Overview

overview

3

Static

static

3

08418cc53d...18.dll

windows7-x64

3

08418cc53d...18.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    149s
  • max time network
    140s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    02/10/2024, 01:29 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    08418cc53d47b626a734682e4bbfd0ff_JaffaCakes118.dll

  • Size

    806KB

  • MD5

    08418cc53d47b626a734682e4bbfd0ff

  • SHA1

    935e01fa9e0bd9a1424ae247b49186167419bcf8

  • SHA256

    b0983d178464f52c2730063987702bf9369b3bb610526a9aaca318ddba9caeab

  • SHA512

    1ba1c6c9778876354fd293ddaf6ee6c88ddced6aaf834b4a82d04f24fe9dc2b3dff8dc08a4b41450512b2c27db3696d09d8cdae92f47e79297541c2d81890eb1

  • SSDEEP

    12288:gSMQqb9x5ieJ1l2ZW/97ErvbqW6bOzV5aIA2ubMPt0igmJPqhGJi+m:zXW5FrlihvqNwz2o0inS

Score
3/10
discovery

Malware Config

Signatures

  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

    discovery
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Program crash 2 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 10 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs
  • Suspicious use of FindShellTrayWindow 25 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\08418cc53d47b626a734682e4bbfd0ff_JaffaCakes118.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3524
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\08418cc53d47b626a734682e4bbfd0ff_JaffaCakes118.dll,#1
      2⤵
      • System Location Discovery: System Language Discovery
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:4508
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://www.webcheats.com.br/forum/
        3⤵
        • Enumerates system info in registry
        • Suspicious behavior: EnumeratesProcesses
        • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of SendNotifyMessage
        • Suspicious use of WriteProcessMemory
        PID:4592
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xb4,0x108,0x7ffab4c846f8,0x7ffab4c84708,0x7ffab4c84718
          4⤵
            PID:4976
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2184,16819064345167541830,1792061539684380174,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2192 /prefetch:2
            4⤵
              PID:4068
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2184,16819064345167541830,1792061539684380174,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2244 /prefetch:3
              4⤵
              • Suspicious behavior: EnumeratesProcesses
              PID:1044
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2184,16819064345167541830,1792061539684380174,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2728 /prefetch:8
              4⤵
                PID:4084
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,16819064345167541830,1792061539684380174,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3196 /prefetch:1
                4⤵
                  PID:1452
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,16819064345167541830,1792061539684380174,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3216 /prefetch:1
                  4⤵
                    PID:3144
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,16819064345167541830,1792061539684380174,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4160 /prefetch:1
                    4⤵
                      PID:2760
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,16819064345167541830,1792061539684380174,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3692 /prefetch:1
                      4⤵
                        PID:2064
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,16819064345167541830,1792061539684380174,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3220 /prefetch:1
                        4⤵
                          PID:2348
                        • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2184,16819064345167541830,1792061539684380174,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5232 /prefetch:8
                          4⤵
                            PID:3056
                          • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2184,16819064345167541830,1792061539684380174,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5232 /prefetch:8
                            4⤵
                            • Suspicious behavior: EnumeratesProcesses
                            PID:4700
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,16819064345167541830,1792061539684380174,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5680 /prefetch:1
                            4⤵
                              PID:3268
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,16819064345167541830,1792061539684380174,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5756 /prefetch:1
                              4⤵
                                PID:4768
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,16819064345167541830,1792061539684380174,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5348 /prefetch:1
                                4⤵
                                  PID:1792
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,16819064345167541830,1792061539684380174,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5476 /prefetch:1
                                  4⤵
                                    PID:3048
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2184,16819064345167541830,1792061539684380174,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3076 /prefetch:2
                                    4⤵
                                    • Suspicious behavior: EnumeratesProcesses
                                    PID:996
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,16819064345167541830,1792061539684380174,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6104 /prefetch:1
                                    4⤵
                                      PID:1268
                                  • C:\Windows\SysWOW64\WerFault.exe
                                    C:\Windows\SysWOW64\WerFault.exe -u -p 4508 -s 580
                                    3⤵
                                    • Program crash
                                    PID:4204
                                  • C:\Windows\SysWOW64\WerFault.exe
                                    C:\Windows\SysWOW64\WerFault.exe -u -p 4508 -s 952
                                    3⤵
                                    • Program crash
                                    PID:3040
                              • C:\Windows\System32\CompPkgSrv.exe
                                C:\Windows\System32\CompPkgSrv.exe -Embedding
                                1⤵
                                  PID:2212
                                • C:\Windows\System32\CompPkgSrv.exe
                                  C:\Windows\System32\CompPkgSrv.exe -Embedding
                                  1⤵
                                    PID:3284
                                  • C:\Windows\SysWOW64\WerFault.exe
                                    C:\Windows\SysWOW64\WerFault.exe -pss -s 424 -p 4508 -ip 4508
                                    1⤵
                                      PID:4088
                                    • C:\Windows\SysWOW64\WerFault.exe
                                      C:\Windows\SysWOW64\WerFault.exe -pss -s 468 -p 4508 -ip 4508
                                      1⤵
                                        PID:3076

