[Y(280)][Y(276)][Y(259)](H,S))J=S;else{if(Object[Y(280)][Y(276)][Y(259)](I,J)){if(256>J[Y(213)](0)){for(G=0;G<M;O<<=1,P==E-1?(P=0,N[Y(284)](F(O)),O=0):P++,G++);for(T=J[Y(213)](0),G=0;8>G;O=T&1|O<<1.97

        Static File Info

        No static file info

        Network Behavior

        Network Port Distribution

        TCP Packets

        TimestampSource PortDest PortSource IPDest IP
        Sep 1, 2024 04:43:48.701009989 CEST49675443192.168.2.4173.222.162.32
        Sep 1, 2024 04:43:58.309422970 CEST49675443192.168.2.4173.222.162.32
        Sep 1, 2024 04:43:58.416158915 CEST49735443192.168.2.4104.21.7.89
        Sep 1, 2024 04:43:58.416198015 CEST44349735104.21.7.89192.168.2.4
        Sep 1, 2024 04:43:58.416265965 CEST49735443192.168.2.4104.21.7.89
        Sep 1, 2024 04:43:58.416490078 CEST49736443192.168.2.4104.21.7.89
        Sep 1, 2024 04:43:58.416496992 CEST44349736104.21.7.89192.168.2.4
        Sep 1, 2024 04:43:58.416551113 CEST49736443192.168.2.4104.21.7.89
        Sep 1, 2024 04:43:58.416690111 CEST49735443192.168.2.4104.21.7.89
        Sep 1, 2024 04:43:58.416702032 CEST44349735104.21.7.89192.168.2.4
        Sep 1, 2024 04:43:58.416906118 CEST49736443192.168.2.4104.21.7.89
        Sep 1, 2024 04:43:58.416913033 CEST44349736104.21.7.89192.168.2.4
        Sep 1, 2024 04:43:58.877542019 CEST44349735104.21.7.89192.168.2.4
        Sep 1, 2024 04:43:58.877871990 CEST49735443192.168.2.4104.21.7.89
        Sep 1, 2024 04:43:58.877907038 CEST44349735104.21.7.89192.168.2.4
        Sep 1, 2024 04:43:58.878752947 CEST44349735104.21.7.89192.168.2.4
        Sep 1, 2024 04:43:58.878839016 CEST49735443192.168.2.4104.21.7.89
        Sep 1, 2024 04:43:58.879780054 CEST49735443192.168.2.4104.21.7.89
        Sep 1, 2024 04:43:58.879837990 CEST44349735104.21.7.89192.168.2.4
        Sep 1, 2024 04:43:58.879911900 CEST49735443192.168.2.4104.21.7.89
        Sep 1, 2024 04:43:58.879920006 CEST44349735104.21.7.89192.168.2.4
        Sep 1, 2024 04:43:58.891341925 CEST44349736104.21.7.89192.168.2.4
        Sep 1, 2024 04:43:58.891514063 CEST49736443192.168.2.4104.21.7.89
        Sep 1, 2024 04:43:58.891522884 CEST44349736104.21.7.89192.168.2.4
        Sep 1, 2024 04:43:58.892386913 CEST44349736104.21.7.89192.168.2.4
        Sep 1, 2024 04:43:58.892447948 CEST49736443192.168.2.4104.21.7.89
        Sep 1, 2024 04:43:58.892740011 CEST49736443192.168.2.4104.21.7.89
        Sep 1, 2024 04:43:58.892796040 CEST44349736104.21.7.89192.168.2.4
        Sep 1, 2024 04:43:58.920311928 CEST49735443192.168.2.4104.21.7.89
        Sep 1, 2024 04:43:58.935430050 CEST49736443192.168.2.4104.21.7.89
        Sep 1, 2024 04:43:58.935447931 CEST44349736104.21.7.89192.168.2.4
        Sep 1, 2024 04:43:58.982872009 CEST49736443192.168.2.4104.21.7.89
        Sep 1, 2024 04:43:59.345640898 CEST44349735104.21.7.89192.168.2.4
        Sep 1, 2024 04:43:59.345726013 CEST44349735104.21.7.89192.168.2.4
        Sep 1, 2024 04:43:59.345747948 CEST44349735104.21.7.89192.168.2.4
        Sep 1, 2024 04:43:59.345769882 CEST44349735104.21.7.89192.168.2.4
        Sep 1, 2024 04:43:59.345782995 CEST49735443192.168.2.4104.21.7.89
        Sep 1, 2024 04:43:59.345794916 CEST44349735104.21.7.89192.168.2.4
        Sep 1, 2024 04:43:59.345822096 CEST44349735104.21.7.89192.168.2.4
        Sep 1, 2024 04:43:59.345839024 CEST49735443192.168.2.4104.21.7.89
        Sep 1, 2024 04:43:59.345858097 CEST49735443192.168.2.4104.21.7.89
        Sep 1, 2024 04:43:59.346055031 CEST44349735104.21.7.89192.168.2.4
        Sep 1, 2024 04:43:59.346155882 CEST44349735104.21.7.89192.168.2.4
        Sep 1, 2024 04:43:59.346206903 CEST49735443192.168.2.4104.21.7.89
        Sep 1, 2024 04:43:59.349577904 CEST49735443192.168.2.4104.21.7.89
        Sep 1, 2024 04:43:59.349592924 CEST44349735104.21.7.89192.168.2.4
        Sep 1, 2024 04:43:59.359906912 CEST49739443192.168.2.435.190.80.1
        Sep 1, 2024 04:43:59.359937906 CEST4434973935.190.80.1192.168.2.4
        Sep 1, 2024 04:43:59.360001087 CEST49739443192.168.2.435.190.80.1
        Sep 1, 2024 04:43:59.360177994 CEST49739443192.168.2.435.190.80.1
        Sep 1, 2024 04:43:59.360192060 CEST4434973935.190.80.1192.168.2.4
        Sep 1, 2024 04:43:59.406037092 CEST49736443192.168.2.4104.21.7.89
        Sep 1, 2024 04:43:59.421430111 CEST49740443192.168.2.4104.21.7.89
        Sep 1, 2024 04:43:59.421525002 CEST44349740104.21.7.89192.168.2.4
        Sep 1, 2024 04:43:59.421618938 CEST49740443192.168.2.4104.21.7.89
        Sep 1, 2024 04:43:59.421900034 CEST49740443192.168.2.4104.21.7.89
        Sep 1, 2024 04:43:59.421916962 CEST44349740104.21.7.89192.168.2.4
        Sep 1, 2024 04:43:59.448524952 CEST44349736104.21.7.89192.168.2.4
        Sep 1, 2024 04:43:59.816469908 CEST4434973935.190.80.1192.168.2.4
        Sep 1, 2024 04:43:59.835520983 CEST49739443192.168.2.435.190.80.1
        Sep 1, 2024 04:43:59.835534096 CEST4434973935.190.80.1192.168.2.4
        Sep 1, 2024 04:43:59.836400986 CEST4434973935.190.80.1192.168.2.4
        Sep 1, 2024 04:43:59.836455107 CEST49739443192.168.2.435.190.80.1
        Sep 1, 2024 04:43:59.839530945 CEST49739443192.168.2.435.190.80.1
        Sep 1, 2024 04:43:59.839584112 CEST4434973935.190.80.1192.168.2.4
        Sep 1, 2024 04:43:59.839724064 CEST49739443192.168.2.435.190.80.1
        Sep 1, 2024 04:43:59.839730024 CEST4434973935.190.80.1192.168.2.4
        Sep 1, 2024 04:43:59.878015041 CEST44349740104.21.7.89192.168.2.4
        Sep 1, 2024 04:43:59.878396988 CEST49740443192.168.2.4104.21.7.89
        Sep 1, 2024 04:43:59.878424883 CEST44349740104.21.7.89192.168.2.4
        Sep 1, 2024 04:43:59.878709078 CEST44349740104.21.7.89192.168.2.4
        Sep 1, 2024 04:43:59.879528999 CEST49740443192.168.2.4104.21.7.89
        Sep 1, 2024 04:43:59.879589081 CEST44349740104.21.7.89192.168.2.4
        Sep 1, 2024 04:43:59.880050898 CEST49740443192.168.2.4104.21.7.89
        Sep 1, 2024 04:43:59.885694981 CEST49739443192.168.2.435.190.80.1
        Sep 1, 2024 04:43:59.919775009 CEST44349736104.21.7.89192.168.2.4
        Sep 1, 2024 04:43:59.919828892 CEST44349736104.21.7.89192.168.2.4
        Sep 1, 2024 04:43:59.919884920 CEST49736443192.168.2.4104.21.7.89
        Sep 1, 2024 04:43:59.920502901 CEST44349740104.21.7.89192.168.2.4
        Sep 1, 2024 04:43:59.932961941 CEST49736443192.168.2.4104.21.7.89
        Sep 1, 2024 04:43:59.932987928 CEST44349736104.21.7.89192.168.2.4
        Sep 1, 2024 04:43:59.951045036 CEST49743443192.168.2.4104.21.7.89
        Sep 1, 2024 04:43:59.951097012 CEST44349743104.21.7.89192.168.2.4
        Sep 1, 2024 04:43:59.951162100 CEST49743443192.168.2.4104.21.7.89
        Sep 1, 2024 04:43:59.951843023 CEST49743443192.168.2.4104.21.7.89
        Sep 1, 2024 04:43:59.951858997 CEST44349743104.21.7.89192.168.2.4
        Sep 1, 2024 04:43:59.963371992 CEST4434973935.190.80.1192.168.2.4
        Sep 1, 2024 04:43:59.963429928 CEST4434973935.190.80.1192.168.2.4
        Sep 1, 2024 04:43:59.963473082 CEST49739443192.168.2.435.190.80.1
        Sep 1, 2024 04:43:59.963809013 CEST49739443192.168.2.435.190.80.1
        Sep 1, 2024 04:43:59.963826895 CEST4434973935.190.80.1192.168.2.4
        Sep 1, 2024 04:43:59.964930058 CEST49744443192.168.2.435.190.80.1
        Sep 1, 2024 04:43:59.964967966 CEST4434974435.190.80.1192.168.2.4
        Sep 1, 2024 04:43:59.965022087 CEST49744443192.168.2.435.190.80.1
        Sep 1, 2024 04:43:59.965534925 CEST49744443192.168.2.435.190.80.1
        Sep 1, 2024 04:43:59.965548038 CEST4434974435.190.80.1192.168.2.4
        Sep 1, 2024 04:44:00.015794039 CEST44349740104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:00.015851021 CEST44349740104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:00.015902996 CEST49740443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:00.020467997 CEST49740443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:00.020493031 CEST44349740104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:00.023672104 CEST49745443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:00.023724079 CEST44349745104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:00.023785114 CEST49745443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:00.024612904 CEST49745443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:00.024631023 CEST44349745104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:00.418598890 CEST4434974435.190.80.1192.168.2.4
        Sep 1, 2024 04:44:00.418900967 CEST49744443192.168.2.435.190.80.1
        Sep 1, 2024 04:44:00.418920994 CEST4434974435.190.80.1192.168.2.4
        Sep 1, 2024 04:44:00.419209957 CEST4434974435.190.80.1192.168.2.4
        Sep 1, 2024 04:44:00.420074940 CEST49744443192.168.2.435.190.80.1
        Sep 1, 2024 04:44:00.420128107 CEST4434974435.190.80.1192.168.2.4
        Sep 1, 2024 04:44:00.420453072 CEST49744443192.168.2.435.190.80.1
        Sep 1, 2024 04:44:00.426409960 CEST44349743104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:00.426670074 CEST49743443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:00.426701069 CEST44349743104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:00.426990986 CEST44349743104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:00.427500010 CEST49743443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:00.427551985 CEST44349743104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:00.427819967 CEST49743443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:00.460508108 CEST4434974435.190.80.1192.168.2.4
        Sep 1, 2024 04:44:00.468502045 CEST44349743104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:00.500992060 CEST44349745104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:00.545813084 CEST49745443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:00.568516016 CEST49745443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:00.568537951 CEST44349745104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:00.568902969 CEST44349745104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:00.569442987 CEST49745443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:00.569442987 CEST49745443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:00.569464922 CEST44349745104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:00.569509983 CEST44349745104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:00.625809908 CEST49745443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:00.685235023 CEST4434974435.190.80.1192.168.2.4
        Sep 1, 2024 04:44:00.685286999 CEST4434974435.190.80.1192.168.2.4
        Sep 1, 2024 04:44:00.685355902 CEST49744443192.168.2.435.190.80.1
        Sep 1, 2024 04:44:00.713056087 CEST49744443192.168.2.435.190.80.1
        Sep 1, 2024 04:44:00.713078022 CEST4434974435.190.80.1192.168.2.4
        Sep 1, 2024 04:44:00.820503950 CEST44349745104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:00.820544004 CEST44349745104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:00.820574999 CEST44349745104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:00.820605993 CEST44349745104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:00.820605993 CEST49745443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:00.820624113 CEST44349745104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:00.820653915 CEST49745443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:00.820723057 CEST44349745104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:00.820755959 CEST44349745104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:00.820785046 CEST49745443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:00.820791960 CEST44349745104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:00.820805073 CEST44349745104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:00.820908070 CEST49745443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:00.824820042 CEST49745443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:00.824834108 CEST44349745104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:01.095057964 CEST44349743104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:01.095136881 CEST44349743104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:01.095216990 CEST49743443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:01.125201941 CEST49747443192.168.2.4142.250.185.132
        Sep 1, 2024 04:44:01.125205040 CEST49746443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:01.125233889 CEST44349747142.250.185.132192.168.2.4
        Sep 1, 2024 04:44:01.125251055 CEST44349746104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:01.125324011 CEST49747443192.168.2.4142.250.185.132
        Sep 1, 2024 04:44:01.125325918 CEST49746443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:01.125767946 CEST49747443192.168.2.4142.250.185.132
        Sep 1, 2024 04:44:01.125782013 CEST44349747142.250.185.132192.168.2.4
        Sep 1, 2024 04:44:01.126106977 CEST49746443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:01.126125097 CEST44349746104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:01.129817009 CEST49743443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:01.129842043 CEST44349743104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:01.153407097 CEST4974880192.168.2.4172.67.135.236
        Sep 1, 2024 04:44:01.158257008 CEST8049748172.67.135.236192.168.2.4
        Sep 1, 2024 04:44:01.158346891 CEST4974880192.168.2.4172.67.135.236
        Sep 1, 2024 04:44:01.158586979 CEST4974880192.168.2.4172.67.135.236
        Sep 1, 2024 04:44:01.163703918 CEST8049748172.67.135.236192.168.2.4
        Sep 1, 2024 04:44:01.278093100 CEST49749443192.168.2.4184.28.90.27
        Sep 1, 2024 04:44:01.278125048 CEST44349749184.28.90.27192.168.2.4
        Sep 1, 2024 04:44:01.278223038 CEST49749443192.168.2.4184.28.90.27
        Sep 1, 2024 04:44:01.281820059 CEST49749443192.168.2.4184.28.90.27
        Sep 1, 2024 04:44:01.281835079 CEST44349749184.28.90.27192.168.2.4
        Sep 1, 2024 04:44:01.432941914 CEST49750443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:01.432988882 CEST44349750104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:01.433072090 CEST49750443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:01.433443069 CEST49750443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:01.433456898 CEST44349750104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:01.583961964 CEST44349746104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:01.584199905 CEST49746443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:01.584223032 CEST44349746104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:01.584584951 CEST44349746104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:01.584963083 CEST49746443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:01.585033894 CEST44349746104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:01.585190058 CEST49746443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:01.585266113 CEST49746443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:01.585304022 CEST44349746104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:01.585350037 CEST49746443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:01.628532887 CEST44349746104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:01.636959076 CEST8049748172.67.135.236192.168.2.4
        Sep 1, 2024 04:44:01.637022972 CEST8049748172.67.135.236192.168.2.4
        Sep 1, 2024 04:44:01.637065887 CEST4974880192.168.2.4172.67.135.236
        Sep 1, 2024 04:44:01.713939905 CEST44349746104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:01.713993073 CEST44349746104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:01.714049101 CEST49746443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:01.719257116 CEST49746443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:01.719285011 CEST44349746104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:01.775182009 CEST44349747142.250.185.132192.168.2.4
        Sep 1, 2024 04:44:01.775388002 CEST49747443192.168.2.4142.250.185.132
        Sep 1, 2024 04:44:01.775401115 CEST44349747142.250.185.132192.168.2.4
        Sep 1, 2024 04:44:01.776345968 CEST44349747142.250.185.132192.168.2.4
        Sep 1, 2024 04:44:01.776407003 CEST49747443192.168.2.4142.250.185.132
        Sep 1, 2024 04:44:01.911452055 CEST44349750104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:01.911685944 CEST49750443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:01.911708117 CEST44349750104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:01.912694931 CEST44349750104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:01.912755966 CEST49750443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:01.913214922 CEST49750443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:01.913273096 CEST44349750104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:01.913440943 CEST49750443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:01.913448095 CEST44349750104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:01.938618898 CEST44349749184.28.90.27192.168.2.4
        Sep 1, 2024 04:44:01.938688040 CEST49749443192.168.2.4184.28.90.27
        Sep 1, 2024 04:44:01.955463886 CEST49747443192.168.2.4142.250.185.132
        Sep 1, 2024 04:44:01.955574989 CEST44349747142.250.185.132192.168.2.4
        Sep 1, 2024 04:44:01.962228060 CEST49750443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:01.998224974 CEST49747443192.168.2.4142.250.185.132
        Sep 1, 2024 04:44:01.998234987 CEST44349747142.250.185.132192.168.2.4
        Sep 1, 2024 04:44:02.043083906 CEST49747443192.168.2.4142.250.185.132
        Sep 1, 2024 04:44:02.047477961 CEST49749443192.168.2.4184.28.90.27
        Sep 1, 2024 04:44:02.047508955 CEST44349749184.28.90.27192.168.2.4
        Sep 1, 2024 04:44:02.047801018 CEST44349749184.28.90.27192.168.2.4
        Sep 1, 2024 04:44:02.062182903 CEST44349750104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:02.062227011 CEST44349750104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:02.062258005 CEST44349750104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:02.062269926 CEST49750443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:02.062285900 CEST44349750104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:02.062319994 CEST44349750104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:02.062324047 CEST49750443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:02.062330008 CEST44349750104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:02.062371016 CEST49750443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:02.062601089 CEST44349750104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:02.062679052 CEST44349750104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:02.062728882 CEST49750443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:02.085066080 CEST4974880192.168.2.4172.67.135.236
        Sep 1, 2024 04:44:02.086462975 CEST49750443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:02.086481094 CEST44349750104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:02.089943886 CEST8049748172.67.135.236192.168.2.4
        Sep 1, 2024 04:44:02.090070963 CEST49749443192.168.2.4184.28.90.27
        Sep 1, 2024 04:44:02.200468063 CEST8049748172.67.135.236192.168.2.4
        Sep 1, 2024 04:44:02.200486898 CEST8049748172.67.135.236192.168.2.4
        Sep 1, 2024 04:44:02.200535059 CEST4974880192.168.2.4172.67.135.236
        Sep 1, 2024 04:44:02.200565100 CEST8049748172.67.135.236192.168.2.4
        Sep 1, 2024 04:44:02.200573921 CEST8049748172.67.135.236192.168.2.4
        Sep 1, 2024 04:44:02.200587988 CEST8049748172.67.135.236192.168.2.4
        Sep 1, 2024 04:44:02.200599909 CEST8049748172.67.135.236192.168.2.4
        Sep 1, 2024 04:44:02.200615883 CEST4974880192.168.2.4172.67.135.236
        Sep 1, 2024 04:44:02.200634003 CEST4974880192.168.2.4172.67.135.236
        Sep 1, 2024 04:44:02.523891926 CEST4974880192.168.2.4172.67.135.236
        Sep 1, 2024 04:44:02.530021906 CEST8049748172.67.135.236192.168.2.4
        Sep 1, 2024 04:44:02.574851036 CEST49749443192.168.2.4184.28.90.27
        Sep 1, 2024 04:44:02.616503000 CEST44349749184.28.90.27192.168.2.4
        Sep 1, 2024 04:44:02.624856949 CEST8049748172.67.135.236192.168.2.4
        Sep 1, 2024 04:44:02.652193069 CEST4974880192.168.2.4172.67.135.236
        Sep 1, 2024 04:44:02.657059908 CEST8049748172.67.135.236192.168.2.4
        Sep 1, 2024 04:44:02.757481098 CEST8049748172.67.135.236192.168.2.4
        Sep 1, 2024 04:44:02.763514042 CEST44349749184.28.90.27192.168.2.4
        Sep 1, 2024 04:44:02.763586044 CEST44349749184.28.90.27192.168.2.4
        Sep 1, 2024 04:44:02.763866901 CEST49749443192.168.2.4184.28.90.27
        Sep 1, 2024 04:44:02.765919924 CEST49749443192.168.2.4184.28.90.27
        Sep 1, 2024 04:44:02.765963078 CEST44349749184.28.90.27192.168.2.4
        Sep 1, 2024 04:44:02.765995979 CEST49749443192.168.2.4184.28.90.27
        Sep 1, 2024 04:44:02.766012907 CEST44349749184.28.90.27192.168.2.4
        Sep 1, 2024 04:44:02.812818050 CEST4974880192.168.2.4172.67.135.236
        Sep 1, 2024 04:44:02.973917961 CEST49751443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:02.973972082 CEST44349751104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:02.974374056 CEST49751443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:02.974700928 CEST49751443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:02.974720955 CEST44349751104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:03.208673954 CEST49752443192.168.2.4184.28.90.27
        Sep 1, 2024 04:44:03.208736897 CEST44349752184.28.90.27192.168.2.4
        Sep 1, 2024 04:44:03.208813906 CEST49752443192.168.2.4184.28.90.27
        Sep 1, 2024 04:44:03.209397078 CEST49752443192.168.2.4184.28.90.27
        Sep 1, 2024 04:44:03.209410906 CEST44349752184.28.90.27192.168.2.4
        Sep 1, 2024 04:44:03.430453062 CEST44349751104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:03.430777073 CEST49751443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:03.430799007 CEST44349751104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:03.431771994 CEST44349751104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:03.431879997 CEST49751443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:03.432318926 CEST49751443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:03.432318926 CEST49751443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:03.432380915 CEST44349751104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:03.481077909 CEST49751443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:03.481091976 CEST44349751104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:03.527936935 CEST49751443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:03.574697971 CEST44349751104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:03.574774027 CEST44349751104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:03.574839115 CEST49751443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:03.575954914 CEST49751443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:03.575969934 CEST44349751104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:03.666862011 CEST49753443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:03.666898966 CEST44349753104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:03.666971922 CEST49753443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:03.667491913 CEST49753443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:03.667504072 CEST44349753104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:03.812290907 CEST49754443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:03.812331915 CEST44349754104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:03.812392950 CEST49754443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:03.812618017 CEST49754443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:03.812637091 CEST44349754104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:03.844151020 CEST44349752184.28.90.27192.168.2.4
        Sep 1, 2024 04:44:03.844320059 CEST49752443192.168.2.4184.28.90.27
        Sep 1, 2024 04:44:03.867438078 CEST49752443192.168.2.4184.28.90.27
        Sep 1, 2024 04:44:03.867446899 CEST44349752184.28.90.27192.168.2.4
        Sep 1, 2024 04:44:03.867657900 CEST44349752184.28.90.27192.168.2.4
        Sep 1, 2024 04:44:03.868530035 CEST49752443192.168.2.4184.28.90.27
        Sep 1, 2024 04:44:03.912529945 CEST44349752184.28.90.27192.168.2.4
        Sep 1, 2024 04:44:04.120018005 CEST44349752184.28.90.27192.168.2.4
        Sep 1, 2024 04:44:04.120110989 CEST44349752184.28.90.27192.168.2.4
        Sep 1, 2024 04:44:04.120201111 CEST49752443192.168.2.4184.28.90.27
        Sep 1, 2024 04:44:04.145018101 CEST44349753104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:04.149703979 CEST49753443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:04.149729013 CEST44349753104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:04.150024891 CEST44349753104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:04.151386023 CEST49753443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:04.151469946 CEST44349753104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:04.151767015 CEST49753443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:04.152209997 CEST49752443192.168.2.4184.28.90.27
        Sep 1, 2024 04:44:04.152229071 CEST44349752184.28.90.27192.168.2.4
        Sep 1, 2024 04:44:04.152240038 CEST49752443192.168.2.4184.28.90.27
        Sep 1, 2024 04:44:04.152245045 CEST44349752184.28.90.27192.168.2.4
        Sep 1, 2024 04:44:04.192503929 CEST44349753104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:04.268065929 CEST44349754104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:04.275249958 CEST44349753104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:04.275316000 CEST44349753104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:04.275362968 CEST49753443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:04.293457985 CEST49754443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:04.293479919 CEST44349754104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:04.293885946 CEST44349754104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:04.295106888 CEST49754443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:04.295182943 CEST44349754104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:04.295588017 CEST49754443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:04.329545021 CEST49753443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:04.329566956 CEST44349753104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:04.336508036 CEST44349754104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:04.606040955 CEST44349754104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:04.606096983 CEST44349754104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:04.606169939 CEST49754443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:04.607388973 CEST49754443192.168.2.4104.21.7.89
        Sep 1, 2024 04:44:04.607402086 CEST44349754104.21.7.89192.168.2.4
        Sep 1, 2024 04:44:11.697982073 CEST44349747142.250.185.132192.168.2.4
        Sep 1, 2024 04:44:11.698057890 CEST44349747142.250.185.132192.168.2.4
        Sep 1, 2024 04:44:11.701946974 CEST49747443192.168.2.4142.250.185.132
        Sep 1, 2024 04:44:12.921685934 CEST49747443192.168.2.4142.250.185.132
        Sep 1, 2024 04:44:12.921715975 CEST44349747142.250.185.132192.168.2.4
        Sep 1, 2024 04:44:37.691962957 CEST5691753192.168.2.41.1.1.1
        Sep 1, 2024 04:44:37.696810961 CEST53569171.1.1.1192.168.2.4
        Sep 1, 2024 04:44:37.696877003 CEST5691753192.168.2.41.1.1.1
        Sep 1, 2024 04:44:37.696918964 CEST5691753192.168.2.41.1.1.1
        Sep 1, 2024 04:44:37.707075119 CEST53569171.1.1.1192.168.2.4
        Sep 1, 2024 04:44:38.169862986 CEST53569171.1.1.1192.168.2.4
        Sep 1, 2024 04:44:38.212147951 CEST5691753192.168.2.41.1.1.1
        Sep 1, 2024 04:44:38.217381954 CEST53569171.1.1.1192.168.2.4
        Sep 1, 2024 04:44:38.217430115 CEST5691753192.168.2.41.1.1.1
        Sep 1, 2024 04:44:47.762552023 CEST4974880192.168.2.4172.67.135.236
        Sep 1, 2024 04:44:47.767482042 CEST8049748172.67.135.236192.168.2.4
        Sep 1, 2024 04:44:59.366205931 CEST56921443192.168.2.435.190.80.1
        Sep 1, 2024 04:44:59.366231918 CEST4435692135.190.80.1192.168.2.4
        Sep 1, 2024 04:44:59.366411924 CEST56922443192.168.2.435.190.80.1
        Sep 1, 2024 04:44:59.366422892 CEST4435692235.190.80.1192.168.2.4
        Sep 1, 2024 04:44:59.366452932 CEST56921443192.168.2.435.190.80.1
        Sep 1, 2024 04:44:59.366600037 CEST56922443192.168.2.435.190.80.1
        Sep 1, 2024 04:44:59.366805077 CEST56921443192.168.2.435.190.80.1
        Sep 1, 2024 04:44:59.366805077 CEST56922443192.168.2.435.190.80.1
        Sep 1, 2024 04:44:59.366818905 CEST4435692135.190.80.1192.168.2.4
        Sep 1, 2024 04:44:59.366832018 CEST4435692235.190.80.1192.168.2.4
        Sep 1, 2024 04:44:59.822206020 CEST4435692135.190.80.1192.168.2.4
        Sep 1, 2024 04:44:59.822488070 CEST56921443192.168.2.435.190.80.1
        Sep 1, 2024 04:44:59.822500944 CEST4435692135.190.80.1192.168.2.4
        Sep 1, 2024 04:44:59.822599888 CEST4435692235.190.80.1192.168.2.4
        Sep 1, 2024 04:44:59.822844028 CEST56922443192.168.2.435.190.80.1
        Sep 1, 2024 04:44:59.822851896 CEST4435692235.190.80.1192.168.2.4
        Sep 1, 2024 04:44:59.823486090 CEST4435692135.190.80.1192.168.2.4
        Sep 1, 2024 04:44:59.823542118 CEST56921443192.168.2.435.190.80.1
        Sep 1, 2024 04:44:59.823828936 CEST4435692235.190.80.1192.168.2.4
        Sep 1, 2024 04:44:59.823889017 CEST56922443192.168.2.435.190.80.1
        Sep 1, 2024 04:44:59.823932886 CEST56921443192.168.2.435.190.80.1
        Sep 1, 2024 04:44:59.823992968 CEST4435692135.190.80.1192.168.2.4
        Sep 1, 2024 04:44:59.824229002 CEST56922443192.168.2.435.190.80.1
        Sep 1, 2024 04:44:59.824287891 CEST4435692235.190.80.1192.168.2.4
        Sep 1, 2024 04:44:59.824393034 CEST56921443192.168.2.435.190.80.1
        Sep 1, 2024 04:44:59.824398994 CEST4435692135.190.80.1192.168.2.4
        Sep 1, 2024 04:44:59.824436903 CEST56922443192.168.2.435.190.80.1
        Sep 1, 2024 04:44:59.824444056 CEST4435692235.190.80.1192.168.2.4
        Sep 1, 2024 04:44:59.872941017 CEST56921443192.168.2.435.190.80.1
        Sep 1, 2024 04:44:59.873281956 CEST56922443192.168.2.435.190.80.1
        Sep 1, 2024 04:44:59.949497938 CEST4435692135.190.80.1192.168.2.4
        Sep 1, 2024 04:44:59.949568033 CEST4435692135.190.80.1192.168.2.4
        Sep 1, 2024 04:44:59.949645042 CEST56921443192.168.2.435.190.80.1
        Sep 1, 2024 04:44:59.949870110 CEST56921443192.168.2.435.190.80.1
        Sep 1, 2024 04:44:59.949878931 CEST4435692135.190.80.1192.168.2.4
        Sep 1, 2024 04:44:59.950783014 CEST56923443192.168.2.435.190.80.1
        Sep 1, 2024 04:44:59.950812101 CEST4435692335.190.80.1192.168.2.4
        Sep 1, 2024 04:44:59.950962067 CEST4435692235.190.80.1192.168.2.4
        Sep 1, 2024 04:44:59.951025963 CEST4435692235.190.80.1192.168.2.4
        Sep 1, 2024 04:44:59.951045990 CEST56923443192.168.2.435.190.80.1
        Sep 1, 2024 04:44:59.951065063 CEST56922443192.168.2.435.190.80.1
        Sep 1, 2024 04:44:59.951253891 CEST56922443192.168.2.435.190.80.1
        Sep 1, 2024 04:44:59.951258898 CEST4435692235.190.80.1192.168.2.4
        Sep 1, 2024 04:44:59.951703072 CEST56924443192.168.2.435.190.80.1
        Sep 1, 2024 04:44:59.951713085 CEST4435692435.190.80.1192.168.2.4
        Sep 1, 2024 04:44:59.951786995 CEST56924443192.168.2.435.190.80.1
        Sep 1, 2024 04:44:59.951968908 CEST56923443192.168.2.435.190.80.1
        Sep 1, 2024 04:44:59.951982975 CEST4435692335.190.80.1192.168.2.4
        Sep 1, 2024 04:44:59.952209949 CEST56924443192.168.2.435.190.80.1
        Sep 1, 2024 04:44:59.952219963 CEST4435692435.190.80.1192.168.2.4
        Sep 1, 2024 04:45:00.413292885 CEST4435692335.190.80.1192.168.2.4
        Sep 1, 2024 04:45:00.413650990 CEST56923443192.168.2.435.190.80.1
        Sep 1, 2024 04:45:00.413681030 CEST4435692335.190.80.1192.168.2.4
        Sep 1, 2024 04:45:00.413991928 CEST4435692335.190.80.1192.168.2.4
        Sep 1, 2024 04:45:00.414339066 CEST56923443192.168.2.435.190.80.1
        Sep 1, 2024 04:45:00.414402008 CEST4435692335.190.80.1192.168.2.4
        Sep 1, 2024 04:45:00.414489031 CEST56923443192.168.2.435.190.80.1
        Sep 1, 2024 04:45:00.433396101 CEST4435692435.190.80.1192.168.2.4
        Sep 1, 2024 04:45:00.433698893 CEST56924443192.168.2.435.190.80.1
        Sep 1, 2024 04:45:00.433722019 CEST4435692435.190.80.1192.168.2.4
        Sep 1, 2024 04:45:00.434067011 CEST4435692435.190.80.1192.168.2.4
        Sep 1, 2024 04:45:00.434410095 CEST56924443192.168.2.435.190.80.1
        Sep 1, 2024 04:45:00.434469938 CEST4435692435.190.80.1192.168.2.4
        Sep 1, 2024 04:45:00.434640884 CEST56924443192.168.2.435.190.80.1
        Sep 1, 2024 04:45:00.456507921 CEST4435692335.190.80.1192.168.2.4
        Sep 1, 2024 04:45:00.466681004 CEST56923443192.168.2.435.190.80.1
        Sep 1, 2024 04:45:00.476497889 CEST4435692435.190.80.1192.168.2.4
        Sep 1, 2024 04:45:00.541847944 CEST4435692335.190.80.1192.168.2.4
        Sep 1, 2024 04:45:00.541924000 CEST4435692335.190.80.1192.168.2.4
        Sep 1, 2024 04:45:00.542150974 CEST56923443192.168.2.435.190.80.1
        Sep 1, 2024 04:45:00.542162895 CEST4435692335.190.80.1192.168.2.4
        Sep 1, 2024 04:45:00.542175055 CEST56923443192.168.2.435.190.80.1
        Sep 1, 2024 04:45:00.542197943 CEST56923443192.168.2.435.190.80.1
        Sep 1, 2024 04:45:00.565967083 CEST4435692435.190.80.1192.168.2.4
        Sep 1, 2024 04:45:00.566028118 CEST4435692435.190.80.1192.168.2.4
        Sep 1, 2024 04:45:00.566086054 CEST56924443192.168.2.435.190.80.1
        Sep 1, 2024 04:45:00.569822073 CEST56924443192.168.2.435.190.80.1
        Sep 1, 2024 04:45:00.569835901 CEST4435692435.190.80.1192.168.2.4
        Sep 1, 2024 04:45:01.077286959 CEST56925443192.168.2.4142.250.185.132
        Sep 1, 2024 04:45:01.077311039 CEST44356925142.250.185.132192.168.2.4
        Sep 1, 2024 04:45:01.077438116 CEST56925443192.168.2.4142.250.185.132
        Sep 1, 2024 04:45:01.077889919 CEST56925443192.168.2.4142.250.185.132
        Sep 1, 2024 04:45:01.077903032 CEST44356925142.250.185.132192.168.2.4
        Sep 1, 2024 04:45:01.704916954 CEST44356925142.250.185.132192.168.2.4
        Sep 1, 2024 04:45:01.705440044 CEST56925443192.168.2.4142.250.185.132
        Sep 1, 2024 04:45:01.705456018 CEST44356925142.250.185.132192.168.2.4
        Sep 1, 2024 04:45:01.705794096 CEST44356925142.250.185.132192.168.2.4
        Sep 1, 2024 04:45:01.706324100 CEST56925443192.168.2.4142.250.185.132
        Sep 1, 2024 04:45:01.706389904 CEST44356925142.250.185.132192.168.2.4
        Sep 1, 2024 04:45:01.747116089 CEST56925443192.168.2.4142.250.185.132
        Sep 1, 2024 04:45:11.609035015 CEST44356925142.250.185.132192.168.2.4
        Sep 1, 2024 04:45:11.609097958 CEST44356925142.250.185.132192.168.2.4
        Sep 1, 2024 04:45:11.609282017 CEST56925443192.168.2.4142.250.185.132
        Sep 1, 2024 04:45:13.084064960 CEST56925443192.168.2.4142.250.185.132
        Sep 1, 2024 04:45:13.084084034 CEST44356925142.250.185.132192.168.2.4

