Windows Analysis Report
https://delivery.attempt.failure.ebbs.co.za/public/MY096OineFzTCVJ56qDw3aMDByE0CDQ1

Overview

General Information

Sample URL:	https://delivery.attempt.failure.ebbs.co.za/public/MY096OineFzTCVJ56qDw3aMDByE0CDQ1
Analysis ID:	1466501
Infos:

Detection

Score:	64
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus / Scanner detection for submitted sample

Antivirus detection for URL or domain

Snort IDS alert for network traffic

HTML body contains low number of good links

Invalid T&C link found

Stores files to the Windows start menu directory

Classification

Signatures

AV Detection

Antivirus / Scanner detection for submitted sample

Source: https://delivery.attempt.failure.ebbs.co.za/public/MY096OineFzTCVJ56qDw3aMDByE0CDQ1	Avira URL Cloud: detection malicious, Label: phishing
Source: https://delivery.attempt.failure.ebbs.co.za/public/MY096OineFzTCVJ56qDw3aMDByE0CDQ1	SlashNext: detection malicious, Label: Fraudulent Website type: Phishing & Social Engineering

Antivirus detection for URL or domain

Source: https://delivery.attempt.failure.ebbs.co.za/public/js/session-recorder.js	Avira URL Cloud: Label: phishing
Source: https://delivery.attempt.failure.ebbs.co.za/fonts/vendor/@fontsource/roboto/files/roboto-all-400-normal.woff?376ea5d93f71583052f65de4e0c6a92c	Avira URL Cloud: Label: malware
Source: https://delivery.attempt.failure.ebbs.co.za/public/js/app.js	Avira URL Cloud: Label: phishing
Source: https://delivery.attempt.failure.ebbs.co.za/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff?eeccf4f66002c6f2ba24d3d22f2434c2	Avira URL Cloud: Label: phishing
Source: https://delivery.attempt.failure.ebbs.co.za/fonts/vendor/@fontsource/roboto/files/roboto-latin-400-normal.woff2?4673b4537a84c7f7a130799aa6af329b	Avira URL Cloud: Label: malware
Source: https://delivery.attempt.failure.ebbs.co.za/favicon.ico	Avira URL Cloud: Label: malware
Source: https://delivery.attempt.failure.ebbs.co.za/images/foo.png	Avira URL Cloud: Label: malware
Source: https://delivery.attempt.failure.ebbs.co.za/public	Avira URL Cloud: Label: phishing
Source: https://delivery.attempt.failure.ebbs.co.za/images/all.png	Avira URL Cloud: Label: malware
Source: https://delivery.attempt.failure.ebbs.co.za/fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.ttf?527940b104eb2ea366c8630f3f038603	Avira URL Cloud: Label: malware
Source: https://delivery.attempt.failure.ebbs.co.za/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.ttf?be9ee23c0c6390141475d519c2c5fb8f	Avira URL Cloud: Label: malware
Source: https://delivery.attempt.failure.ebbs.co.za/images/logo.png	Avira URL Cloud: Label: phishing
Source: https://delivery.attempt.failure.ebbs.co.za/public/css/app.css	Avira URL Cloud: Label: phishing
Source: https://delivery.attempt.failure.ebbs.co.za/public/	Avira URL Cloud: Label: malware
Source: https://delivery.attempt.failure.ebbs.co.za/JvUbxDhm9qZNMbdmVQYAGfBj2dFZwKmJ/	Avira URL Cloud: Label: phishing
Source: https://delivery.attempt.failure.ebbs.co.za/fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.woff?2285773e6b4b172f07d9b777c81b0775	Avira URL Cloud: Label: malware
Source: https://delivery.attempt.failure.ebbs.co.za/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80	Avira URL Cloud: Label: malware
Source: https://delivery.attempt.failure.ebbs.co.za/public/css/fonts/webfa-brands-400.woff2?d878b0a6a1144760244ff0665888404c	Avira URL Cloud: Label: phishing

HTML body contains low number of good links

Source: https://delivery.attempt.failure.ebbs.co.za/public/JvUbxDhm9qZNMbdmVQYAGfBj2dFZwKmJ

HTTP Parser: Number of links: 0

Invalid T&C link found

Source: https://delivery.attempt.failure.ebbs.co.za/public/JvUbxDhm9qZNMbdmVQYAGfBj2dFZwKmJ	HTTP Parser: Invalid link: Help and support
Source: https://delivery.attempt.failure.ebbs.co.za/public/JvUbxDhm9qZNMbdmVQYAGfBj2dFZwKmJ	HTTP Parser: Invalid link: Help and support
Source: https://delivery.attempt.failure.ebbs.co.za/public/JvUbxDhm9qZNMbdmVQYAGfBj2dFZwKmJ	HTTP Parser: Invalid link: Help and support
Source: https://delivery.attempt.failure.ebbs.co.za/public/JvUbxDhm9qZNMbdmVQYAGfBj2dFZwKmJ	HTTP Parser: Invalid link: Terms and conditions
Source: https://delivery.attempt.failure.ebbs.co.za/public/JvUbxDhm9qZNMbdmVQYAGfBj2dFZwKmJ	HTTP Parser: Invalid link: Terms and conditions
Source: https://delivery.attempt.failure.ebbs.co.za/public/JvUbxDhm9qZNMbdmVQYAGfBj2dFZwKmJ	HTTP Parser: Invalid link: privacy Notice
Source: https://delivery.attempt.failure.ebbs.co.za/public/JvUbxDhm9qZNMbdmVQYAGfBj2dFZwKmJ	HTTP Parser: Invalid link: Legal notice

Source: https://delivery.attempt.failure.ebbs.co.za/public/JvUbxDhm9qZNMbdmVQYAGfBj2dFZwKmJ

HTTP Parser: No favicon

Source: https://delivery.attempt.failure.ebbs.co.za/public/JvUbxDhm9qZNMbdmVQYAGfBj2dFZwKmJ

HTTP Parser: No <meta name="author".. found

Source: https://delivery.attempt.failure.ebbs.co.za/public/JvUbxDhm9qZNMbdmVQYAGfBj2dFZwKmJ

HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49715 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49716 version: TLS 1.2

Networking

Snort IDS alert for network traffic

Source: Traffic

Snort IDS: 2014545 ET CURRENT_EVENTS TDS Sutra - page redirecting to a SutraTDS 41.185.8.221:443 -> 192.168.2.5:49717

Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /public/MY096OineFzTCVJ56qDw3aMDByE0CDQ1 HTTP/1.1Host: delivery.attempt.failure.ebbs.co.zaConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /public HTTP/1.1Host: delivery.attempt.failure.ebbs.co.zaConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IkRTMmJyQ1ZvNzVyblRnL3R3UHgyY0E9PSIsInZhbHVlIjoiclhMV0JUUVd6S0FvOExGOFA5ZTlLTThvUENMQXZZdlUvaDdDRHhITDNWWVBBU0VNaXdLWmgxSFEwWHovZHRUZVhLV0o3K2UvRCt0M2lXZEkyY0J0cFMxNEY5NVk2bXZPdmhwN1NLWUlrWFFEYzVyb2tneE9ReWZQd1dNS3hKMmoiLCJtYWMiOiJhOGI5Y2RiODY1MzMzNDU5NDBhMDIxY2U4N2Y4MjFlN2VjNDNkMzRlMGExNDUzNTM1ZWUzYzM5NWU3NmI1YzAyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Imtwb2NIbEhQTU9sU0I5Um1PRCtHT1E9PSIsInZhbHVlIjoiaVArQjJYdGFKWUg3akp4cFFxbFdmZS9SeVZ3cnhkOHpGSXJsRm1nbkFMQUhPaVJwTVB3eEpONFlVL2h5VGxaRm1XYUVjTVVJWTBXT3dRdWJjejlKbUYwa0V2YlhRK20xWmtHUC91VkRQZDVvMmlKQWJtcjJDRWN6S1FFcm94UzkiLCJtYWMiOiIwZDRiZjgzNTg0Mzc5ZDUzZDRiODBkZWJiYTZlNmNlZjgwNDQyYzViZTI5MjRiYjg2MzA1NDkwOWM0ZjIwM2YxIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /public/ HTTP/1.1Host: delivery.attempt.failure.ebbs.co.zaConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IkRTMmJyQ1ZvNzVyblRnL3R3UHgyY0E9PSIsInZhbHVlIjoiclhMV0JUUVd6S0FvOExGOFA5ZTlLTThvUENMQXZZdlUvaDdDRHhITDNWWVBBU0VNaXdLWmgxSFEwWHovZHRUZVhLV0o3K2UvRCt0M2lXZEkyY0J0cFMxNEY5NVk2bXZPdmhwN1NLWUlrWFFEYzVyb2tneE9ReWZQd1dNS3hKMmoiLCJtYWMiOiJhOGI5Y2RiODY1MzMzNDU5NDBhMDIxY2U4N2Y4MjFlN2VjNDNkMzRlMGExNDUzNTM1ZWUzYzM5NWU3NmI1YzAyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Imtwb2NIbEhQTU9sU0I5Um1PRCtHT1E9PSIsInZhbHVlIjoiaVArQjJYdGFKWUg3akp4cFFxbFdmZS9SeVZ3cnhkOHpGSXJsRm1nbkFMQUhPaVJwTVB3eEpONFlVL2h5VGxaRm1XYUVjTVVJWTBXT3dRdWJjejlKbUYwa0V2YlhRK20xWmtHUC91VkRQZDVvMmlKQWJtcjJDRWN6S1FFcm94UzkiLCJtYWMiOiIwZDRiZjgzNTg0Mzc5ZDUzZDRiODBkZWJiYTZlNmNlZjgwNDQyYzViZTI5MjRiYjg2MzA1NDkwOWM0ZjIwM2YxIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /JvUbxDhm9qZNMbdmVQYAGfBj2dFZwKmJ/ HTTP/1.1Host: delivery.attempt.failure.ebbs.co.zaConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://delivery.attempt.failure.ebbs.co.za/public/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ilp6b0RzakR5N2o1TlE3czFtWGk1L3c9PSIsInZhbHVlIjoiTWlYM1EvZE9uakloRXhIRG95eW5CRm5sdmREVU91elpjTnFFNjdxQUlZUnF4K2ZMUjdCSHVQOVF4SXlxT0FGaHpCK2hMNlNCcHlIM2pYbko4M2JqOFljUyszMmRsRTVvK0ZuK0hXYzZqZG9GTmozYndRNlhGNmJUTndxai9VdDkiLCJtYWMiOiI5ZDM3M2I0MjM3MDg5OGE0OTg0NjlmYzdiZjk5OTRkMjU2NGZhN2MwMDJhMjkxNGM5NzlhYmQ2YWEzZjljOTY5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImFPRHhtYzduU3pIa3JuQ3VTQ3BLUFE9PSIsInZhbHVlIjoibXdhK1ZyejJkZlBCVnpmNE42OXJZK1VYY1lrelpXdUQ2cVRWWWExeC9nOWYyaEVOekRQdDhvaWRPOU1hdTBVVC9XUUFNVXQ2c0VIeGg5QkVoSlZzYVJBSmxpUlpvNTRiYWpWOEpKVHU0WkY2VnBtWG9ldHdjMC9BZWg2cjhaMFEiLCJtYWMiOiIxYjM4MjFkZmE5NWZhYjM5ZjA0ZTM2OThkNDZkYjk5N2UxMzI3YmE2N2IxYzI5ZDk2MjRiOTZiMWZmYTcyYTFjIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /public/JvUbxDhm9qZNMbdmVQYAGfBj2dFZwKmJ HTTP/1.1Host: delivery.attempt.failure.ebbs.co.zaConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://delivery.attempt.failure.ebbs.co.za/public/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ilp6b0RzakR5N2o1TlE3czFtWGk1L3c9PSIsInZhbHVlIjoiTWlYM1EvZE9uakloRXhIRG95eW5CRm5sdmREVU91elpjTnFFNjdxQUlZUnF4K2ZMUjdCSHVQOVF4SXlxT0FGaHpCK2hMNlNCcHlIM2pYbko4M2JqOFljUyszMmRsRTVvK0ZuK0hXYzZqZG9GTmozYndRNlhGNmJUTndxai9VdDkiLCJtYWMiOiI5ZDM3M2I0MjM3MDg5OGE0OTg0NjlmYzdiZjk5OTRkMjU2NGZhN2MwMDJhMjkxNGM5NzlhYmQ2YWEzZjljOTY5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImFPRHhtYzduU3pIa3JuQ3VTQ3BLUFE9PSIsInZhbHVlIjoibXdhK1ZyejJkZlBCVnpmNE42OXJZK1VYY1lrelpXdUQ2cVRWWWExeC9nOWYyaEVOekRQdDhvaWRPOU1hdTBVVC9XUUFNVXQ2c0VIeGg5QkVoSlZzYVJBSmxpUlpvNTRiYWpWOEpKVHU0WkY2VnBtWG9ldHdjMC9BZWg2cjhaMFEiLCJtYWMiOiIxYjM4MjFkZmE5NWZhYjM5ZjA0ZTM2OThkNDZkYjk5N2UxMzI3YmE2N2IxYzI5ZDk2MjRiOTZiMWZmYTcyYTFjIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://delivery.attempt.failure.ebbs.co.za/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /public/css/app.css HTTP/1.1Host: delivery.attempt.failure.ebbs.co.zaConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://delivery.attempt.failure.ebbs.co.za/public/JvUbxDhm9qZNMbdmVQYAGfBj2dFZwKmJAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImQxdXFmTm1CeDBXZzFmZnZzRzRueGc9PSIsInZhbHVlIjoiUUJkay9YcTZwZ28zRFoyQkh1MGpubnMwVjJOUnZHc1Q1TzZ4OXhwOHc3RTNpbUJGeWw5UldpVE1xdHl1MTFrcENWQ2VkaFR4S1VwU1JzNkJmOTl3NkF0QlZLLzRwZGE1MWxXY1BGdlNLOFlOYmt5Q0tETFVzU3NscEU2NWRWYnMiLCJtYWMiOiI2OTZjNThmYzNmZDY4OGVlMWQ4YjQwNjc4ZDdlMzYxMGRlODU3Mjc2OWQ1YTY1YjMyNmZhZmNkN2UxNGExZjNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlhnRzJGcHdnTzZRWWdzRncyTEloWXc9PSIsInZhbHVlIjoiRG1zd0Z5djMxb2kzY0MrbHJXSU9TSUMvWmJ1YlFrdk84K0V6TGhDY3pUb3oySHg4N0d0YWFvWXBmUjdQSHBvVGR6OU1Jd3YrU2NWY1R1bXplRS8xaGhJd0lWazZMZ0ZOdE9vUHlJRmdnNEdLcHJUdVNWVFJlV3BaQUJFRzlqMTIiLCJtYWMiOiI5ZjlhOTUzYzViNTcyZTMwYWNlYmUwNTNkMzJiNmMzYTI2ZTUxYzI5MjRkMjAzNWYxNDgyNjBhZTcxNjcyMDQ2IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /images/logo.png HTTP/1.1Host: delivery.attempt.failure.ebbs.co.zaConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://delivery.attempt.failure.ebbs.co.za/public/JvUbxDhm9qZNMbdmVQYAGfBj2dFZwKmJAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImQxdXFmTm1CeDBXZzFmZnZzRzRueGc9PSIsInZhbHVlIjoiUUJkay9YcTZwZ28zRFoyQkh1MGpubnMwVjJOUnZHc1Q1TzZ4OXhwOHc3RTNpbUJGeWw5UldpVE1xdHl1MTFrcENWQ2VkaFR4S1VwU1JzNkJmOTl3NkF0QlZLLzRwZGE1MWxXY1BGdlNLOFlOYmt5Q0tETFVzU3NscEU2NWRWYnMiLCJtYWMiOiI2OTZjNThmYzNmZDY4OGVlMWQ4YjQwNjc4ZDdlMzYxMGRlODU3Mjc2OWQ1YTY1YjMyNmZhZmNkN2UxNGExZjNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlhnRzJGcHdnTzZRWWdzRncyTEloWXc9PSIsInZhbHVlIjoiRG1zd0Z5djMxb2kzY0MrbHJXSU9TSUMvWmJ1YlFrdk84K0V6TGhDY3pUb3oySHg4N0d0YWFvWXBmUjdQSHBvVGR6OU1Jd3YrU2NWY1R1bXplRS8xaGhJd0lWazZMZ0ZOdE9vUHlJRmdnNEdLcHJUdVNWVFJlV3BaQUJFRzlqMTIiLCJtYWMiOiI5ZjlhOTUzYzViNTcyZTMwYWNlYmUwNTNkMzJiNmMzYTI2ZTUxYzI5MjRkMjAzNWYxNDgyNjBhZTcxNjcyMDQ2IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /images/all.png HTTP/1.1Host: delivery.attempt.failure.ebbs.co.zaConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://delivery.attempt.failure.ebbs.co.za/public/JvUbxDhm9qZNMbdmVQYAGfBj2dFZwKmJAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImQxdXFmTm1CeDBXZzFmZnZzRzRueGc9PSIsInZhbHVlIjoiUUJkay9YcTZwZ28zRFoyQkh1MGpubnMwVjJOUnZHc1Q1TzZ4OXhwOHc3RTNpbUJGeWw5UldpVE1xdHl1MTFrcENWQ2VkaFR4S1VwU1JzNkJmOTl3NkF0QlZLLzRwZGE1MWxXY1BGdlNLOFlOYmt5Q0tETFVzU3NscEU2NWRWYnMiLCJtYWMiOiI2OTZjNThmYzNmZDY4OGVlMWQ4YjQwNjc4ZDdlMzYxMGRlODU3Mjc2OWQ1YTY1YjMyNmZhZmNkN2UxNGExZjNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlhnRzJGcHdnTzZRWWdzRncyTEloWXc9PSIsInZhbHVlIjoiRG1zd0Z5djMxb2kzY0MrbHJXSU9TSUMvWmJ1YlFrdk84K0V6TGhDY3pUb3oySHg4N0d0YWFvWXBmUjdQSHBvVGR6OU1Jd3YrU2NWY1R1bXplRS8xaGhJd0lWazZMZ0ZOdE9vUHlJRmdnNEdLcHJUdVNWVFJlV3BaQUJFRzlqMTIiLCJtYWMiOiI5ZjlhOTUzYzViNTcyZTMwYWNlYmUwNTNkMzJiNmMzYTI2ZTUxYzI5MjRkMjAzNWYxNDgyNjBhZTcxNjcyMDQ2IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /logger-1.min.js HTTP/1.1Host: cdn.lr-in.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://delivery.attempt.failure.ebbs.co.za/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/foo.png HTTP/1.1Host: delivery.attempt.failure.ebbs.co.zaConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://delivery.attempt.failure.ebbs.co.za/public/JvUbxDhm9qZNMbdmVQYAGfBj2dFZwKmJAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImQxdXFmTm1CeDBXZzFmZnZzRzRueGc9PSIsInZhbHVlIjoiUUJkay9YcTZwZ28zRFoyQkh1MGpubnMwVjJOUnZHc1Q1TzZ4OXhwOHc3RTNpbUJGeWw5UldpVE1xdHl1MTFrcENWQ2VkaFR4S1VwU1JzNkJmOTl3NkF0QlZLLzRwZGE1MWxXY1BGdlNLOFlOYmt5Q0tETFVzU3NscEU2NWRWYnMiLCJtYWMiOiI2OTZjNThmYzNmZDY4OGVlMWQ4YjQwNjc4ZDdlMzYxMGRlODU3Mjc2OWQ1YTY1YjMyNmZhZmNkN2UxNGExZjNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlhnRzJGcHdnTzZRWWdzRncyTEloWXc9PSIsInZhbHVlIjoiRG1zd0Z5djMxb2kzY0MrbHJXSU9TSUMvWmJ1YlFrdk84K0V6TGhDY3pUb3oySHg4N0d0YWFvWXBmUjdQSHBvVGR6OU1Jd3YrU2NWY1R1bXplRS8xaGhJd0lWazZMZ0ZOdE9vUHlJRmdnNEdLcHJUdVNWVFJlV3BaQUJFRzlqMTIiLCJtYWMiOiI5ZjlhOTUzYzViNTcyZTMwYWNlYmUwNTNkMzJiNmMzYTI2ZTUxYzI5MjRkMjAzNWYxNDgyNjBhZTcxNjcyMDQ2IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /public/js/app.js HTTP/1.1Host: delivery.attempt.failure.ebbs.co.zaConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://delivery.attempt.failure.ebbs.co.za/public/JvUbxDhm9qZNMbdmVQYAGfBj2dFZwKmJAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImQxdXFmTm1CeDBXZzFmZnZzRzRueGc9PSIsInZhbHVlIjoiUUJkay9YcTZwZ28zRFoyQkh1MGpubnMwVjJOUnZHc1Q1TzZ4OXhwOHc3RTNpbUJGeWw5UldpVE1xdHl1MTFrcENWQ2VkaFR4S1VwU1JzNkJmOTl3NkF0QlZLLzRwZGE1MWxXY1BGdlNLOFlOYmt5Q0tETFVzU3NscEU2NWRWYnMiLCJtYWMiOiI2OTZjNThmYzNmZDY4OGVlMWQ4YjQwNjc4ZDdlMzYxMGRlODU3Mjc2OWQ1YTY1YjMyNmZhZmNkN2UxNGExZjNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlhnRzJGcHdnTzZRWWdzRncyTEloWXc9PSIsInZhbHVlIjoiRG1zd0Z5djMxb2kzY0MrbHJXSU9TSUMvWmJ1YlFrdk84K0V6TGhDY3pUb3oySHg4N0d0YWFvWXBmUjdQSHBvVGR6OU1Jd3YrU2NWY1R1bXplRS8xaGhJd0lWazZMZ0ZOdE9vUHlJRmdnNEdLcHJUdVNWVFJlV3BaQUJFRzlqMTIiLCJtYWMiOiI5ZjlhOTUzYzViNTcyZTMwYWNlYmUwNTNkMzJiNmMzYTI2ZTUxYzI5MjRkMjAzNWYxNDgyNjBhZTcxNjcyMDQ2IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /public/js/session-recorder.js HTTP/1.1Host: delivery.attempt.failure.ebbs.co.zaConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://delivery.attempt.failure.ebbs.co.za/public/JvUbxDhm9qZNMbdmVQYAGfBj2dFZwKmJAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImQxdXFmTm1CeDBXZzFmZnZzRzRueGc9PSIsInZhbHVlIjoiUUJkay9YcTZwZ28zRFoyQkh1MGpubnMwVjJOUnZHc1Q1TzZ4OXhwOHc3RTNpbUJGeWw5UldpVE1xdHl1MTFrcENWQ2VkaFR4S1VwU1JzNkJmOTl3NkF0QlZLLzRwZGE1MWxXY1BGdlNLOFlOYmt5Q0tETFVzU3NscEU2NWRWYnMiLCJtYWMiOiI2OTZjNThmYzNmZDY4OGVlMWQ4YjQwNjc4ZDdlMzYxMGRlODU3Mjc2OWQ1YTY1YjMyNmZhZmNkN2UxNGExZjNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlhnRzJGcHdnTzZRWWdzRncyTEloWXc9PSIsInZhbHVlIjoiRG1zd0Z5djMxb2kzY0MrbHJXSU9TSUMvWmJ1YlFrdk84K0V6TGhDY3pUb3oySHg4N0d0YWFvWXBmUjdQSHBvVGR6OU1Jd3YrU2NWY1R1bXplRS8xaGhJd0lWazZMZ0ZOdE9vUHlJRmdnNEdLcHJUdVNWVFJlV3BaQUJFRzlqMTIiLCJtYWMiOiI5ZjlhOTUzYzViNTcyZTMwYWNlYmUwNTNkMzJiNmMzYTI2ZTUxYzI5MjRkMjAzNWYxNDgyNjBhZTcxNjcyMDQ2IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://delivery.attempt.failure.ebbs.co.zasec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /c/hotjar-2895475.js?sv=6 HTTP/1.1Host: static.hotjar.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://delivery.attempt.failure.ebbs.co.za/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fonts/vendor/@fontsource/roboto/files/roboto-latin-400-normal.woff2?4673b4537a84c7f7a130799aa6af329b HTTP/1.1Host: delivery.attempt.failure.ebbs.co.zaConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://delivery.attempt.failure.ebbs.co.zasec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://delivery.attempt.failure.ebbs.co.za/public/css/app.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImQxdXFmTm1CeDBXZzFmZnZzRzRueGc9PSIsInZhbHVlIjoiUUJkay9YcTZwZ28zRFoyQkh1MGpubnMwVjJOUnZHc1Q1TzZ4OXhwOHc3RTNpbUJGeWw5UldpVE1xdHl1MTFrcENWQ2VkaFR4S1VwU1JzNkJmOTl3NkF0QlZLLzRwZGE1MWxXY1BGdlNLOFlOYmt5Q0tETFVzU3NscEU2NWRWYnMiLCJtYWMiOiI2OTZjNThmYzNmZDY4OGVlMWQ4YjQwNjc4ZDdlMzYxMGRlODU3Mjc2OWQ1YTY1YjMyNmZhZmNkN2UxNGExZjNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlhnRzJGcHdnTzZRWWdzRncyTEloWXc9PSIsInZhbHVlIjoiRG1zd0Z5djMxb2kzY0MrbHJXSU9TSUMvWmJ1YlFrdk84K0V6TGhDY3pUb3oySHg4N0d0YWFvWXBmUjdQSHBvVGR6OU1Jd3YrU2NWY1R1bXplRS8xaGhJd0lWazZMZ0ZOdE9vUHlJRmdnNEdLcHJUdVNWVFJlV3BaQUJFRzlqMTIiLCJtYWMiOiI5ZjlhOTUzYzViNTcyZTMwYWNlYmUwNTNkMzJiNmMzYTI2ZTUxYzI5MjRkMjAzNWYxNDgyNjBhZTcxNjcyMDQ2IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80 HTTP/1.1Host: delivery.attempt.failure.ebbs.co.zaConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://delivery.attempt.failure.ebbs.co.zasec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://delivery.attempt.failure.ebbs.co.za/public/css/app.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImQxdXFmTm1CeDBXZzFmZnZzRzRueGc9PSIsInZhbHVlIjoiUUJkay9YcTZwZ28zRFoyQkh1MGpubnMwVjJOUnZHc1Q1TzZ4OXhwOHc3RTNpbUJGeWw5UldpVE1xdHl1MTFrcENWQ2VkaFR4S1VwU1JzNkJmOTl3NkF0QlZLLzRwZGE1MWxXY1BGdlNLOFlOYmt5Q0tETFVzU3NscEU2NWRWYnMiLCJtYWMiOiI2OTZjNThmYzNmZDY4OGVlMWQ4YjQwNjc4ZDdlMzYxMGRlODU3Mjc2OWQ1YTY1YjMyNmZhZmNkN2UxNGExZjNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlhnRzJGcHdnTzZRWWdzRncyTEloWXc9PSIsInZhbHVlIjoiRG1zd0Z5djMxb2kzY0MrbHJXSU9TSUMvWmJ1YlFrdk84K0V6TGhDY3pUb3oySHg4N0d0YWFvWXBmUjdQSHBvVGR6OU1Jd3YrU2NWY1R1bXplRS8xaGhJd0lWazZMZ0ZOdE9vUHlJRmdnNEdLcHJUdVNWVFJlV3BaQUJFRzlqMTIiLCJtYWMiOiI5ZjlhOTUzYzViNTcyZTMwYWNlYmUwNTNkMzJiNmMzYTI2ZTUxYzI5MjRkMjAzNWYxNDgyNjBhZTcxNjcyMDQ2IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /public/css/fonts/webfa-brands-400.woff2?d878b0a6a1144760244ff0665888404c HTTP/1.1Host: delivery.attempt.failure.ebbs.co.zaConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://delivery.attempt.failure.ebbs.co.zasec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://delivery.attempt.failure.ebbs.co.za/public/css/app.