                                      Network

                                      • flag-us
                                        DNS
                                        www.webcheats.com.br
                                        msedge.exe
                                        Remote address:
                                        8.8.8.8:53
                                        Request
                                        www.webcheats.com.br
                                        IN A
                                        Response
                                        www.webcheats.com.br
                                        IN A
                                        104.21.233.140
                                        www.webcheats.com.br
                                        IN A
                                        104.21.233.139
                                      • flag-us
                                        DNS
                                        www.webcheats.com.br
                                        msedge.exe
                                        Remote address:
                                        8.8.8.8:53
                                        Request
                                        www.webcheats.com.br
                                        IN A
                                      • flag-us
                                        DNS
                                        104.219.191.52.in-addr.arpa
                                        Remote address:
                                        8.8.8.8:53
                                        Request
                                        104.219.191.52.in-addr.arpa
                                        IN PTR
                                        Response
                                      • flag-us
                                        DNS
                                        68.32.126.40.in-addr.arpa
                                        Remote address:
                                        8.8.8.8:53
                                        Request
                                        68.32.126.40.in-addr.arpa
                                        IN PTR
                                        Response
                                      • flag-us
                                        DNS
                                        95.221.229.192.in-addr.arpa
                                        Remote address:
                                        8.8.8.8:53
                                        Request
                                        95.221.229.192.in-addr.arpa
                                        IN PTR
                                        Response
                                      • flag-us
                                        GET
                                        http://www.webcheats.com.br/forum/
                                        msedge.exe
                                        Remote address:
                                        104.21.233.140:80
                                        Request
                                        GET /forum/ HTTP/1.1
                                        Host: www.webcheats.com.br
                                        Connection: keep-alive
                                        DNT: 1
                                        Upgrade-Insecure-Requests: 1
                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                        Accept-Encoding: gzip, deflate
                                        Accept-Language: en-US,en;q=0.9
                                        Response
                                        HTTP/1.1 301 Moved Permanently
                                        Date: Wed, 02 Oct 2024 01:29:09 GMT
                                        Content-Type: text/html
                                        Content-Length: 167
                                        Connection: keep-alive
                                        Cache-Control: max-age=3600
                                        Expires: Wed, 02 Oct 2024 02:29:09 GMT
                                        Location: https://www.webcheats.com.br/forum/
                                        Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=prxFsyWgzo7L8ThmwCNM%2BX51RklpjJ0vwjVn1vtzMLNr%2BzuoP7a8EfvuqXIJe27VILCaJdy5sGYOa9EdS2ZAYYf0c%2BnzHbtGDtipZTWm1K9xhirLduIc4CLbpNvFHvAIUXsk0xNt3g%3D%3D"}],"group":"cf-nel","max_age":604800}
                                        NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                        Vary: Accept-Encoding
                                        Speculation-Rules: "/cdn-cgi/speculation"
                                        Server: cloudflare
                                        CF-RAY: 8cc0eb77ab8619ad-FRA
                                      • flag-us
                                        GET
                                        https://www.webcheats.com.br/forum/
                                        msedge.exe
                                        Remote address:
                                        104.21.233.140:443
                                        Request
                                        GET /forum/ HTTP/2.0
                                        host: www.webcheats.com.br
                                        dnt: 1
                                        upgrade-insecure-requests: 1
                                        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                        accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                        sec-fetch-site: none
                                        sec-fetch-mode: navigate
                                        sec-fetch-user: ?1
                                        sec-fetch-dest: document
                                        sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                        sec-ch-ua-mobile: ?0
                                        accept-encoding: gzip, deflate, br
                                        accept-language: en-US,en;q=0.9
                                        Response
                                        HTTP/2.0 403
                                        date: Wed, 02 Oct 2024 01:29:09 GMT
                                        content-type: text/html; charset=UTF-8
                                        accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
                                        critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
                                        cross-origin-embedder-policy: require-corp
                                        cross-origin-opener-policy: same-origin
                                        cross-origin-resource-policy: same-origin
                                        origin-agent-cluster: ?1
                                        permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
                                        referrer-policy: same-origin
                                        x-content-options: nosniff
                                        x-frame-options: SAMEORIGIN
                                        cf-mitigated: challenge
                                        cf-chl-out: GOdLUqHsJKbjoWwWoRsVure8BXhqUqoj87WGosABT/DI5cWtCbriF4OW3UtCa8xPTUAvUaXlH+KUuc14CCbHKNSypEYyb9QKTyM9AhRH5K0iXDn5o43QdvQNufPryaFxr2tCLwoZRDvmsQ2E0LVUbg==$KoguEMupc/hhnXMbKGnu9A==
                                        cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
                                        expires: Thu, 01 Jan 1970 00:00:01 GMT
                                        report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hiMZuo62mlJTWZOYbD0hqLV8yrfcQDf6aSTDRzIFcPosPUi9qK7XcDI5dlASOIUO%2BdS780v1vMY4Zkcb9kVDk4ONu9kSVr3b%2FlJmmyRbo7PRvgpWQO1bA2KlaIPZpeAKE2lhb4SFxg%3D%3D"}],"group":"cf-nel","max_age":604800}
                                        nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                        vary: Accept-Encoding
                                        speculation-rules: "/cdn-cgi/speculation"
                                        server: cloudflare
                                        cf-ray: 8cc0eb78ee0d35ea-FRA
                                        content-encoding: br
                                      • flag-us
                                        GET
                                        https://www.webcheats.com.br/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8cc0eb78ee0d35ea
                                        msedge.exe
                                        Remote address:
                                        104.21.233.140:443
                                        Request
                                        GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8cc0eb78ee0d35ea HTTP/2.0
                                        host: www.webcheats.com.br
                                        sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                        dnt: 1
                                        sec-ch-ua-mobile: ?0
                                        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                        sec-ch-ua-arch: "x86"
                                        sec-ch-ua-full-version: "92.0.902.67"
                                        sec-ch-ua-platform-version: "10.0"
                                        sec-ch-ua-model:
                                        sec-ch-ua-platform: "Windows"
                                        accept: */*
                                        sec-fetch-site: same-origin
                                        sec-fetch-mode: no-cors
                                        sec-fetch-dest: script
                                        referer: https://www.webcheats.com.br/forum/?__cf_chl_rt_tk=_GeDqgi0_VXkixwbMhfAmtzdeHuX3D8NMq.PQrF1E3I-1727832549-0.0.1.1-5183
                                        accept-encoding: gzip, deflate, br
                                        accept-language: en-US,en;q=0.9
                                        Response
                                        HTTP/2.0 200
                                        date: Wed, 02 Oct 2024 01:29:09 GMT
                                        content-type: application/javascript; charset=UTF-8
                                        cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
                                        report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y9%2FFWA1R0zZ2dLNtV9pIq51BFNNWTPw3H4am2EXBTcehnWGnh96WP8UuOlM2q%2B9V2MVdOiiIl0gePUN1pcssfzw3Ilzh8yNPbI63rPsXEfPK6%2BSe8bakyqvjf2czUvcXTHeyQu9Tng%3D%3D"}],"group":"cf-nel","max_age":604800}
                                        nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                        server: cloudflare
                                        cf-ray: 8cc0eb79be5e35ea-FRA
                                        content-encoding: br
                                      • flag-us
                                        GET
                                        https://www.webcheats.com.br/favicon.ico
                                        msedge.exe
                                        Remote address:
                                        104.21.233.140:443
                                        Request
                                        GET /favicon.ico HTTP/2.0
                                        host: www.webcheats.com.br
                                        sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                        dnt: 1
                                        sec-ch-ua-mobile: ?0
                                        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                        sec-ch-ua-arch: "x86"
                                        sec-ch-ua-full-version: "92.0.902.67"
                                        sec-ch-ua-platform-version: "10.0"
                                        sec-ch-ua-model:
                                        sec-ch-ua-platform: "Windows"
                                        accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                        sec-fetch-site: same-origin
                                        sec-fetch-mode: no-cors
                                        sec-fetch-dest: image
                                        referer: https://www.webcheats.com.br/forum/
                                        accept-encoding: gzip, deflate, br
                                        accept-language: en-US,en;q=0.9
                                        Response
                                        HTTP/2.0 403
                                        date: Wed, 02 Oct 2024 01:29:09 GMT
                                        content-type: text/html; charset=UTF-8
                                        accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
                                        critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
                                        cross-origin-embedder-policy: require-corp
                                        cross-origin-opener-policy: same-origin
                                        cross-origin-resource-policy: same-origin
                                        origin-agent-cluster: ?1
                                        permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
                                        referrer-policy: same-origin
                                        x-content-options: nosniff
                                        x-frame-options: SAMEORIGIN
                                        cf-mitigated: challenge
                                        cf-chl-out: AMpgq4npq5bX79ZmpDeOF3QFAd//hNuwWgY02M+ygJLBq/+5AiC4VxMIfWeif8x+w1l6gGjUQYM2HnCGCH6o5uvqbvLJbhRQvHYTMgbC/jJZYyg/OzNePbFLmTJjvqmTE0qMpUQJDtR0fdSRJfo9sA==$VDSxxJvCeUx5iT3k5pVhkQ==
                                        cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
                                        expires: Thu, 01 Jan 1970 00:00:01 GMT
                                        report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bVwvDkFI4k%2BD%2Bgc7xQ5Vk8CIaTzl5q5jNaJawifgORIqwSyQFmpNZv5wf3IisX3KNW1lYS102fsn1JYJhD00VgSPP8TLs6bbiC6P%2BnTW2cT6IT23gnZ65qsJm%2Bn%2F8KnSEeObHbCsoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
                                        nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                        vary: Accept-Encoding
                                        speculation-rules: "/cdn-cgi/speculation"
                                        server: cloudflare
                                        cf-ray: 8cc0eb7b6f1235ea-FRA
                                        content-encoding: br
                                      • flag-us
                                        GET
                                        https://www.webcheats.com.br/favicon.ico
                                        msedge.exe
                                        Remote address:
                                        104.21.233.140:443
                                        Request
                                        GET /favicon.ico HTTP/2.0
                                        host: www.webcheats.com.br
                                        sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                        dnt: 1
                                        sec-ch-ua-mobile: ?0
                                        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                        sec-ch-ua-arch: "x86"
                                        sec-ch-ua-full-version: "92.0.902.67"
                                        sec-ch-ua-platform-version: "10.0"
                                        sec-ch-ua-model:
                                        sec-ch-ua-platform: "Windows"
                                        accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                        sec-fetch-site: same-origin
                                        sec-fetch-mode: no-cors
                                        sec-fetch-dest: image
                                        referer: https://www.webcheats.com.br/forum/
                                        accept-encoding: gzip, deflate, br
                                        accept-language: en-US,en;q=0.9
                                        Response
                                        HTTP/2.0 403
                                        date: Wed, 02 Oct 2024 01:29:09 GMT
                                        content-type: text/html; charset=UTF-8
                                        accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
                                        critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
                                        cross-origin-embedder-policy: require-corp
                                        cross-origin-opener-policy: same-origin
                                        cross-origin-resource-policy: same-origin
                                        origin-agent-cluster: ?1
                                        permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
                                        referrer-policy: same-origin
                                        x-content-options: nosniff
                                        x-frame-options: SAMEORIGIN
                                        cf-mitigated: challenge
                                        cf-chl-out: fH8azwrnrH1d9YICsy9egO5YcQEmcrEhJgKC4sEbFSnDcYYpjtc/Y2LVzn0kM9PCaGpuG8ZvR4V203aJPFVWxeD8YVhIGX/QhmwgK+moHYUORSQbNSCPiUD4Kabwg5UQAeFUpEz24+qhpMM0J1irbA==$gjASkyL2dMPD2nnOsuGrjA==
                                        cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