        UDP Packets

        TimestampSource PortDest PortSource IPDest IP
        Sep 1, 2024 04:43:56.457372904 CEST53523091.1.1.1192.168.2.4
        Sep 1, 2024 04:43:56.612576962 CEST53507271.1.1.1192.168.2.4
        Sep 1, 2024 04:43:57.653331041 CEST53642251.1.1.1192.168.2.4
        Sep 1, 2024 04:43:58.345354080 CEST6036353192.168.2.41.1.1.1
        Sep 1, 2024 04:43:58.345571041 CEST5001753192.168.2.41.1.1.1
        Sep 1, 2024 04:43:58.396198988 CEST53603631.1.1.1192.168.2.4
        Sep 1, 2024 04:43:58.435471058 CEST53500171.1.1.1192.168.2.4
        Sep 1, 2024 04:43:59.348011017 CEST6071453192.168.2.41.1.1.1
        Sep 1, 2024 04:43:59.348350048 CEST6058053192.168.2.41.1.1.1
        Sep 1, 2024 04:43:59.355104923 CEST53607141.1.1.1192.168.2.4
        Sep 1, 2024 04:43:59.355354071 CEST53605801.1.1.1192.168.2.4
        Sep 1, 2024 04:44:01.016005993 CEST6518153192.168.2.41.1.1.1
        Sep 1, 2024 04:44:01.016518116 CEST5276053192.168.2.41.1.1.1
        Sep 1, 2024 04:44:01.022789955 CEST53651811.1.1.1192.168.2.4
        Sep 1, 2024 04:44:01.023035049 CEST53527601.1.1.1192.168.2.4
        Sep 1, 2024 04:44:01.132682085 CEST6509053192.168.2.41.1.1.1
        Sep 1, 2024 04:44:01.132982969 CEST5477353192.168.2.41.1.1.1
        Sep 1, 2024 04:44:01.141247034 CEST53650901.1.1.1192.168.2.4
        Sep 1, 2024 04:44:01.165783882 CEST5946953192.168.2.41.1.1.1
        Sep 1, 2024 04:44:01.168817997 CEST6503453192.168.2.41.1.1.1
        Sep 1, 2024 04:44:01.226161003 CEST53547731.1.1.1192.168.2.4
        Sep 1, 2024 04:44:01.256669044 CEST53650341.1.1.1192.168.2.4
        Sep 1, 2024 04:44:01.432305098 CEST53594691.1.1.1192.168.2.4
        Sep 1, 2024 04:44:02.767354012 CEST5164653192.168.2.41.1.1.1
        Sep 1, 2024 04:44:02.767673969 CEST5841553192.168.2.41.1.1.1
        Sep 1, 2024 04:44:02.819622040 CEST53516461.1.1.1192.168.2.4
        Sep 1, 2024 04:44:02.959989071 CEST53584151.1.1.1192.168.2.4
        Sep 1, 2024 04:44:03.668541908 CEST6229653192.168.2.41.1.1.1
        Sep 1, 2024 04:44:03.674766064 CEST5668153192.168.2.41.1.1.1
        Sep 1, 2024 04:44:03.726604939 CEST53566811.1.1.1192.168.2.4
        Sep 1, 2024 04:44:03.753384113 CEST53622961.1.1.1192.168.2.4
        Sep 1, 2024 04:44:14.721709013 CEST53583691.1.1.1192.168.2.4
        Sep 1, 2024 04:44:16.972270012 CEST138138192.168.2.4192.168.2.255
        Sep 1, 2024 04:44:33.646647930 CEST53643911.1.1.1192.168.2.4
        Sep 1, 2024 04:44:37.691478014 CEST53645741.1.1.1192.168.2.4
        Sep 1, 2024 04:44:56.193959951 CEST53631051.1.1.1192.168.2.4
        Sep 1, 2024 04:44:59.358509064 CEST6198353192.168.2.41.1.1.1
        Sep 1, 2024 04:44:59.359205008 CEST5473353192.168.2.41.1.1.1
        Sep 1, 2024 04:44:59.359205008 CEST5426853192.168.2.41.1.1.1
        Sep 1, 2024 04:44:59.359380960 CEST5943453192.168.2.41.1.1.1
        Sep 1, 2024 04:44:59.365302086 CEST53619831.1.1.1192.168.2.4
        Sep 1, 2024 04:44:59.365652084 CEST53542681.1.1.1192.168.2.4
        Sep 1, 2024 04:44:59.365730047 CEST53547331.1.1.1192.168.2.4
        Sep 1, 2024 04:44:59.365864038 CEST53594341.1.1.1192.168.2.4