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImQxdXFmTm1CeDBXZzFmZnZzRzRueGc9PSIsInZhbHVlIjoiUUJkay9YcTZwZ28zRFoyQkh1MGpubnMwVjJOUnZHc1Q1TzZ4OXhwOHc3RTNpbUJGeWw5UldpVE1xdHl1MTFrcENWQ2VkaFR4S1VwU1JzNkJmOTl3NkF0QlZLLzRwZGE1MWxXY1BGdlNLOFlOYmt5Q0tETFVzU3NscEU2NWRWYnMiLCJtYWMiOiI2OTZjNThmYzNmZDY4OGVlMWQ4YjQwNjc4ZDdlMzYxMGRlODU3Mjc2OWQ1YTY1YjMyNmZhZmNkN2UxNGExZjNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlhnRzJGcHdnTzZRWWdzRncyTEloWXc9PSIsInZhbHVlIjoiRG1zd0Z5djMxb2kzY0MrbHJXSU9TSUMvWmJ1YlFrdk84K0V6TGhDY3pUb3oySHg4N0d0YWFvWXBmUjdQSHBvVGR6OU1Jd3YrU2NWY1R1bXplRS8xaGhJd0lWazZMZ0ZOdE9vUHlJRmdnNEdLcHJUdVNWVFJlV3BaQUJFRzlqMTIiLCJtYWMiOiI5ZjlhOTUzYzViNTcyZTMwYWNlYmUwNTNkMzJiNmMzYTI2ZTUxYzI5MjRkMjAzNWYxNDgyNjBhZTcxNjcyMDQ2IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /modules.e4b2dc39f985f11fb1e4.js HTTP/1.1Host: script.hotjar.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://delivery.attempt.failure.ebbs.co.za/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /app/bc5ba70500b3342fb1aa?protocol=7&client=js&version=7.0.3&flash=false HTTP/1.1Host: ws-mt1.pusher.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://delivery.attempt.failure.ebbs.co.zaSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: Wkd4dtqgPdzjmhDbhGPzcQ==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff?eeccf4f66002c6f2ba24d3d22f2434c2 HTTP/1.1Host: delivery.attempt.failure.ebbs.co.zaConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://delivery.attempt.failure.ebbs.co.zasec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://delivery.attempt.failure.ebbs.co.za/public/css/app.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImQxdXFmTm1CeDBXZzFmZnZzRzRueGc9PSIsInZhbHVlIjoiUUJkay9YcTZwZ28zRFoyQkh1MGpubnMwVjJOUnZHc1Q1TzZ4OXhwOHc3RTNpbUJGeWw5UldpVE1xdHl1MTFrcENWQ2VkaFR4S1VwU1JzNkJmOTl3NkF0QlZLLzRwZGE1MWxXY1BGdlNLOFlOYmt5Q0tETFVzU3NscEU2NWRWYnMiLCJtYWMiOiI2OTZjNThmYzNmZDY4OGVlMWQ4YjQwNjc4ZDdlMzYxMGRlODU3Mjc2OWQ1YTY1YjMyNmZhZmNkN2UxNGExZjNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlhnRzJGcHdnTzZRWWdzRncyTEloWXc9PSIsInZhbHVlIjoiRG1zd0Z5djMxb2kzY0MrbHJXSU9TSUMvWmJ1YlFrdk84K0V6TGhDY3pUb3oySHg4N0d0YWFvWXBmUjdQSHBvVGR6OU1Jd3YrU2NWY1R1bXplRS8xaGhJd0lWazZMZ0ZOdE9vUHlJRmdnNEdLcHJUdVNWVFJlV3BaQUJFRzlqMTIiLCJtYWMiOiI5ZjlhOTUzYzViNTcyZTMwYWNlYmUwNTNkMzJiNmMzYTI2ZTUxYzI5MjRkMjAzNWYxNDgyNjBhZTcxNjcyMDQ2IiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-d022c51c-95b8-4dd1-a4c8-04817972f99f%22%2C%22webViewID%22:null%2C%22lastActivity%22:1719960311531}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1719960311535}; _lr_uf_-mnnzup=901e6b2b-ae9a-4087-920b-85b5d7bd2b29
Source: global traffic	HTTP traffic detected: GET /sessions/2895475?s=0.25&r=0.14830780915293795 HTTP/1.1Host: vc.hotjar.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://delivery.attempt.failure.ebbs.co.zaSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://delivery.attempt.failure.ebbs.co.za/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fonts/vendor/@fontsource/roboto/files/roboto-all-400-normal.woff?376ea5d93f71583052f65de4e0c6a92c HTTP/1.1Host: delivery.attempt.failure.ebbs.co.zaConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://delivery.attempt.failure.ebbs.co.zasec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://delivery.attempt.failure.ebbs.co.za/public/css/app.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImQxdXFmTm1CeDBXZzFmZnZzRzRueGc9PSIsInZhbHVlIjoiUUJkay9YcTZwZ28zRFoyQkh1MGpubnMwVjJOUnZHc1Q1TzZ4OXhwOHc3RTNpbUJGeWw5UldpVE1xdHl1MTFrcENWQ2VkaFR4S1VwU1JzNkJmOTl3NkF0QlZLLzRwZGE1MWxXY1BGdlNLOFlOYmt5Q0tETFVzU3NscEU2NWRWYnMiLCJtYWMiOiI2OTZjNThmYzNmZDY4OGVlMWQ4YjQwNjc4ZDdlMzYxMGRlODU3Mjc2OWQ1YTY1YjMyNmZhZmNkN2UxNGExZjNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlhnRzJGcHdnTzZRWWdzRncyTEloWXc9PSIsInZhbHVlIjoiRG1zd0Z5djMxb2kzY0MrbHJXSU9TSUMvWmJ1YlFrdk84K0V6TGhDY3pUb3oySHg4N0d0YWFvWXBmUjdQSHBvVGR6OU1Jd3YrU2NWY1R1bXplRS8xaGhJd0lWazZMZ0ZOdE9vUHlJRmdnNEdLcHJUdVNWVFJlV3BaQUJFRzlqMTIiLCJtYWMiOiI5ZjlhOTUzYzViNTcyZTMwYWNlYmUwNTNkMzJiNmMzYTI2ZTUxYzI5MjRkMjAzNWYxNDgyNjBhZTcxNjcyMDQ2IiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-d022c51c-95b8-4dd1-a4c8-04817972f99f%22%2C%22webViewID%22:null%2C%22lastActivity%22:1719960311531}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1719960311535}; _lr_uf_-mnnzup=901e6b2b-ae9a-4087-920b-85b5d7bd2b29
Source: global traffic	HTTP traffic detected: GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.woff?2285773e6b4b172f07d9b777c81b0775 HTTP/1.1Host: delivery.attempt.failure.ebbs.co.zaConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://delivery.attempt.failure.ebbs.co.zasec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://delivery.attempt.failure.ebbs.co.za/public/css/app.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImQxdXFmTm1CeDBXZzFmZnZzRzRueGc9PSIsInZhbHVlIjoiUUJkay9YcTZwZ28zRFoyQkh1MGpubnMwVjJOUnZHc1Q1TzZ4OXhwOHc3RTNpbUJGeWw5UldpVE1xdHl1MTFrcENWQ2VkaFR4S1VwU1JzNkJmOTl3NkF0QlZLLzRwZGE1MWxXY1BGdlNLOFlOYmt5Q0tETFVzU3NscEU2NWRWYnMiLCJtYWMiOiI2OTZjNThmYzNmZDY4OGVlMWQ4YjQwNjc4ZDdlMzYxMGRlODU3Mjc2OWQ1YTY1YjMyNmZhZmNkN2UxNGExZjNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlhnRzJGcHdnTzZRWWdzRncyTEloWXc9PSIsInZhbHVlIjoiRG1zd0Z5djMxb2kzY0MrbHJXSU9TSUMvWmJ1YlFrdk84K0V6TGhDY3pUb3oySHg4N0d0YWFvWXBmUjdQSHBvVGR6OU1Jd3YrU2NWY1R1bXplRS8xaGhJd0lWazZMZ0ZOdE9vUHlJRmdnNEdLcHJUdVNWVFJlV3BaQUJFRzlqMTIiLCJtYWMiOiI5ZjlhOTUzYzViNTcyZTMwYWNlYmUwNTNkMzJiNmMzYTI2ZTUxYzI5MjRkMjAzNWYxNDgyNjBhZTcxNjcyMDQ2IiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-d022c51c-95b8-4dd1-a4c8-04817972f99f%22%2C%22webViewID%22:null%2C%22lastActivity%22:1719960311531}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1719960311535}; _lr_uf_-mnnzup=901e6b2b-ae9a-4087-920b-85b5d7bd2b29
Source: global traffic	HTTP traffic detected: GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.ttf?be9ee23c0c6390141475d519c2c5fb8f HTTP/1.1Host: delivery.attempt.failure.ebbs.co.zaConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://delivery.attempt.failure.ebbs.co.zasec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://delivery.attempt.failure.ebbs.co.za/public/css/app.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImQxdXFmTm1CeDBXZzFmZnZzRzRueGc9PSIsInZhbHVlIjoiUUJkay9YcTZwZ28zRFoyQkh1MGpubnMwVjJOUnZHc1Q1TzZ4OXhwOHc3RTNpbUJGeWw5UldpVE1xdHl1MTFrcENWQ2VkaFR4S1VwU1JzNkJmOTl3NkF0QlZLLzRwZGE1MWxXY1BGdlNLOFlOYmt5Q0tETFVzU3NscEU2NWRWYnMiLCJtYWMiOiI2OTZjNThmYzNmZDY4OGVlMWQ4YjQwNjc4ZDdlMzYxMGRlODU3Mjc2OWQ1YTY1YjMyNmZhZmNkN2UxNGExZjNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlhnRzJGcHdnTzZRWWdzRncyTEloWXc9PSIsInZhbHVlIjoiRG1zd0Z5djMxb2kzY0MrbHJXSU9TSUMvWmJ1YlFrdk84K0V6TGhDY3pUb3oySHg4N0d0YWFvWXBmUjdQSHBvVGR6OU1Jd3YrU2NWY1R1bXplRS8xaGhJd0lWazZMZ0ZOdE9vUHlJRmdnNEdLcHJUdVNWVFJlV3BaQUJFRzlqMTIiLCJtYWMiOiI5ZjlhOTUzYzViNTcyZTMwYWNlYmUwNTNkMzJiNmMzYTI2ZTUxYzI5MjRkMjAzNWYxNDgyNjBhZTcxNjcyMDQ2IiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-d022c51c-95b8-4dd1-a4c8-04817972f99f%22%2C%22webViewID%22:null%2C%22lastActivity%22:1719960311531}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1719960311535}; _lr_uf_-mnnzup=901e6b2b-ae9a-4087-920b-85b5d7bd2b29; _hjSessionUser_2895475=eyJpZCI6IjBmZDE5YmZiLWQzZWItNTM0OC1hNWUwLTE2ZjI0M2Q0ODg2MCIsImNyZWF0ZWQiOjE3MTk5NjAzMTM2OTIsImV4aXN0aW5nIjp0cnVlfQ==; _hjSession_2895475=eyJpZCI6IjFhNzgwYzNhLWUyMTktNGU3MC1iYWJhLWI0YzkwOTk3ZTdlNSIsImMiOjE3MTk5NjAzMTM2OTMsInMiOjEsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
Source: global traffic	HTTP traffic detected: GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.ttf?527940b104eb2ea366c8630f3f038603 HTTP/1.1Host: delivery.attempt.failure.ebbs.co.zaConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://delivery.attempt.failure.ebbs.co.zasec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://delivery.attempt.failure.ebbs.co.za/public/css/app.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImQxdXFmTm1CeDBXZzFmZnZzRzRueGc9PSIsInZhbHVlIjoiUUJkay9YcTZwZ28zRFoyQkh1MGpubnMwVjJOUnZHc1Q1TzZ4OXhwOHc3RTNpbUJGeWw5UldpVE1xdHl1MTFrcENWQ2VkaFR4S1VwU1JzNkJmOTl3NkF0QlZLLzRwZGE1MWxXY1BGdlNLOFlOYmt5Q0tETFVzU3NscEU2NWRWYnMiLCJtYWMiOiI2OTZjNThmYzNmZDY4OGVlMWQ4YjQwNjc4ZDdlMzYxMGRlODU3Mjc2OWQ1YTY1YjMyNmZhZmNkN2UxNGExZjNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlhnRzJGcHdnTzZRWWdzRncyTEloWXc9PSIsInZhbHVlIjoiRG1zd0Z5djMxb2kzY0MrbHJXSU9TSUMvWmJ1YlFrdk84K0V6TGhDY3pUb3oySHg4N0d0YWFvWXBmUjdQSHBvVGR6OU1Jd3YrU2NWY1R1bXplRS8xaGhJd0lWazZMZ0ZOdE9vUHlJRmdnNEdLcHJUdVNWVFJlV3BaQUJFRzlqMTIiLCJtYWMiOiI5ZjlhOTUzYzViNTcyZTMwYWNlYmUwNTNkMzJiNmMzYTI2ZTUxYzI5MjRkMjAzNWYxNDgyNjBhZTcxNjcyMDQ2IiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-d022c51c-95b8-4dd1-a4c8-04817972f99f%22%2C%22webViewID%22:null%2C%22lastActivity%22:1719960311531}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1719960311535}; _lr_uf_-mnnzup=901e6b2b-ae9a-4087-920b-85b5d7bd2b29; _hjSessionUser_2895475=eyJpZCI6IjBmZDE5YmZiLWQzZWItNTM0OC1hNWUwLTE2ZjI0M2Q0ODg2MCIsImNyZWF0ZWQiOjE3MTk5NjAzMTM2OTIsImV4aXN0aW5nIjp0cnVlfQ==; _hjSession_2895475=eyJpZCI6IjFhNzgwYzNhLWUyMTktNGU3MC1iYWJhLWI0YzkwOTk3ZTdlNSIsImMiOjE3MTk5NjAzMTM2OTMsInMiOjEsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: delivery.attempt.failure.ebbs.co.zaConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://delivery.attempt.failure.ebbs.co.za/public/JvUbxDhm9qZNMbdmVQYAGfBj2dFZwKmJAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImQxdXFmTm1CeDBXZzFmZnZzRzRueGc9PSIsInZhbHVlIjoiUUJkay9YcTZwZ28zRFoyQkh1MGpubnMwVjJOUnZHc1Q1TzZ4OXhwOHc3RTNpbUJGeWw5UldpVE1xdHl1MTFrcENWQ2VkaFR4S1VwU1JzNkJmOTl3NkF0QlZLLzRwZGE1MWxXY1BGdlNLOFlOYmt5Q0tETFVzU3NscEU2NWRWYnMiLCJtYWMiOiI2OTZjNThmYzNmZDY4OGVlMWQ4YjQwNjc4ZDdlMzYxMGRlODU3Mjc2OWQ1YTY1YjMyNmZhZmNkN2UxNGExZjNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlhnRzJGcHdnTzZRWWdzRncyTEloWXc9PSIsInZhbHVlIjoiRG1zd0Z5djMxb2kzY0MrbHJXSU9TSUMvWmJ1YlFrdk84K0V6TGhDY3pUb3oySHg4N0d0YWFvWXBmUjdQSHBvVGR6OU1Jd3YrU2NWY1R1bXplRS8xaGhJd0lWazZMZ0ZOdE9vUHlJRmdnNEdLcHJUdVNWVFJlV3BaQUJFRzlqMTIiLCJtYWMiOiI5ZjlhOTUzYzViNTcyZTMwYWNlYmUwNTNkMzJiNmMzYTI2ZTUxYzI5MjRkMjAzNWYxNDgyNjBhZTcxNjcyMDQ2IiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-d022c51c-95b8-4dd1-a4c8-04817972f99f%22%2C%22webViewID%22:null%2C%22lastActivity%22:1719960311531}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1719960311535}; _lr_uf_-mnnzup=901e6b2b-ae9a-4087-920b-85b5d7bd2b29; _hjSessionUser_2895475=eyJpZCI6IjBmZDE5YmZiLWQzZWItNTM0OC1hNWUwLTE2ZjI0M2Q0ODg2MCIsImNyZWF0ZWQiOjE3MTk5NjAzMTM2OTIsImV4aXN0aW5nIjp0cnVlfQ==; _hjSession_2895475=eyJpZCI6IjFhNzgwYzNhLWUyMTktNGU3MC1iYWJhLWI0YzkwOTk3ZTdlNSIsImMiOjE3MTk5NjAzMTM2OTMsInMiOjEsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: delivery.attempt.failure.ebbs.co.zaConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImQxdXFmTm1CeDBXZzFmZnZzRzRueGc9PSIsInZhbHVlIjoiUUJkay9YcTZwZ28zRFoyQkh1MGpubnMwVjJOUnZHc1Q1TzZ4OXhwOHc3RTNpbUJGeWw5UldpVE1xdHl1MTFrcENWQ2VkaFR4S1VwU1JzNkJmOTl3NkF0QlZLLzRwZGE1MWxXY1BGdlNLOFlOYmt5Q0tETFVzU3NscEU2NWRWYnMiLCJtYWMiOiI2OTZjNThmYzNmZDY4OGVlMWQ4YjQwNjc4ZDdlMzYxMGRlODU3Mjc2OWQ1YTY1YjMyNmZhZmNkN2UxNGExZjNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlhnRzJGcHdnTzZRWWdzRncyTEloWXc9PSIsInZhbHVlIjoiRG1zd0Z5djMxb2kzY0MrbHJXSU9TSUMvWmJ1YlFrdk84K0V6TGhDY3pUb3oySHg4N0d0YWFvWXBmUjdQSHBvVGR6OU1Jd3YrU2NWY1R1bXplRS8xaGhJd0lWazZMZ0ZOdE9vUHlJRmdnNEdLcHJUdVNWVFJlV3BaQUJFRzlqMTIiLCJtYWMiOiI5ZjlhOTUzYzViNTcyZTMwYWNlYmUwNTNkMzJiNmMzYTI2ZTUxYzI5MjRkMjAzNWYxNDgyNjBhZTcxNjcyMDQ2IiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-d022c51c-95b8-4dd1-a4c8-04817972f99f%22%2C%22webViewID%22:null%2C%22lastActivity%22:1719960311531}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1719960311535}; _lr_uf_-mnnzup=901e6b2b-ae9a-4087-920b-85b5d7bd2b29; _hjSessionUser_2895475=eyJpZCI6IjBmZDE5YmZiLWQzZWItNTM0OC1hNWUwLTE2ZjI0M2Q0ODg2MCIsImNyZWF0ZWQiOjE3MTk5NjAzMTM2OTIsImV4aXN0aW5nIjp0cnVlfQ==; _hjSession_2895475=eyJpZCI6IjFhNzgwYzNhLWUyMTktNGU3MC1iYWJhLWI0YzkwOTk3ZTdlNSIsImMiOjE3MTk5NjAzMTM2OTMsInMiOjEsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=