                                        expires: Thu, 01 Jan 1970 00:00:01 GMT
                                        report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W%2Bp%2FR%2FG%2FnQLRMTls2sakNZ1Ee1oVeAlydoAYT0dYWiMBG3OVD0VvCq09mEKANnhtGUWXXWpR%2Bp6X%2F%2FhAE28KWAp0AFFRLhrm%2BETKPhE%2FdCxGWHtLJKXdVOzJJ0K2obmykvDXIZQwbg%3D%3D"}],"group":"cf-nel","max_age":604800}
                                        nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                        vary: Accept-Encoding
                                        speculation-rules: "/cdn-cgi/speculation"
                                        server: cloudflare
                                        cf-ray: 8cc0eb7bdf3935ea-FRA
                                        content-encoding: br
                                      • flag-us
                                        POST
                                        https://www.webcheats.com.br/cdn-cgi/challenge-platform/h/g/flow/ov1/948415362:1727828881:2g3a0u8RXE76oWU6zm62O9g7O2fgpUZjCdp3DY_BCI8/8cc0eb78ee0d35ea/31aaad730fdd467
                                        msedge.exe
                                        Remote address:
                                        104.21.233.140:443
                                        Request
                                        POST /cdn-cgi/challenge-platform/h/g/flow/ov1/948415362:1727828881:2g3a0u8RXE76oWU6zm62O9g7O2fgpUZjCdp3DY_BCI8/8cc0eb78ee0d35ea/31aaad730fdd467 HTTP/2.0
                                        host: www.webcheats.com.br
                                        content-length: 2028
                                        sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                        dnt: 1
                                        sec-ch-ua-mobile: ?0
                                        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                        sec-ch-ua-arch: "x86"
                                        sec-ch-ua-full-version: "92.0.902.67"
                                        sec-ch-ua-platform-version: "10.0"
                                        content-type: application/x-www-form-urlencoded
                                        sec-ch-ua-model:
                                        cf-challenge: 31aaad730fdd467
                                        sec-ch-ua-platform: "Windows"
                                        accept: */*
                                        origin: https://www.webcheats.com.br
                                        sec-fetch-site: same-origin
                                        sec-fetch-mode: cors
                                        sec-fetch-dest: empty
                                        referer: https://www.webcheats.com.br/forum/
                                        accept-encoding: gzip, deflate, br
                                        accept-language: en-US,en;q=0.9
                                        Response
                                        HTTP/2.0 200
                                        date: Wed, 02 Oct 2024 01:29:09 GMT
                                        content-type: text/plain; charset=UTF-8
                                        cf-chl-gen: W6QOd5wAMjZQQI5WGWXpNy6kKhCAN0eYy5CyueHVoLMs+O2zm1NwoBObmHbLH4tlRIixmHmBIQ==$sCN5BNAAocoHZSkE
                                        report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w0U%2B05dSNReFJnLQOdpKYVQZ0QU61Z%2B80Ww1EuakEnLMJkMJSZIzvW0smd%2FgezScwq1N8MRl%2BuHr1G3b0cUAerOcxW894oreQ87As60yoLRPG9Yy5OgVfWftmBsXrS%2BLkfm0SGxUIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
                                        nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                        server: cloudflare
                                        cf-ray: 8cc0eb7c0f5035ea-FRA
                                        content-encoding: br
                                      • flag-us
                                        POST
                                        https://www.webcheats.com.br/cdn-cgi/challenge-platform/h/g/flow/ov1/948415362:1727828881:2g3a0u8RXE76oWU6zm62O9g7O2fgpUZjCdp3DY_BCI8/8cc0eb78ee0d35ea/31aaad730fdd467
                                        msedge.exe
                                        Remote address:
                                        104.21.233.140:443
                                        Request
                                        POST /cdn-cgi/challenge-platform/h/g/flow/ov1/948415362:1727828881:2g3a0u8RXE76oWU6zm62O9g7O2fgpUZjCdp3DY_BCI8/8cc0eb78ee0d35ea/31aaad730fdd467 HTTP/2.0
                                        host: www.webcheats.com.br
                                        content-length: 2777
                                        sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                        dnt: 1
                                        sec-ch-ua-mobile: ?0
                                        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                        sec-ch-ua-arch: "x86"
                                        sec-ch-ua-full-version: "92.0.902.67"
                                        sec-ch-ua-platform-version: "10.0"
                                        content-type: application/x-www-form-urlencoded
                                        sec-ch-ua-model:
                                        cf-challenge: 31aaad730fdd467
                                        sec-ch-ua-platform: "Windows"
                                        accept: */*
                                        origin: https://www.webcheats.com.br
                                        sec-fetch-site: same-origin
                                        sec-fetch-mode: cors
                                        sec-fetch-dest: empty
                                        referer: https://www.webcheats.com.br/forum/
                                        accept-encoding: gzip, deflate, br
                                        accept-language: en-US,en;q=0.9
                                        Response
                                        HTTP/2.0 200
                                        date: Wed, 02 Oct 2024 01:31:12 GMT
                                        content-type: text/html; charset=UTF-8
                                        cf-chl-out-s: kT1K6EtE6LU0jb0yG433lsfVZm+P0RaE1hjXakpR6sS5lpi60zjSN/bIPMW0nXvNd0jj9hh+1EFjQBI8BnE8diawNtiMKs4ukjn9Jj1OyxKLRMtdMQTgbsZU/LS/xFsHMDsN1j7YQfjRniMH5OUWlHcAE8wqJzR3SziFVggQAHWQaMG57pwCgqX4XOQwKwYKScAvxII3LdGNKm7rDmhHoJXh9HQP8irk5ZdyvpjauXO9hwuVkTlwX+2dRwHO7R9u3bZ62pkAeDSEmkHeZXpymyWcE6fPcz0QJvNqyzJwsNdrM1ARLFxNReb+77krt0/2JmPImDxmxUI0tC45GZUJPCBe/CtTFBoIBwV1Dn63DiiLGzUXz6iy60fB7cfZPC3owXEXMzY8sGUOMWtB5LffUeXLFhaXPPO7WGrVJy6HG8tg7/N5RYvFjGdrrYsWI9X8ovWjtFaFgXMMmkVkqDdtRI+fYs1cT2134DReeKfz+vtyu8g/f+JhOsnuTQi/odz23L6cq0E2C+EdoMo=$fEIRYSl40V01sANU
                                        cf-chl-out: svf7ES8OJs9+JEzaTcxdELA6jVeHPIhmDTOBSTb8FfMIBAdRlJ4X7kyqyacIoTZLPZGMj+k2PYZj/E5Z3TVbBgxbDO+pAq1F5VrVnhPt9uBVG117cyZb2A==$Gx1LaSjspCesy1bE
                                        report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yxl1b%2BHU1MtYI9aO4xM3jJLrJjLtoGn%2FOdM8txHZ5yXXWX4zmIgX%2BmkgcBoW8nxlVAdeToArBQETqsJJ6o%2Be%2FMTulGVLUK8q7Jw%2F3aaAOLn%2BFFZ4DjFS2BDCaHtt5k6zavb76hdZaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
                                        nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                        server: cloudflare
                                        cf-ray: 8cc0ee790ff735ea-FRA
                                        content-encoding: br
                                      • flag-us
                                        GET
                                        https://www.webcheats.com.br/forum/
                                        msedge.exe
                                        Remote address:
                                        104.21.233.140:443
                                        Request
                                        GET /forum/ HTTP/2.0
                                        host: www.webcheats.com.br
                                        cache-control: max-age=0
                                        sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                        sec-ch-ua-mobile: ?0
                                        sec-ch-ua-full-version: "92.0.902.67"
                                        sec-ch-ua-arch: "x86"
                                        sec-ch-ua-platform: "Windows"
                                        sec-ch-ua-platform-version: "10.0"
                                        sec-ch-ua-model: ""
                                        upgrade-insecure-requests: 1
                                        dnt: 1
                                        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                        accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                        sec-fetch-site: same-origin
                                        sec-fetch-mode: navigate
                                        sec-fetch-dest: document
                                        referer: https://www.webcheats.com.br/forum/
                                        accept-encoding: gzip, deflate, br
                                        accept-language: en-US,en;q=0.9
                                        cookie: cf_chl_rc_m=1
                                        Response
                                        HTTP/2.0 403
                                        date: Wed, 02 Oct 2024 01:31:14 GMT
                                        content-type: text/html; charset=UTF-8
                                        accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
                                        critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
                                        cross-origin-embedder-policy: require-corp
                                        cross-origin-opener-policy: same-origin
                                        cross-origin-resource-policy: same-origin
                                        origin-agent-cluster: ?1
                                        permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
                                        referrer-policy: same-origin
                                        x-content-options: nosniff
                                        x-frame-options: SAMEORIGIN
                                        cf-mitigated: challenge
                                        cf-chl-out: 4UD35MbsiGtcUKchq6wBWtqrkNVwqKVhLqjLTGC/IOQSvStgQt8yc6NbsztHDu0VI4Td4vw24WXlKZ51HoN9ls4X1oJKI2IvPGiHKdIEJuniBlFV2q/aEVHWpi/ZQBX3xN16bnULgCkJccLrzrgLyA==$oihVUzoZVFintI56aRJhQg==
                                        cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
                                        expires: Thu, 01 Jan 1970 00:00:01 GMT
                                        report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HVq2yDG%2FwPTDDOQMGfgrAu8aACUFa0QvBwYTR%2Fq3L6ekW0GS82GGAGz%2F6AdJrnlVeIsGzmIyDJNLVdEkYXIQ17sxAuJ2ABGwnpvtI8PxuMfvCxNA4WItsMnKGQSLEDFNu8BTm6CwjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
                                        nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                        vary: Accept-Encoding
                                        speculation-rules: "/cdn-cgi/speculation"
                                        server: cloudflare
                                        cf-ray: 8cc0ee881e1235ea-FRA
                                        content-encoding: br
                                      • flag-us
                                        GET
                                        https://www.webcheats.com.br/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8cc0ee881e1235ea
                                        msedge.exe
                                        Remote address:
                                        104.21.233.140:443
                                        Request
                                        GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8cc0ee881e1235ea HTTP/2.0
                                        host: www.webcheats.com.br
                                        sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                        dnt: 1
                                        sec-ch-ua-mobile: ?0
                                        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                        sec-ch-ua-arch: "x86"
                                        sec-ch-ua-full-version: "92.0.902.67"
                                        sec-ch-ua-platform-version: "10.0"
                                        sec-ch-ua-model:
                                        sec-ch-ua-platform: "Windows"
                                        accept: */*
                                        sec-fetch-site: same-origin
                                        sec-fetch-mode: no-cors
                                        sec-fetch-dest: script
                                        referer: https://www.webcheats.com.br/forum/?__cf_chl_rt_tk=jAI_iDDSiFVdQulRhcO1hBpNs_qvKpkUG0HzmYXNlXg-1727832674-0.0.1.1-4948
                                        accept-encoding: gzip, deflate, br
                                        accept-language: en-US,en;q=0.9
                                        cookie: cf_chl_rc_m=1
                                        Response
                                        HTTP/2.0 200
                                        date: Wed, 02 Oct 2024 01:31:14 GMT
                                        content-type: application/javascript; charset=UTF-8
                                        cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
                                        report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nhtohzR9nEDo%2BkThesNIoVUdYvx0tb%2FmdgffqrpYhwBCtExDe63QWEZv5k8P9KwbK968Uf84Z9AvZ1wPC4V7YB0G90hkTwf4nv67QqCGKgOlqfZoLIDs0IrtVguziuB1p%2BaBt9AXCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
                                        nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                        server: cloudflare
                                        cf-ray: 8cc0ee889e4d35ea-FRA
                                        content-encoding: br
                                      • flag-us
                                        GET
                                        https://www.webcheats.com.br/favicon.ico
                                        msedge.exe
                                        Remote address:
                                        104.21.233.140:443
                                        Request
                                        GET /favicon.ico HTTP/2.0
                                        host: www.webcheats.com.br
                                        sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                        dnt: 1
                                        sec-ch-ua-mobile: ?0
                                        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                        sec-ch-ua-arch: "x86"
                                        sec-ch-ua-full-version: "92.0.902.67"
                                        sec-ch-ua-platform-version: "10.0"
                                        sec-ch-ua-model:
                                        sec-ch-ua-platform: "Windows"
                                        accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                        sec-fetch-site: same-origin
                                        sec-fetch-mode: no-cors
                                        sec-fetch-dest: image
                                        referer: https://www.webcheats.com.br/forum/
                                        accept-encoding: gzip, deflate, br
                                        accept-language: en-US,en;q=0.9
                                        cookie: cf_chl_rc_m=1
                                        Response
                                        HTTP/2.0 403
                                        date: Wed, 02 Oct 2024 01:31:14 GMT
                                        content-type: text/html; charset=UTF-8
                                        accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
                                        critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
                                        cross-origin-embedder-policy: require-corp
                                        cross-origin-opener-policy: same-origin
                                        cross-origin-resource-policy: same-origin
                                        origin-agent-cluster: ?1
                                        permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
                                        referrer-policy: same-origin
                                        x-content-options: nosniff
                                        x-frame-options: SAMEORIGIN
                                        cf-mitigated: challenge
                                        cf-chl-out: uTzJavH/HY6eJjH0coKl9a52vPpSavoZGCgnDcqnhMAgBTD0pL+RVkVW6AEKuyhmnix4mSiMVAu8y7ctq+q2MrD7U4VPfggv+y3hMcq9LuIPcA1Ph5l6AVFHxqun0yTjXS+dmoEHBT2keUKytNzzqQ==$HX/tPXcBCgpsk3VXj2toPQ==
                                        cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
                                        expires: Thu, 01 Jan 1970 00:00:01 GMT
                                        report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4IhtX0OfRyRUSn31APtUiT0Vqb%2BbcYp1gy6FmTSZ%2B4ZWT%2FjS%2FbgRzVM4Fiy%2BcJvaTuDlyg3O5ymnzxf1yH92ma2hAAmUV5F%2B3a%2BU5pNZktu3KTCZ7VK9a2E4X150eXlTHYlAyCLG9g%3D%3D"}],"group":"cf-nel","max_age":604800}