        ICMP Packets

        TimestampSource IPDest IPChecksumCodeType
        Sep 1, 2024 04:43:58.436146021 CEST192.168.2.41.1.1.1c232(Port unreachable)Destination Unreachable
        Sep 1, 2024 04:44:01.227912903 CEST192.168.2.41.1.1.1c232(Port unreachable)Destination Unreachable
        Sep 1, 2024 04:44:03.753437042 CEST192.168.2.41.1.1.1c209(Port unreachable)Destination Unreachable

        DNS Queries

        TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
        Sep 1, 2024 04:43:58.345354080 CEST192.168.2.41.1.1.10xbf38Standard query (0)mychaseexclusive.ruA (IP address)IN (0x0001)false
        Sep 1, 2024 04:43:58.345571041 CEST192.168.2.41.1.1.10x98fbStandard query (0)mychaseexclusive.ru65IN (0x0001)false
        Sep 1, 2024 04:43:59.348011017 CEST192.168.2.41.1.1.10x72c9Standard query (0)a.nel.cloudflare.comA (IP address)IN (0x0001)false
        Sep 1, 2024 04:43:59.348350048 CEST192.168.2.41.1.1.10xf181Standard query (0)a.nel.cloudflare.com65IN (0x0001)false
        Sep 1, 2024 04:44:01.016005993 CEST192.168.2.41.1.1.10x4bc4Standard query (0)www.google.comA (IP address)IN (0x0001)false
        Sep 1, 2024 04:44:01.016518116 CEST192.168.2.41.1.1.10x35ddStandard query (0)www.google.com65IN (0x0001)false
        Sep 1, 2024 04:44:01.132682085 CEST192.168.2.41.1.1.10x948cStandard query (0)mychaseexclusive.ruA (IP address)IN (0x0001)false
        Sep 1, 2024 04:44:01.132982969 CEST192.168.2.41.1.1.10xc78bStandard query (0)mychaseexclusive.ru65IN (0x0001)false
        Sep 1, 2024 04:44:01.165783882 CEST192.168.2.41.1.1.10xd8b1Standard query (0)mychaseexclusive.ruA (IP address)IN (0x0001)false
        Sep 1, 2024 04:44:01.168817997 CEST192.168.2.41.1.1.10x3b9eStandard query (0)mychaseexclusive.ru65IN (0x0001)false
        Sep 1, 2024 04:44:02.767354012 CEST192.168.2.41.1.1.10xc622Standard query (0)mychaseexclusive.ruA (IP address)IN (0x0001)false
        Sep 1, 2024 04:44:02.767673969 CEST192.168.2.41.1.1.10xfc8fStandard query (0)mychaseexclusive.ru65IN (0x0001)false
        Sep 1, 2024 04:44:03.668541908 CEST192.168.2.41.1.1.10x63b9Standard query (0)mychaseexclusive.ruA (IP address)IN (0x0001)false
        Sep 1, 2024 04:44:03.674766064 CEST192.168.2.41.1.1.10xe1b8Standard query (0)mychaseexclusive.ru65IN (0x0001)false
        Sep 1, 2024 04:44:59.358509064 CEST192.168.2.41.1.1.10xa816Standard query (0)a.nel.cloudflare.comA (IP address)IN (0x0001)false
        Sep 1, 2024 04:44:59.359205008 CEST192.168.2.41.1.1.10x603cStandard query (0)a.nel.cloudflare.com65IN (0x0001)false
        Sep 1, 2024 04:44:59.359205008 CEST192.168.2.41.1.1.10x3e4eStandard query (0)a.nel.cloudflare.comA (IP address)IN (0x0001)false
        Sep 1, 2024 04:44:59.359380960 CEST192.168.2.41.1.1.10x1571Standard query (0)a.nel.cloudflare.com65IN (0x0001)false

        DNS Answers

        TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
        Sep 1, 2024 04:43:58.396198988 CEST1.1.1.1192.168.2.40xbf38No error (0)mychaseexclusive.ru104.21.7.89A (IP address)IN (0x0001)false
        Sep 1, 2024 04:43:58.396198988 CEST1.1.1.1192.168.2.40xbf38No error (0)mychaseexclusive.ru172.67.135.236A (IP address)IN (0x0001)false
        Sep 1, 2024 04:43:58.435471058 CEST1.1.1.1192.168.2.40x98fbNo error (0)mychaseexclusive.ru65IN (0x0001)false
        Sep 1, 2024 04:43:59.355104923 CEST1.1.1.1192.168.2.40x72c9No error (0)a.nel.cloudflare.com35.190.80.1A (IP address)IN (0x0001)false
        Sep 1, 2024 04:44:01.022789955 CEST1.1.1.1192.168.2.40x4bc4No error (0)www.google.com142.250.185.132A (IP address)IN (0x0001)false
        Sep 1, 2024 04:44:01.023035049 CEST1.1.1.1192.168.2.40x35ddNo error (0)www.google.com65IN (0x0001)false
        Sep 1, 2024 04:44:01.141247034 CEST1.1.1.1192.168.2.40x948cNo error (0)mychaseexclusive.ru172.67.135.236A (IP address)IN (0x0001)false
        Sep 1, 2024 04:44:01.141247034 CEST1.1.1.1192.168.2.40x948cNo error (0)mychaseexclusive.ru104.21.7.89A (IP address)IN (0x0001)false
        Sep 1, 2024 04:44:01.226161003 CEST1.1.1.1192.168.2.40xc78bNo error (0)mychaseexclusive.ru65IN (0x0001)false
        Sep 1, 2024 04:44:01.256669044 CEST1.1.1.1192.168.2.40x3b9eNo error (0)mychaseexclusive.ru65IN (0x0001)false
        Sep 1, 2024 04:44:01.432305098 CEST1.1.1.1192.168.2.40xd8b1No error (0)mychaseexclusive.ru104.21.7.89A (IP address)IN (0x0001)false
        Sep 1, 2024 04:44:01.432305098 CEST1.1.1.1192.168.2.40xd8b1No error (0)mychaseexclusive.ru172.67.135.236A (IP address)IN (0x0001)false
        Sep 1, 2024 04:44:02.819622040 CEST1.1.1.1192.168.2.40xc622No error (0)mychaseexclusive.ru104.21.7.89A (IP address)IN (0x0001)false
        Sep 1, 2024 04:44:02.819622040 CEST1.1.1.1192.168.2.40xc622No error (0)mychaseexclusive.ru172.67.135.236A (IP address)IN (0x0001)false
        Sep 1, 2024 04:44:02.959989071 CEST1.1.1.1192.168.2.40xfc8fNo error (0)mychaseexclusive.ru65IN (0x0001)false
        Sep 1, 2024 04:44:03.726604939 CEST1.1.1.1192.168.2.40xe1b8No error (0)mychaseexclusive.ru65IN (0x0001)false
        Sep 1, 2024 04:44:03.753384113 CEST1.1.1.1192.168.2.40x63b9No error (0)mychaseexclusive.ru104.21.7.89A (IP address)IN (0x0001)false
        Sep 1, 2024 04:44:03.753384113 CEST1.1.1.1192.168.2.40x63b9No error (0)mychaseexclusive.ru172.67.135.236A (IP address)IN (0x0001)false
        Sep 1, 2024 04:44:12.190476894 CEST1.1.1.1192.168.2.40xf6fbNo error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
        Sep 1, 2024 04:44:12.190476894 CEST1.1.1.1192.168.2.40xf6fbNo error (0)fp2e7a.wpc.phicdn.net192.229.221.95A (IP address)IN (0x0001)false
        Sep 1, 2024 04:44:25.411945105 CEST1.1.1.1192.168.2.40x97feNo error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
        Sep 1, 2024 04:44:25.411945105 CEST1.1.1.1192.168.2.40x97feNo error (0)fp2e7a.wpc.phicdn.net192.229.221.95A (IP address)IN (0x0001)false
        Sep 1, 2024 04:44:59.365302086 CEST1.1.1.1192.168.2.40xa816No error (0)a.nel.cloudflare.com35.190.80.1A (IP address)IN (0x0001)false
        Sep 1, 2024 04:44:59.365652084 CEST1.1.1.1192.168.2.40x3e4eNo error (0)a.nel.cloudflare.com35.190.80.1A (IP address)IN (0x0001)false

        HTTP Request Dependency Graph

        • mychaseexclusive.ru
        • https:
        • a.nel.cloudflare.com
        • fs.microsoft.com