Source: global traffic	DNS traffic detected: DNS query: delivery.attempt.failure.ebbs.co.za
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: files.killbot.org
Source: global traffic	DNS traffic detected: DNS query: kit.fontawesome.com
Source: global traffic	DNS traffic detected: DNS query: cdnjs.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: ka-f.fontawesome.com
Source: global traffic	DNS traffic detected: DNS query: cdn.lr-in.com
Source: global traffic	DNS traffic detected: DNS query: static.hotjar.com
Source: global traffic	DNS traffic detected: DNS query: a.nel.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: ws-mt1.pusher.com
Source: global traffic	DNS traffic detected: DNS query: script.hotjar.com
Source: global traffic	DNS traffic detected: DNS query: sockjs-mt1.pusher.com
Source: global traffic	DNS traffic detected: DNS query: vc.hotjar.io
Source: global traffic	DNS traffic detected: DNS query: r.lr-in.com

Source: unknown

HTTP traffic detected: POST /report/v4?s=n6UGn5ZkMFVkM7HffeoOtw%2F8L4E02dPg0dpuzSeGp7Gfhn%2Fafw0%2BTkGFkHa7QtfjyQBu56xc3fPEojuAW2W7MvQmy3B0QytAOSKTVCjoBoLA2mRT5dFHotzWDrn0nQBhAShsuucnKA%3D%3D HTTP/1.1Host: a.nel.cloudflare.comConnection: keep-aliveContent-Length: 480Content-Type: application/reports+jsonUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Tue, 02 Jul 2024 22:45:10 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeX-Powered-By: PHP/8.0.30Cache-Control: no-cache, private
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Tue, 02 Jul 2024 22:45:10 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeX-Powered-By: PHP/8.0.30Cache-Control: no-cache, private
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Tue, 02 Jul 2024 22:45:10 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeX-Powered-By: PHP/8.0.30Cache-Control: no-cache, private
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Tue, 02 Jul 2024 22:45:13 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeX-Powered-By: PHP/8.0.30Cache-Control: no-cache, private
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Tue, 02 Jul 2024 22:45:13 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeX-Powered-By: PHP/8.0.30Cache-Control: no-cache, private
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Tue, 02 Jul 2024 22:45:13 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeX-Powered-By: PHP/8.0.30Cache-Control: no-cache, private
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Tue, 02 Jul 2024 22:45:15 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeX-Powered-By: PHP/8.0.30Cache-Control: no-cache, private
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Tue, 02 Jul 2024 22:45:17 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeX-Powered-By: PHP/8.0.30Cache-Control: no-cache, private
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Tue, 02 Jul 2024 22:45:18 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeX-Powered-By: PHP/8.0.30Cache-Control: no-cache, private
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Tue, 02 Jul 2024 22:45:18 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeX-Powered-By: PHP/8.0.30Cache-Control: no-cache, private
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Tue, 02 Jul 2024 22:45:20 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeX-Powered-By: PHP/8.0.30Cache-Control: no-cache, private

Source: chromecache_82.1.dr	String found in binary or memory: http://fontawesome.io
Source: chromecache_82.1.dr	String found in binary or memory: http://fontawesome.io/license
Source: chromecache_84.1.dr	String found in binary or memory: http://js.pusher.com
Source: chromecache_81.1.dr	String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Source: chromecache_81.1.dr	String found in binary or memory: https://delivery.attempt.failure.ebbs.co.za/public/css/app.css
Source: chromecache_81.1.dr	String found in binary or memory: https://delivery.attempt.failure.ebbs.co.za/public/js/app.js
Source: chromecache_81.1.dr	String found in binary or memory: https://delivery.attempt.failure.ebbs.co.za/public/js/session-recorder.js
Source: chromecache_75.1.dr, chromecache_81.1.dr	String found in binary or memory: https://files.killbot.org/.cdn-cgi/killbot-security.js
Source: chromecache_92.1.dr, chromecache_86.1.dr, chromecache_79.1.dr, chromecache_77.1.dr, chromecache_90.1.dr, chromecache_88.1.dr, chromecache_98.1.dr, chromecache_96.1.dr	String found in binary or memory: https://fontawesome.com
Source: chromecache_92.1.dr, chromecache_86.1.dr, chromecache_79.1.dr, chromecache_77.1.dr, chromecache_90.1.dr, chromecache_88.1.dr, chromecache_98.1.dr, chromecache_96.1.dr	String found in binary or memory: https://fontawesome.com/license/free
Source: chromecache_89.1.dr, chromecache_83.1.dr	String found in binary or memory: https://fonts.googleapis.com/css2?family=Nunito&display=swap
Source: chromecache_89.1.dr, chromecache_83.1.dr	String found in binary or memory: https://fonts.gstatic.com
Source: chromecache_77.1.dr	String found in binary or memory: https://getbootstrap.com/)
Source: chromecache_84.1.dr	String found in binary or memory: https://github.com/es-shims/es5-shim
Source: chromecache_95.1.dr	String found in binary or memory: https://github.com/js-cookie/js-cookie
Source: chromecache_84.1.dr	String found in binary or memory: https://github.com/pusher/pusher-js/tree/cc491015371a4bde5743d1c87a0fbac0feb53195#encrypted-channel-
Source: chromecache_77.1.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/main/LICENSE)
Source: chromecache_84.1.dr	String found in binary or memory: https://js.pusher.com
Source: chromecache_97.1.dr	String found in binary or memory: https://ka-f.fontawesome.com
Source: chromecache_97.1.dr	String found in binary or memory: https://kit.fontawesome.com
Source: chromecache_81.1.dr	String found in binary or memory: https://kit.fontawesome.com/f7165dd215.js
Source: chromecache_84.1.dr	String found in binary or memory: https://popper.js.org)
Source: chromecache_84.1.dr	String found in binary or memory: https://pusher.com
Source: chromecache_81.1.dr	String found in binary or memory: https://static.hotjar.com/c/hotjar-
Source: chromecache_81.1.dr	String found in binary or memory: https://testibb.co
Source: chromecache_75.1.dr, chromecache_81.1.dr	String found in binary or memory: https://yandex.com

Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49715 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49716 version: TLS 1.2

Source: classification engine

Classification label: mal64.win@16/51@37/14

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2076 --field-trial-handle=1956,i,3591811600789709649,7482124418222594721,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://delivery.attempt.failure.ebbs.co.za/public/MY096OineFzTCVJ56qDw3aMDByE0CDQ1"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2076 --field-trial-handle=1956,i,3591811600789709649,7482124418222594721,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Automated click: Confirm
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Automated click: Confirm

Source: Window Recorder

Window detected: More than 3 window changes detected

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
142.250.186.68	www.google.com	United States	15169	GOOGLEUS	false
104.17.24.14	cdnjs.cloudflare.com	United States	13335	CLOUDFLARENETUS	false
18.239.94.35	static-cdn.hotjar.com	United States	16509	AMAZON-02US	false
104.21.234.144	cdn.lr-in.com	United States	13335	CLOUDFLARENETUS	false
143.204.9.96	vc-live-cf.hotjar.io	United States	16509	AMAZON-02US	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
104.198.23.205	prod-default.lb.logrocket.network	United States	15169	GOOGLEUS	false
41.185.8.221	delivery.attempt.failure.ebbs.co.za	South Africa	36943	GridhostZA	true
13.227.219.28	script.hotjar.com	United States	16509	AMAZON-02US	false
35.190.80.1	a.nel.cloudflare.com	United States	15169	GOOGLEUS	false
34.201.239.212	ingress-sticky-haproxy-mt1-912d8b7308f82d6c.elb.us-east-1.amazonaws.com	United States	14618	AMAZON-AESUS	false
44.205.42.17	socket-mt1-ingress-1987402783.us-east-1.elb.amazonaws.com	United States	14618	AMAZON-AESUS	false

Private

IP
192.168.2.4
192.168.2.5

Contacted Domains

Name	IP	Active
a.nel.cloudflare.com	35.190.80.1	true
vc-live-cf.hotjar.io	143.204.9.96	true
prod-default.lb.logrocket.network	104.198.23.205	true
socket-mt1-ingress-1987402783.us-east-1.elb.amazonaws.com	44.205.42.17	true
cdn.lr-in.com	104.21.234.144	true
delivery.attempt.failure.ebbs.co.za	41.185.8.221	true
fp2e7a.wpc.phicdn.net	192.229.221.95	true
bg.microsoft.map.fastly.net	199.232.214.172	true
script.hotjar.com	13.227.219.28	true
cdnjs.cloudflare.com	104.17.24.14	true
www.google.com	142.250.186.68	true
ingress-sticky-haproxy-mt1-912d8b7308f82d6c.elb.us-east-1.amazonaws.com	34.201.239.212	true
static-cdn.hotjar.com	18.239.94.35	true
ka-f.fontawesome.com	unknown	unknown
kit.fontawesome.com	unknown	unknown
ws-mt1.pusher.com	unknown	unknown
vc.hotjar.io	unknown	unknown
static.hotjar.com	unknown	unknown
r.lr-in.com	unknown	unknown
sockjs-mt1.pusher.com	unknown	unknown
files.killbot.org	unknown	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://delivery.attempt.failure.ebbs.co.za/public/js/session-recorder.js	true	Avira URL Cloud: phishing	unknown
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0	false	Avira URL Cloud: safe	unknown
https://r.lr-in.com/i?a=mnnzup%2Fdus&r=5-d022c51c-95b8-4dd1-a4c8-04817972f99f&t=abfe46e2-bd74-45d7-9562-5e85b0e9b6b1&s=0&rs=0%2Cu&u=dfcfb221-b10e-4bbc-883b-38ffbd100214&is=1	false	Avira URL Cloud: safe	unknown
https://delivery.attempt.failure.ebbs.co.za/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff?eeccf4f66002c6f2ba24d3d22f2434c2	true	Avira URL Cloud: phishing	unknown
https://delivery.attempt.failure.ebbs.co.za/fonts/vendor/@fontsource/roboto/files/roboto-all-400-normal.woff?376ea5d93f71583052f65de4e0c6a92c	true	Avira URL Cloud: malware	unknown
https://cdn.lr-in.com/logger-1.min.js	false	Avira URL Cloud: safe	unknown
https://delivery.attempt.failure.ebbs.co.za/public/js/app.js	true	Avira URL Cloud: phishing	unknown
https://vc.hotjar.io/sessions/2895475?s=0.25&r=0.14830780915293795	false	Avira URL Cloud: safe	unknown
about:blank	false	Avira URL Cloud: safe	unknown
https://script.hotjar.com/modules.e4b2dc39f985f11fb1e4.js	false	Avira URL Cloud: safe	unknown
https://delivery.attempt.failure.ebbs.co.za/fonts/vendor/@fontsource/roboto/files/roboto-latin-400-normal.woff2?4673b4537a84c7f7a130799aa6af329b	true	Avira URL Cloud: malware	unknown
https://delivery.attempt.failure.ebbs.co.za/favicon.ico	true	Avira URL Cloud: malware	unknown
https://delivery.attempt.failure.ebbs.co.za/images/foo.png	true	Avira URL Cloud: malware	unknown
https://delivery.attempt.failure.ebbs.co.za/public	true	Avira URL Cloud: phishing	unknown
https://delivery.attempt.failure.ebbs.co.za/public/MY096OineFzTCVJ56qDw3aMDByE0CDQ1	true		unknown
https://ws-mt1.pusher.com/app/bc5ba70500b3342fb1aa?protocol=7&client=js&version=7.0.3&flash=false	false	Avira URL Cloud: safe	unknown
https://delivery.attempt.failure.ebbs.co.za/fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.ttf?527940b104eb2ea366c8630f3f038603	true	Avira URL Cloud: malware	unknown
https://delivery.attempt.failure.ebbs.co.za/images/all.png	true	Avira URL Cloud: malware	unknown
https://delivery.attempt.failure.ebbs.co.za/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.ttf?be9ee23c0c6390141475d519c2c5fb8f	true	Avira URL Cloud: malware	unknown
https://sockjs-mt1.pusher.com/pusher/app/bc5ba70500b3342fb1aa/755/3vi74av1/xhr_streaming?protocol=7&client=js&version=7.0.3&t=1719960313617&n=1	false	Avira URL Cloud: safe	unknown
https://delivery.attempt.failure.ebbs.co.za/images/logo.png	true	Avira URL Cloud: phishing	unknown
https://delivery.attempt.failure.ebbs.co.za/public/	true	Avira URL Cloud: malware	unknown
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css	false	Avira URL Cloud: safe	unknown
https://delivery.attempt.failure.ebbs.co.za/public/css/app.css	true	Avira URL Cloud: phishing	unknown
https://static.hotjar.com/c/hotjar-2895475.js?sv=6	false	Avira URL Cloud: safe	unknown
https://a.nel.cloudflare.com/report/v4?s=n6UGn5ZkMFVkM7HffeoOtw%2F8L4E02dPg0dpuzSeGp7Gfhn%2Fafw0%2BTkGFkHa7QtfjyQBu56xc3fPEojuAW2W7MvQmy3B0QytAOSKTVCjoBoLA2mRT5dFHotzWDrn0nQBhAShsuucnKA%3D%3D	false	Avira URL Cloud: safe	unknown
https://delivery.attempt.failure.ebbs.co.za/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80	true	Avira URL Cloud: malware	unknown
https://delivery.attempt.failure.ebbs.co.za/fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.woff?2285773e6b4b172f07d9b777c81b0775	true	Avira URL Cloud: malware	unknown
https://delivery.attempt.failure.ebbs.co.za/JvUbxDhm9qZNMbdmVQYAGfBj2dFZwKmJ/	true	Avira URL Cloud: phishing	unknown
https://delivery.attempt.failure.ebbs.co.za/public/css/fonts/webfa-brands-400.woff2?d878b0a6a1144760244ff0665888404c	true	Avira URL Cloud: phishing	unknown
https://delivery.attempt.failure.ebbs.co.za/public/JvUbxDhm9qZNMbdmVQYAGfBj2dFZwKmJ	false		unknown