                                        nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                        vary: Accept-Encoding
                                        speculation-rules: "/cdn-cgi/speculation"
                                        server: cloudflare
                                        cf-ray: 8cc0ee89eeed35ea-FRA
                                        content-encoding: br
                                      • flag-us
                                        GET
                                        https://www.webcheats.com.br/favicon.ico
                                        msedge.exe
                                        Remote address:
                                        104.21.233.140:443
                                        Request
                                        GET /favicon.ico HTTP/2.0
                                        host: www.webcheats.com.br
                                        sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                        dnt: 1
                                        sec-ch-ua-mobile: ?0
                                        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                        sec-ch-ua-arch: "x86"
                                        sec-ch-ua-full-version: "92.0.902.67"
                                        sec-ch-ua-platform-version: "10.0"
                                        sec-ch-ua-model:
                                        sec-ch-ua-platform: "Windows"
                                        accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                        sec-fetch-site: same-origin
                                        sec-fetch-mode: no-cors
                                        sec-fetch-dest: image
                                        referer: https://www.webcheats.com.br/forum/
                                        accept-encoding: gzip, deflate, br
                                        accept-language: en-US,en;q=0.9
                                        cookie: cf_chl_rc_m=1
                                        Response
                                        HTTP/2.0 403
                                        date: Wed, 02 Oct 2024 01:31:14 GMT
                                        content-type: text/html; charset=UTF-8
                                        accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
                                        critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
                                        cross-origin-embedder-policy: require-corp
                                        cross-origin-opener-policy: same-origin
                                        cross-origin-resource-policy: same-origin
                                        origin-agent-cluster: ?1
                                        permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
                                        referrer-policy: same-origin
                                        x-content-options: nosniff
                                        x-frame-options: SAMEORIGIN
                                        cf-mitigated: challenge
                                        cf-chl-out: OkAr9JOrifyqh9nnMUTPv7QrrTOF4YTeqnHXmfLBaZEi7MzVLuU+RGnj23s+KvM/ydSGMbSFKlJvOPG6nOjE5pLUzuSf1Hd+rQS7eC5r7Odu+gJ0bTkaMGPpZPB/dXdiegIKCm3hqbTtC7HuaT/TOw==$it/V560zNJc8CkH2DAnLfg==
                                        cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
                                        expires: Thu, 01 Jan 1970 00:00:01 GMT
                                        report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b6vuNHRbAAQ33SMMKsZoGxSkTYSdnGx99Ew53miwubD0UHoct51XbFxf7ceqX1weoDQYC2fpQzkMx2fIGubF07gKT%2B2qnv1m1ExN3RkUABVQNPzDtgya4xrP4l6JDSriK4TT4btmaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
                                        nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                        vary: Accept-Encoding
                                        speculation-rules: "/cdn-cgi/speculation"
                                        server: cloudflare
                                        cf-ray: 8cc0ee8a5f1435ea-FRA
                                        content-encoding: br
                                      • flag-us
                                        POST
                                        https://www.webcheats.com.br/cdn-cgi/challenge-platform/h/g/flow/ov1/1048983481:1727828820:JpoOus7S8gWmGEotoVzh2IjrBDYfbALgGj3e9MgbYCs/8cc0ee881e1235ea/33190cd928b9c3a
                                        msedge.exe
                                        Remote address:
                                        104.21.233.140:443
                                        Request
                                        POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1048983481:1727828820:JpoOus7S8gWmGEotoVzh2IjrBDYfbALgGj3e9MgbYCs/8cc0ee881e1235ea/33190cd928b9c3a HTTP/2.0
                                        host: www.webcheats.com.br
                                        content-length: 2041
                                        sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                        dnt: 1
                                        sec-ch-ua-mobile: ?0
                                        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                        sec-ch-ua-arch: "x86"
                                        sec-ch-ua-full-version: "92.0.902.67"
                                        sec-ch-ua-platform-version: "10.0"
                                        content-type: application/x-www-form-urlencoded
                                        sec-ch-ua-model:
                                        cf-challenge: 33190cd928b9c3a
                                        sec-ch-ua-platform: "Windows"
                                        accept: */*
                                        origin: https://www.webcheats.com.br
                                        sec-fetch-site: same-origin
                                        sec-fetch-mode: cors
                                        sec-fetch-dest: empty
                                        referer: https://www.webcheats.com.br/forum/
                                        accept-encoding: gzip, deflate, br
                                        accept-language: en-US,en;q=0.9
                                        cookie: cf_chl_rc_m=1
                                        Response
                                        HTTP/2.0 200
                                        date: Wed, 02 Oct 2024 01:31:14 GMT
                                        content-type: text/plain; charset=UTF-8
                                        cf-chl-gen: b7k/TFvjMCcwvxLuvAfHCFWzIC3ejETK4kIiLhgbpDvRi5TuLPvDPxR8koECSXM4nRAOTLQE2A==$B5rueaqbiwYFN/Yu
                                        report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gcpwNckMWaU%2BVGQdq4L6jB8wJZHQ79hi0uowAywWNr4PjmxdCaF1QFUemFmtqfZvdwfhmfl2C%2BROFm0ivt8kjXXZxxApStHivvfpskv%2FiXebfy5PJsqED4OJByF9rk6xZh0SZmdp0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
                                        nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                        server: cloudflare
                                        cf-ray: 8cc0ee8a9f2c35ea-FRA
                                        content-encoding: br
                                      • flag-us
                                        DNS
                                        a.nel.cloudflare.com
                                        msedge.exe
                                        Remote address:
                                        8.8.8.8:53
                                        Request
                                        a.nel.cloudflare.com
                                        IN A
                                        Response
                                        a.nel.cloudflare.com
                                        IN A
                                        35.190.80.1
                                      • flag-us
                                        OPTIONS
                                        https://a.nel.cloudflare.com/report/v4?s=hiMZuo62mlJTWZOYbD0hqLV8yrfcQDf6aSTDRzIFcPosPUi9qK7XcDI5dlASOIUO%2BdS780v1vMY4Zkcb9kVDk4ONu9kSVr3b%2FlJmmyRbo7PRvgpWQO1bA2KlaIPZpeAKE2lhb4SFxg%3D%3D
                                        msedge.exe
                                        Remote address:
                                        35.190.80.1:443
                                        Request
                                        OPTIONS /report/v4?s=hiMZuo62mlJTWZOYbD0hqLV8yrfcQDf6aSTDRzIFcPosPUi9qK7XcDI5dlASOIUO%2BdS780v1vMY4Zkcb9kVDk4ONu9kSVr3b%2FlJmmyRbo7PRvgpWQO1bA2KlaIPZpeAKE2lhb4SFxg%3D%3D HTTP/2.0
                                        host: a.nel.cloudflare.com
                                        origin: https://www.webcheats.com.br
                                        access-control-request-method: POST
                                        access-control-request-headers: content-type
                                        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                        accept-encoding: gzip, deflate, br
                                        accept-language: en-US,en;q=0.9
                                      • flag-us
                                        POST
                                        https://a.nel.cloudflare.com/report/v4?s=hiMZuo62mlJTWZOYbD0hqLV8yrfcQDf6aSTDRzIFcPosPUi9qK7XcDI5dlASOIUO%2BdS780v1vMY4Zkcb9kVDk4ONu9kSVr3b%2FlJmmyRbo7PRvgpWQO1bA2KlaIPZpeAKE2lhb4SFxg%3D%3D
                                        msedge.exe
                                        Remote address:
                                        35.190.80.1:443
                                        Request
                                        POST /report/v4?s=hiMZuo62mlJTWZOYbD0hqLV8yrfcQDf6aSTDRzIFcPosPUi9qK7XcDI5dlASOIUO%2BdS780v1vMY4Zkcb9kVDk4ONu9kSVr3b%2FlJmmyRbo7PRvgpWQO1bA2KlaIPZpeAKE2lhb4SFxg%3D%3D HTTP/2.0
                                        host: a.nel.cloudflare.com
                                        content-length: 411
                                        content-type: application/reports+json
                                        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                        accept-encoding: gzip, deflate, br
                                        accept-language: en-US,en;q=0.9
                                      • flag-us
                                        OPTIONS
                                        https://a.nel.cloudflare.com/report/v4?s=HVq2yDG%2FwPTDDOQMGfgrAu8aACUFa0QvBwYTR%2Fq3L6ekW0GS82GGAGz%2F6AdJrnlVeIsGzmIyDJNLVdEkYXIQ17sxAuJ2ABGwnpvtI8PxuMfvCxNA4WItsMnKGQSLEDFNu8BTm6CwjQ%3D%3D
                                        msedge.exe
                                        Remote address:
                                        35.190.80.1:443
                                        Request
                                        OPTIONS /report/v4?s=HVq2yDG%2FwPTDDOQMGfgrAu8aACUFa0QvBwYTR%2Fq3L6ekW0GS82GGAGz%2F6AdJrnlVeIsGzmIyDJNLVdEkYXIQ17sxAuJ2ABGwnpvtI8PxuMfvCxNA4WItsMnKGQSLEDFNu8BTm6CwjQ%3D%3D HTTP/2.0
                                        host: a.nel.cloudflare.com
                                        origin: https://www.webcheats.com.br
                                        access-control-request-method: POST
                                        access-control-request-headers: content-type
                                        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                        accept-encoding: gzip, deflate, br
                                        accept-language: en-US,en;q=0.9
                                      • flag-us
                                        DNS
                                        challenges.cloudflare.com
                                        msedge.exe
                                        Remote address:
                                        8.8.8.8:53
                                        Request
                                        challenges.cloudflare.com
                                        IN A
                                        Response
                                        challenges.cloudflare.com
                                        IN A
                                        104.18.94.41
                                        challenges.cloudflare.com
                                        IN A
                                        104.18.95.41
                                      • flag-us
                                        GET
                                        https://challenges.cloudflare.com/turnstile/v0/g/ec4b873d446c/api.js?onload=Jeuhg1&render=explicit
                                        msedge.exe
                                        Remote address:
                                        104.18.94.41:443
                                        Request
                                        GET /turnstile/v0/g/ec4b873d446c/api.js?onload=Jeuhg1&render=explicit HTTP/2.0
                                        host: challenges.cloudflare.com
                                        sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                        origin: https://www.webcheats.com.br
                                        sec-ch-ua-mobile: ?0
                                        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                        dnt: 1
                                        accept: */*
                                        sec-fetch-site: cross-site
                                        sec-fetch-mode: cors
                                        sec-fetch-dest: script
                                        accept-encoding: gzip, deflate, br
                                        accept-language: en-US,en;q=0.9
                                        Response
                                        HTTP/2.0 200
                                        date: Wed, 02 Oct 2024 01:29:09 GMT
                                        content-type: application/javascript; charset=UTF-8
                                        last-modified: Tue, 17 Sep 2024 16:06:37 GMT
                                        cache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
                                        access-control-allow-origin: *
                                        cross-origin-resource-policy: cross-origin
                                        vary: Accept-Encoding
                                        server: cloudflare
                                        cf-ray: 8cc0eb7c9f1248b9-LHR
                                        content-encoding: br
                                      • flag-us
                                        DNS
                                        140.233.21.104.in-addr.arpa
                                        Remote address:
                                        8.8.8.8:53
                                        Request
                                        140.233.21.104.in-addr.arpa
                                        IN PTR
                                        Response
                                      • flag-us
                                        DNS
                                        1.80.190.35.in-addr.arpa
                                        Remote address:
                                        8.8.8.8:53
                                        Request
                                        1.80.190.35.in-addr.arpa
                                        IN PTR
                                        Response
                                        1.80.190.35.in-addr.arpa
                                        IN PTR
                                        18019035bcgoogleusercontentcom
                                      • flag-us
                                        GET
                                        https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/72doa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/
                                        msedge.exe
                                        Remote address:
                                        104.18.94.41:443
                                        Request
                                        GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/72doa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/ HTTP/2.0
                                        host: challenges.cloudflare.com
                                        sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                        sec-ch-ua-mobile: ?0
                                        upgrade-insecure-requests: 1
                                        dnt: 1
                                        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                        accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                        sec-fetch-site: cross-site
                                        sec-fetch-mode: navigate
                                        sec-fetch-dest: iframe
                                        accept-encoding: gzip, deflate, br
                                        accept-language: en-US,en;q=0.9
                                        Response
                                        HTTP/2.0 200
                                        date: Wed, 02 Oct 2024 01:29:10 GMT
                                        content-type: text/html; charset=UTF-8
                                        referrer-policy: same-origin
                                        critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
                                        document-policy: js-profiling