        HTTP Packets

        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        0192.168.2.449748172.67.135.236801860C:\Program Files\Google\Chrome\Application\chrome.exe
        TimestampBytes transferredDirectionData
        Sep 1, 2024 04:44:01.158586979 CEST898OUTGET /case/?token HTTP/1.1
        Host: mychaseexclusive.ru
        Connection: keep-alive
        Upgrade-Insecure-Requests: 1
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
        Accept-Encoding: gzip, deflate
        Accept-Language: en-US,en;q=0.9
        Cookie: BjcNjmN0-Pwccipeh5u98tXumNg=RlMmlDqDAXMD2-sDZQQTD_9Mt2w; vqvcV5FxXiC4lW3fXi-mk7Yniek=1725158636; rGQwSEOPwsEnpuR_hxDoi1LFJeM=1725245036; wEI2HLjHeHotR_BkdPbIlSz3B8Y=sMYomJlrBlmZzSyhoQA_hM4cdKE; NldLEC59kpxzgTjcuFdxCQh5s_s=_5wsorF3p1b651uGRwNr9-nLbuA; kXCmMa_0GiSRnNULyrGxWbTQpY0=cRrl2AzWkJYyEFavDJ0CEiHqe8Y; gSaS8avy_wI_yiRmm2mEqhqzNfw=1725158639; Uk7aT3LVFyyC59E7GXZA4bh_PBs=1725245039; Ry9hFaaXTCPp9EgROrpabb_CLbY=Rt5BjAUrllMrhOMZaImIP9FoQhE
        Sep 1, 2024 04:44:01.636959076 CEST1236INHTTP/1.1 200 OK
        Date: Sun, 01 Sep 2024 02:44:01 GMT
        Content-Type: text/html; charset=UTF-8
        Transfer-Encoding: chunked
        Connection: keep-alive
        X-Frame-Options: SAMEORIGIN
        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fkbCzxuqEd3dF0DjyuXdfqVMCSs8opu0e01k4yxDkLWU8wXvpYKLZn2UJD7RZRir1TqsJTMrdu6CzXmtmb1KS9jbSDgdwyzw%2BlVzqHnOUoNkn7ZmycXsvQEIInYi8kBwH3TEU6Oj"}],"group":"cf-nel","max_age":604800}
        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
        Vary: Accept-Encoding
        Server: cloudflare
        CF-RAY: 8bc1ea85ecac437f-EWR
        Content-Encoding: gzip
        Data Raw: 36 66 61 0d 0a 1f 8b 08 00 00 00 00 00 00 03 a5 58 fb 6f e3 36 12 fe dd 7f c5 ac 0a 24 31 10 4a 76 5e 9b da b2 0e bd ac af 08 90 45 d3 6b 72 bd a2 58 04 14 39 92 d9 50 a4 96 a4 5f cd e5 7f 3f 50 0f 47 b6 93 ec 15 87 04 88 48 0e bf 79 70 f8 cd 30 f1 87 4f 3f 5d dd fd 76 3b 85 99 2b 64 d2 8b 3f 10 f2 bb c8 40 3a b8 9e c2 c7 2f 09 c4 7e 01 98 a4 d6 4e 02 a5 c9 1f 16 04 5e 80 96 5c 60 00 92 aa 7c 12 a0 22 f7 bf 04 09 c4 1f 7e 47 c5 45 f6 85 90 17 a8 06 07 e0 75 a8 8f 7f 0d ea f2 1d a8 cb bf 00 95 bb 06 cd 4f bc e6 e5 3e 0a 21 db 48 33 a4 3c e9 c5 4e 38 89 c9 2f 73 5b 22 73 c8 a1 9c 09 3b 13 2a 07 2b 1c c2 7f e0 4a ea 39 cf 24 35 18 47 b5 6c 2f 2e d0 51 60 33 6a 2c ba 49 70 7f f7 0f 72 19 40 d4 2e cc 9c 2b 09 7e 9d 8b c5 24 b8 d2 ca a1 72 e4 6e 5d 62 00 ac 1e 4d 02 87 2b 17 79 9b c7 1b 98 f7 50 fe 4d ee 7f 20 57 ba 28 a9 13 a9 ec 02 5d 4f 27 53 9e 63 67 9f a2 05 4e 02 a3 53 ed 6c 47 50 69 a1 38 ae 8e 41 e9 4c 4b a9 97 7b 5b 16 02 97 a5 36 ae b3 69 29 b8 9b 4d 38 2e 04 43 52 0d 8e 85 12 4e 50 49 2c a3 12 [TRUNCATED]
        Data Ascii: 6faXo6$1Jv^EkrX9P_?PGHyp0O?]v;+d?@:/~N^\`|"~GEuO>!H3<N8/s["s;*+J9$5Gl/.Q`3j,Ipr@.+~$rn]bM+yPM W(]O'ScgNSlGPi8ALK{[6i)M8.CRNPI,'E$n-]O=SY`6"ae!+h7E@Z3LRO5Pqz,Dopa/%=E"Ni(ph*R(!|@nu~s97rsB+8jw,XfstSk~tX*+B.l)&pJk~Gk{72yc.e&H*j,MTp(q*+C
        Sep 1, 2024 04:44:01.637022972 CEST1159INData Raw: 7f cd 7d 60 1f 6a 21 1b 24 b7 12 a9 45 a8 a7 1b 4f 6d 18 47 5c 2c 3a 76 34 16 56 5a 08 47 47 85 f4 77 66 63 dd d6 c2 8e 23 7b ae 58 ac cf a7 e3 32 54 91 9d 04 75 36 11 a7 cb 11 0c 07 83 72 35 6e 66 52 ed 9c 2e 46 27 d5 dc 06 78 0f 9a 69 39 2f 94
        Data Ascii: }`j!$EOmG\,:v4VZGGwfc#{X2Tu6r5nfR.F'xi9/#'&I,:iEp$-wX)esj`"*x}i;pRE"DRhvv@P`xQ`0:~0{N]Vyr7V?RD=1"L(M=5TwQU
        Sep 1, 2024 04:44:02.085066080 CEST817OUTGET /cdn-cgi/styles/cf.errors.css HTTP/1.1
        Host: mychaseexclusive.ru
        Connection: keep-alive
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
        Accept: text/css,*/*;q=0.1
        Referer: http://mychaseexclusive.ru/case/?token
        Accept-Encoding: gzip, deflate
        Accept-Language: en-US,en;q=0.9
        Cookie: BjcNjmN0-Pwccipeh5u98tXumNg=RlMmlDqDAXMD2-sDZQQTD_9Mt2w; vqvcV5FxXiC4lW3fXi-mk7Yniek=1725158636; rGQwSEOPwsEnpuR_hxDoi1LFJeM=1725245036; wEI2HLjHeHotR_BkdPbIlSz3B8Y=sMYomJlrBlmZzSyhoQA_hM4cdKE; NldLEC59kpxzgTjcuFdxCQh5s_s=_5wsorF3p1b651uGRwNr9-nLbuA; kXCmMa_0GiSRnNULyrGxWbTQpY0=cRrl2AzWkJYyEFavDJ0CEiHqe8Y; gSaS8avy_wI_yiRmm2mEqhqzNfw=1725158639; Uk7aT3LVFyyC59E7GXZA4bh_PBs=1725245039; Ry9hFaaXTCPp9EgROrpabb_CLbY=Rt5BjAUrllMrhOMZaImIP9FoQhE
        Sep 1, 2024 04:44:02.200468063 CEST1236INHTTP/1.1 200 OK
        Date: Sun, 01 Sep 2024 02:44:02 GMT
        Content-Type: text/css
        Transfer-Encoding: chunked
        Connection: keep-alive
        Last-Modified: Tue, 27 Aug 2024 19:10:22 GMT
        ETag: W/"66ce249e-5df3"
        Server: cloudflare
        CF-RAY: 8bc1ea895fd3437f-EWR
        X-Frame-Options: DENY
        X-Content-Type-Options: nosniff
        Vary: Accept-Encoding
        Expires: Sun, 01 Sep 2024 04:44:02 GMT
        Cache-Control: max-age=7200
        Cache-Control: public
        Content-Encoding: gzip
        Data Raw: 31 31 61 33 0d 0a 1f 8b 08 00 00 00 00 00 00 03 b5 3c d9 8e e3 ba 72 ef f9 0a e5 0c 06 98 46 5b 3a 5a 2c bb db 46 f6 20 48 1e 92 00 b9 b8 4f c9 c5 01 25 d1 36 cf 48 a2 ae 96 6e f7 18 f3 ef 01 17 49 5c 25 da 33 a7 fb c5 e2 52 1b 8b c5 62 55 49 9f f2 93 ff de 82 a6 81 ad 07 36 9f c4 a7 2c 6b e5 86 b6 47 79 09 e5 b6 0e 15 72 4b 26 3f a1 b3 fc 5c e2 fc eb 5f 07 dc 2b 93 70 f1 21 35 e4 a0 7e 03 9d d2 d4 f4 08 d7 72 1b ac 7b 28 53 99 23 05 76 8e 15 0a 8b 42 7e 84 a5 f2 dc 03 54 ca b8 8b 93 8c b7 40 6f f2 b3 02 a2 97 1e 61 a5 3c 66 50 26 e1 84 60 59 74 b0 57 1a cf 26 96 4f e8 3c b4 32 43 27 8c 55 29 9c 70 2b 23 bd 44 f2 63 2c 3f 26 f2 e3 56 7e 4c e5 c7 9d fc 08 41 a1 60 bf 9c 5b 3c 34 72 53 5f c9 32 42 f2 d3 a9 05 95 cc 15 aa 64 d5 29 41 a6 ac 54 09 cf b0 96 25 59 ca 60 2b d0 7e 95 1b 60 3d 48 0d 35 90 57 12 67 bf c3 5c 5e 08 2c 63 c5 43 df 0c f2 08 99 d5 46 59 1e 59 95 3a 50 c9 c3 3b 98 6b 8b dc 55 a0 94 b1 76 0d 50 86 f4 2d fa 0a d5 26 5c cb 42 eb 86 4c 79 ae 2a d0 7e 28 6d 32 41 3d c8 94 5d de 6b fb b3 [TRUNCATED]
        Data Ascii: 11a3<rF[:Z,F HO%6HnI\%3RbUI6,kGyrK&?\_+p!5~r{(S#vB~T@oa<fP&`YtW&O<2C'U)p+#Dc,?&V~LA`[<4rS_2Bd)AT%Y`+~`=H5Wg\^,cCFYY:P;kUvP-&\BLy*~(m2A=]k[.#YezyHCy@{F!<6(P}>llQO}(?{xD)Jt`j]82Ku&SCm*Qf5%8PK-'?PTh-^d2y5N.!hOj:&Ia~~9N-gIv%7:"&!%dm;*r|Tzx9.q{mjWOBMSBzXmD1gXou?lolj7"Pn:Pw~[tR26W zLFD~m{tD3%6QIM<M}@u@@
        Sep 1, 2024 04:44:02.200486898 CEST224INData Raw: 0b 4d 9d 8c fb 98 b5 dd 32 90 7f 25 a6 a1 2e 0e a1 17 1e 4d 4b ec 67 b8 ef 71 75 88 61 35 b6 f4 b8 21 8f 1a a6 51 53 f8 30 b2 e4 07 30 f4 78 9c d7 52 a9 d1 16 a6 09 af e1 67 9b f6 2b ea 56 a2 ae f7 bb fe a3 84 cc 38 cf 5a 37 eb 94 0d 94 e6 24 48
        Data Ascii: M2%.MKgqua5!QS00xRg+V8Z7$H}zN^`M4*pTbMYa6Wq#eJC~^KjN5atX P?R?'O66q2qm\)?v
        Sep 1, 2024 04:44:02.200565100 CEST1236INData Raw: 6d ae 2e 4b ad ac 6f 68 9b a3 2f 8b bb 38 5d e5 e7 c8 f8 44 33 dd e2 d3 19 c0 37 78 1c 07 b3 8e a6 76 7d 5f d4 b3 b8 7e 4c 5b 96 e6 d9 95 65 69 96 75 cd e3 fa 49 16 04 67 5c 96 c6 1d eb 29 c0 c6 45 f1 18 ff 8b 13 ed 02 58 9c 66 95 00 99 c5 dd 05
        Data Ascii: m.Koh/8]D37xv}_~L[eiuIg\)EXf"eNE1e'WI$IFg,<d9[0H #"C:E6"]lr}\NM#X$&5NW~w/]g*.\nelAia-R(Gi{
        Sep 1, 2024 04:44:02.200573921 CEST224INData Raw: cd 91 93 da 42 c7 e4 d0 08 6d 93 13 ba 4d 89 ef b9 4f 25 50 46 f7 4f e8 bf d3 9b 9c fc c6 9f e8 25 ea 5e a8 be ba 86 7d cf 7d 62 bd 63 5c e9 d1 12 88 46 ee dc 82 0f 03 74 7d 47 72 e8 7a c7 04 9d ef 2e c9 84 72 1f c4 e8 77 92 65 7e 19 3d ce ed 7e
        Data Ascii: BmMO%PFO%^}}bc\Ft}Grz.rwe~=~&z6A*c1R@09J#Ela'T++7WwHC,5i[-tT/]6=@5_`5WU=xc3Vu7;fdm
        Sep 1, 2024 04:44:02.200587988 CEST1236INData Raw: ee 64 a3 a6 2a d2 68 5b 68 5c df 63 b9 47 cd 72 9b f9 5b de d4 13 c5 07 58 35 fd 5c f5 68 4c 83 d1 81 f4 57 5e e2 0e de 34 5e 74 37 c2 50 8d fa c2 12 7d 92 3d 5e 2c b1 63 79 15 7f 9c c8 72 0b 2b b4 d9 bc 0f 3d 22 61 ba 92 49 b4 9b 51 d9 ee 06 ac
        Data Ascii: d*h[h\cGr[X5\hLW^4^t7P}=^,cyr+="aIQE):JN{@~mN^Ac-Q}kQ'X]iI<Jn`>%hY* yQ*p%>MwK^6?n!'2Kg#jg=
        Sep 1, 2024 04:44:02.200599909 CEST820INData Raw: 52 1b 99 81 56 8b 7d 4f ae 10 73 4b 49 3e fd 32 c5 3c a9 3b 22 26 d8 ad 2a 45 54 38 4d 26 b5 78 a5 9e b1 7c 69 23 d1 0b f7 08 86 89 4f da 51 63 a1 6f 8d 73 75 3c cd a3 a8 3e a0 f1 80 8a d2 97 d1 31 89 d3 cf 62 c1 9f bf 7f 75 2b d3 20 22 99 7c ec
        Data Ascii: RV}OsKI>2<;"&*ET8M&x|i#OQcosu<>1bu+ "|hLc'h8g4cZ~u:WitgAR5`\su:w@64u5^^w4Zl0HinUM$q`|zBx(\t9
        Sep 1, 2024 04:44:02.523891926 CEST898OUTGET /cdn-cgi/images/icon-exclamation.png?1376755637 HTTP/1.1
        Host: mychaseexclusive.ru
        Connection: keep-alive
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
        Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
        Referer: http://mychaseexclusive.ru/cdn-cgi/styles/cf.errors.css
        Accept-Encoding: gzip, deflate
        Accept-Language: en-US,en;q=0.9
        Cookie: BjcNjmN0-Pwccipeh5u98tXumNg=RlMmlDqDAXMD2-sDZQQTD_9Mt2w; vqvcV5FxXiC4lW3fXi-mk7Yniek=1725158636; rGQwSEOPwsEnpuR_hxDoi1LFJeM=1725245036; wEI2HLjHeHotR_BkdPbIlSz3B8Y=sMYomJlrBlmZzSyhoQA_hM4cdKE; NldLEC59kpxzgTjcuFdxCQh5s_s=_5wsorF3p1b651uGRwNr9-nLbuA; kXCmMa_0GiSRnNULyrGxWbTQpY0=cRrl2AzWkJYyEFavDJ0CEiHqe8Y; gSaS8avy_wI_yiRmm2mEqhqzNfw=1725158639; Uk7aT3LVFyyC59E7GXZA4bh_PBs=1725245039; Ry9hFaaXTCPp9EgROrpabb_CLbY=Rt5BjAUrllMrhOMZaImIP9FoQhE
        Sep 1, 2024 04:44:02.624856949 CEST889INHTTP/1.1 200 OK
        Date: Sun, 01 Sep 2024 02:44:02 GMT
        Content-Type: image/png
        Content-Length: 452
        Connection: keep-alive
        Last-Modified: Tue, 27 Aug 2024 19:10:22 GMT
        ETag: "66ce249e-1c4"
        Server: cloudflare
        CF-RAY: 8bc1ea8c1a84437f-EWR
        X-Frame-Options: DENY
        X-Content-Type-Options: nosniff
        Vary: Accept-Encoding
        Expires: Sun, 01 Sep 2024 04:44:02 GMT
        Cache-Control: max-age=7200
        Cache-Control: public
        Accept-Ranges: bytes
        Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 36 00 00 00 36 08 03 00 00 00 bb 9b 9a ef 00 00 00 33 50 4c 54 45 c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f ab b2 22 ed 00 00 00 11 74 52 4e 53 00 40 30 10 60 8f bf ff ef 7f af 9f df 20 50 cf 70 60 82 c8 9b 00 00 01 2f 49 44 41 54 78 01 bd d3 05 d2 b4 30 10 06 e1 8e 6c de c1 36 dc ff b2 9f 2b 95 c9 12 7e 79 4a 91 46 22 b8 c2 8b c8 80 94 6f 45 1f ac 4c 81 33 f2 ac 03 5b 1e 95 69 32 b5 94 6e 98 57 79 4a c4 91 8a 7a 26 9a 82 a9 af a4 46 95 f5 d0 1a fb 95 c7 62 bf b2 f2 e9 70 7e e3 a7 a0 df ee 7c 3a 74 35 f1 6d b3 b3 99 66 70 af 69 f2 2f 65 ef c7 fa 99 25 de 25 1b c9 b4 f0 6e d2 50 a6 ed fb 65 6e 56 e5 bc 2e ab 97 a9 21 01 d4 e1 2c 03 9b 86 b3 19 c8 e3 99 80 45 0d a5 9f 05 a8 17 b2 09 74 21 5b 48 57 b2 42 e8 67 f1 52 e6 5c 5e af 65 fa af 6f 2b a0 16 bb 96 a9 9f dd a0 a8 25 f0 26 2d 6a d9 e1 a6 71 11 ee 1a 66 40 d2 b0 05 6f e7 ec e1 5d f3 [TRUNCATED]
        Data Ascii: PNGIHDR663PLTEE?E?E?E?E?E?E?E?E?E?E?E?E?E?E?E?E?"tRNS@0` Pp`/IDATx0l6+~yJF"oEL3[i2nWyJz&Fbp~|:t5mfpi/e%%nPenV.!,Et![HWBgR\^eo+%&-jqf@o] u0x2K+C8ULY[=yotF]MU,4a>/)C3gNIi.R=Q7KIENDB`
        Sep 1, 2024 04:44:02.652193069 CEST846OUTGET /favicon.ico HTTP/1.1
        Host: mychaseexclusive.ru
        Connection: keep-alive
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
        Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
        Referer: http://mychaseexclusive.ru/case/?token
        Accept-Encoding: gzip, deflate
        Accept-Language: en-US,en;q=0.9
        Cookie: BjcNjmN0-Pwccipeh5u98tXumNg=RlMmlDqDAXMD2-sDZQQTD_9Mt2w; vqvcV5FxXiC4lW3fXi-mk7Yniek=1725158636; rGQwSEOPwsEnpuR_hxDoi1LFJeM=1725245036; wEI2HLjHeHotR_BkdPbIlSz3B8Y=sMYomJlrBlmZzSyhoQA_hM4cdKE; NldLEC59kpxzgTjcuFdxCQh5s_s=_5wsorF3p1b651uGRwNr9-nLbuA; kXCmMa_0GiSRnNULyrGxWbTQpY0=cRrl2AzWkJYyEFavDJ0CEiHqe8Y; gSaS8avy_wI_yiRmm2mEqhqzNfw=1725158639; Uk7aT3LVFyyC59E7GXZA4bh_PBs=1725245039; Ry9hFaaXTCPp9EgROrpabb_CLbY=Rt5BjAUrllMrhOMZaImIP9FoQhE
        Sep 1, 2024 04:44:02.757481098 CEST858INHTTP/1.1 301 Moved Permanently
        Date: Sun, 01 Sep 2024 02:44:02 GMT
        Content-Type: text/html
        Content-Length: 167
        Connection: keep-alive
        Cache-Control: max-age=3600
        Expires: Sun, 01 Sep 2024 03:44:02 GMT
        Location: https://mychaseexclusive.ru/favicon.ico
        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kWW0JHUSHbK9y8YVsU7BsECPSuP%2BrOFYXUAbYVjJhlPRJ9UaB3uhk3OEOcws2Lx1tyYjlpc4pXmHNVTiJMtHNNL53Kplj9rlDIkEL%2FjXDP1A2eau6oNd8wi3l0HwOcQY4E0LrEF%2F"}],"group":"cf-nel","max_age":604800}
        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
        Vary: Accept-Encoding
        Server: cloudflare
        CF-RAY: 8bc1ea8ceb5c437f-EWR
        alt-svc: h3=":443"; ma=86400
        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
        Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>cloudflare</center></body></html>
        Sep 1, 2024 04:44:47.762552023 CEST6OUTData Raw: 00
        Data Ascii:


        HTTPS Proxied Packets

        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        0192.168.2.449735104.21.7.894431860C:\Program Files\Google\Chrome\Application\chrome.exe
        TimestampBytes transferredDirectionData
        2024-09-01 02:43:58 UTC672OUTGET /case?token HTTP/1.1
        Host: mychaseexclusive.ru
        Connection: keep-alive
        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
        sec-ch-ua-mobile: ?0
        sec-ch-ua-platform: "Windows"
        Upgrade-Insecure-Requests: 1
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
        Sec-Fetch-Site: none
        Sec-Fetch-Mode: navigate
        Sec-Fetch-User: ?1
        Sec-Fetch-Dest: document
        Accept-Encoding: gzip, deflate, br
        Accept-Language: en-US,en;q=0.9
        2024-09-01 02:43:59 UTC1364INHTTP/1.1 503 Service Temporarily Unavailable
        Date: Sun, 01 Sep 2024 02:43:59 GMT
        Content-Type: text/html; charset=utf-8
        Transfer-Encoding: chunked
        Connection: close
        X-Content-Type-Options: nosniff
        X-Content-Type-Options: nosniff
        X-XSS-Protection: 1; mode=block
        X-XSS-Protection: 1; mode=block
        Set-Cookie: BjcNjmN0-Pwccipeh5u98tXumNg=RlMmlDqDAXMD2-sDZQQTD_9Mt2w; path=/; expires=Mon, 02-Sep-24 02:43:56 GMT; Max-Age=86400;
        Set-Cookie: vqvcV5FxXiC4lW3fXi-mk7Yniek=1725158636; path=/; expires=Mon, 02-Sep-24 02:43:56 GMT; Max-Age=86400;
        Set-Cookie: rGQwSEOPwsEnpuR_hxDoi1LFJeM=1725245036; path=/; expires=Mon, 02-Sep-24 02:43:56 GMT; Max-Age=86400;
        Set-Cookie: wEI2HLjHeHotR_BkdPbIlSz3B8Y=sMYomJlrBlmZzSyhoQA_hM4cdKE; path=/; expires=Mon, 02-Sep-24 02:43:56 GMT; Max-Age=86400;
        Set-Cookie: NldLEC59kpxzgTjcuFdxCQh5s_s=_5wsorF3p1b651uGRwNr9-nLbuA; path=/; expires=Mon, 02-Sep-24 02:43:56 GMT; Max-Age=86400;
        X-Frame-Options: SAMEORIGIN
        Cache-Control: public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
        Pragma: no-cache
        Expires: 0
        CF-Cache-Status: DYNAMIC
        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rxlO9UktNCk1WpZt%2FRaLyVhjO9TyCiJJCa50qqChPRe%2FipDkm8B8exLp0dwMNty1umuPXK0xfftqKtHo3qa6HzvRCxRh9%2F%2FOS1KcFW1ypy33u3haqq%2FnV0XK4JvezsmF9UfwpJIU"}],"group":"cf-nel","max_age":604800}
        2024-09-01 02:43:59 UTC149INData Raw: 4e 45 4c 3a 20 7b 22 73 75 63 63 65 73 73 5f 66 72 61 63 74 69 6f 6e 22 3a 30 2c 22 72 65 70 6f 72 74 5f 74 6f 22 3a 22 63 66 2d 6e 65 6c 22 2c 22 6d 61 78 5f 61 67 65 22 3a 36 30 34 38 30 30 7d 0d 0a 53 65 72 76 65 72 3a 20 63 6c 6f 75 64 66 6c 61 72 65 0d 0a 43 46 2d 52 41 59 3a 20 38 62 63 31 65 61 37 35 37 61 65 32 34 33 37 66 2d 45 57 52 0d 0a 61 6c 74 2d 73 76 63 3a 20 68 33 3d 22 3a 34 34 33 22 3b 20 6d 61 3d 38 36 34 30 30 0d 0a 0d 0a
        Data Ascii: NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 8bc1ea757ae2437f-EWRalt-svc: h3=":443"; ma=86400
        2024-09-01 02:43:59 UTC1369INData Raw: 31 63 64 37 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 45 64 67 65 2c 63 68 72 6f 6d 65 3d 31 22 20 2f 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d
        Data Ascii: 1cd7<!DOCTYPE html><html><head><meta charset="utf-8" /><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><meta http-equiv="X-UA-Compatible" content="IE=Edge,chrome=1" /><meta name="viewport" content="width=device-width, initial-
        2024-09-01 02:43:59 UTC1369INData Raw: 6f 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 76 4c 32 70 68 64 6d 46 7a 59 33 4a 70 63 48 51 67 63 48 56 36 65 6d 78 6c 49 47 5a 76 63 69 42 69 63 6d 39 33 63 32 56 79 49 48 52 76 49 47 5a 70 5a 33 56 79 5a 53 42 76 64 58 51 67 64 47 38 67 5a 32 56 30 49 47 46 75 63 33 64 6c 63 67 6f 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 42 70 5a 69 67 68 64 32 6c 75 5a 47 39 33 4c 6c 39 77 61 47 46 75 64 47 39 74 49 48 78 38 49 43 46 33 61 57 35 6b 62 33 63 75 59 32 46 73 62 46 42 6f 59 57 35 30 62 32 30 70 65 79 38 71 63 47 68 68 62 6e 52 76 62 57 70 7a 4b 69 38 4b 61 57 59 6f 49 58 64 70 62 6d 52 76 64 79 35 66 58 33 42 6f 59 57 35 30 62 32 31 68 63 79 6c 37 4c
        Data Ascii: ogICAgICAgICAgICAgICAgICAgICAgICAvL2phdmFzY3JpcHQgcHV6emxlIGZvciBicm93c2VyIHRvIGZpZ3VyZSBvdXQgdG8gZ2V0IGFuc3dlcgogICAgICAgICAgICAgICAgICAgICAgICBpZighd2luZG93Ll9waGFudG9tIHx8ICF3aW5kb3cuY2FsbFBoYW50b20pey8qcGhhbnRvbWpzKi8KaWYoIXdpbmRvdy5fX3BoYW50b21hcyl7L
        2024-09-01 02:43:59 UTC1369INData Raw: 67 49 43 41 67 49 43 41 76 4c 32 56 75 5a 43 42 71 59 58 5a 68 63 32 4e 79 61 58 42 30 49 48 42 31 65 6e 70 73 5a 51 6f 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 42 32 59 58 49 67 65 47 68 30 64 48 41 67 50 53 42 75 5a 58 63 67 57 45 31 4d 53 48 52 30 63 46 4a 6c 63 58 56 6c 63 33 51 6f 4b 54 73 4b 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 65 47 68 30 64 48 41 75 62 32 35 79 5a 57 46 6b 65 58 4e 30 59 58 52 6c 59 32 68 68 62 6d 64 6c 49 44 30 67 5a 6e 56 75 59 33 52 70 62 32 34 6f 4b 53 42 37 43 69 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 61 57 59 67 4b 48 68 6f 64 48
        Data Ascii: gICAgICAvL2VuZCBqYXZhc2NyaXB0IHB1enpsZQogICAgICAgICAgICAgICAgICAgICAgICB2YXIgeGh0dHAgPSBuZXcgWE1MSHR0cFJlcXVlc3QoKTsKICAgICAgICAgICAgICAgICAgICAgICAgeGh0dHAub25yZWFkeXN0YXRlY2hhbmdlID0gZnVuY3Rpb24oKSB7CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgKHhodH
        2024-09-01 02:43:59 UTC1369INData Raw: 62 48 4e 6c 49 48 73 4b 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 42 33 61 57 35 6b 62 33 63 75 62 47 39 6a 59 58 52 70 62 32 34 75 63 6d 56 73 62 32 46 6b 4b 43 6b 37 43 69 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 42 39 43 6e 30 4b 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 42 39 43 69 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 43 41 67 49 48 30 37 43 69 41 67 49 43 41 67 49 43 41 67 49 43 41
        Data Ascii: bHNlIHsKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICB3aW5kb3cubG9jYXRpb24ucmVsb2FkKCk7CiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICB9Cn0KICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICB9CiAgICAgICAgICAgICAgICAgICAgICAgIH07CiAgICAgICAgICA
        2024-09-01 02:43:59 UTC1369INData Raw: 6d 68 6c 61 57 64 6f 64 44 73 4b 64 33 63 67 50 53 42 33 61 57 35 6b 62 33 63 75 61 57 35 75 5a 58 4a 58 61 57 52 30 61 43 42 38 66 43 42 6b 62 32 4e 31 62 57 56 75 64 43 35 6b 62 32 4e 31 62 57 56 75 64 45 56 73 5a 57 31 6c 62 6e 51 75 59 32 78 70 5a 57 35 30 56 32 6c 6b 64 47 67 67 66 48 77 67 5a 47 39 6a 64 57 31 6c 62 6e 51 75 59 6d 39 6b 65 53 35 6a 62 47 6c 6c 62 6e 52 58 61 57 52 30 61 43 42 38 66 43 41 77 4f 77 70 33 61 43 41 39 49 48 64 70 62 6d 52 76 64 79 35 70 62 6d 35 6c 63 6b 68 6c 61 57 64 6f 64 43 42 38 66 43 42 6b 62 32 4e 31 62 57 56 75 64 43 35 6b 62 32 4e 31 62 57 56 75 64 45 56 73 5a 57 31 6c 62 6e 51 75 59 32 78 70 5a 57 35 30 53 47 56 70 5a 32 68 30 49 48 78 38 49 47 52 76 59 33 56 74 5a 57 35 30 4c 6d 4a 76 5a 48 6b 75 59 32 78 70
        Data Ascii: mhlaWdodDsKd3cgPSB3aW5kb3cuaW5uZXJXaWR0aCB8fCBkb2N1bWVudC5kb2N1bWVudEVsZW1lbnQuY2xpZW50V2lkdGggfHwgZG9jdW1lbnQuYm9keS5jbGllbnRXaWR0aCB8fCAwOwp3aCA9IHdpbmRvdy5pbm5lckhlaWdodCB8fCBkb2N1bWVudC5kb2N1bWVudEVsZW1lbnQuY2xpZW50SGVpZ2h0IHx8IGRvY3VtZW50LmJvZHkuY2xp
        2024-09-01 02:43:59 UTC546INData Raw: 64 43 68 69 6c 64 28 64 29 7d 7d 69 66 28 64 6f 63 75 6d 65 6e 74 2e 62 6f 64 79 29 7b 76 61 72 20 61 3d 64 6f 63 75 6d 65 6e 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 27 69 66 72 61 6d 65 27 29 3b 61 2e 68 65 69 67 68 74 3d 31 3b 61 2e 77 69 64 74 68 3d 31 3b 61 2e 73 74 79 6c 65 2e 70 6f 73 69 74 69 6f 6e 3d 27 61 62 73 6f 6c 75 74 65 27 3b 61 2e 73 74 79 6c 65 2e 74 6f 70 3d 30 3b 61 2e 73 74 79 6c 65 2e 6c 65 66 74 3d 30 3b 61 2e 73 74 79 6c 65 2e 62 6f 72 64 65 72 3d 27 6e 6f 6e 65 27 3b 61 2e 73 74 79 6c 65 2e 76 69 73 69 62 69 6c 69 74 79 3d 27 68 69 64 64 65 6e 27 3b 64 6f 63 75 6d 65 6e 74 2e 62 6f 64 79 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 61 29 3b 69 66 28 27 6c 6f 61 64 69 6e 67 27 21 3d 3d 64 6f 63 75 6d 65 6e 74 2e 72 65 61 64 79 53
        Data Ascii: dChild(d)}}if(document.body){var a=document.createElement('iframe');a.height=1;a.width=1;a.style.position='absolute';a.style.top=0;a.style.left=0;a.style.border='none';a.style.visibility='hidden';document.body.appendChild(a);if('loading'!==document.readyS
        2024-09-01 02:43:59 UTC5INData Raw: 30 0d 0a 0d 0a
        Data Ascii: 0