Name	Type	MD5	SHA1	SHA256
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Jul 2 21:44:21 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	8343296FA1E62EBAD50F6D7A99F44499	F2EE7EA4CFC124058BC46577A9ACFECDD4AF49CE	74BD887AFC5E0FE93A8EBA976BB136B14AC308534B21CA1B38B172FFB8ED3735
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Jul 2 21:44:21 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	E02F8C5205B97A1B3CDF774398BE5940	DE052FC39A690372FABAF06F18720AC6E1FA28BC	1373CDCABF440F9F2628D0EEB29C5BC81DFC5D06072F72FE1C26FA4207A7D975
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	318FF95E50E9D43A533FF508634594CC	47E9EB78B854D2ACD3BD367158279BBE3CB7634D	CBAD6872B89A2246C7FF54B88358AC7C4879D672ABE696AB2C62F8BC10202B33
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Jul 2 21:44:21 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	7AB4C2060B2FD9959FDEB2AB13D2C370	B6B082AE59EAF2C2FC196A00BC9FEACA8E31909A	F7B59B894952A7E62453DD794C441C7CCB4DD70A14104E1D681858F756F1BBB3
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Jul 2 21:44:21 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	5F73EEB31BBC422DEC026908ADA674E6	163CC7387C0190A1C4FC4FF1534D762F6250972E	6952B0FAE1F62064E0E9C172AFB5CF5D6A9CF3BE22F93C0F9D2B539E3EA78941
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Jul 2 21:44:21 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	A9E754709841BEE6538540CF1A550728	4502A0E1B1EAEB302FD07CB19AD2482DA3F4CEE7	613CECCF2AF73D951097509196B4D43C1709F02A8F63D05EA29A636DFB941678
Chrome Cache Entry: 75	HTML document, ASCII text	3B00BA3C4378E980B33A8FAFEB9F1891	CA14FD0D1A906F4CFC421D30DF4A7C6330FF2B19	C31A2C04F55298FCE2EE966D82C3FF398F70B5940CE332315C338646D389EACB
Chrome Cache Entry: 76	Web Open Font Format (Version 2), TrueType, length 156388, version 773.1280	AE015E3286EF56A0DAF8E83838A32A88	7C18577FD6C4E7D9036B244215ACE3945372EEFE	41DCA0965BDFD255F85E7FC8E9A3DC1FE3EB810996C553D4EF2B8872737EE825
Chrome Cache Entry: 77	ASCII text	181990CC2279E4CEA65C9363FB37FEE9	B85A7BA40043B0C48A034D8382629EF7EC6A1E24	36839348D4CD3D5FFCB15317BC5E8F32B77C644D0C6C0F8F19BDF216CAF49293
Chrome Cache Entry: 78	Web Open Font Format (Version 2), TrueType, length 117856, version 773.1280	5674AF1AC41FE62C1B4568CBB6A031FF	83AC1707F24F448C43D0656F224A827014154C4F	0DE3EDEABE89B14F48E7856D2CB631722C600FF66839FAE178D0567902D62A91
Chrome Cache Entry: 79	ASCII text, with very long lines (27377)	940B066040A876FA1DC7B2EE2D222A58	64B2AEA0B4D60D879D4FF7540192A906FFC0FD92	F4E953827930889E844103C3A6771BD2E9DE17D091B36378C40362271858E075
Chrome Cache Entry: 80	ASCII text, with very long lines (44992)	701984B4995F3C29820E83C999B7EB23	A3B50104A3BFA05BF59A317273816C7D8AE1F81D	67AD94E12A745B1B09C6CD616E20A2AD283ED68F8060BD1DD0D9A2B6AD9DC7EE
Chrome Cache Entry: 81	HTML document, Unicode text, UTF-8 text, with very long lines (39884)	4242AF7CAE234697D655AB17057C4CFD	2658CAA787B83ACDA4F0E71BFFEAA188BCC354DE	97331D3649237949E1FE94DE7451F9BF8B4CFD103AC6EC671E54B773DF517E88
Chrome Cache Entry: 82	ASCII text, with very long lines (30837)	269550530CC127B6AA5A35925A7DE6CE	512C7D79033E3028A9BE61B540CF1A6870C896F8	799AEB25CC0373FDEE0E1B1DB7AD6C2F6A0E058DFADAA3379689F583213190BD
Chrome Cache Entry: 83	HTML document, ASCII text, with very long lines (5395)	307DCA9C775906B8DE45869CABE98FCD	2B80C3A2FD4A235B2CC9F89315A554D0721C0DD1	8437BD0EF46A19C9A7C294C53E0429B40E76EBBD5FE9FD73A9025752495DDB1C
Chrome Cache Entry: 84	Unicode text, UTF-8 text	FD900F643203761F2EECA2132FC15F1D	375F23CA9AD75B647373BDA03B02E2D0F6E729BE	399E233CEA4E5468820E5C5F98DDBB156DE729983710CF576A6508F076326C68
Chrome Cache Entry: 85	Web Open Font Format (Version 2), TrueType, length 77160, version 4.459	AF7AE505A9EED503F8B8E6982036873E	D6F48CBA7D076FB6F2FD6BA993A75B9DC1ECBF0C	2ADEFCBC041E7D18FCF2D417879DC5A09997AA64D675B7A3C4B6CE33DA13F3FE
Chrome Cache Entry: 86	ASCII text, with very long lines (27377)	940B066040A876FA1DC7B2EE2D222A58	64B2AEA0B4D60D879D4FF7540192A906FFC0FD92	F4E953827930889E844103C3A6771BD2E9DE17D091B36378C40362271858E075
Chrome Cache Entry: 87	ASCII text, with very long lines (65450)	3496BE12E0886489CBA0E4D3DAEE6686	B7E512EF0D1178A80A96E89948C6755895B153CE	619FEAC205D68F6356FCAD13D6758533011A8ACC7830E3DEB0F763249D7516C0
Chrome Cache Entry: 88	ASCII text, with very long lines (1560)	9C9F596493867F0E7EF5F9FE99103FCE	12746A89A4F6E62240231CA23C8087E6430188AC	9699B18200A9D40ED7859411C33CFA2194174A4746D466123107F888D93DC878
Chrome Cache Entry: 89	HTML document, ASCII text, with very long lines (5395)	307DCA9C775906B8DE45869CABE98FCD	2B80C3A2FD4A235B2CC9F89315A554D0721C0DD1	8437BD0EF46A19C9A7C294C53E0429B40E76EBBD5FE9FD73A9025752495DDB1C
Chrome Cache Entry: 90	ASCII text, with very long lines (608)	A3D53E21A02E37AF6CBC00AC63B3CC1E	E4F2269BAE4B37CCBA5282A154724A3B91720ACA	E1DC27B700A62C005E4521B670CAC08FB0B4B3E02A73C1AC44E7F9A9784BD672
Chrome Cache Entry: 91	ASCII text, with no line terminators	46DF3E5E2D15256CA16616EBFDA5427F	BE8F9B307E458075DA0D43585A05F1D451469182	AF3248D0B278571EFF9A22F8ED1CEB54B70D202B44FD70ECA4CA13A5771CECC3
Chrome Cache Entry: 92	ASCII text, with very long lines (1560)	9C9F596493867F0E7EF5F9FE99103FCE	12746A89A4F6E62240231CA23C8087E6430188AC	9699B18200A9D40ED7859411C33CFA2194174A4746D466123107F888D93DC878
Chrome Cache Entry: 93	ASCII text, with no line terminators	BDF1FEE1577DFA825CBFD8992B5FBFA5	B577391480F9053E86BCAEAA01332575F807113E	2A33E401EAC9AB1C076FBFB2BC1FC18F3018DF9875567F70CA57C1AB10B72E37
Chrome Cache Entry: 94	ASCII text, with very long lines (7840)	8FBE0BDA6E7981B83FC4B43D32DA9445	1A62A6432EC131B96B70A1CCE57A323CA66214AC	E864495AE7A29D30D7002EC51057D674D75EF73E6885AAFB36E613DE547B217F
Chrome Cache Entry: 95	ASCII text, with very long lines (65536), with no line terminators	508D45819C068510706DD9DF94EAB989	1FCB33C903FB9F193DD5F7DBFE434A6AEC234AD1	4CEE38DD7698ADAD620D86DCBF7516EF9DDDEF6149458AAD4ADA316F3FE785F3
Chrome Cache Entry: 96	ASCII text, with very long lines (65321)	7F29CD8C97789AA298AF8C61623CA28B	AF8109E0E5C8BB2C1C3AB44BA7B5D25900CA454A	3E9C73FA687CD4110688668977A7CAA87F5A1DEE0D11F03687BD4871DEEDF1C1
Chrome Cache Entry: 97	ASCII text, with very long lines (11461)	ADB0E6067A6CA73E99C1245C2EDFC480	11CDC9EE8858343F213AC041A64DF0636A10B985	9A653BB277CAB3AF282B44B2C6279AAAF368BB2C09977EAC06F93572D70035C3
Chrome Cache Entry: 98	ASCII text, with very long lines (608)	A3D53E21A02E37AF6CBC00AC63B3CC1E	E4F2269BAE4B37CCBA5282A154724A3B91720ACA	E1DC27B700A62C005E4521B670CAC08FB0B4B3E02A73C1AC44E7F9A9784BD672

AV Detection

Antivirus / Scanner detection for submitted sample

Source: https://delivery.attempt.failure.ebbs.co.za/public/MY096OineFzTCVJ56qDw3aMDByE0CDQ1	Avira URL Cloud: detection malicious, Label: phishing
Source: https://delivery.attempt.failure.ebbs.co.za/public/MY096OineFzTCVJ56qDw3aMDByE0CDQ1	SlashNext: detection malicious, Label: Fraudulent Website type: Phishing & Social Engineering

Antivirus detection for URL or domain

Source: https://delivery.attempt.failure.ebbs.co.za/public/js/session-recorder.js	Avira URL Cloud: Label: phishing
Source: https://delivery.attempt.failure.ebbs.co.za/fonts/vendor/@fontsource/roboto/files/roboto-all-400-normal.woff?376ea5d93f71583052f65de4e0c6a92c	Avira URL Cloud: Label: malware
Source: https://delivery.attempt.failure.ebbs.co.za/public/js/app.js	Avira URL Cloud: Label: phishing
Source: https://delivery.attempt.failure.ebbs.co.za/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff?eeccf4f66002c6f2ba24d3d22f2434c2	Avira URL Cloud: Label: phishing
Source: https://delivery.attempt.failure.ebbs.co.za/fonts/vendor/@fontsource/roboto/files/roboto-latin-400-normal.woff2?4673b4537a84c7f7a130799aa6af329b	Avira URL Cloud: Label: malware
Source: https://delivery.attempt.failure.ebbs.co.za/favicon.ico	Avira URL Cloud: Label: malware
Source: https://delivery.attempt.failure.ebbs.co.za/images/foo.png	Avira URL Cloud: Label: malware
Source: https://delivery.attempt.failure.ebbs.co.za/public	Avira URL Cloud: Label: phishing
Source: https://delivery.attempt.failure.ebbs.co.za/images/all.png	Avira URL Cloud: Label: malware
Source: https://delivery.attempt.failure.ebbs.co.za/fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.ttf?527940b104eb2ea366c8630f3f038603	Avira URL Cloud: Label: malware
Source: https://delivery.attempt.failure.ebbs.co.za/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.ttf?be9ee23c0c6390141475d519c2c5fb8f	Avira URL Cloud: Label: malware
Source: https://delivery.attempt.failure.ebbs.co.za/images/logo.png	Avira URL Cloud: Label: phishing
Source: https://delivery.attempt.failure.ebbs.co.za/public/css/app.css	Avira URL Cloud: Label: phishing
Source: https://delivery.attempt.failure.ebbs.co.za/public/	Avira URL Cloud: Label: malware
Source: https://delivery.attempt.failure.ebbs.co.za/JvUbxDhm9qZNMbdmVQYAGfBj2dFZwKmJ/	Avira URL Cloud: Label: phishing
Source: https://delivery.attempt.failure.ebbs.co.za/fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.woff?2285773e6b4b172f07d9b777c81b0775	Avira URL Cloud: Label: malware
Source: https://delivery.attempt.failure.ebbs.co.za/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80	Avira URL Cloud: Label: malware
Source: https://delivery.attempt.failure.ebbs.co.za/public/css/fonts/webfa-brands-400.woff2?d878b0a6a1144760244ff0665888404c	Avira URL Cloud: Label: phishing

HTML body contains low number of good links

Source: https://delivery.attempt.failure.ebbs.co.za/public/JvUbxDhm9qZNMbdmVQYAGfBj2dFZwKmJ

HTTP Parser: Number of links: 0

Invalid T&C link found

Source: https://delivery.attempt.failure.ebbs.co.za/public/JvUbxDhm9qZNMbdmVQYAGfBj2dFZwKmJ	HTTP Parser: Invalid link: Help and support
Source: https://delivery.attempt.failure.ebbs.co.za/public/JvUbxDhm9qZNMbdmVQYAGfBj2dFZwKmJ	HTTP Parser: Invalid link: Help and support
Source: https://delivery.attempt.failure.ebbs.co.za/public/JvUbxDhm9qZNMbdmVQYAGfBj2dFZwKmJ	HTTP Parser: Invalid link: Help and support
Source: https://delivery.attempt.failure.ebbs.co.za/public/JvUbxDhm9qZNMbdmVQYAGfBj2dFZwKmJ	HTTP Parser: Invalid link: Terms and conditions
Source: https://delivery.attempt.failure.ebbs.co.za/public/JvUbxDhm9qZNMbdmVQYAGfBj2dFZwKmJ	HTTP Parser: Invalid link: Terms and conditions
Source: https://delivery.attempt.failure.ebbs.co.za/public/JvUbxDhm9qZNMbdmVQYAGfBj2dFZwKmJ	HTTP Parser: Invalid link: privacy Notice
Source: https://delivery.attempt.failure.ebbs.co.za/public/JvUbxDhm9qZNMbdmVQYAGfBj2dFZwKmJ	HTTP Parser: Invalid link: Legal notice

Source: https://delivery.attempt.failure.ebbs.co.za/public/JvUbxDhm9qZNMbdmVQYAGfBj2dFZwKmJ

HTTP Parser: No favicon

Source: https://delivery.attempt.failure.ebbs.co.za/public/JvUbxDhm9qZNMbdmVQYAGfBj2dFZwKmJ

HTTP Parser: No <meta name="author".. found

Source: https://delivery.attempt.failure.ebbs.co.za/public/JvUbxDhm9qZNMbdmVQYAGfBj2dFZwKmJ

HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49715 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49716 version: TLS 1.2

Networking

Snort IDS alert for network traffic

Source: Traffic

Snort IDS: 2014545 ET CURRENT_EVENTS TDS Sutra - page redirecting to a SutraTDS 41.185.8.221:443 -> 192.168.2.5:49717

Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /public/MY096OineFzTCVJ56qDw3aMDByE0CDQ1 HTTP/1.1Host: delivery.attempt.failure.ebbs.co.zaConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /public HTTP/1.1Host: delivery.attempt.failure.ebbs.co.zaConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IkRTMmJyQ1ZvNzVyblRnL3R3UHgyY0E9PSIsInZhbHVlIjoiclhMV0JUUVd6S0FvOExGOFA5ZTlLTThvUENMQXZZdlUvaDdDRHhITDNWWVBBU0VNaXdLWmgxSFEwWHovZHRUZVhLV0o3K2UvRCt0M2lXZEkyY0J0cFMxNEY5NVk2bXZPdmhwN1NLWUlrWFFEYzVyb2tneE9ReWZQd1dNS3hKMmoiLCJtYWMiOiJhOGI5Y2RiODY1MzMzNDU5NDBhMDIxY2U4N2Y4MjFlN2VjNDNkMzRlMGExNDUzNTM1ZWUzYzM5NWU3NmI1YzAyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Imtwb2NIbEhQTU9sU0I5Um1PRCtHT1E9PSIsInZhbHVlIjoiaVArQjJYdGFKWUg3akp4cFFxbFdmZS9SeVZ3cnhkOHpGSXJsRm1nbkFMQUhPaVJwTVB3eEpONFlVL2h5VGxaRm1XYUVjTVVJWTBXT3dRdWJjejlKbUYwa0V2YlhRK20xWmtHUC91VkRQZDVvMmlKQWJtcjJDRWN6S1FFcm94UzkiLCJtYWMiOiIwZDRiZjgzNTg0Mzc5ZDUzZDRiODBkZWJiYTZlNmNlZjgwNDQyYzViZTI5MjRiYjg2MzA1NDkwOWM0ZjIwM2YxIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /public/ HTTP/1.1Host: delivery.attempt.failure.ebbs.co.zaConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IkRTMmJyQ1ZvNzVyblRnL3R3UHgyY0E9PSIsInZhbHVlIjoiclhMV0JUUVd6S0FvOExGOFA5ZTlLTThvUENMQXZZdlUvaDdDRHhITDNWWVBBU0VNaXdLWmgxSFEwWHovZHRUZVhLV0o3K2UvRCt0M2lXZEkyY0J0cFMxNEY5NVk2bXZPdmhwN1NLWUlrWFFEYzVyb2tneE9ReWZQd1dNS3hKMmoiLCJtYWMiOiJhOGI5Y2RiODY1MzMzNDU5NDBhMDIxY2U4N2Y4MjFlN2VjNDNkMzRlMGExNDUzNTM1ZWUzYzM5NWU3NmI1YzAyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Imtwb2NIbEhQTU9sU0I5Um1PRCtHT1E9PSIsInZhbHVlIjoiaVArQjJYdGFKWUg3akp4cFFxbFdmZS9SeVZ3cnhkOHpGSXJsRm1nbkFMQUhPaVJwTVB3eEpONFlVL2h5VGxaRm1XYUVjTVVJWTBXT3dRdWJjejlKbUYwa0V2YlhRK20xWmtHUC91VkRQZDVvMmlKQWJtcjJDRWN6S1FFcm94UzkiLCJtYWMiOiIwZDRiZjgzNTg0Mzc5ZDUzZDRiODBkZWJiYTZlNmNlZjgwNDQyYzViZTI5MjRiYjg2MzA1NDkwOWM0ZjIwM2YxIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /JvUbxDhm9qZNMbdmVQYAGfBj2dFZwKmJ/ HTTP/1.1Host: delivery.attempt.failure.ebbs.co.zaConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://delivery.attempt.failure.ebbs.co.za/public/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ilp6b0RzakR5N2o1TlE3czFtWGk1L3c9PSIsInZhbHVlIjoiTWlYM1EvZE9uakloRXhIRG95eW5CRm5sdmREVU91elpjTnFFNjdxQUlZUnF4K2ZMUjdCSHVQOVF4SXlxT0FGaHpCK2hMNlNCcHlIM2pYbko4M2JqOFljUyszMmRsRTVvK0ZuK0hXYzZqZG9GTmozYndRNlhGNmJUTndxai9VdDkiLCJtYWMiOiI5ZDM3M2I0MjM3MDg5OGE0OTg0NjlmYzdiZjk5OTRkMjU2NGZhN2MwMDJhMjkxNGM5NzlhYmQ2YWEzZjljOTY5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImFPRHhtYzduU3pIa3JuQ3VTQ3BLUFE9PSIsInZhbHVlIjoibXdhK1ZyejJkZlBCVnpmNE42OXJZK1VYY1lrelpXdUQ2cVRWWWExeC9nOWYyaEVOekRQdDhvaWRPOU1hdTBVVC9XUUFNVXQ2c0VIeGg5QkVoSlZzYVJBSmxpUlpvNTRiYWpWOEpKVHU0WkY2VnBtWG9ldHdjMC9BZWg2cjhaMFEiLCJtYWMiOiIxYjM4MjFkZmE5NWZhYjM5ZjA0ZTM2OThkNDZkYjk5N2UxMzI3YmE2N2IxYzI5ZDk2MjRiOTZiMWZmYTcyYTFjIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /public/JvUbxDhm9qZNMbdmVQYAGfBj2dFZwKmJ HTTP/1.1Host: delivery.attempt.failure.ebbs.co.zaConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://delivery.attempt.failure.ebbs.co.za/public/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ilp6b0RzakR5N2o1TlE3czFtWGk1L3c9PSIsInZhbHVlIjoiTWlYM1EvZE9uakloRXhIRG95eW5CRm5sdmREVU91elpjTnFFNjdxQUlZUnF4K2ZMUjdCSHVQOVF4SXlxT0FGaHpCK2hMNlNCcHlIM2pYbko4M2JqOFljUyszMmRsRTVvK0ZuK0hXYzZqZG9GTmozYndRNlhGNmJUTndxai9VdDkiLCJtYWMiOiI5ZDM3M2I0MjM3MDg5OGE0OTg0NjlmYzdiZjk5OTRkMjU2NGZhN2MwMDJhMjkxNGM5NzlhYmQ2YWEzZjljOTY5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImFPRHhtYzduU3pIa3JuQ3VTQ3BLUFE9PSIsInZhbHVlIjoibXdhK1ZyejJkZlBCVnpmNE42OXJZK1VYY1lrelpXdUQ2cVRWWWExeC9nOWYyaEVOekRQdDhvaWRPOU1hdTBVVC9XUUFNVXQ2c0VIeGg5QkVoSlZzYVJBSmxpUlpvNTRiYWpWOEpKVHU0WkY2VnBtWG9ldHdjMC9BZWg2cjhaMFEiLCJtYWMiOiIxYjM4MjFkZmE5NWZhYjM5ZjA0ZTM2OThkNDZkYjk5N2UxMzI3YmE2N2IxYzI5ZDk2MjRiOTZiMWZmYTcyYTFjIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://delivery.attempt.failure.ebbs.co.za/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /public/css/app.css HTTP/1.1Host: delivery.attempt.failure.ebbs.co.zaConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://delivery.attempt.failure.ebbs.co.za/public/JvUbxDhm9qZNMbdmVQYAGfBj2dFZwKmJAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImQxdXFmTm1CeDBXZzFmZnZzRzRueGc9PSIsInZhbHVlIjoiUUJkay9YcTZwZ28zRFoyQkh1MGpubnMwVjJOUnZHc1Q1TzZ4OXhwOHc3RTNpbUJGeWw5UldpVE1xdHl1MTFrcENWQ2VkaFR4S1VwU1JzNkJmOTl3NkF0QlZLLzRwZGE1MWxXY1BGdlNLOFlOYmt5Q0tETFVzU3NscEU2NWRWYnMiLCJtYWMiOiI2OTZjNThmYzNmZDY4OGVlMWQ4YjQwNjc4ZDdlMzYxMGRlODU3Mjc2OWQ1YTY1YjMyNmZhZmNkN2UxNGExZjNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlhnRzJGcHdnTzZRWWdzRncyTEloWXc9PSIsInZhbHVlIjoiRG1zd0Z5djMxb2kzY0MrbHJXSU9TSUMvWmJ1YlFrdk84K0V6TGhDY3pUb3oySHg4N0d0YWFvWXBmUjdQSHBvVGR6OU1Jd3YrU2NWY1R1bXplRS8xaGhJd0lWazZMZ0ZOdE9vUHlJRmdnNEdLcHJUdVNWVFJlV3BaQUJFRzlqMTIiLCJtYWMiOiI5ZjlhOTUzYzViNTcyZTMwYWNlYmUwNTNkMzJiNmMzYTI2ZTUxYzI5MjRkMjAzNWYxNDgyNjBhZTcxNjcyMDQ2IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /images/logo.png HTTP/1.1Host: delivery.attempt.failure.ebbs.co.zaConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://delivery.attempt.failure.ebbs.co.za/public/JvUbxDhm9qZNMbdmVQYAGfBj2dFZwKmJAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImQxdXFmTm1CeDBXZzFmZnZzRzRueGc9PSIsInZhbHVlIjoiUUJkay9YcTZwZ28zRFoyQkh1MGpubnMwVjJOUnZHc1Q1TzZ4OXhwOHc3RTNpbUJGeWw5UldpVE1xdHl1MTFrcENWQ2VkaFR4S1VwU1JzNkJmOTl3NkF0QlZLLzRwZGE1MWxXY1BGdlNLOFlOYmt5Q0tETFVzU3NscEU2NWRWYnMiLCJtYWMiOiI2OTZjNThmYzNmZDY4OGVlMWQ4YjQwNjc4ZDdlMzYxMGRlODU3Mjc2OWQ1YTY1YjMyNmZhZmNkN2UxNGExZjNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlhnRzJGcHdnTzZRWWdzRncyTEloWXc9PSIsInZhbHVlIjoiRG1zd0Z5djMxb2kzY0MrbHJXSU9TSUMvWmJ1YlFrdk84K0V6TGhDY3pUb3oySHg4N0d0YWFvWXBmUjdQSHBvVGR6OU1Jd3YrU2NWY1R1bXplRS8xaGhJd0lWazZMZ0ZOdE9vUHlJRmdnNEdLcHJUdVNWVFJlV3BaQUJFRzlqMTIiLCJtYWMiOiI5ZjlhOTUzYzViNTcyZTMwYWNlYmUwNTNkMzJiNmMzYTI2ZTUxYzI5MjRkMjAzNWYxNDgyNjBhZTcxNjcyMDQ2IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /images/all.png HTTP/1.1Host: delivery.attempt.failure.ebbs.co.zaConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://delivery.attempt.failure.ebbs.co.za/public/JvUbxDhm9qZNMbdmVQYAGfBj2dFZwKmJAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImQxdXFmTm1CeDBXZzFmZnZzRzRueGc9PSIsInZhbHVlIjoiUUJkay9YcTZwZ28zRFoyQkh1MGpubnMwVjJOUnZHc1Q1TzZ4OXhwOHc3RTNpbUJGeWw5UldpVE1xdHl1MTFrcENWQ2VkaFR4S1VwU1JzNkJmOTl3NkF0QlZLLzRwZGE1MWxXY1BGdlNLOFlOYmt5Q0tETFVzU3NscEU2NWRWYnMiLCJtYWMiOiI2OTZjNThmYzNmZDY4OGVlMWQ4YjQwNjc4ZDdlMzYxMGRlODU3Mjc2OWQ1YTY1YjMyNmZhZmNkN2UxNGExZjNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlhnRzJGcHdnTzZRWWdzRncyTEloWXc9PSIsInZhbHVlIjoiRG1zd0Z5djMxb2kzY0MrbHJXSU9TSUMvWmJ1YlFrdk84K0V6TGhDY3pUb3oySHg4N0d0YWFvWXBmUjdQSHBvVGR6OU1Jd3YrU2NWY1R1bXplRS8xaGhJd0lWazZMZ0ZOdE9vUHlJRmdnNEdLcHJUdVNWVFJlV3BaQUJFRzlqMTIiLCJtYWMiOiI5ZjlhOTUzYzViNTcyZTMwYWNlYmUwNTNkMzJiNmMzYTI2ZTUxYzI5MjRkMjAzNWYxNDgyNjBhZTcxNjcyMDQ2IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /logger-1.min.js HTTP/1.1Host: cdn.lr-in.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://delivery.attempt.failure.ebbs.co.za/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/foo.png HTTP/1.1Host: delivery.attempt.failure.ebbs.co.zaConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://delivery.attempt.failure.ebbs.co.za/public/JvUbxDhm9qZNMbdmVQYAGfBj2dFZwKmJAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImQxdXFmTm1CeDBXZzFmZnZzRzRueGc9PSIsInZhbHVlIjoiUUJkay9YcTZwZ28zRFoyQkh1MGpubnMwVjJOUnZHc1Q1TzZ4OXhwOHc3RTNpbUJGeWw5UldpVE1xdHl1MTFrcENWQ2VkaFR4S1VwU1JzNkJmOTl3NkF0QlZLLzRwZGE1MWxXY1BGdlNLOFlOYmt5Q0tETFVzU3NscEU2NWRWYnMiLCJtYWMiOiI2OTZjNThmYzNmZDY4OGVlMWQ4YjQwNjc4ZDdlMzYxMGRlODU3Mjc2OWQ1YTY1YjMyNmZhZmNkN2UxNGExZjNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlhnRzJGcHdnTzZRWWdzRncyTEloWXc9PSIsInZhbHVlIjoiRG1zd0Z5djMxb2kzY0MrbHJXSU9TSUMvWmJ1YlFrdk84K0V6TGhDY3pUb3oySHg4N0d0YWFvWXBmUjdQSHBvVGR6OU1Jd3YrU2NWY1R1bXplRS8xaGhJd0lWazZMZ0ZOdE9vUHlJRmdnNEdLcHJUdVNWVFJlV3BaQUJFRzlqMTIiLCJtYWMiOiI5ZjlhOTUzYzViNTcyZTMwYWNlYmUwNTNkMzJiNmMzYTI2ZTUxYzI5MjRkMjAzNWYxNDgyNjBhZTcxNjcyMDQ2IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /public/js/app.js HTTP/1.1Host: delivery.attempt.failure.ebbs.co.zaConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://delivery.attempt.failure.ebbs.co.za/public/JvUbxDhm9qZNMbdmVQYAGfBj2dFZwKmJAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImQxdXFmTm1CeDBXZzFmZnZzRzRueGc9PSIsInZhbHVlIjoiUUJkay9YcTZwZ28zRFoyQkh1MGpubnMwVjJOUnZHc1Q1TzZ4OXhwOHc3RTNpbUJGeWw5UldpVE1xdHl1MTFrcENWQ2VkaFR4S1VwU1JzNkJmOTl3NkF0QlZLLzRwZGE1MWxXY1BGdlNLOFlOYmt5Q0tETFVzU3NscEU2NWRWYnMiLCJtYWMiOiI2OTZjNThmYzNmZDY4OGVlMWQ4YjQwNjc4ZDdlMzYxMGRlODU3Mjc2OWQ1YTY1YjMyNmZhZmNkN2UxNGExZjNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlhnRzJGcHdnTzZRWWdzRncyTEloWXc9PSIsInZhbHVlIjoiRG1zd0Z5djMxb2kzY0MrbHJXSU9TSUMvWmJ1YlFrdk84K0V6TGhDY3pUb3oySHg4N0d0YWFvWXBmUjdQSHBvVGR6OU1Jd3YrU2NWY1R1bXplRS8xaGhJd0lWazZMZ0ZOdE9vUHlJRmdnNEdLcHJUdVNWVFJlV3BaQUJFRzlqMTIiLCJtYWMiOiI5ZjlhOTUzYzViNTcyZTMwYWNlYmUwNTNkMzJiNmMzYTI2ZTUxYzI5MjRkMjAzNWYxNDgyNjBhZTcxNjcyMDQ2IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /public/js/session-recorder.js HTTP/1.1Host: delivery.attempt.failure.ebbs.co.zaConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://delivery.attempt.failure.ebbs.co.za/public/JvUbxDhm9qZNMbdmVQYAGfBj2dFZwKmJAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImQxdXFmTm1CeDBXZzFmZnZzRzRueGc9PSIsInZhbHVlIjoiUUJkay9YcTZwZ28zRFoyQkh1MGpubnMwVjJOUnZHc1Q1TzZ4OXhwOHc3RTNpbUJGeWw5UldpVE1xdHl1MTFrcENWQ2VkaFR4S1VwU1JzNkJmOTl3NkF0QlZLLzRwZGE1MWxXY1BGdlNLOFlOYmt5Q0tETFVzU3NscEU2NWRWYnMiLCJtYWMiOiI2OTZjNThmYzNmZDY4OGVlMWQ4YjQwNjc4ZDdlMzYxMGRlODU3Mjc2OWQ1YTY1YjMyNmZhZmNkN2UxNGExZjNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlhnRzJGcHdnTzZRWWdzRncyTEloWXc9PSIsInZhbHVlIjoiRG1zd0Z5djMxb2kzY0MrbHJXSU9TSUMvWmJ1YlFrdk84K0V6TGhDY3pUb3oySHg4N0d0YWFvWXBmUjdQSHBvVGR6OU1Jd3YrU2NWY1R1bXplRS8xaGhJd0lWazZMZ0ZOdE9vUHlJRmdnNEdLcHJUdVNWVFJlV3BaQUJFRzlqMTIiLCJtYWMiOiI5ZjlhOTUzYzViNTcyZTMwYWNlYmUwNTNkMzJiNmMzYTI2ZTUxYzI5MjRkMjAzNWYxNDgyNjBhZTcxNjcyMDQ2IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://delivery.attempt.failure.ebbs.co.zasec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /c/hotjar-2895475.js?sv=6 HTTP/1.1Host: static.hotjar.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://delivery.attempt.failure.ebbs.co.za/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fonts/vendor/@fontsource/roboto/files/roboto-latin-400-normal.woff2?4673b4537a84c7f7a130799aa6af329b HTTP/1.1Host: delivery.attempt.failure.ebbs.co.zaConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://delivery.attempt.failure.ebbs.co.zasec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://delivery.attempt.failure.ebbs.co.za/public/css/app.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImQxdXFmTm1CeDBXZzFmZnZzRzRueGc9PSIsInZhbHVlIjoiUUJkay9YcTZwZ28zRFoyQkh1MGpubnMwVjJOUnZHc1Q1TzZ4OXhwOHc3RTNpbUJGeWw5UldpVE1xdHl1MTFrcENWQ2VkaFR4S1VwU1JzNkJmOTl3NkF0QlZLLzRwZGE1MWxXY1BGdlNLOFlOYmt5Q0tETFVzU3NscEU2NWRWYnMiLCJtYWMiOiI2OTZjNThmYzNmZDY4OGVlMWQ4YjQwNjc4ZDdlMzYxMGRlODU3Mjc2OWQ1YTY1YjMyNmZhZmNkN2UxNGExZjNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlhnRzJGcHdnTzZRWWdzRncyTEloWXc9PSIsInZhbHVlIjoiRG1zd0Z5djMxb2kzY0MrbHJXSU9TSUMvWmJ1YlFrdk84K0V6TGhDY3pUb3oySHg4N0d0YWFvWXBmUjdQSHBvVGR6OU1Jd3YrU2NWY1R1bXplRS8xaGhJd0lWazZMZ0ZOdE9vUHlJRmdnNEdLcHJUdVNWVFJlV3BaQUJFRzlqMTIiLCJtYWMiOiI5ZjlhOTUzYzViNTcyZTMwYWNlYmUwNTNkMzJiNmMzYTI2ZTUxYzI5MjRkMjAzNWYxNDgyNjBhZTcxNjcyMDQ2IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80 HTTP/1.1Host: delivery.attempt.failure.ebbs.co.zaConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://delivery.attempt.failure.ebbs.co.zasec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://delivery.attempt.failure.ebbs.co.za/public/css/app.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImQxdXFmTm1CeDBXZzFmZnZzRzRueGc9PSIsInZhbHVlIjoiUUJkay9YcTZwZ28zRFoyQkh1MGpubnMwVjJOUnZHc1Q1TzZ4OXhwOHc3RTNpbUJGeWw5UldpVE1xdHl1MTFrcENWQ2VkaFR4S1VwU1JzNkJmOTl3NkF0QlZLLzRwZGE1MWxXY1BGdlNLOFlOYmt5Q0tETFVzU3NscEU2NWRWYnMiLCJtYWMiOiI2OTZjNThmYzNmZDY4OGVlMWQ4YjQwNjc4ZDdlMzYxMGRlODU3Mjc2OWQ1YTY1YjMyNmZhZmNkN2UxNGExZjNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlhnRzJGcHdnTzZRWWdzRncyTEloWXc9PSIsInZhbHVlIjoiRG1zd0Z5djMxb2kzY0MrbHJXSU9TSUMvWmJ1YlFrdk84K0V6TGhDY3pUb3oySHg4N0d0YWFvWXBmUjdQSHBvVGR6OU1Jd3YrU2NWY1R1bXplRS8xaGhJd0lWazZMZ0ZOdE9vUHlJRmdnNEdLcHJUdVNWVFJlV3BaQUJFRzlqMTIiLCJtYWMiOiI5ZjlhOTUzYzViNTcyZTMwYWNlYmUwNTNkMzJiNmMzYTI2ZTUxYzI5MjRkMjAzNWYxNDgyNjBhZTcxNjcyMDQ2IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /public/css/fonts/webfa-brands-400.woff2?d878b0a6a1144760244ff0665888404c HTTP/1.1Host: delivery.attempt.failure.ebbs.co.zaConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://delivery.attempt.failure.ebbs.co.zasec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://delivery.attempt.failure.ebbs.co.za/public/css/app.