                                        content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
                                        accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
                                        cross-origin-opener-policy: same-origin
                                        cross-origin-resource-policy: cross-origin
                                        origin-agent-cluster: ?1
                                        cross-origin-embedder-policy: require-corp
                                        permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
                                        cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
                                        server: cloudflare
                                        cf-ray: 8cc0eb7dc9d993fa-LHR
                                        content-encoding: br
                                      • flag-us
                                        GET
                                        https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/cgqGdwECWZ0l%2BqhlK11yd%2Bx5hS12pvhB1sHMXO%2F%2F%2F3U%3D
                                        msedge.exe
                                        Remote address:
                                        104.18.94.41:443
                                        Request
                                        GET /cdn-cgi/challenge-platform/h/g/cmg/1/cgqGdwECWZ0l%2BqhlK11yd%2Bx5hS12pvhB1sHMXO%2F%2F%2F3U%3D HTTP/2.0
                                        host: challenges.cloudflare.com
                                        sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                        dnt: 1
                                        sec-ch-ua-mobile: ?0
                                        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                        accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                        sec-fetch-site: same-origin
                                        sec-fetch-mode: no-cors
                                        sec-fetch-dest: image
                                        referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/72doa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/
                                        accept-encoding: gzip, deflate, br
                                        accept-language: en-US,en;q=0.9
                                        Response
                                        HTTP/2.0 200
                                        date: Wed, 02 Oct 2024 01:29:10 GMT
                                        content-type: image/png
                                        content-length: 61
                                        cache-control: max-age=2629800, public
                                        server: cloudflare
                                        cf-ray: 8cc0eb7e5a3c93fa-LHR
                                        alt-svc: h3=":443"; ma=86400
                                      • flag-us
                                        GET
                                        https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8cc0eb7dc9d993fa&lang=auto
                                        msedge.exe
                                        Remote address:
                                        104.18.94.41:443
                                        Request
                                        GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8cc0eb7dc9d993fa&lang=auto HTTP/2.0
                                        host: challenges.cloudflare.com
                                        sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                        dnt: 1
                                        sec-ch-ua-mobile: ?0
                                        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                        accept: */*
                                        sec-fetch-site: same-origin
                                        sec-fetch-mode: no-cors
                                        sec-fetch-dest: script
                                        referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/72doa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/
                                        accept-encoding: gzip, deflate, br
                                        accept-language: en-US,en;q=0.9
                                        Response
                                        HTTP/2.0 200
                                        date: Wed, 02 Oct 2024 01:29:10 GMT
                                        content-type: application/javascript; charset=UTF-8
                                        cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
                                        server: cloudflare
                                        cf-ray: 8cc0eb7e5a3e93fa-LHR
                                        content-encoding: br
                                      • flag-us
                                        POST
                                        https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1833391092:1727828985:BQL7TdS7Je00XP6nEJRtWp6IGDpKYzjQEHR5qOPXrDo/8cc0eb7dc9d993fa/101889b5fad3358
                                        msedge.exe
                                        Remote address:
                                        104.18.94.41:443
                                        Request
                                        POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1833391092:1727828985:BQL7TdS7Je00XP6nEJRtWp6IGDpKYzjQEHR5qOPXrDo/8cc0eb7dc9d993fa/101889b5fad3358 HTTP/2.0
                                        host: challenges.cloudflare.com
                                        content-length: 3644
                                        sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                        dnt: 1
                                        sec-ch-ua-mobile: ?0
                                        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                        cf-challenge: 101889b5fad3358
                                        content-type: application/x-www-form-urlencoded
                                        accept: */*
                                        origin: https://challenges.cloudflare.com
                                        sec-fetch-site: same-origin
                                        sec-fetch-mode: cors
                                        sec-fetch-dest: empty
                                        referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/72doa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/
                                        accept-encoding: gzip, deflate, br
                                        accept-language: en-US,en;q=0.9
                                        Response
                                        HTTP/2.0 200
                                        date: Wed, 02 Oct 2024 01:29:10 GMT
                                        content-type: text/plain; charset=UTF-8
                                        cf-chl-gen: uCtHOY1T1Fyl9smPDmVi8DSCb2JDEczEUoQ0PI2cUyH58TJWG/fzLRjTj5A8ifDv/wwfPqugEsmvCo9W7rZXzxQNZGDfpBEABuK7+vkRKl59g/bt/oyxMIKVTTZzUtCqCQXc24QFNI8+IIDCBIVyGL8k5vlPMMtJTYh4Iu58mf2gB0RWWVhWW3/F20HJ4/cldCX/Riic+py6SlTKQbRVM8Yj1WzMZT8rh7PucjP+p67D/CO42RPtoEpxYzx+Y8h9xUXzkUXAelehYxdpcH+N36ugZ2VH7qXMJhOGEZ4B3YDP3HLsOzHknn99m4c6Q51wTVkh0uh7wnA/ymvmXScaXwV2uWo2QneFT+ufFtEMRd2VeoXa02UWq+tZhtOMS/RGmpk04ndWoVovHVTBGCGQPak7HY4LHroKSr8fkYVCBXSYr2ICg3ilFmXflAfbAUYVAFc5AWIln2R6vghplg==$D3tRws9zqvVBOP21
                                        server: cloudflare
                                        cf-ray: 8cc0eb7fab4793fa-LHR
                                        content-encoding: br
                                      • flag-us
                                        GET
                                        https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/8cc0eb7dc9d993fa/1727832550362/461ddc3efd800341d65a2827cdd6a47b2fc5b2ac7f63c25a64fb541e5ee2cd25/3SvZtxE5kZ284T7
                                        msedge.exe
                                        Remote address:
                                        104.18.94.41:443
                                        Request
                                        GET /cdn-cgi/challenge-platform/h/g/pat/8cc0eb7dc9d993fa/1727832550362/461ddc3efd800341d65a2827cdd6a47b2fc5b2ac7f63c25a64fb541e5ee2cd25/3SvZtxE5kZ284T7 HTTP/2.0
                                        host: challenges.cloudflare.com
                                        cache-control: max-age=0
                                        sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                        dnt: 1
                                        sec-ch-ua-mobile: ?0
                                        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                        accept: */*
                                        sec-fetch-site: same-origin
                                        sec-fetch-mode: cors
                                        sec-fetch-dest: empty
                                        referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/72doa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/
                                        accept-encoding: gzip, deflate, br
                                        accept-language: en-US,en;q=0.9
                                        Response
                                        HTTP/2.0 401
                                        date: Wed, 02 Oct 2024 01:29:11 GMT
                                        content-type: text/plain; charset=UTF-8
                                        content-length: 1
                                        www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gRh3cPv2AA0HWWignzdakey_Fsqx_Y8JaZPtUHl7izSUAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAxpIQ8pg8hGd05KbJAkG1a7AHXWPHRpWvRWN4TyfS8G5mZIlaiyy15YT2ap9ucvVm0bPpNpyuVfHCX_nw5MPtOD2MWJTk-yMwq2EaiuOL9_hyR3JykLG25Q3Ruso08zUTfbqJ0t0I-7NomwvbG0PF3ARFppsmMmybE6qG5uyioR_eYlS0ULfDDo6jfgi4aiXhLCJwFcqRseNeOyWf-DwIm7B_zmu-FA_mCJlWAHA6EFEZ81LhYq4GVjl7_TfusSIr4rvWhY0ogvq8h4etid-jqlO_Ao4NBNrQZHXdevq3QTM9JoPBera0p3bX0nVHsPnunZX9gnHhG3Kr_OJUrC41lQIDAQAB", max-age=20, PrivateToken challenge="AAIAHXNhdC5wYXQtaXNzdWVyLmNsb3VkZmxhcmUuY29tIEYd3D79gANB1looJ83WpHsvxbKsf2PCWmT7VB5e4s0lABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAsLS4HBnLGydwK-bLQGRCaoyMsrXBRrDgQVmxS06j3UF0nYSd6GdTGCKIu1WV60eg-tJtTttfEVq7wHVQf4vzjYBidmCh88ebzxKv2GB6PESSodf5MsEup9xd5dxpkYScgL1CCJq89kRrOQ_CS61bvkL_oGyZf4ffqG5THgaOsopqj8dFLH6_SMy9yf8EgMYqpyjxfKsD-1_qb1m1DRjJEKPWKIGwmHXIKQJUqsxZFm4_Inwkxx7QMpVP4GyqlTxFVz7stWwJRSkMLHjEM_IWLUYfPhuwIUVqmRjGsY1n8flA1bRfxaWHNDxoi25-M2BKTP9NkNNJBbTKErhrZ9LGywIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIEYd3D79gANB1looJ83WpHsvxbKsf2PCWmT7VB5e4s0lABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAwOXxuf_YfH60WXLdHNNMi668yTzkAIuksAL2v5Hmho3odFuawAT0cyief1oGo8EaTM_mzmbWK1XdowTDWz2k8-mVmWsgyW3NdrIQwZo-pqOoSiMOVVjpDsnwZmGR_SeoYczHldSUjidO3m4djRGeWR4Iv7sZ131HRg8MZGc0BLoTAJ8WLryDVz1Kp_D_qSxsI1b5cap8Y1yGShRIAZ1O6b3zuooeDoLh9q098fsCdlZbnGh28gTNXgdkiFt_yjyaf5upGTHXcizT4TWTDdmvgSNE19n7ahXuj-_GH_XzP42QLUomcuqNEhu5wSj7XNnyRFURH19l6_sLROivytIY2wIDAQAB", max-age=20
                                        server: cloudflare
                                        cf-ray: 8cc0eb849e9793fa-LHR
                                      • flag-us
                                        GET
                                        https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/8cc0eb7dc9d993fa/1727832550364/xAYx1aGGYypGY2i
                                        msedge.exe
                                        Remote address:
                                        104.18.94.41:443
                                        Request
                                        GET /cdn-cgi/challenge-platform/h/g/i/8cc0eb7dc9d993fa/1727832550364/xAYx1aGGYypGY2i HTTP/2.0
                                        host: challenges.cloudflare.com
                                        sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                        dnt: 1
                                        sec-ch-ua-mobile: ?0
                                        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                        accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                        sec-fetch-site: same-origin
                                        sec-fetch-mode: no-cors
                                        sec-fetch-dest: image
                                        referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/72doa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/
                                        accept-encoding: gzip, deflate, br
                                        accept-language: en-US,en;q=0.9
                                        Response
                                        HTTP/2.0 200
                                        date: Wed, 02 Oct 2024 01:29:11 GMT
                                        content-type: image/png
                                        content-length: 61
                                        server: cloudflare
                                        cf-ray: 8cc0eb863fa793fa-LHR
                                      • flag-us
                                        POST
                                        https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1833391092:1727828985:BQL7TdS7Je00XP6nEJRtWp6IGDpKYzjQEHR5qOPXrDo/8cc0eb7dc9d993fa/101889b5fad3358
                                        msedge.exe
                                        Remote address:
                                        104.18.94.41:443
                                        Request
                                        POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1833391092:1727828985:BQL7TdS7Je00XP6nEJRtWp6IGDpKYzjQEHR5qOPXrDo/8cc0eb7dc9d993fa/101889b5fad3358 HTTP/2.0
                                        host: challenges.cloudflare.com
                                        content-length: 29759
                                        sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                        dnt: 1
                                        sec-ch-ua-mobile: ?0
                                        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                        cf-challenge: 101889b5fad3358
                                        content-type: application/x-www-form-urlencoded
                                        accept: */*
                                        origin: https://challenges.cloudflare.com
                                        sec-fetch-site: same-origin
                                        sec-fetch-mode: cors
                                        sec-fetch-dest: empty
                                        referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/72doa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/
                                        accept-encoding: gzip, deflate, br
                                        accept-language: en-US,en;q=0.9
                                        Response
                                        HTTP/2.0 200
                                        date: Wed, 02 Oct 2024 01:29:12 GMT
                                        content-type: text/plain; charset=UTF-8
                                        cf-chl-gen: +6orGDWatZeoiQT0dioWivp85FHFzQNvwvL+S3ilGTbyyGaA7+eQIk89BF/gYW0I3TYxl1zqGB3LjINX$GbLMew7i1U58qC9I
                                        server: cloudflare
                                        cf-ray: 8cc0eb89faaa93fa-LHR
                                        content-encoding: br
                                      • flag-us
                                        GET
                                        https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/sqyqo/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/
                                        msedge.exe
                                        Remote address:
                                        104.18.94.41:443
                                        Request
                                        GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/sqyqo/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/ HTTP/2.0
                                        host: challenges.cloudflare.com
                                        sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                        sec-ch-ua-mobile: ?0
                                        upgrade-insecure-requests: 1
                                        dnt: 1
                                        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                        accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                        sec-fetch-site: cross-site
                                        sec-fetch-mode: navigate
                                        sec-fetch-dest: iframe
                                        accept-encoding: gzip, deflate, br
                                        accept-language: en-US,en;q=0.9
                                        Response
                                        HTTP/2.0 200
                                        date: Wed, 02 Oct 2024 01:31:15 GMT
                                        content-type: text/html; charset=UTF-8
                                        document-policy: js-profiling
                                        referrer-policy: same-origin
                                        cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
                                        critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
                                        permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