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        1192.168.2.449736104.21.7.894431860C:\Program Files\Google\Chrome\Application\chrome.exe
        TimestampBytes transferredDirectionData
        2024-09-01 02:43:59 UTC1187OUTPOST /case?token HTTP/1.1
        Host: mychaseexclusive.ru
        Connection: keep-alive
        Content-Length: 22
        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
        X-Requested-TimeStamp-Expire:
        sec-ch-ua-mobile: ?0
        X-Requested-TimeStamp-Combination:
        X-Requested-Type-Combination: GET
        Content-type: application/x-www-form-urlencoded
        X-Requested-Type: GET
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
        ZaOHwFApya53RTC4BTqa5t59QUs: 50322854
        X-Requested-with: XMLHttpRequest
        X-Requested-TimeStamp:
        sec-ch-ua-platform: "Windows"
        Accept: */*
        Origin: https://mychaseexclusive.ru
        Sec-Fetch-Site: same-origin
        Sec-Fetch-Mode: cors
        Sec-Fetch-Dest: empty
        Referer: https://mychaseexclusive.ru/case?token
        Accept-Encoding: gzip, deflate, br
        Accept-Language: en-US,en;q=0.9
        Cookie: BjcNjmN0-Pwccipeh5u98tXumNg=RlMmlDqDAXMD2-sDZQQTD_9Mt2w; vqvcV5FxXiC4lW3fXi-mk7Yniek=1725158636; rGQwSEOPwsEnpuR_hxDoi1LFJeM=1725245036; wEI2HLjHeHotR_BkdPbIlSz3B8Y=sMYomJlrBlmZzSyhoQA_hM4cdKE; NldLEC59kpxzgTjcuFdxCQh5s_s=_5wsorF3p1b651uGRwNr9-nLbuA; kXCmMa_0GiSRnNULyrGxWbTQpY0=cRrl2AzWkJYyEFavDJ0CEiHqe8Y
        2024-09-01 02:43:59 UTC22OUTData Raw: 6e 61 6d 65 31 3d 48 65 6e 72 79 26 6e 61 6d 65 32 3d 46 6f 72 64
        Data Ascii: name1=Henry&name2=Ford
        2024-09-01 02:43:59 UTC1292INHTTP/1.1 204 No Content
        Date: Sun, 01 Sep 2024 02:43:59 GMT
        Connection: close
        X-Content-Type-Options: nosniff
        X-Content-Type-Options: nosniff
        X-XSS-Protection: 1; mode=block
        X-XSS-Protection: 1; mode=block
        Set-Cookie: kXCmMa_0GiSRnNULyrGxWbTQpY0=cRrl2AzWkJYyEFavDJ0CEiHqe8Y; path=/; expires=Mon, 02-Sep-24 02:43:59 GMT; Max-Age=86400;
        Set-Cookie: gSaS8avy_wI_yiRmm2mEqhqzNfw=1725158639; path=/; expires=Mon, 02-Sep-24 02:43:59 GMT; Max-Age=86400;
        Set-Cookie: Uk7aT3LVFyyC59E7GXZA4bh_PBs=1725245039; path=/; expires=Mon, 02-Sep-24 02:43:59 GMT; Max-Age=86400;
        Set-Cookie: Ry9hFaaXTCPp9EgROrpabb_CLbY=Rt5BjAUrllMrhOMZaImIP9FoQhE; path=/; expires=Mon, 02-Sep-24 02:43:59 GMT; Max-Age=86400;
        X-Frame-Options: SAMEORIGIN
        Cache-Control: public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
        Pragma: no-cache
        Expires: 0
        CF-Cache-Status: DYNAMIC
        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VsU1%2BaAsMhe6Mx%2BpdMZV4dLzPv%2BXF9fSD5XYZ8cQF3Yj6VHoKfyNqBaAVj2FYkRX2lI40UKLVaEZRDfWvwy8vD3DTRx1c5k85uQEGAUG7jQuJEzRZxHLvFK%2Fmea4QekMxQGjo0np"}],"group":"cf-nel","max_age":604800}
        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
        Server: cloudflare
        CF-RAY: 8bc1ea789d9e7ce4-EWR
        alt-svc: h3=":443"; ma=86400


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        2192.168.2.44973935.190.80.14431860C:\Program Files\Google\Chrome\Application\chrome.exe
        TimestampBytes transferredDirectionData
        2024-09-01 02:43:59 UTC546OUTOPTIONS /report/v4?s=rxlO9UktNCk1WpZt%2FRaLyVhjO9TyCiJJCa50qqChPRe%2FipDkm8B8exLp0dwMNty1umuPXK0xfftqKtHo3qa6HzvRCxRh9%2F%2FOS1KcFW1ypy33u3haqq%2FnV0XK4JvezsmF9UfwpJIU HTTP/1.1
        Host: a.nel.cloudflare.com
        Connection: keep-alive
        Origin: https://mychaseexclusive.ru
        Access-Control-Request-Method: POST
        Access-Control-Request-Headers: content-type
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
        Accept-Encoding: gzip, deflate, br
        Accept-Language: en-US,en;q=0.9
        2024-09-01 02:43:59 UTC336INHTTP/1.1 200 OK
        Content-Length: 0
        access-control-max-age: 86400
        access-control-allow-methods: OPTIONS, POST
        access-control-allow-origin: *
        access-control-allow-headers: content-type, content-length
        date: Sun, 01 Sep 2024 02:43:59 GMT
        Via: 1.1 google
        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
        Connection: close


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        3192.168.2.449740104.21.7.894431860C:\Program Files\Google\Chrome\Application\chrome.exe
        TimestampBytes transferredDirectionData
        2024-09-01 02:43:59 UTC846OUTGET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
        Host: mychaseexclusive.ru
        Connection: keep-alive
        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
        sec-ch-ua-mobile: ?0
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
        sec-ch-ua-platform: "Windows"
        Accept: */*
        Sec-Fetch-Site: same-origin
        Sec-Fetch-Mode: no-cors
        Sec-Fetch-Dest: script
        Accept-Encoding: gzip, deflate, br
        Accept-Language: en-US,en;q=0.9
        Cookie: BjcNjmN0-Pwccipeh5u98tXumNg=RlMmlDqDAXMD2-sDZQQTD_9Mt2w; vqvcV5FxXiC4lW3fXi-mk7Yniek=1725158636; rGQwSEOPwsEnpuR_hxDoi1LFJeM=1725245036; wEI2HLjHeHotR_BkdPbIlSz3B8Y=sMYomJlrBlmZzSyhoQA_hM4cdKE; NldLEC59kpxzgTjcuFdxCQh5s_s=_5wsorF3p1b651uGRwNr9-nLbuA; kXCmMa_0GiSRnNULyrGxWbTQpY0=cRrl2AzWkJYyEFavDJ0CEiHqe8Y
        2024-09-01 02:44:00 UTC703INHTTP/1.1 302 Found
        Date: Sun, 01 Sep 2024 02:43:59 GMT
        Content-Length: 0
        Connection: close
        location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/e7cf9275f425/main.js?
        cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
        access-control-allow-origin: *
        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P%2Fsp64ixzcijodKx6IEfof5mkjUw%2Bh3rYlnaxRpknt0mClz37Qt197Zot4QyuTpWfgz7V6dk%2Bc2DSa2T0dQiKPpIrsaQoOHTmYihhtTEvdNyLvaDch%2BP1AbstZh4l64u1XdAIDyt"}],"group":"cf-nel","max_age":604800}
        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
        Server: cloudflare
        CF-RAY: 8bc1ea7bbc288c9c-EWR
        alt-svc: h3=":443"; ma=86400


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        4192.168.2.44974435.190.80.14431860C:\Program Files\Google\Chrome\Application\chrome.exe
        TimestampBytes transferredDirectionData
        2024-09-01 02:44:00 UTC484OUTPOST /report/v4?s=rxlO9UktNCk1WpZt%2FRaLyVhjO9TyCiJJCa50qqChPRe%2FipDkm8B8exLp0dwMNty1umuPXK0xfftqKtHo3qa6HzvRCxRh9%2F%2FOS1KcFW1ypy33u3haqq%2FnV0XK4JvezsmF9UfwpJIU HTTP/1.1
        Host: a.nel.cloudflare.com
        Connection: keep-alive
        Content-Length: 397
        Content-Type: application/reports+json
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
        Accept-Encoding: gzip, deflate, br
        Accept-Language: en-US,en;q=0.9
        2024-09-01 02:44:00 UTC397OUTData Raw: 5b 7b 22 61 67 65 22 3a 30 2c 22 62 6f 64 79 22 3a 7b 22 65 6c 61 70 73 65 64 5f 74 69 6d 65 22 3a 39 38 39 2c 22 6d 65 74 68 6f 64 22 3a 22 47 45 54 22 2c 22 70 68 61 73 65 22 3a 22 61 70 70 6c 69 63 61 74 69 6f 6e 22 2c 22 70 72 6f 74 6f 63 6f 6c 22 3a 22 68 74 74 70 2f 31 2e 31 22 2c 22 72 65 66 65 72 72 65 72 22 3a 22 22 2c 22 73 61 6d 70 6c 69 6e 67 5f 66 72 61 63 74 69 6f 6e 22 3a 31 2e 30 2c 22 73 65 72 76 65 72 5f 69 70 22 3a 22 31 30 34 2e 32 31 2e 37 2e 38 39 22 2c 22 73 74 61 74 75 73 5f 63 6f 64 65 22 3a 35 30 33 2c 22 74 79 70 65 22 3a 22 68 74 74 70 2e 65 72 72 6f 72 22 7d 2c 22 74 79 70 65 22 3a 22 6e 65 74 77 6f 72 6b 2d 65 72 72 6f 72 22 2c 22 75 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 6d 79 63 68 61 73 65 65 78 63 6c 75 73 69 76 65 2e 72
        Data Ascii: [{"age":0,"body":{"elapsed_time":989,"method":"GET","phase":"application","protocol":"http/1.1","referrer":"","sampling_fraction":1.0,"server_ip":"104.21.7.89","status_code":503,"type":"http.error"},"type":"network-error","url":"https://mychaseexclusive.r
        2024-09-01 02:44:00 UTC168INHTTP/1.1 200 OK
        Content-Length: 0
        date: Sun, 01 Sep 2024 02:44:00 GMT
        Via: 1.1 google
        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
        Connection: close


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        5192.168.2.449743104.21.7.894431860C:\Program Files\Google\Chrome\Application\chrome.exe
        TimestampBytes transferredDirectionData
        2024-09-01 02:44:00 UTC1161OUTGET /case?token HTTP/1.1
        Host: mychaseexclusive.ru
        Connection: keep-alive
        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
        sec-ch-ua-mobile: ?0
        sec-ch-ua-platform: "Windows"
        Upgrade-Insecure-Requests: 1
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
        Sec-Fetch-Site: same-origin
        Sec-Fetch-Mode: navigate
        Sec-Fetch-Dest: document
        Referer: https://mychaseexclusive.ru/case?token
        Accept-Encoding: gzip, deflate, br
        Accept-Language: en-US,en;q=0.9
        Cookie: BjcNjmN0-Pwccipeh5u98tXumNg=RlMmlDqDAXMD2-sDZQQTD_9Mt2w; vqvcV5FxXiC4lW3fXi-mk7Yniek=1725158636; rGQwSEOPwsEnpuR_hxDoi1LFJeM=1725245036; wEI2HLjHeHotR_BkdPbIlSz3B8Y=sMYomJlrBlmZzSyhoQA_hM4cdKE; NldLEC59kpxzgTjcuFdxCQh5s_s=_5wsorF3p1b651uGRwNr9-nLbuA; kXCmMa_0GiSRnNULyrGxWbTQpY0=cRrl2AzWkJYyEFavDJ0CEiHqe8Y; gSaS8avy_wI_yiRmm2mEqhqzNfw=1725158639; Uk7aT3LVFyyC59E7GXZA4bh_PBs=1725245039; Ry9hFaaXTCPp9EgROrpabb_CLbY=Rt5BjAUrllMrhOMZaImIP9FoQhE
        2024-09-01 02:44:01 UTC784INHTTP/1.1 301 Moved Permanently
        Date: Sun, 01 Sep 2024 02:44:01 GMT
        Content-Type: text/html; charset=iso-8859-1
        Transfer-Encoding: chunked
        Connection: close
        X-Content-Type-Options: nosniff
        X-Content-Type-Options: nosniff
        X-XSS-Protection: 1; mode=block
        X-XSS-Protection: 1; mode=block
        Location: http://mychaseexclusive.ru/case/?token
        CF-Cache-Status: DYNAMIC
        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8lmhDEn%2F5FAQJNDXlwqPkmZXJBfPfK3eFvgWlq5eaee2g2QDLljb%2B3Sw%2BsFeTGVgHFXyCxbQzOq71rXEdGkWbdJGxRA4ICFngfttU3PFC4Hxdgm5wvJ%2B%2FEiFtSMrezsVZq%2Ffekk3"}],"group":"cf-nel","max_age":604800}
        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
        Server: cloudflare
        CF-RAY: 8bc1ea7f18d97d0c-EWR
        alt-svc: h3=":443"; ma=86400
        2024-09-01 02:44:01 UTC253INData Raw: 66 37 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 6d 79 63 68 61 73 65 65 78 63 6c 75 73 69 76 65 2e 72 75 2f 63 61 73 65 2f 3f 74 6f 6b 65 6e 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a 0d 0a
        Data Ascii: f7<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://mychaseexclusive.ru/case/?token">here</a>.</p></body></html>
        2024-09-01 02:44:01 UTC5INData Raw: 30 0d 0a 0d 0a
        Data Ascii: 0