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImQxdXFmTm1CeDBXZzFmZnZzRzRueGc9PSIsInZhbHVlIjoiUUJkay9YcTZwZ28zRFoyQkh1MGpubnMwVjJOUnZHc1Q1TzZ4OXhwOHc3RTNpbUJGeWw5UldpVE1xdHl1MTFrcENWQ2VkaFR4S1VwU1JzNkJmOTl3NkF0QlZLLzRwZGE1MWxXY1BGdlNLOFlOYmt5Q0tETFVzU3NscEU2NWRWYnMiLCJtYWMiOiI2OTZjNThmYzNmZDY4OGVlMWQ4YjQwNjc4ZDdlMzYxMGRlODU3Mjc2OWQ1YTY1YjMyNmZhZmNkN2UxNGExZjNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlhnRzJGcHdnTzZRWWdzRncyTEloWXc9PSIsInZhbHVlIjoiRG1zd0Z5djMxb2kzY0MrbHJXSU9TSUMvWmJ1YlFrdk84K0V6TGhDY3pUb3oySHg4N0d0YWFvWXBmUjdQSHBvVGR6OU1Jd3YrU2NWY1R1bXplRS8xaGhJd0lWazZMZ0ZOdE9vUHlJRmdnNEdLcHJUdVNWVFJlV3BaQUJFRzlqMTIiLCJtYWMiOiI5ZjlhOTUzYzViNTcyZTMwYWNlYmUwNTNkMzJiNmMzYTI2ZTUxYzI5MjRkMjAzNWYxNDgyNjBhZTcxNjcyMDQ2IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /modules.e4b2dc39f985f11fb1e4.js HTTP/1.1Host: script.hotjar.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://delivery.attempt.failure.ebbs.co.za/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /app/bc5ba70500b3342fb1aa?protocol=7&client=js&version=7.0.3&flash=false HTTP/1.1Host: ws-mt1.pusher.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://delivery.attempt.failure.ebbs.co.zaSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: Wkd4dtqgPdzjmhDbhGPzcQ==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff?eeccf4f66002c6f2ba24d3d22f2434c2 HTTP/1.1Host: delivery.attempt.failure.ebbs.co.zaConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://delivery.attempt.failure.ebbs.co.zasec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://delivery.attempt.failure.ebbs.co.za/public/css/app.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImQxdXFmTm1CeDBXZzFmZnZzRzRueGc9PSIsInZhbHVlIjoiUUJkay9YcTZwZ28zRFoyQkh1MGpubnMwVjJOUnZHc1Q1TzZ4OXhwOHc3RTNpbUJGeWw5UldpVE1xdHl1MTFrcENWQ2VkaFR4S1VwU1JzNkJmOTl3NkF0QlZLLzRwZGE1MWxXY1BGdlNLOFlOYmt5Q0tETFVzU3NscEU2NWRWYnMiLCJtYWMiOiI2OTZjNThmYzNmZDY4OGVlMWQ4YjQwNjc4ZDdlMzYxMGRlODU3Mjc2OWQ1YTY1YjMyNmZhZmNkN2UxNGExZjNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlhnRzJGcHdnTzZRWWdzRncyTEloWXc9PSIsInZhbHVlIjoiRG1zd0Z5djMxb2kzY0MrbHJXSU9TSUMvWmJ1YlFrdk84K0V6TGhDY3pUb3oySHg4N0d0YWFvWXBmUjdQSHBvVGR6OU1Jd3YrU2NWY1R1bXplRS8xaGhJd0lWazZMZ0ZOdE9vUHlJRmdnNEdLcHJUdVNWVFJlV3BaQUJFRzlqMTIiLCJtYWMiOiI5ZjlhOTUzYzViNTcyZTMwYWNlYmUwNTNkMzJiNmMzYTI2ZTUxYzI5MjRkMjAzNWYxNDgyNjBhZTcxNjcyMDQ2IiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-d022c51c-95b8-4dd1-a4c8-04817972f99f%22%2C%22webViewID%22:null%2C%22lastActivity%22:1719960311531}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1719960311535}; _lr_uf_-mnnzup=901e6b2b-ae9a-4087-920b-85b5d7bd2b29
Source: global traffic	HTTP traffic detected: GET /sessions/2895475?s=0.25&r=0.14830780915293795 HTTP/1.1Host: vc.hotjar.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://delivery.attempt.failure.ebbs.co.zaSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://delivery.attempt.failure.ebbs.co.za/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fonts/vendor/@fontsource/roboto/files/roboto-all-400-normal.woff?376ea5d93f71583052f65de4e0c6a92c HTTP/1.1Host: delivery.attempt.failure.ebbs.co.zaConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://delivery.attempt.failure.ebbs.co.zasec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://delivery.attempt.failure.ebbs.co.za/public/css/app.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImQxdXFmTm1CeDBXZzFmZnZzRzRueGc9PSIsInZhbHVlIjoiUUJkay9YcTZwZ28zRFoyQkh1MGpubnMwVjJOUnZHc1Q1TzZ4OXhwOHc3RTNpbUJGeWw5UldpVE1xdHl1MTFrcENWQ2VkaFR4S1VwU1JzNkJmOTl3NkF0QlZLLzRwZGE1MWxXY1BGdlNLOFlOYmt5Q0tETFVzU3NscEU2NWRWYnMiLCJtYWMiOiI2OTZjNThmYzNmZDY4OGVlMWQ4YjQwNjc4ZDdlMzYxMGRlODU3Mjc2OWQ1YTY1YjMyNmZhZmNkN2UxNGExZjNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlhnRzJGcHdnTzZRWWdzRncyTEloWXc9PSIsInZhbHVlIjoiRG1zd0Z5djMxb2kzY0MrbHJXSU9TSUMvWmJ1YlFrdk84K0V6TGhDY3pUb3oySHg4N0d0YWFvWXBmUjdQSHBvVGR6OU1Jd3YrU2NWY1R1bXplRS8xaGhJd0lWazZMZ0ZOdE9vUHlJRmdnNEdLcHJUdVNWVFJlV3BaQUJFRzlqMTIiLCJtYWMiOiI5ZjlhOTUzYzViNTcyZTMwYWNlYmUwNTNkMzJiNmMzYTI2ZTUxYzI5MjRkMjAzNWYxNDgyNjBhZTcxNjcyMDQ2IiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-d022c51c-95b8-4dd1-a4c8-04817972f99f%22%2C%22webViewID%22:null%2C%22lastActivity%22:1719960311531}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1719960311535}; _lr_uf_-mnnzup=901e6b2b-ae9a-4087-920b-85b5d7bd2b29
Source: global traffic	HTTP traffic detected: GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.woff?2285773e6b4b172f07d9b777c81b0775 HTTP/1.1Host: delivery.attempt.failure.ebbs.co.zaConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://delivery.attempt.failure.ebbs.co.zasec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://delivery.attempt.failure.ebbs.co.za/public/css/app.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImQxdXFmTm1CeDBXZzFmZnZzRzRueGc9PSIsInZhbHVlIjoiUUJkay9YcTZwZ28zRFoyQkh1MGpubnMwVjJOUnZHc1Q1TzZ4OXhwOHc3RTNpbUJGeWw5UldpVE1xdHl1MTFrcENWQ2VkaFR4S1VwU1JzNkJmOTl3NkF0QlZLLzRwZGE1MWxXY1BGdlNLOFlOYmt5Q0tETFVzU3NscEU2NWRWYnMiLCJtYWMiOiI2OTZjNThmYzNmZDY4OGVlMWQ4YjQwNjc4ZDdlMzYxMGRlODU3Mjc2OWQ1YTY1YjMyNmZhZmNkN2UxNGExZjNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlhnRzJGcHdnTzZRWWdzRncyTEloWXc9PSIsInZhbHVlIjoiRG1zd0Z5djMxb2kzY0MrbHJXSU9TSUMvWmJ1YlFrdk84K0V6TGhDY3pUb3oySHg4N0d0YWFvWXBmUjdQSHBvVGR6OU1Jd3YrU2NWY1R1bXplRS8xaGhJd0lWazZMZ0ZOdE9vUHlJRmdnNEdLcHJUdVNWVFJlV3BaQUJFRzlqMTIiLCJtYWMiOiI5ZjlhOTUzYzViNTcyZTMwYWNlYmUwNTNkMzJiNmMzYTI2ZTUxYzI5MjRkMjAzNWYxNDgyNjBhZTcxNjcyMDQ2IiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-d022c51c-95b8-4dd1-a4c8-04817972f99f%22%2C%22webViewID%22:null%2C%22lastActivity%22:1719960311531}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1719960311535}; _lr_uf_-mnnzup=901e6b2b-ae9a-4087-920b-85b5d7bd2b29
Source: global traffic	HTTP traffic detected: GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.ttf?be9ee23c0c6390141475d519c2c5fb8f HTTP/1.1Host: delivery.attempt.failure.ebbs.co.zaConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://delivery.attempt.failure.ebbs.co.zasec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://delivery.attempt.failure.ebbs.co.za/public/css/app.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImQxdXFmTm1CeDBXZzFmZnZzRzRueGc9PSIsInZhbHVlIjoiUUJkay9YcTZwZ28zRFoyQkh1MGpubnMwVjJOUnZHc1Q1TzZ4OXhwOHc3RTNpbUJGeWw5UldpVE1xdHl1MTFrcENWQ2VkaFR4S1VwU1JzNkJmOTl3NkF0QlZLLzRwZGE1MWxXY1BGdlNLOFlOYmt5Q0tETFVzU3NscEU2NWRWYnMiLCJtYWMiOiI2OTZjNThmYzNmZDY4OGVlMWQ4YjQwNjc4ZDdlMzYxMGRlODU3Mjc2OWQ1YTY1YjMyNmZhZmNkN2UxNGExZjNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlhnRzJGcHdnTzZRWWdzRncyTEloWXc9PSIsInZhbHVlIjoiRG1zd0Z5djMxb2kzY0MrbHJXSU9TSUMvWmJ1YlFrdk84K0V6TGhDY3pUb3oySHg4N0d0YWFvWXBmUjdQSHBvVGR6OU1Jd3YrU2NWY1R1bXplRS8xaGhJd0lWazZMZ0ZOdE9vUHlJRmdnNEdLcHJUdVNWVFJlV3BaQUJFRzlqMTIiLCJtYWMiOiI5ZjlhOTUzYzViNTcyZTMwYWNlYmUwNTNkMzJiNmMzYTI2ZTUxYzI5MjRkMjAzNWYxNDgyNjBhZTcxNjcyMDQ2IiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-d022c51c-95b8-4dd1-a4c8-04817972f99f%22%2C%22webViewID%22:null%2C%22lastActivity%22:1719960311531}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1719960311535}; _lr_uf_-mnnzup=901e6b2b-ae9a-4087-920b-85b5d7bd2b29; _hjSessionUser_2895475=eyJpZCI6IjBmZDE5YmZiLWQzZWItNTM0OC1hNWUwLTE2ZjI0M2Q0ODg2MCIsImNyZWF0ZWQiOjE3MTk5NjAzMTM2OTIsImV4aXN0aW5nIjp0cnVlfQ==; _hjSession_2895475=eyJpZCI6IjFhNzgwYzNhLWUyMTktNGU3MC1iYWJhLWI0YzkwOTk3ZTdlNSIsImMiOjE3MTk5NjAzMTM2OTMsInMiOjEsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
Source: global traffic	HTTP traffic detected: GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.ttf?527940b104eb2ea366c8630f3f038603 HTTP/1.1Host: delivery.attempt.failure.ebbs.co.zaConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://delivery.attempt.failure.ebbs.co.zasec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://delivery.attempt.failure.ebbs.co.za/public/css/app.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImQxdXFmTm1CeDBXZzFmZnZzRzRueGc9PSIsInZhbHVlIjoiUUJkay9YcTZwZ28zRFoyQkh1MGpubnMwVjJOUnZHc1Q1TzZ4OXhwOHc3RTNpbUJGeWw5UldpVE1xdHl1MTFrcENWQ2VkaFR4S1VwU1JzNkJmOTl3NkF0QlZLLzRwZGE1MWxXY1BGdlNLOFlOYmt5Q0tETFVzU3NscEU2NWRWYnMiLCJtYWMiOiI2OTZjNThmYzNmZDY4OGVlMWQ4YjQwNjc4ZDdlMzYxMGRlODU3Mjc2OWQ1YTY1YjMyNmZhZmNkN2UxNGExZjNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlhnRzJGcHdnTzZRWWdzRncyTEloWXc9PSIsInZhbHVlIjoiRG1zd0Z5djMxb2kzY0MrbHJXSU9TSUMvWmJ1YlFrdk84K0V6TGhDY3pUb3oySHg4N0d0YWFvWXBmUjdQSHBvVGR6OU1Jd3YrU2NWY1R1bXplRS8xaGhJd0lWazZMZ0ZOdE9vUHlJRmdnNEdLcHJUdVNWVFJlV3BaQUJFRzlqMTIiLCJtYWMiOiI5ZjlhOTUzYzViNTcyZTMwYWNlYmUwNTNkMzJiNmMzYTI2ZTUxYzI5MjRkMjAzNWYxNDgyNjBhZTcxNjcyMDQ2IiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-d022c51c-95b8-4dd1-a4c8-04817972f99f%22%2C%22webViewID%22:null%2C%22lastActivity%22:1719960311531}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1719960311535}; _lr_uf_-mnnzup=901e6b2b-ae9a-4087-920b-85b5d7bd2b29; _hjSessionUser_2895475=eyJpZCI6IjBmZDE5YmZiLWQzZWItNTM0OC1hNWUwLTE2ZjI0M2Q0ODg2MCIsImNyZWF0ZWQiOjE3MTk5NjAzMTM2OTIsImV4aXN0aW5nIjp0cnVlfQ==; _hjSession_2895475=eyJpZCI6IjFhNzgwYzNhLWUyMTktNGU3MC1iYWJhLWI0YzkwOTk3ZTdlNSIsImMiOjE3MTk5NjAzMTM2OTMsInMiOjEsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: delivery.attempt.failure.ebbs.co.zaConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://delivery.attempt.failure.ebbs.co.za/public/JvUbxDhm9qZNMbdmVQYAGfBj2dFZwKmJAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImQxdXFmTm1CeDBXZzFmZnZzRzRueGc9PSIsInZhbHVlIjoiUUJkay9YcTZwZ28zRFoyQkh1MGpubnMwVjJOUnZHc1Q1TzZ4OXhwOHc3RTNpbUJGeWw5UldpVE1xdHl1MTFrcENWQ2VkaFR4S1VwU1JzNkJmOTl3NkF0QlZLLzRwZGE1MWxXY1BGdlNLOFlOYmt5Q0tETFVzU3NscEU2NWRWYnMiLCJtYWMiOiI2OTZjNThmYzNmZDY4OGVlMWQ4YjQwNjc4ZDdlMzYxMGRlODU3Mjc2OWQ1YTY1YjMyNmZhZmNkN2UxNGExZjNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlhnRzJGcHdnTzZRWWdzRncyTEloWXc9PSIsInZhbHVlIjoiRG1zd0Z5djMxb2kzY0MrbHJXSU9TSUMvWmJ1YlFrdk84K0V6TGhDY3pUb3oySHg4N0d0YWFvWXBmUjdQSHBvVGR6OU1Jd3YrU2NWY1R1bXplRS8xaGhJd0lWazZMZ0ZOdE9vUHlJRmdnNEdLcHJUdVNWVFJlV3BaQUJFRzlqMTIiLCJtYWMiOiI5ZjlhOTUzYzViNTcyZTMwYWNlYmUwNTNkMzJiNmMzYTI2ZTUxYzI5MjRkMjAzNWYxNDgyNjBhZTcxNjcyMDQ2IiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-d022c51c-95b8-4dd1-a4c8-04817972f99f%22%2C%22webViewID%22:null%2C%22lastActivity%22:1719960311531}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1719960311535}; _lr_uf_-mnnzup=901e6b2b-ae9a-4087-920b-85b5d7bd2b29; _hjSessionUser_2895475=eyJpZCI6IjBmZDE5YmZiLWQzZWItNTM0OC1hNWUwLTE2ZjI0M2Q0ODg2MCIsImNyZWF0ZWQiOjE3MTk5NjAzMTM2OTIsImV4aXN0aW5nIjp0cnVlfQ==; _hjSession_2895475=eyJpZCI6IjFhNzgwYzNhLWUyMTktNGU3MC1iYWJhLWI0YzkwOTk3ZTdlNSIsImMiOjE3MTk5NjAzMTM2OTMsInMiOjEsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: delivery.attempt.failure.ebbs.co.zaConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImQxdXFmTm1CeDBXZzFmZnZzRzRueGc9PSIsInZhbHVlIjoiUUJkay9YcTZwZ28zRFoyQkh1MGpubnMwVjJOUnZHc1Q1TzZ4OXhwOHc3RTNpbUJGeWw5UldpVE1xdHl1MTFrcENWQ2VkaFR4S1VwU1JzNkJmOTl3NkF0QlZLLzRwZGE1MWxXY1BGdlNLOFlOYmt5Q0tETFVzU3NscEU2NWRWYnMiLCJtYWMiOiI2OTZjNThmYzNmZDY4OGVlMWQ4YjQwNjc4ZDdlMzYxMGRlODU3Mjc2OWQ1YTY1YjMyNmZhZmNkN2UxNGExZjNhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlhnRzJGcHdnTzZRWWdzRncyTEloWXc9PSIsInZhbHVlIjoiRG1zd0Z5djMxb2kzY0MrbHJXSU9TSUMvWmJ1YlFrdk84K0V6TGhDY3pUb3oySHg4N0d0YWFvWXBmUjdQSHBvVGR6OU1Jd3YrU2NWY1R1bXplRS8xaGhJd0lWazZMZ0ZOdE9vUHlJRmdnNEdLcHJUdVNWVFJlV3BaQUJFRzlqMTIiLCJtYWMiOiI5ZjlhOTUzYzViNTcyZTMwYWNlYmUwNTNkMzJiNmMzYTI2ZTUxYzI5MjRkMjAzNWYxNDgyNjBhZTcxNjcyMDQ2IiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-d022c51c-95b8-4dd1-a4c8-04817972f99f%22%2C%22webViewID%22:null%2C%22lastActivity%22:1719960311531}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1719960311535}; _lr_uf_-mnnzup=901e6b2b-ae9a-4087-920b-85b5d7bd2b29; _hjSessionUser_2895475=eyJpZCI6IjBmZDE5YmZiLWQzZWItNTM0OC1hNWUwLTE2ZjI0M2Q0ODg2MCIsImNyZWF0ZWQiOjE3MTk5NjAzMTM2OTIsImV4aXN0aW5nIjp0cnVlfQ==; _hjSession_2895475=eyJpZCI6IjFhNzgwYzNhLWUyMTktNGU3MC1iYWJhLWI0YzkwOTk3ZTdlNSIsImMiOjE3MTk5NjAzMTM2OTMsInMiOjEsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=