                                        origin-agent-cluster: ?1
                                        cross-origin-opener-policy: same-origin
                                        content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
                                        accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
                                        cross-origin-embedder-policy: require-corp
                                        cross-origin-resource-policy: cross-origin
                                        server: cloudflare
                                        cf-ray: 8cc0ee8cfb3593fa-LHR
                                        content-encoding: br
                                      • flag-us
                                        GET
                                        https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8cc0ee8cfb3593fa&lang=auto
                                        msedge.exe
                                        Remote address:
                                        104.18.94.41:443
                                        Request
                                        GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8cc0ee8cfb3593fa&lang=auto HTTP/2.0
                                        host: challenges.cloudflare.com
                                        sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                        dnt: 1
                                        sec-ch-ua-mobile: ?0
                                        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                        accept: */*
                                        sec-fetch-site: same-origin
                                        sec-fetch-mode: no-cors
                                        sec-fetch-dest: script
                                        referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/sqyqo/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/
                                        accept-encoding: gzip, deflate, br
                                        accept-language: en-US,en;q=0.9
                                        Response
                                        HTTP/2.0 200
                                        date: Wed, 02 Oct 2024 01:31:15 GMT
                                        content-type: application/javascript; charset=UTF-8
                                        cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
                                        server: cloudflare
                                        cf-ray: 8cc0ee8d7b8893fa-LHR
                                        content-encoding: br
                                      • flag-us
                                        POST
                                        https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/255958294:1727828981:cGr6hxqsln1PWle9MmekrnlhqMAV0SF4-7Nk-zpZl2Q/8cc0ee8cfb3593fa/d0e68f56598e943
                                        msedge.exe
                                        Remote address:
                                        104.18.94.41:443
                                        Request
                                        POST /cdn-cgi/challenge-platform/h/g/flow/ov1/255958294:1727828981:cGr6hxqsln1PWle9MmekrnlhqMAV0SF4-7Nk-zpZl2Q/8cc0ee8cfb3593fa/d0e68f56598e943 HTTP/2.0
                                        host: challenges.cloudflare.com
                                        content-length: 3642
                                        sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                        dnt: 1
                                        sec-ch-ua-mobile: ?0
                                        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                        cf-challenge: d0e68f56598e943
                                        content-type: application/x-www-form-urlencoded
                                        accept: */*
                                        origin: https://challenges.cloudflare.com
                                        sec-fetch-site: same-origin
                                        sec-fetch-mode: cors
                                        sec-fetch-dest: empty
                                        referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/sqyqo/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/
                                        accept-encoding: gzip, deflate, br
                                        accept-language: en-US,en;q=0.9
                                        Response
                                        HTTP/2.0 200
                                        date: Wed, 02 Oct 2024 01:31:16 GMT
                                        content-type: text/plain; charset=UTF-8
                                        cf-chl-gen: yCXVYxSeOlyrxk1eDo8HYASj3JysiFFrXC5LXnssOBfD8sHIhdFCJim3pElt+kUMTBPS7WWO+5E7nwP1X17CixLCB4k0zMkJfAIlqXosTZyQ0BDU9CCUSAuNIRMsre9W2+kywoRIKad+AAk3uX6RDHZO/jXxCrK5+XLGEkT+1c27HKf+LV8jhlkDNo+Y2SNRlk8vFtR+o+byvVz5CSlj7zPVlRws9Nqy0QH3vJlIQxRuwtbupbPGLTVZyI2D5dnyNk81v8sYWEMqjvypz5WTnOJdch1O+vR0yjLTm8/t0YM/4tRrb+SFf4yMlhcGnGbHXl449Tb3htlKFu7DGbMA3zYcHQUV5AFpKbTw2pZvmnLyaQtJSGDW638kja2Z4EjQ56toKLtgHTHwAqTrXYlkxcWvuRk0yop6y3+lHz7TQ4pBzXhIVIXNznYpLpmQWjM87ghcJOZSEWrczwxk6+K6nq3RIxaPNoQoYrA3$Cp0hboSBzxIypSM5
                                        server: cloudflare
                                        cf-ray: 8cc0ee8ecc2893fa-LHR
                                        content-encoding: br
                                      • flag-us
                                        GET
                                        https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/8cc0ee8cfb3593fa/1727832676209/cb0a34640ec22358ff45a6693ab53d5aeec5dd8bfaf0ba87955a2598c81a2380/KXRNPXnx_aqNMkT
                                        msedge.exe
                                        Remote address:
                                        104.18.94.41:443
                                        Request
                                        GET /cdn-cgi/challenge-platform/h/g/pat/8cc0ee8cfb3593fa/1727832676209/cb0a34640ec22358ff45a6693ab53d5aeec5dd8bfaf0ba87955a2598c81a2380/KXRNPXnx_aqNMkT HTTP/2.0
                                        host: challenges.cloudflare.com
                                        cache-control: max-age=0
                                        sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                        dnt: 1
                                        sec-ch-ua-mobile: ?0
                                        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                        accept: */*
                                        sec-fetch-site: same-origin
                                        sec-fetch-mode: cors
                                        sec-fetch-dest: empty
                                        referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/sqyqo/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/
                                        accept-encoding: gzip, deflate, br
                                        accept-language: en-US,en;q=0.9
                                        Response
                                        HTTP/2.0 401
                                        date: Wed, 02 Oct 2024 01:31:17 GMT
                                        content-type: text/plain; charset=UTF-8
                                        content-length: 1
                                        www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gywo0ZA7CI1j_RaZpOrU9Wu7F3Yv68LqHlVolmMgaI4AAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAxpIQ8pg8hGd05KbJAkG1a7AHXWPHRpWvRWN4TyfS8G5mZIlaiyy15YT2ap9ucvVm0bPpNpyuVfHCX_nw5MPtOD2MWJTk-yMwq2EaiuOL9_hyR3JykLG25Q3Ruso08zUTfbqJ0t0I-7NomwvbG0PF3ARFppsmMmybE6qG5uyioR_eYlS0ULfDDo6jfgi4aiXhLCJwFcqRseNeOyWf-DwIm7B_zmu-FA_mCJlWAHA6EFEZ81LhYq4GVjl7_TfusSIr4rvWhY0ogvq8h4etid-jqlO_Ao4NBNrQZHXdevq3QTM9JoPBera0p3bX0nVHsPnunZX9gnHhG3Kr_OJUrC41lQIDAQAB", max-age=20, PrivateToken challenge="AAIAHXNhdC5wYXQtaXNzdWVyLmNsb3VkZmxhcmUuY29tIMsKNGQOwiNY_0WmaTq1PVruxd2L-vC6h5VaJZjIGiOAABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAsLS4HBnLGydwK-bLQGRCaoyMsrXBRrDgQVmxS06j3UF0nYSd6GdTGCKIu1WV60eg-tJtTttfEVq7wHVQf4vzjYBidmCh88ebzxKv2GB6PESSodf5MsEup9xd5dxpkYScgL1CCJq89kRrOQ_CS61bvkL_oGyZf4ffqG5THgaOsopqj8dFLH6_SMy9yf8EgMYqpyjxfKsD-1_qb1m1DRjJEKPWKIGwmHXIKQJUqsxZFm4_Inwkxx7QMpVP4GyqlTxFVz7stWwJRSkMLHjEM_IWLUYfPhuwIUVqmRjGsY1n8flA1bRfxaWHNDxoi25-M2BKTP9NkNNJBbTKErhrZ9LGywIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIMsKNGQOwiNY_0WmaTq1PVruxd2L-vC6h5VaJZjIGiOAABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAwOXxuf_YfH60WXLdHNNMi668yTzkAIuksAL2v5Hmho3odFuawAT0cyief1oGo8EaTM_mzmbWK1XdowTDWz2k8-mVmWsgyW3NdrIQwZo-pqOoSiMOVVjpDsnwZmGR_SeoYczHldSUjidO3m4djRGeWR4Iv7sZ131HRg8MZGc0BLoTAJ8WLryDVz1Kp_D_qSxsI1b5cap8Y1yGShRIAZ1O6b3zuooeDoLh9q098fsCdlZbnGh28gTNXgdkiFt_yjyaf5upGTHXcizT4TWTDdmvgSNE19n7ahXuj-_GH_XzP42QLUomcuqNEhu5wSj7XNnyRFURH19l6_sLROivytIY2wIDAQAB", max-age=20
                                        server: cloudflare
                                        cf-ray: 8cc0ee97d97a93fa-LHR
                                      • flag-us
                                        GET
                                        https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/8cc0ee8cfb3593fa/1727832676211/cjASBNZdaX5uEpE
                                        msedge.exe
                                        Remote address:
                                        104.18.94.41:443
                                        Request
                                        GET /cdn-cgi/challenge-platform/h/g/i/8cc0ee8cfb3593fa/1727832676211/cjASBNZdaX5uEpE HTTP/2.0
                                        host: challenges.cloudflare.com
                                        sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                        dnt: 1
                                        sec-ch-ua-mobile: ?0
                                        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                        accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                        sec-fetch-site: same-origin
                                        sec-fetch-mode: no-cors
                                        sec-fetch-dest: image
                                        referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/sqyqo/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/
                                        accept-encoding: gzip, deflate, br
                                        accept-language: en-US,en;q=0.9
                                        Response
                                        HTTP/2.0 200
                                        date: Wed, 02 Oct 2024 01:31:17 GMT
                                        content-type: image/png
                                        content-length: 61
                                        server: cloudflare
                                        cf-ray: 8cc0ee9a0a8c93fa-LHR
                                      • flag-us
                                        POST
                                        https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/255958294:1727828981:cGr6hxqsln1PWle9MmekrnlhqMAV0SF4-7Nk-zpZl2Q/8cc0ee8cfb3593fa/d0e68f56598e943
                                        msedge.exe
                                        Remote address:
                                        104.18.94.41:443
                                        Request
                                        POST /cdn-cgi/challenge-platform/h/g/flow/ov1/255958294:1727828981:cGr6hxqsln1PWle9MmekrnlhqMAV0SF4-7Nk-zpZl2Q/8cc0ee8cfb3593fa/d0e68f56598e943 HTTP/2.0
                                        host: challenges.cloudflare.com
                                        content-length: 30368
                                        sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                        dnt: 1
                                        sec-ch-ua-mobile: ?0
                                        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                        cf-challenge: d0e68f56598e943
                                        content-type: application/x-www-form-urlencoded
                                        accept: */*
                                        origin: https://challenges.cloudflare.com
                                        sec-fetch-site: same-origin
                                        sec-fetch-mode: cors
                                        sec-fetch-dest: empty
                                        referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/sqyqo/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/
                                        accept-encoding: gzip, deflate, br
                                        accept-language: en-US,en;q=0.9
                                        Response
                                        HTTP/2.0 200
                                        date: Wed, 02 Oct 2024 01:31:18 GMT
                                        content-type: text/plain; charset=UTF-8
                                        cf-chl-gen: 22GUXmxETZnbzzZUQFNswb+F30j8YeptaC+/aRfSJofD97KbUsgRHNCEGXPMQe4ZwSwEBjymekJle7Mb$6c8lpas6bxlSBBE/
                                        server: cloudflare
                                        cf-ray: 8cc0ee9cbc0893fa-LHR
                                        content-encoding: br
                                      • flag-us
                                        DNS
                                        41.94.18.104.in-addr.arpa
                                        Remote address:
                                        8.8.8.8:53
                                        Request
                                        41.94.18.104.in-addr.arpa
                                        IN PTR
                                        Response
                                      • flag-us
                                        DNS
                                        28.118.140.52.in-addr.arpa
                                        Remote address:
                                        8.8.8.8:53
                                        Request
                                        28.118.140.52.in-addr.arpa
                                        IN PTR
                                        Response
                                      • flag-us
                                        DNS
                                        133.211.185.52.in-addr.arpa
                                        Remote address:
                                        8.8.8.8:53
                                        Request
                                        133.211.185.52.in-addr.arpa
                                        IN PTR
                                        Response
                                      • flag-us
                                        DNS
                                        50.23.12.20.in-addr.arpa
                                        Remote address:
                                        8.8.8.8:53
                                        Request
                                        50.23.12.20.in-addr.arpa
                                        IN PTR
                                        Response
                                      • flag-us
                                        DNS
                                        241.42.69.40.in-addr.arpa
                                        Remote address:
                                        8.8.8.8:53
                                        Request
                                        241.42.69.40.in-addr.arpa
                                        IN PTR
                                        Response
                                      • flag-us
                                        DNS
                                        172.210.232.199.in-addr.arpa
                                        Remote address:
                                        8.8.8.8:53
                                        Request
                                        172.210.232.199.in-addr.arpa
                                        IN PTR
                                        Response
                                      • flag-us
                                        DNS
                                        83.210.23.2.in-addr.arpa
                                        Remote address:
                                        8.8.8.8:53
                                        Request
                                        83.210.23.2.in-addr.arpa
                                        IN PTR
                                        Response
                                        83.210.23.2.in-addr.arpa
                                        IN PTR
                                        a2-23-210-83deploystaticakamaitechnologiescom
                                      • flag-us
                                        DNS
                                        11.227.111.52.in-addr.arpa
                                        Remote address:
                                        8.8.8.8:53
                                        Request
                                        11.227.111.52.in-addr.arpa
                                        IN PTR
                                        Response
                                      • 104.21.233.140:80
                                        http://www.webcheats.com.br/forum/
                                        http
                                        msedge.exe
                                        780 B
                                         1.1kB
                                         7
                                        5