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        6192.168.2.449745104.21.7.894431860C:\Program Files\Google\Chrome\Application\chrome.exe
        TimestampBytes transferredDirectionData
        2024-09-01 02:44:00 UTC1001OUTGET /cdn-cgi/challenge-platform/h/g/scripts/jsd/e7cf9275f425/main.js? HTTP/1.1
        Host: mychaseexclusive.ru
        Connection: keep-alive
        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
        sec-ch-ua-mobile: ?0
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
        sec-ch-ua-platform: "Windows"
        Accept: */*
        Sec-Fetch-Site: same-origin
        Sec-Fetch-Mode: no-cors
        Sec-Fetch-Dest: script
        Accept-Encoding: gzip, deflate, br
        Accept-Language: en-US,en;q=0.9
        Cookie: BjcNjmN0-Pwccipeh5u98tXumNg=RlMmlDqDAXMD2-sDZQQTD_9Mt2w; vqvcV5FxXiC4lW3fXi-mk7Yniek=1725158636; rGQwSEOPwsEnpuR_hxDoi1LFJeM=1725245036; wEI2HLjHeHotR_BkdPbIlSz3B8Y=sMYomJlrBlmZzSyhoQA_hM4cdKE; NldLEC59kpxzgTjcuFdxCQh5s_s=_5wsorF3p1b651uGRwNr9-nLbuA; kXCmMa_0GiSRnNULyrGxWbTQpY0=cRrl2AzWkJYyEFavDJ0CEiHqe8Y; gSaS8avy_wI_yiRmm2mEqhqzNfw=1725158639; Uk7aT3LVFyyC59E7GXZA4bh_PBs=1725245039; Ry9hFaaXTCPp9EgROrpabb_CLbY=Rt5BjAUrllMrhOMZaImIP9FoQhE
        2024-09-01 02:44:00 UTC678INHTTP/1.1 200 OK
        Date: Sun, 01 Sep 2024 02:44:00 GMT
        Content-Type: application/javascript; charset=UTF-8
        Content-Length: 7847
        Connection: close
        cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
        x-content-type-options: nosniff
        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p50SaPAQiO8zU261VV8yF7Qo5mB6mytDMwinSaXz8cn2JqXRcd5Mfooa%2FY0rqKkVaE3KzmnhKFZeQNKtncf4LNC13RLi9ztUdtuMDOkFqAzKFcPLKgZzsu1sS%2FJvf5wCZNzvetvG"}],"group":"cf-nel","max_age":604800}
        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
        Server: cloudflare
        CF-RAY: 8bc1ea80cba7425f-EWR
        alt-svc: h3=":443"; ma=86400
        2024-09-01 02:44:00 UTC691INData Raw: 77 69 6e 64 6f 77 2e 5f 63 66 5f 63 68 6c 5f 6f 70 74 3d 7b 63 46 50 57 76 3a 27 67 27 7d 3b 7e 66 75 6e 63 74 69 6f 6e 28 56 2c 67 2c 68 2c 69 2c 6a 2c 6b 2c 6f 2c 73 29 7b 56 3d 62 2c 66 75 6e 63 74 69 6f 6e 28 63 2c 65 2c 55 2c 66 2c 43 29 7b 66 6f 72 28 55 3d 62 2c 66 3d 63 28 29 3b 21 21 5b 5d 3b 29 74 72 79 7b 69 66 28 43 3d 2d 70 61 72 73 65 49 6e 74 28 55 28 32 37 39 29 29 2f 31 2b 2d 70 61 72 73 65 49 6e 74 28 55 28 31 39 36 29 29 2f 32 2b 70 61 72 73 65 49 6e 74 28 55 28 32 33 34 29 29 2f 33 2b 2d 70 61 72 73 65 49 6e 74 28 55 28 32 33 36 29 29 2f 34 2a 28 2d 70 61 72 73 65 49 6e 74 28 55 28 32 35 34 29 29 2f 35 29 2b 2d 70 61 72 73 65 49 6e 74 28 55 28 32 34 35 29 29 2f 36 2a 28 70 61 72 73 65 49 6e 74 28 55 28 32 38 38 29 29 2f 37 29 2b 2d 70
        Data Ascii: window._cf_chl_opt={cFPWv:'g'};~function(V,g,h,i,j,k,o,s){V=b,function(c,e,U,f,C){for(U=b,f=c();!![];)try{if(C=-parseInt(U(279))/1+-parseInt(U(196))/2+parseInt(U(234))/3+-parseInt(U(236))/4*(-parseInt(U(254))/5)+-parseInt(U(245))/6*(parseInt(U(288))/7)+-p
        2024-09-01 02:44:00 UTC1369INData Raw: 30 2c 51 3d 30 3b 51 3c 44 5b 59 28 32 36 31 29 5d 3b 51 2b 3d 31 29 69 66 28 52 3d 44 5b 59 28 32 32 34 29 5d 28 51 29 2c 4f 62 6a 65 63 74 5b 59 28 32 38 30 29 5d 5b 59 28 32 37 36 29 5d 5b 59 28 32 35 39 29 5d 28 48 2c 52 29 7c 7c 28 48 5b 52 5d 3d 4c 2b 2b 2c 49 5b 52 5d 3d 21 30 29 2c 53 3d 4a 2b 52 2c 4f 62 6a 65 63 74 5b 59 28 32 38 30 29 5d 5b 59 28 32 37 36 29 5d 5b 59 28 32 35 39 29 5d 28 48 2c 53 29 29 4a 3d 53 3b 65 6c 73 65 7b 69 66 28 4f 62 6a 65 63 74 5b 59 28 32 38 30 29 5d 5b 59 28 32 37 36 29 5d 5b 59 28 32 35 39 29 5d 28 49 2c 4a 29 29 7b 69 66 28 32 35 36 3e 4a 5b 59 28 32 31 33 29 5d 28 30 29 29 7b 66 6f 72 28 47 3d 30 3b 47 3c 4d 3b 4f 3c 3c 3d 31 2c 50 3d 3d 45 2d 31 3f 28 50 3d 30 2c 4e 5b 59 28 32 38 34 29 5d 28 46 28 4f 29 29 2c
        Data Ascii: 0,Q=0;Q<D[Y(261)];Q+=1)if(R=D[Y(224)](Q),Object[Y(280)][Y(276)][Y(259)](H,R)||(H[R]=L++,I[R]=!0),S=J+R,Object[Y(280)][Y(276)][Y(259)](H,S))J=S;else{if(Object[Y(280)][Y(276)][Y(259)](I,J)){if(256>J[Y(213)](0)){for(G=0;G<M;O<<=1,P==E-1?(P=0,N[Y(284)](F(O)),
        2024-09-01 02:44:00 UTC1369INData Raw: 32 38 34 29 5d 28 46 28 4f 29 29 3b 62 72 65 61 6b 7d 65 6c 73 65 20 50 2b 2b 3b 72 65 74 75 72 6e 20 4e 5b 59 28 31 39 34 29 5d 28 27 27 29 7d 2c 27 6a 27 3a 66 75 6e 63 74 69 6f 6e 28 44 2c 5a 29 7b 72 65 74 75 72 6e 20 5a 3d 57 2c 44 3d 3d 6e 75 6c 6c 3f 27 27 3a 27 27 3d 3d 44 3f 6e 75 6c 6c 3a 66 2e 69 28 44 5b 5a 28 32 36 31 29 5d 2c 33 32 37 36 38 2c 66 75 6e 63 74 69 6f 6e 28 45 2c 61 30 29 7b 72 65 74 75 72 6e 20 61 30 3d 5a 2c 44 5b 61 30 28 32 31 33 29 5d 28 45 29 7d 29 7d 2c 27 69 27 3a 66 75 6e 63 74 69 6f 6e 28 44 2c 45 2c 46 2c 61 31 2c 47 2c 48 2c 49 2c 4a 2c 4b 2c 4c 2c 4d 2c 4e 2c 4f 2c 50 2c 51 2c 52 2c 54 2c 53 29 7b 66 6f 72 28 61 31 3d 57 2c 47 3d 5b 5d 2c 48 3d 34 2c 49 3d 34 2c 4a 3d 33 2c 4b 3d 5b 5d 2c 4e 3d 46 28 30 29 2c 4f 3d
        Data Ascii: 284)](F(O));break}else P++;return N[Y(194)]('')},'j':function(D,Z){return Z=W,D==null?'':''==D?null:f.i(D[Z(261)],32768,function(E,a0){return a0=Z,D[a0(213)](E)})},'i':function(D,E,F,a1,G,H,I,J,K,L,M,N,O,P,Q,R,T,S){for(a1=W,G=[],H=4,I=4,J=3,K=[],N=F(0),O=
        2024-09-01 02:44:00 UTC1369INData Raw: 3d 66 75 6e 63 74 69 6f 6e 28 43 2c 44 2c 45 2c 46 2c 61 36 2c 48 2c 49 2c 4a 2c 4b 2c 4c 2c 4d 29 7b 69 66 28 61 36 3d 56 2c 6e 75 6c 6c 3d 3d 3d 44 7c 7c 44 3d 3d 3d 76 6f 69 64 20 30 29 72 65 74 75 72 6e 20 46 3b 66 6f 72 28 48 3d 6e 28 44 29 2c 43 5b 61 36 28 32 33 38 29 5d 5b 61 36 28 31 38 36 29 5d 26 26 28 48 3d 48 5b 61 36 28 32 38 32 29 5d 28 43 5b 61 36 28 32 33 38 29 5d 5b 61 36 28 31 38 36 29 5d 28 44 29 29 29 2c 48 3d 43 5b 61 36 28 32 31 35 29 5d 5b 61 36 28 31 39 37 29 5d 26 26 43 5b 61 36 28 32 32 31 29 5d 3f 43 5b 61 36 28 32 31 35 29 5d 5b 61 36 28 31 39 37 29 5d 28 6e 65 77 20 43 5b 28 61 36 28 32 32 31 29 29 5d 28 48 29 29 3a 66 75 6e 63 74 69 6f 6e 28 4e 2c 61 37 2c 4f 29 7b 66 6f 72 28 61 37 3d 61 36 2c 4e 5b 61 37 28 32 31 38 29 5d
        Data Ascii: =function(C,D,E,F,a6,H,I,J,K,L,M){if(a6=V,null===D||D===void 0)return F;for(H=n(D),C[a6(238)][a6(186)]&&(H=H[a6(282)](C[a6(238)][a6(186)](D))),H=C[a6(215)][a6(197)]&&C[a6(221)]?C[a6(215)][a6(197)](new C[(a6(221))](H)):function(N,a7,O){for(a7=a6,N[a7(218)]
        2024-09-01 02:44:00 UTC1369INData Raw: 29 5b 61 32 28 32 33 31 29 5d 28 61 32 28 32 34 31 29 29 7d 66 75 6e 63 74 69 6f 6e 20 76 28 61 39 2c 43 2c 44 2c 45 2c 46 2c 47 29 7b 61 39 3d 56 3b 74 72 79 7b 72 65 74 75 72 6e 20 43 3d 68 5b 61 39 28 32 37 30 29 5d 28 61 39 28 32 33 30 29 29 2c 43 5b 61 39 28 32 35 33 29 5d 3d 61 39 28 32 31 36 29 2c 43 5b 61 39 28 32 31 32 29 5d 3d 27 2d 31 27 2c 68 5b 61 39 28 32 34 39 29 5d 5b 61 39 28 32 36 36 29 5d 28 43 29 2c 44 3d 43 5b 61 39 28 31 38 37 29 5d 2c 45 3d 7b 7d 2c 45 3d 77 62 4a 4c 37 28 44 2c 44 2c 27 27 2c 45 29 2c 45 3d 77 62 4a 4c 37 28 44 2c 44 5b 61 39 28 32 32 35 29 5d 7c 7c 44 5b 61 39 28 32 36 33 29 5d 2c 27 6e 2e 27 2c 45 29 2c 45 3d 77 62 4a 4c 37 28 44 2c 43 5b 61 39 28 32 33 33 29 5d 2c 27 64 2e 27 2c 45 29 2c 68 5b 61 39 28 32 34 39
        Data Ascii: )[a2(231)](a2(241))}function v(a9,C,D,E,F,G){a9=V;try{return C=h[a9(270)](a9(230)),C[a9(253)]=a9(216),C[a9(212)]='-1',h[a9(249)][a9(266)](C),D=C[a9(187)],E={},E=wbJL7(D,D,'',E),E=wbJL7(D,D[a9(225)]||D[a9(263)],'n.',E),E=wbJL7(D,C[a9(233)],'d.',E),h[a9(249
        2024-09-01 02:44:00 UTC1369INData Raw: 6d 76 35 3b 61 62 66 4b 35 3b 74 6b 4d 5a 4d 36 3b 77 62 4a 4c 37 3b 4f 50 49 48 6a 30 3b 63 66 6c 55 34 2c 63 46 50 57 76 2c 6e 75 6d 62 65 72 2c 73 74 79 6c 65 2c 32 32 35 6d 67 58 52 6a 43 2c 70 6f 77 2c 67 65 74 50 72 6f 74 6f 74 79 70 65 4f 66 2c 73 65 6e 64 2c 73 65 74 52 65 71 75 65 73 74 48 65 61 64 65 72 2c 63 61 6c 6c 2c 34 38 57 79 53 7a 51 61 2c 6c 65 6e 67 74 68 2c 77 62 4a 4c 37 2c 6e 61 76 69 67 61 74 6f 72 2c 6f 6e 72 65 61 64 79 73 74 61 74 65 63 68 61 6e 67 65 2c 6d 61 70 2c 61 70 70 65 6e 64 43 68 69 6c 64 2c 43 6f 6e 74 65 6e 74 2d 74 79 70 65 2c 73 70 6c 69 63 65 2c 30 2e 34 35 37 30 38 30 39 36 39 35 36 34 34 33 33 35 3a 31 37 32 35 31 35 36 35 36 35 3a 64 56 6a 34 77 72 66 39 4d 71 54 51 4e 78 69 30 30 68 51 39 54 2d 45 49 42 77 64
        Data Ascii: mv5;abfK5;tkMZM6;wbJL7;OPIHj0;cflU4,cFPWv,number,style,225mgXRjC,pow,getPrototypeOf,send,setRequestHeader,call,48WySzQa,length,wbJL7,navigator,onreadystatechange,map,appendChild,Content-type,splice,0.4570809695644335:1725156565:dVj4wrf9MqTQNxi00hQ9T-EIBwd
        2024-09-01 02:44:00 UTC311INData Raw: 61 65 2c 21 65 29 26 26 28 65 3d 21 21 5b 5d 2c 44 3d 76 28 29 2c 7a 28 63 2e 72 2c 44 2e 72 29 2c 44 2e 65 26 26 41 28 61 66 28 32 37 32 29 2c 44 2e 65 2c 61 66 28 31 39 32 29 29 29 7d 2c 68 5b 61 65 28 32 31 39 29 5d 21 3d 3d 61 65 28 32 30 34 29 29 3f 66 28 29 3a 67 5b 61 65 28 32 30 32 29 5d 3f 68 5b 61 65 28 32 30 32 29 5d 28 61 65 28 32 37 34 29 2c 66 29 3a 28 43 3d 68 5b 61 65 28 32 36 34 29 5d 7c 7c 66 75 6e 63 74 69 6f 6e 28 29 7b 7d 2c 68 5b 61 65 28 32 36 34 29 5d 3d 66 75 6e 63 74 69 6f 6e 28 61 67 29 7b 61 67 3d 61 65 2c 43 28 29 2c 68 5b 61 67 28 32 31 39 29 5d 21 3d 3d 61 67 28 32 30 34 29 26 26 28 68 5b 61 67 28 32 36 34 29 5d 3d 43 2c 66 28 29 29 7d 29 7d 66 75 6e 63 74 69 6f 6e 20 62 28 63 2c 64 2c 65 29 7b 72 65 74 75 72 6e 20 65 3d 61
        Data Ascii: ae,!e)&&(e=!![],D=v(),z(c.r,D.r),D.e&&A(af(272),D.e,af(192)))},h[ae(219)]!==ae(204))?f():g[ae(202)]?h[ae(202)](ae(274),f):(C=h[ae(264)]||function(){},h[ae(264)]=function(ag){ag=ae,C(),h[ag(219)]!==ag(204)&&(h[ag(264)]=C,f())})}function b(c,d,e){return e=a