                                        HTTP Request

                                        GET http://www.webcheats.com.br/forum/

                                        HTTP Response

                                        301
                                      • 104.21.233.140:80
                                        www.webcheats.com.br
                                        msedge.exe
                                        190 B
                                         132 B
                                         4
                                        3
                                      • 104.21.233.140:80
                                        www.webcheats.com.br
                                        msedge.exe
                                        190 B
                                         132 B
                                         4
                                        3
                                      • 104.21.233.140:443
                                        https://www.webcheats.com.br/cdn-cgi/challenge-platform/h/g/flow/ov1/1048983481:1727828820:JpoOus7S8gWmGEotoVzh2IjrBDYfbALgGj3e9MgbYCs/8cc0ee881e1235ea/33190cd928b9c3a
                                        tls, http2
                                        msedge.exe
                                        16.5kB
                                         203.9kB
                                         143
                                        209

                                        HTTP Request

                                        GET https://www.webcheats.com.br/forum/

                                        HTTP Response

                                        403

                                        HTTP Request

                                        GET https://www.webcheats.com.br/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8cc0eb78ee0d35ea

                                        HTTP Response

                                        200

                                        HTTP Request

                                        GET https://www.webcheats.com.br/favicon.ico

                                        HTTP Response

                                        403

                                        HTTP Request

                                        GET https://www.webcheats.com.br/favicon.ico

                                        HTTP Request

                                        POST https://www.webcheats.com.br/cdn-cgi/challenge-platform/h/g/flow/ov1/948415362:1727828881:2g3a0u8RXE76oWU6zm62O9g7O2fgpUZjCdp3DY_BCI8/8cc0eb78ee0d35ea/31aaad730fdd467

                                        HTTP Response

                                        403

                                        HTTP Response

                                        200

                                        HTTP Request

                                        POST https://www.webcheats.com.br/cdn-cgi/challenge-platform/h/g/flow/ov1/948415362:1727828881:2g3a0u8RXE76oWU6zm62O9g7O2fgpUZjCdp3DY_BCI8/8cc0eb78ee0d35ea/31aaad730fdd467

                                        HTTP Response

                                        200

                                        HTTP Request

                                        GET https://www.webcheats.com.br/forum/

                                        HTTP Response

                                        403

                                        HTTP Request

                                        GET https://www.webcheats.com.br/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8cc0ee881e1235ea

                                        HTTP Response

                                        200

                                        HTTP Request

                                        GET https://www.webcheats.com.br/favicon.ico

                                        HTTP Response

                                        403

                                        HTTP Request

                                        GET https://www.webcheats.com.br/favicon.ico

                                        HTTP Request

                                        POST https://www.webcheats.com.br/cdn-cgi/challenge-platform/h/g/flow/ov1/1048983481:1727828820:JpoOus7S8gWmGEotoVzh2IjrBDYfbALgGj3e9MgbYCs/8cc0ee881e1235ea/33190cd928b9c3a

                                        HTTP Response

                                        403

                                        HTTP Response

                                        200
                                      • 35.190.80.1:443
                                        https://a.nel.cloudflare.com/report/v4?s=HVq2yDG%2FwPTDDOQMGfgrAu8aACUFa0QvBwYTR%2Fq3L6ekW0GS82GGAGz%2F6AdJrnlVeIsGzmIyDJNLVdEkYXIQ17sxAuJ2ABGwnpvtI8PxuMfvCxNA4WItsMnKGQSLEDFNu8BTm6CwjQ%3D%3D
                                        tls, http2
                                        msedge.exe
                                        3.2kB
                                         5.3kB
                                         24
                                        25

                                        HTTP Request

                                        OPTIONS https://a.nel.cloudflare.com/report/v4?s=hiMZuo62mlJTWZOYbD0hqLV8yrfcQDf6aSTDRzIFcPosPUi9qK7XcDI5dlASOIUO%2BdS780v1vMY4Zkcb9kVDk4ONu9kSVr3b%2FlJmmyRbo7PRvgpWQO1bA2KlaIPZpeAKE2lhb4SFxg%3D%3D

                                        HTTP Request

                                        POST https://a.nel.cloudflare.com/report/v4?s=hiMZuo62mlJTWZOYbD0hqLV8yrfcQDf6aSTDRzIFcPosPUi9qK7XcDI5dlASOIUO%2BdS780v1vMY4Zkcb9kVDk4ONu9kSVr3b%2FlJmmyRbo7PRvgpWQO1bA2KlaIPZpeAKE2lhb4SFxg%3D%3D

                                        HTTP Request

                                        OPTIONS https://a.nel.cloudflare.com/report/v4?s=HVq2yDG%2FwPTDDOQMGfgrAu8aACUFa0QvBwYTR%2Fq3L6ekW0GS82GGAGz%2F6AdJrnlVeIsGzmIyDJNLVdEkYXIQ17sxAuJ2ABGwnpvtI8PxuMfvCxNA4WItsMnKGQSLEDFNu8BTm6CwjQ%3D%3D
                                      • 104.18.94.41:443
                                        https://challenges.cloudflare.com/turnstile/v0/g/ec4b873d446c/api.js?onload=Jeuhg1&render=explicit
                                        tls, http2
                                        msedge.exe
                                        2.3kB
                                         20.5kB
                                         27
                                        28

                                        HTTP Request

                                        GET https://challenges.cloudflare.com/turnstile/v0/g/ec4b873d446c/api.js?onload=Jeuhg1&render=explicit

                                        HTTP Response

                                        200
                                      • 104.18.94.41:443
                                        https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/255958294:1727828981:cGr6hxqsln1PWle9MmekrnlhqMAV0SF4-7Nk-zpZl2Q/8cc0ee8cfb3593fa/d0e68f56598e943
                                        tls, http2
                                        msedge.exe
                                        88.6kB
                                         469.1kB
                                         298
                                        434

                                        HTTP Request

                                        GET https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/72doa/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/

                                        HTTP Response

                                        200

                                        HTTP Request

                                        GET https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/cgqGdwECWZ0l%2BqhlK11yd%2Bx5hS12pvhB1sHMXO%2F%2F%2F3U%3D

                                        HTTP Request

                                        GET https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8cc0eb7dc9d993fa&lang=auto

                                        HTTP Response

                                        200

                                        HTTP Response

                                        200

                                        HTTP Request

                                        POST https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1833391092:1727828985:BQL7TdS7Je00XP6nEJRtWp6IGDpKYzjQEHR5qOPXrDo/8cc0eb7dc9d993fa/101889b5fad3358

                                        HTTP Response

                                        200

                                        HTTP Request

                                        GET https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/8cc0eb7dc9d993fa/1727832550362/461ddc3efd800341d65a2827cdd6a47b2fc5b2ac7f63c25a64fb541e5ee2cd25/3SvZtxE5kZ284T7

                                        HTTP Response

                                        401

                                        HTTP Request

                                        GET https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/8cc0eb7dc9d993fa/1727832550364/xAYx1aGGYypGY2i

                                        HTTP Response

                                        200

                                        HTTP Request

                                        POST https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1833391092:1727828985:BQL7TdS7Je00XP6nEJRtWp6IGDpKYzjQEHR5qOPXrDo/8cc0eb7dc9d993fa/101889b5fad3358

                                        HTTP Response

                                        200

                                        HTTP Request

                                        GET https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/sqyqo/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/

                                        HTTP Response

                                        200

                                        HTTP Request

                                        GET https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8cc0ee8cfb3593fa&lang=auto

                                        HTTP Response

                                        200

                                        HTTP Request

                                        POST https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/255958294:1727828981:cGr6hxqsln1PWle9MmekrnlhqMAV0SF4-7Nk-zpZl2Q/8cc0ee8cfb3593fa/d0e68f56598e943

                                        HTTP Response

                                        200

                                        HTTP Request

                                        GET https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/8cc0ee8cfb3593fa/1727832676209/cb0a34640ec22358ff45a6693ab53d5aeec5dd8bfaf0ba87955a2598c81a2380/KXRNPXnx_aqNMkT

                                        HTTP Response

                                        401

                                        HTTP Request

                                        GET https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/8cc0ee8cfb3593fa/1727832676211/cjASBNZdaX5uEpE