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        7192.168.2.449746104.21.7.894431860C:\Program Files\Google\Chrome\Application\chrome.exe
        TimestampBytes transferredDirectionData
        2024-09-01 02:44:01 UTC1079OUTPOST /cdn-cgi/challenge-platform/h/g/jsd/r/8bc1ea757ae2437f HTTP/1.1
        Host: mychaseexclusive.ru
        Connection: keep-alive
        Content-Length: 15810
        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
        sec-ch-ua-platform: "Windows"
        sec-ch-ua-mobile: ?0
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
        Content-Type: application/json
        Accept: */*
        Origin: https://mychaseexclusive.ru
        Sec-Fetch-Site: same-origin
        Sec-Fetch-Mode: cors
        Sec-Fetch-Dest: empty
        Accept-Encoding: gzip, deflate, br
        Accept-Language: en-US,en;q=0.9
        Cookie: BjcNjmN0-Pwccipeh5u98tXumNg=RlMmlDqDAXMD2-sDZQQTD_9Mt2w; vqvcV5FxXiC4lW3fXi-mk7Yniek=1725158636; rGQwSEOPwsEnpuR_hxDoi1LFJeM=1725245036; wEI2HLjHeHotR_BkdPbIlSz3B8Y=sMYomJlrBlmZzSyhoQA_hM4cdKE; NldLEC59kpxzgTjcuFdxCQh5s_s=_5wsorF3p1b651uGRwNr9-nLbuA; kXCmMa_0GiSRnNULyrGxWbTQpY0=cRrl2AzWkJYyEFavDJ0CEiHqe8Y; gSaS8avy_wI_yiRmm2mEqhqzNfw=1725158639; Uk7aT3LVFyyC59E7GXZA4bh_PBs=1725245039; Ry9hFaaXTCPp9EgROrpabb_CLbY=Rt5BjAUrllMrhOMZaImIP9FoQhE
        2024-09-01 02:44:01 UTC15810OUTData Raw: 7b 22 77 70 22 3a 22 75 79 24 70 66 4f 6c 6e 66 65 24 66 59 6b 4d 6c 41 6c 43 6a 32 70 4f 55 6a 31 38 6a 2b 36 2b 46 46 4f 6e 6c 61 42 6a 67 64 55 77 64 63 24 6a 53 67 2d 56 4d 64 65 6c 45 6a 59 41 24 49 37 79 79 6a 31 73 46 6a 78 6a 46 55 46 24 6c 6a 50 46 6c 68 4d 44 70 73 65 79 39 54 4c 70 67 64 52 79 38 31 51 45 43 6b 49 5a 70 68 52 66 58 38 4a 6c 51 42 67 73 2b 6a 66 24 24 30 2b 53 4f 39 37 6a 62 49 37 63 6f 39 6a 6f 70 6b 53 6a 4f 58 24 6a 2b 70 4f 4f 70 52 59 70 2b 6a 6c 64 6a 32 65 57 6a 6c 4a 39 6a 47 76 6e 31 49 79 2d 6c 31 73 37 24 6a 4f 76 39 6a 4f 4d 56 32 6a 56 4f 6a 6c 39 50 63 69 24 4c 45 38 55 4f 49 4f 6c 6f 68 38 79 42 66 52 4e 72 6f 67 6a 36 70 4f 2b 74 35 79 6a 6e 57 79 64 6b 63 67 4b 50 49 6a 56 72 6f 73 52 36 31 70 6a 69 73 36 63 2b
        Data Ascii: {"wp":"uy$pfOlnfe$fYkMlAlCj2pOUj18j+6+FFOnlaBjgdUwdc$jSg-VMdelEjYA$I7yyj1sFjxjFUF$ljPFlhMDpsey9TLpgdRy81QECkIZphRfX8JlQBgs+jf$$0+SO97jbI7co9jopkSjOX$j+pOOpRYp+jldj2eWjlJ9jGvn1Iy-l1s7$jOv9jOMV2jVOjl9Pci$LE8UOIOloh8yBfRNrogj6pO+t5yjnWydkcgKPIjVrosR61pjis6c+
        2024-09-01 02:44:01 UTC1270INHTTP/1.1 200 OK
        Date: Sun, 01 Sep 2024 02:44:01 GMT
        Content-Type: text/plain; charset=UTF-8
        Content-Length: 0
        Connection: close
        Set-Cookie: cf_clearance=; Path=/; Expires=Thu, 01-Jan-70 00:00:00 GMT; Domain=.mychaseexclusive.ru; HttpOnly; Secure; SameSite=None
        Set-Cookie: cf_clearance=clhL_HhjUCkulQpg2TJRDTKgYzawzygugdgcdxwmjDc-1725158641-1.2.1.1-HOmuDQWC7fh2BSCR8LOnj7I7idWSinFk7Um3Ne6aaJba3FcN5j8lNVUSEE695Hx582FJ9hDscpFm.8okyQKAEh9TJQAi6jnEuIX7SUgCH_PmOFXbANKwUPUVJvJGPjofJFM_9HSDPuwWmBU3.stl6W7vdJrsdG2pHLKjaUexOftC5sszMa4uRgJSrUNB26wNTTJG8Jv5ZJSOUP4pOXWMmryHGB5_8a38snq2e2aayDyx8O8jrHUIyfWwg_y5.hehsVp8JhooY1SPUf.fKVR9S3nGVIIewfMUlwHkwAbqVngYq9JnTnLbm3GbNlA9kEg72wImNwDGlMqhox1BuB23ocz4CAbG4xSDSQBgqjju813aK2QgZy29aVt5ed7LyhoS; Path=/; Expires=Mon, 01-Sep-25 02:44:01 GMT; Domain=.mychaseexclusive.ru; HttpOnly; Secure; SameSite=None; Partitioned
        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=djJrvePd8r7oVHtHu1BxLd8sicQwrlAty71sbKn%2BphizP4HNgMCmZ2jg0I3m31XzUZQ4g9Rwcl89lXffR8YmrZqm9Gm8rDjRNvdM2zf99NzKbmTvTZndPL1ZRT%2Fj0BCpFyGn%2BlHQ"}],"group":"cf-nel","max_age":604800}
        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
        Server: cloudflare
        CF-RAY: 8bc1ea8638600f9f-EWR
        alt-svc: h3=":443"; ma=86400


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        8192.168.2.449750104.21.7.894431860C:\Program Files\Google\Chrome\Application\chrome.exe
        TimestampBytes transferredDirectionData
        2024-09-01 02:44:01 UTC860OUTGET /cdn-cgi/challenge-platform/h/g/scripts/jsd/e7cf9275f425/main.js? HTTP/1.1
        Host: mychaseexclusive.ru
        Connection: keep-alive
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
        Accept: */*
        Sec-Fetch-Site: none
        Sec-Fetch-Mode: cors
        Sec-Fetch-Dest: empty
        Accept-Encoding: gzip, deflate, br
        Accept-Language: en-US,en;q=0.9
        Cookie: BjcNjmN0-Pwccipeh5u98tXumNg=RlMmlDqDAXMD2-sDZQQTD_9Mt2w; vqvcV5FxXiC4lW3fXi-mk7Yniek=1725158636; rGQwSEOPwsEnpuR_hxDoi1LFJeM=1725245036; wEI2HLjHeHotR_BkdPbIlSz3B8Y=sMYomJlrBlmZzSyhoQA_hM4cdKE; NldLEC59kpxzgTjcuFdxCQh5s_s=_5wsorF3p1b651uGRwNr9-nLbuA; kXCmMa_0GiSRnNULyrGxWbTQpY0=cRrl2AzWkJYyEFavDJ0CEiHqe8Y; gSaS8avy_wI_yiRmm2mEqhqzNfw=1725158639; Uk7aT3LVFyyC59E7GXZA4bh_PBs=1725245039; Ry9hFaaXTCPp9EgROrpabb_CLbY=Rt5BjAUrllMrhOMZaImIP9FoQhE
        2024-09-01 02:44:02 UTC682INHTTP/1.1 200 OK
        Date: Sun, 01 Sep 2024 02:44:02 GMT
        Content-Type: application/javascript; charset=UTF-8
        Content-Length: 7842
        Connection: close
        cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
        x-content-type-options: nosniff
        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mWo5CAvAqnYNh1bAOGxlDTTdLtUGBM4pCiTSGwQpaP4RJTFbb%2BB0tLvk%2Bwfp4NTBd8IM22pIUPLT2a4JmnedE%2FNY8aRoYE0cuUS2DKHyNef7tQICquvOKGE05X0aW2H%2FHEpK0BAA"}],"group":"cf-nel","max_age":604800}
        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
        Server: cloudflare
        CF-RAY: 8bc1ea888e118c0c-EWR
        alt-svc: h3=":443"; ma=86400
        2024-09-01 02:44:02 UTC687INData Raw: 77 69 6e 64 6f 77 2e 5f 63 66 5f 63 68 6c 5f 6f 70 74 3d 7b 63 46 50 57 76 3a 27 67 27 7d 3b 7e 66 75 6e 63 74 69 6f 6e 28 56 2c 67 2c 68 2c 6d 2c 6e 2c 78 2c 79 2c 41 29 7b 56 3d 62 2c 66 75 6e 63 74 69 6f 6e 28 63 2c 65 2c 55 2c 66 2c 43 29 7b 66 6f 72 28 55 3d 62 2c 66 3d 63 28 29 3b 21 21 5b 5d 3b 29 74 72 79 7b 69 66 28 43 3d 2d 70 61 72 73 65 49 6e 74 28 55 28 32 35 33 29 29 2f 31 2b 2d 70 61 72 73 65 49 6e 74 28 55 28 33 30 33 29 29 2f 32 2b 2d 70 61 72 73 65 49 6e 74 28 55 28 33 31 37 29 29 2f 33 2a 28 2d 70 61 72 73 65 49 6e 74 28 55 28 32 39 38 29 29 2f 34 29 2b 70 61 72 73 65 49 6e 74 28 55 28 33 30 34 29 29 2f 35 2a 28 70 61 72 73 65 49 6e 74 28 55 28 32 39 35 29 29 2f 36 29 2b 2d 70 61 72 73 65 49 6e 74 28 55 28 33 32 30 29 29 2f 37 2a 28 70
        Data Ascii: window._cf_chl_opt={cFPWv:'g'};~function(V,g,h,m,n,x,y,A){V=b,function(c,e,U,f,C){for(U=b,f=c();!![];)try{if(C=-parseInt(U(253))/1+-parseInt(U(303))/2+-parseInt(U(317))/3*(-parseInt(U(298))/4)+parseInt(U(304))/5*(parseInt(U(295))/6)+-parseInt(U(320))/7*(p
        2024-09-01 02:44:02 UTC1369INData Raw: 28 33 30 31 29 5d 5b 61 34 28 32 38 32 29 5d 26 26 43 5b 61 34 28 32 37 31 29 5d 3f 43 5b 61 34 28 33 30 31 29 5d 5b 61 34 28 32 38 32 29 5d 28 6e 65 77 20 43 5b 28 61 34 28 32 37 31 29 29 5d 28 48 29 29 3a 66 75 6e 63 74 69 6f 6e 28 4e 2c 61 35 2c 4f 29 7b 66 6f 72 28 61 35 3d 61 34 2c 4e 5b 61 35 28 32 33 38 29 5d 28 29 2c 4f 3d 30 3b 4f 3c 4e 5b 61 35 28 32 36 30 29 5d 3b 4e 5b 4f 2b 31 5d 3d 3d 3d 4e 5b 4f 5d 3f 4e 5b 61 35 28 33 31 38 29 5d 28 4f 2b 31 2c 31 29 3a 4f 2b 3d 31 29 3b 72 65 74 75 72 6e 20 4e 7d 28 48 29 2c 49 3d 27 6e 41 73 41 61 41 62 27 2e 73 70 6c 69 74 28 27 41 27 29 2c 49 3d 49 5b 61 34 28 32 37 32 29 5d 5b 61 34 28 33 31 31 29 5d 28 49 29 2c 4a 3d 30 3b 4a 3c 48 5b 61 34 28 32 36 30 29 5d 3b 4b 3d 48 5b 4a 5d 2c 4c 3d 73 28 43 2c
        Data Ascii: (301)][a4(282)]&&C[a4(271)]?C[a4(301)][a4(282)](new C[(a4(271))](H)):function(N,a5,O){for(a5=a4,N[a5(238)](),O=0;O<N[a5(260)];N[O+1]===N[O]?N[a5(318)](O+1,1):O+=1);return N}(H),I='nAsAaAb'.split('A'),I=I[a4(272)][a4(311)](I),J=0;J<H[a4(260)];K=H[J],L=s(C,
        2024-09-01 02:44:02 UTC1369INData Raw: 37 2c 45 2d 31 3d 3d 50 3f 28 50 3d 30 2c 4e 5b 61 61 28 32 37 37 29 5d 28 46 28 4f 29 29 2c 4f 3d 30 29 3a 50 2b 2b 2c 54 3e 3e 3d 31 2c 47 2b 2b 29 3b 7d 65 6c 73 65 7b 66 6f 72 28 54 3d 31 2c 47 3d 30 3b 47 3c 4d 3b 4f 3d 4f 3c 3c 31 7c 54 2c 50 3d 3d 45 2d 31 3f 28 50 3d 30 2c 4e 5b 61 61 28 32 37 37 29 5d 28 46 28 4f 29 29 2c 4f 3d 30 29 3a 50 2b 2b 2c 54 3d 30 2c 47 2b 2b 29 3b 66 6f 72 28 54 3d 4a 5b 61 61 28 32 34 36 29 5d 28 30 29 2c 47 3d 30 3b 31 36 3e 47 3b 4f 3d 4f 3c 3c 31 7c 54 26 31 2c 50 3d 3d 45 2d 31 3f 28 50 3d 30 2c 4e 5b 61 61 28 32 37 37 29 5d 28 46 28 4f 29 29 2c 4f 3d 30 29 3a 50 2b 2b 2c 54 3e 3e 3d 31 2c 47 2b 2b 29 3b 7d 4b 2d 2d 2c 4b 3d 3d 30 26 26 28 4b 3d 4d 61 74 68 5b 61 61 28 32 36 37 29 5d 28 32 2c 4d 29 2c 4d 2b 2b 29
        Data Ascii: 7,E-1==P?(P=0,N[aa(277)](F(O)),O=0):P++,T>>=1,G++);}else{for(T=1,G=0;G<M;O=O<<1|T,P==E-1?(P=0,N[aa(277)](F(O)),O=0):P++,T=0,G++);for(T=J[aa(246)](0),G=0;16>G;O=O<<1|T&1,P==E-1?(P=0,N[aa(277)](F(O)),O=0):P++,T>>=1,G++);}K--,K==0&&(K=Math[aa(267)](2,M),M++)
        2024-09-01 02:44:02 UTC1369INData Raw: 52 3d 4d 61 74 68 5b 61 64 28 32 36 37 29 5d 28 32 2c 32 29 2c 4d 3d 31 3b 52 21 3d 4d 3b 53 3d 4f 26 4e 2c 4f 3e 3e 3d 31 2c 4f 3d 3d 30 26 26 28 4f 3d 45 2c 4e 3d 46 28 50 2b 2b 29 29 2c 51 7c 3d 4d 2a 28 30 3c 53 3f 31 3a 30 29 2c 4d 3c 3c 3d 31 29 3b 73 77 69 74 63 68 28 51 29 7b 63 61 73 65 20 30 3a 66 6f 72 28 51 3d 30 2c 52 3d 4d 61 74 68 5b 61 64 28 32 36 37 29 5d 28 32 2c 38 29 2c 4d 3d 31 3b 52 21 3d 4d 3b 53 3d 4e 26 4f 2c 4f 3e 3e 3d 31 2c 4f 3d 3d 30 26 26 28 4f 3d 45 2c 4e 3d 46 28 50 2b 2b 29 29 2c 51 7c 3d 28 30 3c 53 3f 31 3a 30 29 2a 4d 2c 4d 3c 3c 3d 31 29 3b 54 3d 65 28 51 29 3b 62 72 65 61 6b 3b 63 61 73 65 20 31 3a 66 6f 72 28 51 3d 30 2c 52 3d 4d 61 74 68 5b 61 64 28 32 36 37 29 5d 28 32 2c 31 36 29 2c 4d 3d 31 3b 4d 21 3d 52 3b 53
        Data Ascii: R=Math[ad(267)](2,2),M=1;R!=M;S=O&N,O>>=1,O==0&&(O=E,N=F(P++)),Q|=M*(0<S?1:0),M<<=1);switch(Q){case 0:for(Q=0,R=Math[ad(267)](2,8),M=1;R!=M;S=N&O,O>>=1,O==0&&(O=E,N=F(P++)),Q|=(0<S?1:0)*M,M<<=1);T=e(Q);break;case 1:for(Q=0,R=Math[ad(267)](2,16),M=1;M!=R;S
        2024-09-01 02:44:02 UTC1369INData Raw: 29 5d 28 49 29 29 5b 5a 28 32 37 34 29 5d 28 27 2b 27 2c 5a 28 32 34 33 29 29 2c 47 5b 5a 28 32 37 36 29 5d 28 27 76 5f 27 2b 45 2e 72 2b 27 3d 27 2b 4a 29 7d 63 61 74 63 68 28 4b 29 7b 7d 7d 66 75 6e 63 74 69 6f 6e 20 61 28 61 68 29 7b 72 65 74 75 72 6e 20 61 68 3d 27 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 2c 6f 6e 72 65 61 64 79 73 74 61 74 65 63 68 61 6e 67 65 2c 63 6f 6e 74 65 6e 74 44 6f 63 75 6d 65 6e 74 2c 6c 6f 61 64 69 6e 67 2c 6b 65 79 73 2c 74 61 62 49 6e 64 65 78 2c 43 6f 6e 74 65 6e 74 2d 54 79 70 65 2c 73 6f 72 74 2c 66 75 6e 63 74 69 6f 6e 2c 5f 5f 43 46 24 63 76 24 70 61 72 61 6d 73 2c 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 2c 73 79 6d 62 6f 6c 2c 25 32 62 2c 70 72 6f 74 6f 74 79 70 65 2c 2f 62 65 61 63 6f 6e 2f 6f 76 2c 63 68 61 72 43
        Data Ascii: )](I))[Z(274)]('+',Z(243)),G[Z(276)]('v_'+E.r+'='+J)}catch(K){}}function a(ah){return ah='display: none,onreadystatechange,contentDocument,loading,keys,tabIndex,Content-Type,sort,function,__CF$cv$params,hasOwnProperty,symbol,%2b,prototype,/beacon/ov,charC
        2024-09-01 02:44:02 UTC1369INData Raw: 65 6e 74 57 69 6e 64 6f 77 2c 6d 61 70 2c 6e 6f 77 2c 72 65 61 64 79 53 74 61 74 65 2c 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 2c 6f 70 65 6e 2c 5f 63 66 5f 63 68 6c 5f 6f 70 74 27 2e 73 70 6c 69 74 28 27 2c 27 29 2c 61 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 61 68 7d 2c 61 28 29 7d 66 75 6e 63 74 69 6f 6e 20 7a 28 61 37 2c 43 2c 44 2c 45 2c 46 2c 47 29 7b 61 37 3d 56 3b 74 72 79 7b 72 65 74 75 72 6e 20 43 3d 68 5b 61 37 28 32 36 34 29 5d 28 61 37 28 33 31 30 29 29 2c 43 5b 61 37 28 32 36 33 29 5d 3d 61 37 28 33 33 36 29 2c 43 5b 61 37 28 32 33 36 29 5d 3d 27 2d 31 27 2c 68 5b 61 37 28 33 30 36 29 5d 5b 61 37 28 32 35 38 29 5d 28 43 29 2c 44 3d 43 5b 61 37 28 33 32 39 29 5d 2c 45 3d 7b 7d 2c 45 3d 77 62 4a 4c 37 28 44 2c 44 2c 27
        Data Ascii: entWindow,map,now,readyState,addEventListener,open,_cf_chl_opt'.split(','),a=function(){return ah},a()}function z(a7,C,D,E,F,G){a7=V;try{return C=h[a7(264)](a7(310)),C[a7(263)]=a7(336),C[a7(236)]='-1',h[a7(306)][a7(258)](C),D=C[a7(329)],E={},E=wbJL7(D,D,'
        2024-09-01 02:44:02 UTC310INData Raw: 36 29 5d 28 63 29 29 3b 72 65 74 75 72 6e 20 65 7d 66 75 6e 63 74 69 6f 6e 20 73 28 65 2c 43 2c 44 2c 61 31 2c 45 29 7b 61 31 3d 56 3b 74 72 79 7b 72 65 74 75 72 6e 20 43 5b 44 5d 5b 61 31 28 32 38 33 29 5d 28 66 75 6e 63 74 69 6f 6e 28 29 7b 7d 29 2c 27 70 27 7d 63 61 74 63 68 28 46 29 7b 7d 74 72 79 7b 69 66 28 6e 75 6c 6c 3d 3d 43 5b 44 5d 29 72 65 74 75 72 6e 20 76 6f 69 64 20 30 3d 3d 3d 43 5b 44 5d 3f 27 75 27 3a 27 78 27 7d 63 61 74 63 68 28 47 29 7b 72 65 74 75 72 6e 27 69 27 7d 72 65 74 75 72 6e 20 65 5b 61 31 28 33 30 31 29 5d 5b 61 31 28 32 39 33 29 5d 28 43 5b 44 5d 29 3f 27 61 27 3a 43 5b 44 5d 3d 3d 3d 65 5b 61 31 28 33 30 31 29 5d 3f 27 71 30 27 3a 43 5b 44 5d 3d 3d 3d 21 30 3f 27 54 27 3a 21 31 3d 3d 3d 43 5b 44 5d 3f 27 46 27 3a 28 45 3d
        Data Ascii: 6)](c));return e}function s(e,C,D,a1,E){a1=V;try{return C[D][a1(283)](function(){}),'p'}catch(F){}try{if(null==C[D])return void 0===C[D]?'u':'x'}catch(G){return'i'}return e[a1(301)][a1(293)](C[D])?'a':C[D]===e[a1(301)]?'q0':C[D]===!0?'T':!1===C[D]?'F':(E=