                                        HTTP Response

                                        200

                                        HTTP Request

                                        POST https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/255958294:1727828981:cGr6hxqsln1PWle9MmekrnlhqMAV0SF4-7Nk-zpZl2Q/8cc0ee8cfb3593fa/d0e68f56598e943

                                        HTTP Response

                                        200
                                      • 8.8.8.8:53
                                        www.webcheats.com.br
                                        dns
                                        msedge.exe
                                        132 B
                                         98 B
                                         2
                                        1

                                        DNS Request

                                        www.webcheats.com.br

                                        DNS Request

                                        www.webcheats.com.br

                                        DNS Response

                                        104.21.233.140
                                        104.21.233.139

                                      • 8.8.8.8:53
                                        104.219.191.52.in-addr.arpa
                                        dns
                                        73 B
                                         147 B
                                         1
                                        1

                                        DNS Request

                                        104.219.191.52.in-addr.arpa

                                      • 8.8.8.8:53
                                        68.32.126.40.in-addr.arpa
                                        dns
                                        71 B
                                         157 B
                                         1
                                        1

                                        DNS Request

                                        68.32.126.40.in-addr.arpa

                                      • 8.8.8.8:53
                                        95.221.229.192.in-addr.arpa
                                        dns
                                        73 B
                                         144 B
                                         1
                                        1

                                        DNS Request

                                        95.221.229.192.in-addr.arpa

                                      • 8.8.8.8:53
                                        a.nel.cloudflare.com
                                        dns
                                        msedge.exe
                                        66 B
                                         82 B
                                         1
                                        1

                                        DNS Request

                                        a.nel.cloudflare.com

                                        DNS Response

                                        35.190.80.1

                                      • 35.190.80.1:443
                                        a.nel.cloudflare.com
                                        https
                                        msedge.exe
                                        1.7kB
                                         3.9kB
                                         4
                                        6
                                      • 8.8.8.8:53
                                        challenges.cloudflare.com
                                        dns
                                        msedge.exe
                                        71 B
                                         103 B
                                         1
                                        1

                                        DNS Request

                                        challenges.cloudflare.com

                                        DNS Response

                                        104.18.94.41
                                        104.18.95.41

                                      • 8.8.8.8:53
                                        140.233.21.104.in-addr.arpa
                                        dns
                                        73 B
                                         135 B
                                         1
                                        1

                                        DNS Request

                                        140.233.21.104.in-addr.arpa

                                      • 8.8.8.8:53
                                        1.80.190.35.in-addr.arpa
                                        dns
                                        70 B
                                         120 B
                                         1
                                        1

                                        DNS Request

                                        1.80.190.35.in-addr.arpa

                                      • 8.8.8.8:53
                                        41.94.18.104.in-addr.arpa
                                        dns
                                        71 B
                                         133 B
                                         1
                                        1

                                        DNS Request

                                        41.94.18.104.in-addr.arpa

                                      • 224.0.0.251:5353
                                        390 B
                                         6
                                      • 8.8.8.8:53
                                        28.118.140.52.in-addr.arpa
                                        dns
                                        72 B
                                         158 B
                                         1
                                        1

                                        DNS Request

                                        28.118.140.52.in-addr.arpa

                                      • 8.8.8.8:53
                                        133.211.185.52.in-addr.arpa
                                        dns
                                        73 B
                                         147 B
                                         1
                                        1

                                        DNS Request

                                        133.211.185.52.in-addr.arpa

                                      • 8.8.8.8:53
                                        50.23.12.20.in-addr.arpa
                                        dns
                                        70 B
                                         156 B
                                         1
                                        1

                                        DNS Request

                                        50.23.12.20.in-addr.arpa

                                      • 8.8.8.8:53
                                        241.42.69.40.in-addr.arpa
                                        dns
                                        71 B
                                         145 B
                                         1
                                        1

                                        DNS Request

                                        241.42.69.40.in-addr.arpa

                                      • 8.8.8.8:53
                                        172.210.232.199.in-addr.arpa
                                        dns
                                        74 B
                                         128 B
                                         1
                                        1

                                        DNS Request

                                        172.210.232.199.in-addr.arpa

                                      • 8.8.8.8:53
                                        83.210.23.2.in-addr.arpa
                                        dns
                                        70 B
                                         133 B
                                         1
                                        1

                                        DNS Request

                                        83.210.23.2.in-addr.arpa

                                      • 35.190.80.1:443
                                        a.nel.cloudflare.com
                                        https
                                        msedge.exe
                                        3.4kB
                                         4.2kB
                                         10
                                        10
                                      • 8.8.8.8:53
                                        11.227.111.52.in-addr.arpa
                                        dns
                                        72 B
                                         158 B
                                         1
                                        1

                                        DNS Request

                                        11.227.111.52.in-addr.arpa

                                      • 35.190.80.1:443
                                        a.nel.cloudflare.com
                                        https
                                        msedge.exe
                                        4.0kB
                                         4.1kB
                                         8
                                        8

                                      MITRE ATT&CK Enterprise v15

                                      Replay Monitor

                                      Loading Replay Monitor...

                                      Downloads

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                        Filesize

                                        152B

                                        MD5

                                        ff63763eedb406987ced076e36ec9acf

                                        SHA1

                                        16365aa97cd1a115412f8ae436d5d4e9be5f7b5d

                                        SHA256

                                        8f460e8b7a67f0c65b7248961a7c71146c9e7a19772b193972b486dbf05b8e4c

                                        SHA512

                                        ce90336169c8b2de249d4faea2519bf7c3df48ae9d77cdf471dd5dbd8e8542d47d9348080a098074aa63c255890850ee3b80ddb8eef8384919fdca3bb9371d9f

                                        Download Submit

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                        Filesize

                                        152B

                                        MD5

                                        2783c40400a8912a79cfd383da731086

                                        SHA1

                                        001a131fe399c30973089e18358818090ca81789

                                        SHA256

                                        331fa67da5f67bbb42794c3aeab8f7819f35347460ffb352ccc914e0373a22c5

                                        SHA512

                                        b7c7d3aa966ad39a86aae02479649d74dcbf29d9cb3a7ff8b9b2354ea60704da55f5c0df803fd0a7191170a8e72fdd5eacfa1a739d7a74e390a7b74bdced1685

                                        Download Submit

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                        Filesize

                                        168B

                                        MD5

                                        9cd06b8470897e95a587192a845bef1b

                                        SHA1

                                        92d0d49b842c8467b5994bc9e9d48023cafa0704

                                        SHA256

                                        a92882c3006b8c15a2dfa05b4999074a7093662e273814a0be1cd2b9ad23d559

                                        SHA512

                                        21c18e05fddb46d9fdedc1386340cee047a818b22510177f482aa3c595c60325bb88a492c1bdf7e16095a2058347787581d33644b58d81b3c920fefea6216d26

                                        Download Submit

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                        Filesize

                                        120B

                                        MD5

                                        bdac21b4b5bec86cf5ebd90ebe56ac6c

                                        SHA1

                                        acf14497734b8fa41fa2ae7e545114744c1eda72

                                        SHA256

                                        03da2c10bd2d4938bb1ba2f53fd8a3ff47234de25694404508661e07c8d87840

                                        SHA512

                                        11f4259ee673517879c7266f488fdcc38f229145e9f7bc81abe591d00448a74203d079233134f42caa937a63145a69d6f9f9c565c79f3f928db0f4be85bdb831

                                        Download Submit

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                        Filesize

                                        561B

                                        MD5

                                        10feb13b786c2f5f3d7c5dc335244924

                                        SHA1

                                        6439fa5af57dd8cb29e94eb7548323f096a3e4e1

                                        SHA256

                                        a44bc2008575c5586c28694795ddf7a02d013c815c81296b2c36a535ee77a622

                                        SHA512

                                        86bc4fee7e56c96ccd4ed6014c694996006a136ac57daaa5a33a3816f91e47d1a1e0b7cee0ab18683a7ce8edd041c294942803fa45324283e73edb8ce9303ba9

                                        Download Submit

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                        Filesize

                                        6KB

                                        MD5

                                        ca959bc7029a7825fbe376e0b1d28aeb

                                        SHA1

                                        b69cf279c44536a7e0b3074ade919482c5902c1d

                                        SHA256

                                        fabf1c91aa399c6efbf55ee1a47b18bfc0c42e4c41c3b1742fc204d82d72e8b5

                                        SHA512

                                        e9bc38cd62fa2f2263dc040ef1cd0b89967732bf49ca0e76e450b679f5bae4753e418ed1987d932f57836cb1d6c7d84824cc37bf39ffdd77bcca757975f7c08d

                                        Download Submit

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                        Filesize

                                        6KB

                                        MD5

                                        59e56ddb0f5b7eaae4d17086a10c0d26

                                        SHA1

                                        a5cf36d4cf841912dd3145866765fa83976815fd

                                        SHA256

                                        a1d783e4f92720e8d4abe59b5e39362a7b7203fb29b6518f4d027255fc12daed

                                        SHA512

                                        307321e5b20707567fd94b877825d09bbc25bc34d629499749f4597e7a7c2f9cc2fb40163e0cd079953c4da1e0bd85136a5d8e7c3d3d5d69857af7238af27a16

                                        Download Submit

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                        Filesize

                                        5KB

                                        MD5

                                        66a274073bcef386b6066911eb787842

                                        SHA1

                                        ab270b7d8e6d22677b17069a8dde942cca63d4b5

                                        SHA256

                                        cbbe54df291ce08baa427756f0bcae2f8bab6377a0df137eac8c59c6b32b5164

                                        SHA512

                                        9bf16cddbf31649ecf133b8c75f9ac2fcbafc5f6d92cf8147470cff4e5d6c09916117c3b7b5e74ff8f1006896f2d054233e880ef032730dd212f7e401675d166

                                        Download Submit

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                        Filesize

                                        16B

                                        MD5

                                        6752a1d65b201c13b62ea44016eb221f

                                        SHA1

                                        58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                        SHA256

                                        0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                        SHA512

                                        9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                        Download Submit

                                      • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                        Filesize

                                        10KB

                                        MD5

                                        aa7f9b1c4c724ad00f5c61763d7837ca

                                        SHA1

                                        d94edb4f910d997c031b93764af29de444ec1be4

                                        SHA256

                                        bb0d857c8fabaf1c48d55e829571ee9ac22ffb8593f972512ab25f1eaa9e3051

                                        SHA512

                                        7de22b34fe04060ac3d3ad8b9d840d5792b80b0ce7299364ade9cc271d6bd51f9d4dcb8056fa662ecb76ab794b033f35e11b3b977b349c5f193ca4c6e793bc6a

                                        Download Submit

                                      • memory/4508-46-0x0000000000B20000-0x0000000000B21000-memory.dmp

                                        Filesize

                                        4KB

                                        Download

                                      • memory/4508-0-0x0000000000B20000-0x0000000000B21000-memory.dmp

                                        Filesize

                                        4KB

                                        Download

                                      • memory/4508-61-0x0000000000400000-0x00000000004CD000-memory.dmp

                                        Filesize

                                        820KB

                                        Download

                                      • memory/4508-45-0x0000000000400000-0x00000000004CD000-memory.dmp

                                        Filesize

                                        820KB

                                        Download

                                      We care about your privacy.

                                      This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.