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        9192.168.2.449749184.28.90.27443
        TimestampBytes transferredDirectionData
        2024-09-01 02:44:02 UTC161OUTHEAD /fs/windows/config.json HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        User-Agent: Microsoft BITS/7.8
        Host: fs.microsoft.com
        2024-09-01 02:44:02 UTC467INHTTP/1.1 200 OK
        Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
        Content-Type: application/octet-stream
        ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
        Last-Modified: Tue, 16 May 2017 22:58:00 GMT
        Server: ECAcc (lpl/EF70)
        X-CID: 11
        X-Ms-ApiVersion: Distribute 1.2
        X-Ms-Region: prod-neu-z1
        Cache-Control: public, max-age=223298
        Date: Sun, 01 Sep 2024 02:44:02 GMT
        Connection: close
        X-CID: 2


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        10192.168.2.449751104.21.7.894431860C:\Program Files\Google\Chrome\Application\chrome.exe
        TimestampBytes transferredDirectionData
        2024-09-01 02:44:03 UTC462OUTGET /favicon.ico HTTP/1.1
        Host: mychaseexclusive.ru
        Connection: keep-alive
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
        Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
        Sec-Fetch-Site: cross-site
        Sec-Fetch-Mode: no-cors
        Sec-Fetch-Dest: image
        Referer: http://mychaseexclusive.ru/
        Accept-Encoding: gzip, deflate, br
        Accept-Language: en-US,en;q=0.9
        2024-09-01 02:44:03 UTC863INHTTP/1.1 404 Not Found
        Date: Sun, 01 Sep 2024 02:44:03 GMT
        Content-Type: text/html
        Transfer-Encoding: chunked
        Connection: close
        Vary: Accept-Encoding
        X-Content-Type-Options: nosniff
        X-Content-Type-Options: nosniff
        X-XSS-Protection: 1; mode=block
        X-XSS-Protection: 1; mode=block
        Cache-Control: public, max-age=315360000, stale-while-revalidate=315360000, stale-if-error=315360000, immutable
        Pragma: public
        CF-Cache-Status: HIT
        Age: 814140
        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ldypmoCwgyqJ%2FHVWxHY419f5RqLdMoOKP2p8kXZHnMnhfuFj%2FOvuriyxS9qDPyUNFh2b2nzi4DK2OwNMprh4v9ORGkD3Q7zY6FWCOJrDc%2FZTLX3cUbM%2Bpw4qaDYwSJRQ6xV8Cytz"}],"group":"cf-nel","max_age":604800}
        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
        Server: cloudflare
        CF-RAY: 8bc1ea920cd21921-EWR
        alt-svc: h3=":443"; ma=86400
        2024-09-01 02:44:03 UTC264INData Raw: 31 30 31 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 3c 2f 62 6f 64 79 3e
        Data Ascii: 101<html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p></body>
        2024-09-01 02:44:03 UTC5INData Raw: 30 0d 0a 0d 0a
        Data Ascii: 0


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        11192.168.2.449752184.28.90.27443
        TimestampBytes transferredDirectionData
        2024-09-01 02:44:03 UTC239OUTGET /fs/windows/config.json HTTP/1.1
        Connection: Keep-Alive
        Accept: */*
        Accept-Encoding: identity
        If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT
        Range: bytes=0-2147483646
        User-Agent: Microsoft BITS/7.8
        Host: fs.microsoft.com
        2024-09-01 02:44:04 UTC515INHTTP/1.1 200 OK
        ApiVersion: Distribute 1.1
        Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
        Content-Type: application/octet-stream
        ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
        Last-Modified: Tue, 16 May 2017 22:58:00 GMT
        Server: ECAcc (lpl/EF06)
        X-CID: 11
        X-Ms-ApiVersion: Distribute 1.2
        X-Ms-Region: prod-weu-z1
        Cache-Control: public, max-age=223296
        Date: Sun, 01 Sep 2024 02:44:04 GMT
        Content-Length: 55
        Connection: close
        X-CID: 2
        2024-09-01 02:44:04 UTC55INData Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d
        Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        12192.168.2.449753104.21.7.894431860C:\Program Files\Google\Chrome\Application\chrome.exe
        TimestampBytes transferredDirectionData
        2024-09-01 02:44:04 UTC849OUTGET /cdn-cgi/challenge-platform/h/g/jsd/r/8bc1ea757ae2437f HTTP/1.1
        Host: mychaseexclusive.ru
        Connection: keep-alive
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
        Accept: */*
        Sec-Fetch-Site: none
        Sec-Fetch-Mode: cors
        Sec-Fetch-Dest: empty
        Accept-Encoding: gzip, deflate, br
        Accept-Language: en-US,en;q=0.9
        Cookie: BjcNjmN0-Pwccipeh5u98tXumNg=RlMmlDqDAXMD2-sDZQQTD_9Mt2w; vqvcV5FxXiC4lW3fXi-mk7Yniek=1725158636; rGQwSEOPwsEnpuR_hxDoi1LFJeM=1725245036; wEI2HLjHeHotR_BkdPbIlSz3B8Y=sMYomJlrBlmZzSyhoQA_hM4cdKE; NldLEC59kpxzgTjcuFdxCQh5s_s=_5wsorF3p1b651uGRwNr9-nLbuA; kXCmMa_0GiSRnNULyrGxWbTQpY0=cRrl2AzWkJYyEFavDJ0CEiHqe8Y; gSaS8avy_wI_yiRmm2mEqhqzNfw=1725158639; Uk7aT3LVFyyC59E7GXZA4bh_PBs=1725245039; Ry9hFaaXTCPp9EgROrpabb_CLbY=Rt5BjAUrllMrhOMZaImIP9FoQhE
        2024-09-01 02:44:04 UTC532INHTTP/1.1 405 Method Not Allowed
        Date: Sun, 01 Sep 2024 02:44:04 GMT
        Content-Length: 0
        Connection: close
        allow: POST
        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mdahbD%2FjwG7qm03aphoIs4bAVE42ANheSYBpOhJZMKaukDh3aC6hoM02nvcC%2BuyBuXzk4y3S74v8eiXUsc2dQUdpBPxBvlRWV7vGyVHTmSRB6C2HEyHwhORilGfKhKN9%2Bb%2BvRWup"}],"group":"cf-nel","max_age":604800}
        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
        Server: cloudflare
        CF-RAY: 8bc1ea965d88421b-EWR
        alt-svc: h3=":443"; ma=86400


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        13192.168.2.449754104.21.7.894431860C:\Program Files\Google\Chrome\Application\chrome.exe
        TimestampBytes transferredDirectionData
        2024-09-01 02:44:04 UTC842OUTGET /cdn-cgi/images/icon-exclamation.png?1376755637 HTTP/1.1
        Host: mychaseexclusive.ru
        Connection: keep-alive
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
        Accept: */*
        Sec-Fetch-Site: none
        Sec-Fetch-Mode: cors
        Sec-Fetch-Dest: empty
        Accept-Encoding: gzip, deflate, br
        Accept-Language: en-US,en;q=0.9
        Cookie: BjcNjmN0-Pwccipeh5u98tXumNg=RlMmlDqDAXMD2-sDZQQTD_9Mt2w; vqvcV5FxXiC4lW3fXi-mk7Yniek=1725158636; rGQwSEOPwsEnpuR_hxDoi1LFJeM=1725245036; wEI2HLjHeHotR_BkdPbIlSz3B8Y=sMYomJlrBlmZzSyhoQA_hM4cdKE; NldLEC59kpxzgTjcuFdxCQh5s_s=_5wsorF3p1b651uGRwNr9-nLbuA; kXCmMa_0GiSRnNULyrGxWbTQpY0=cRrl2AzWkJYyEFavDJ0CEiHqe8Y; gSaS8avy_wI_yiRmm2mEqhqzNfw=1725158639; Uk7aT3LVFyyC59E7GXZA4bh_PBs=1725245039; Ry9hFaaXTCPp9EgROrpabb_CLbY=Rt5BjAUrllMrhOMZaImIP9FoQhE
        2024-09-01 02:44:04 UTC409INHTTP/1.1 200 OK
        Date: Sun, 01 Sep 2024 02:44:04 GMT
        Content-Type: image/png
        Content-Length: 452
        Connection: close
        Last-Modified: Tue, 27 Aug 2024 19:10:22 GMT
        ETag: "66ce249e-1c4"
        Server: cloudflare
        CF-RAY: 8bc1ea988c042395-EWR
        X-Frame-Options: DENY
        X-Content-Type-Options: nosniff
        Expires: Sun, 01 Sep 2024 04:44:04 GMT
        Cache-Control: max-age=7200
        Cache-Control: public
        Accept-Ranges: bytes
        2024-09-01 02:44:04 UTC452INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 36 00 00 00 36 08 03 00 00 00 bb 9b 9a ef 00 00 00 33 50 4c 54 45 c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f c1 45 3f ab b2 22 ed 00 00 00 11 74 52 4e 53 00 40 30 10 60 8f bf ff ef 7f af 9f df 20 50 cf 70 60 82 c8 9b 00 00 01 2f 49 44 41 54 78 01 bd d3 05 d2 b4 30 10 06 e1 8e 6c de c1 36 dc ff b2 9f 2b 95 c9 12 7e 79 4a 91 46 22 b8 c2 8b c8 80 94 6f 45 1f ac 4c 81 33 f2 ac 03 5b 1e 95 69 32 b5 94 6e 98 57 79 4a c4 91 8a 7a 26 9a 82 a9 af a4 46 95 f5 d0 1a fb 95 c7 62 bf b2 f2 e9 70 7e e3 a7 a0 df ee 7c 3a 74 35 f1 6d b3 b3 99 66 70 af 69 f2 2f 65 ef c7 fa 99 25 de 25 1b c9 b4 f0 6e d2 50 a6 ed fb 65
        Data Ascii: PNGIHDR663PLTEE?E?E?E?E?E?E?E?E?E?E?E?E?E?E?E?E?"tRNS@0` Pp`/IDATx0l6+~yJF"oEL3[i2nWyJz&Fbp~|:t5mfpi/e%%nPe


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        14192.168.2.45692135.190.80.14431860C:\Program Files\Google\Chrome\Application\chrome.exe
        TimestampBytes transferredDirectionData
        2024-09-01 02:44:59 UTC544OUTOPTIONS /report/v4?s=mdahbD%2FjwG7qm03aphoIs4bAVE42ANheSYBpOhJZMKaukDh3aC6hoM02nvcC%2BuyBuXzk4y3S74v8eiXUsc2dQUdpBPxBvlRWV7vGyVHTmSRB6C2HEyHwhORilGfKhKN9%2Bb%2BvRWup HTTP/1.1
        Host: a.nel.cloudflare.com
        Connection: keep-alive
        Origin: https://mychaseexclusive.ru
        Access-Control-Request-Method: POST
        Access-Control-Request-Headers: content-type
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
        Accept-Encoding: gzip, deflate, br
        Accept-Language: en-US,en;q=0.9
        2024-09-01 02:44:59 UTC336INHTTP/1.1 200 OK
        Content-Length: 0
        access-control-max-age: 86400
        access-control-allow-methods: OPTIONS, POST
        access-control-allow-origin: *
        access-control-allow-headers: content-type, content-length
        date: Sun, 01 Sep 2024 02:44:59 GMT
        Via: 1.1 google
        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
        Connection: close


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        15192.168.2.45692235.190.80.14431860C:\Program Files\Google\Chrome\Application\chrome.exe
        TimestampBytes transferredDirectionData
        2024-09-01 02:44:59 UTC544OUTOPTIONS /report/v4?s=ldypmoCwgyqJ%2FHVWxHY419f5RqLdMoOKP2p8kXZHnMnhfuFj%2FOvuriyxS9qDPyUNFh2b2nzi4DK2OwNMprh4v9ORGkD3Q7zY6FWCOJrDc%2FZTLX3cUbM%2Bpw4qaDYwSJRQ6xV8Cytz HTTP/1.1
        Host: a.nel.cloudflare.com
        Connection: keep-alive
        Origin: https://mychaseexclusive.ru
        Access-Control-Request-Method: POST
        Access-Control-Request-Headers: content-type
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
        Accept-Encoding: gzip, deflate, br
        Accept-Language: en-US,en;q=0.9
        2024-09-01 02:44:59 UTC336INHTTP/1.1 200 OK
        Content-Length: 0
        access-control-max-age: 86400
        access-control-allow-methods: OPTIONS, POST
        access-control-allow-origin: *
        access-control-allow-headers: content-length, content-type
        date: Sun, 01 Sep 2024 02:44:59 GMT
        Via: 1.1 google
        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
        Connection: close


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        16192.168.2.45692335.190.80.14431860C:\Program Files\Google\Chrome\Application\chrome.exe
        TimestampBytes transferredDirectionData
        2024-09-01 02:45:00 UTC482OUTPOST /report/v4?s=mdahbD%2FjwG7qm03aphoIs4bAVE42ANheSYBpOhJZMKaukDh3aC6hoM02nvcC%2BuyBuXzk4y3S74v8eiXUsc2dQUdpBPxBvlRWV7vGyVHTmSRB6C2HEyHwhORilGfKhKN9%2Bb%2BvRWup HTTP/1.1
        Host: a.nel.cloudflare.com
        Connection: keep-alive
        Content-Length: 444
        Content-Type: application/reports+json
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
        Accept-Encoding: gzip, deflate, br
        Accept-Language: en-US,en;q=0.9
        2024-09-01 02:45:00 UTC444OUTData Raw: 5b 7b 22 61 67 65 22 3a 35 35 30 36 33 2c 22 62 6f 64 79 22 3a 7b 22 65 6c 61 70 73 65 64 5f 74 69 6d 65 22 3a 36 32 37 2c 22 6d 65 74 68 6f 64 22 3a 22 47 45 54 22 2c 22 70 68 61 73 65 22 3a 22 61 70 70 6c 69 63 61 74 69 6f 6e 22 2c 22 70 72 6f 74 6f 63 6f 6c 22 3a 22 68 74 74 70 2f 31 2e 31 22 2c 22 72 65 66 65 72 72 65 72 22 3a 22 22 2c 22 73 61 6d 70 6c 69 6e 67 5f 66 72 61 63 74 69 6f 6e 22 3a 31 2e 30 2c 22 73 65 72 76 65 72 5f 69 70 22 3a 22 31 30 34 2e 32 31 2e 37 2e 38 39 22 2c 22 73 74 61 74 75 73 5f 63 6f 64 65 22 3a 34 30 35 2c 22 74 79 70 65 22 3a 22 68 74 74 70 2e 65 72 72 6f 72 22 7d 2c 22 74 79 70 65 22 3a 22 6e 65 74 77 6f 72 6b 2d 65 72 72 6f 72 22 2c 22 75 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 6d 79 63 68 61 73 65 65 78 63 6c 75 73 69
        Data Ascii: [{"age":55063,"body":{"elapsed_time":627,"method":"GET","phase":"application","protocol":"http/1.1","referrer":"","sampling_fraction":1.0,"server_ip":"104.21.7.89","status_code":405,"type":"http.error"},"type":"network-error","url":"https://mychaseexclusi
        2024-09-01 02:45:00 UTC168INHTTP/1.1 200 OK
        Content-Length: 0
        date: Sun, 01 Sep 2024 02:45:00 GMT
        Via: 1.1 google
        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
        Connection: close


        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
        17192.168.2.45692435.190.80.14431860C:\Program Files\Google\Chrome\Application\chrome.exe
        TimestampBytes transferredDirectionData
        2024-09-01 02:45:00 UTC482OUTPOST /report/v4?s=ldypmoCwgyqJ%2FHVWxHY419f5RqLdMoOKP2p8kXZHnMnhfuFj%2FOvuriyxS9qDPyUNFh2b2nzi4DK2OwNMprh4v9ORGkD3Q7zY6FWCOJrDc%2FZTLX3cUbM%2Bpw4qaDYwSJRQ6xV8Cytz HTTP/1.1
        Host: a.nel.cloudflare.com
        Connection: keep-alive
        Content-Length: 429
        Content-Type: application/reports+json
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
        Accept-Encoding: gzip, deflate, br
        Accept-Language: en-US,en;q=0.9
        2024-09-01 02:45:00 UTC429OUTData Raw: 5b 7b 22 61 67 65 22 3a 35 35 37 38 33 2c 22 62 6f 64 79 22 3a 7b 22 65 6c 61 70 73 65 64 5f 74 69 6d 65 22 3a 38 30 38 2c 22 6d 65 74 68 6f 64 22 3a 22 47 45 54 22 2c 22 70 68 61 73 65 22 3a 22 61 70 70 6c 69 63 61 74 69 6f 6e 22 2c 22 70 72 6f 74 6f 63 6f 6c 22 3a 22 68 74 74 70 2f 31 2e 31 22 2c 22 72 65 66 65 72 72 65 72 22 3a 22 68 74 74 70 3a 2f 2f 6d 79 63 68 61 73 65 65 78 63 6c 75 73 69 76 65 2e 72 75 2f 22 2c 22 73 61 6d 70 6c 69 6e 67 5f 66 72 61 63 74 69 6f 6e 22 3a 31 2e 30 2c 22 73 65 72 76 65 72 5f 69 70 22 3a 22 31 30 34 2e 32 31 2e 37 2e 38 39 22 2c 22 73 74 61 74 75 73 5f 63 6f 64 65 22 3a 34 30 34 2c 22 74 79 70 65 22 3a 22 68 74 74 70 2e 65 72 72 6f 72 22 7d 2c 22 74 79 70 65 22 3a 22 6e 65 74 77 6f 72 6b 2d 65 72 72 6f 72 22 2c 22 75
        Data Ascii: [{"age":55783,"body":{"elapsed_time":808,"method":"GET","phase":"application","protocol":"http/1.1","referrer":"http://mychaseexclusive.ru/","sampling_fraction":1.0,"server_ip":"104.21.7.89","status_code":404,"type":"http.error"},"type":"network-error","u
        2024-09-01 02:45:00 UTC168INHTTP/1.1 200 OK
        Content-Length: 0
        date: Sun, 01 Sep 2024 02:45:00 GMT
        Via: 1.1 google
        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
        Connection: close


        Statistics

        CPU Usage

        Click to jump to process

        Memory Usage

        Click to jump to process

        Behavior

        Click to jump to process

        System Behavior

        General

        Target ID:0
        Start time:22:43:52
        Start date:31/08/2024
        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
        Wow64 process (32bit):false
        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
        Imagebase:0x7ff76e190000
        File size:3'242'272 bytes
        MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
        Has elevated privileges:true
        Has administrator privileges:true
        Programmed in:C, C++ or other language
        Reputation:low
        Has exited:false

        General

        Target ID:2
        Start time:22:43:54
        Start date:31/08/2024
        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
        Wow64 process (32bit):false
        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2080 --field-trial-handle=2036,i,9328697437574807042,17108672982110021698,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
        Imagebase:0x7ff76e190000
        File size:3'242'272 bytes
        MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
        Has elevated privileges:true
        Has administrator privileges:true
        Programmed in:C, C++ or other language
        Reputation:low
        Has exited:false

        General

        Target ID:3
        Start time:22:43:57
        Start date:31/08/2024
        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
        Wow64 process (32bit):false
        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://mychaseexclusive.ru/case?token"
        Imagebase:0x7ff76e190000
        File size:3'242'272 bytes
        MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
        Has elevated privileges:true
        Has administrator privileges:true
        Programmed in:C, C++ or other language
        Reputation:low
        Has exited:true

        Disassembly

        No disassembly