Source: global traffic	DNS traffic detected: DNS query: delivery.attempt.failure.ebbs.co.za
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: files.killbot.org
Source: global traffic	DNS traffic detected: DNS query: kit.fontawesome.com
Source: global traffic	DNS traffic detected: DNS query: cdnjs.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: ka-f.fontawesome.com
Source: global traffic	DNS traffic detected: DNS query: cdn.lr-in.com
Source: global traffic	DNS traffic detected: DNS query: static.hotjar.com
Source: global traffic	DNS traffic detected: DNS query: a.nel.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: ws-mt1.pusher.com
Source: global traffic	DNS traffic detected: DNS query: script.hotjar.com
Source: global traffic	DNS traffic detected: DNS query: sockjs-mt1.pusher.com
Source: global traffic	DNS traffic detected: DNS query: vc.hotjar.io
Source: global traffic	DNS traffic detected: DNS query: r.lr-in.com

Source: unknown

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Tue, 02 Jul 2024 22:45:10 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeX-Powered-By: PHP/8.0.30Cache-Control: no-cache, private
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Tue, 02 Jul 2024 22:45:10 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeX-Powered-By: PHP/8.0.30Cache-Control: no-cache, private
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Tue, 02 Jul 2024 22:45:10 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeX-Powered-By: PHP/8.0.30Cache-Control: no-cache, private
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Tue, 02 Jul 2024 22:45:13 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeX-Powered-By: PHP/8.0.30Cache-Control: no-cache, private
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Tue, 02 Jul 2024 22:45:13 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeX-Powered-By: PHP/8.0.30Cache-Control: no-cache, private
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Tue, 02 Jul 2024 22:45:13 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeX-Powered-By: PHP/8.0.30Cache-Control: no-cache, private
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Tue, 02 Jul 2024 22:45:15 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeX-Powered-By: PHP/8.0.30Cache-Control: no-cache, private
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Tue, 02 Jul 2024 22:45:17 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeX-Powered-By: PHP/8.0.30Cache-Control: no-cache, private
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Tue, 02 Jul 2024 22:45:18 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeX-Powered-By: PHP/8.0.30Cache-Control: no-cache, private
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Tue, 02 Jul 2024 22:45:18 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeX-Powered-By: PHP/8.0.30Cache-Control: no-cache, private
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Tue, 02 Jul 2024 22:45:20 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeX-Powered-By: PHP/8.0.30Cache-Control: no-cache, private

Source: chromecache_82.1.dr	String found in binary or memory: http://fontawesome.io
Source: chromecache_82.1.dr	String found in binary or memory: http://fontawesome.io/license
Source: chromecache_84.1.dr	String found in binary or memory: http://js.pusher.com
Source: chromecache_81.1.dr	String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Source: chromecache_81.1.dr	String found in binary or memory: https://delivery.attempt.failure.ebbs.co.za/public/css/app.css
Source: chromecache_81.1.dr	String found in binary or memory: https://delivery.attempt.failure.ebbs.co.za/public/js/app.js
Source: chromecache_81.1.dr	String found in binary or memory: https://delivery.attempt.failure.ebbs.co.za/public/js/session-recorder.js
Source: chromecache_75.1.dr, chromecache_81.1.dr	String found in binary or memory: https://files.killbot.org/.cdn-cgi/killbot-security.js
Source: chromecache_92.1.dr, chromecache_86.1.dr, chromecache_79.1.dr, chromecache_77.1.dr, chromecache_90.1.dr, chromecache_88.1.dr, chromecache_98.1.dr, chromecache_96.1.dr	String found in binary or memory: https://fontawesome.com
Source: chromecache_92.1.dr, chromecache_86.1.dr, chromecache_79.1.dr, chromecache_77.1.dr, chromecache_90.1.dr, chromecache_88.1.dr, chromecache_98.1.dr, chromecache_96.1.dr	String found in binary or memory: https://fontawesome.com/license/free
Source: chromecache_89.1.dr, chromecache_83.1.dr	String found in binary or memory: https://fonts.googleapis.com/css2?family=Nunito&display=swap
Source: chromecache_89.1.dr, chromecache_83.1.dr	String found in binary or memory: https://fonts.gstatic.com
Source: chromecache_77.1.dr	String found in binary or memory: https://getbootstrap.com/)
Source: chromecache_84.1.dr	String found in binary or memory: https://github.com/es-shims/es5-shim
Source: chromecache_95.1.dr	String found in binary or memory: https://github.com/js-cookie/js-cookie
Source: chromecache_84.1.dr	String found in binary or memory: https://github.com/pusher/pusher-js/tree/cc491015371a4bde5743d1c87a0fbac0feb53195#encrypted-channel-
Source: chromecache_77.1.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/main/LICENSE)
Source: chromecache_84.1.dr	String found in binary or memory: https://js.pusher.com
Source: chromecache_97.1.dr	String found in binary or memory: https://ka-f.fontawesome.com
Source: chromecache_97.1.dr	String found in binary or memory: https://kit.fontawesome.com
Source: chromecache_81.1.dr	String found in binary or memory: https://kit.fontawesome.com/f7165dd215.js
Source: chromecache_84.1.dr	String found in binary or memory: https://popper.js.org)
Source: chromecache_84.1.dr	String found in binary or memory: https://pusher.com
Source: chromecache_81.1.dr	String found in binary or memory: https://static.hotjar.com/c/hotjar-
Source: chromecache_81.1.dr	String found in binary or memory: https://testibb.co
Source: chromecache_75.1.dr, chromecache_81.1.dr	String found in binary or memory: https://yandex.com

Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49715 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49716 version: TLS 1.2

Source: classification engine

Classification label: mal64.win@16/51@37/14

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2076 --field-trial-handle=1956,i,3591811600789709649,7482124418222594721,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://delivery.attempt.failure.ebbs.co.za/public/MY096OineFzTCVJ56qDw3aMDByE0CDQ1"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2076 --field-trial-handle=1956,i,3591811600789709649,7482124418222594721,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Automated click: Confirm
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Automated click: Confirm

Source: Window Recorder

Window detected: More than 3 window changes detected

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

ID:	1466501
Product:	CloudBasic
Start time:	00:43:32
Start date:	03.07.2024
Cookbook:	browseurl.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Windows Analysis Report
https://delivery.attempt.failure.ebbs.co.za/public/MY096OineFzTCVJ56qDw3aMDByE0CDQ1

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Boot Survival

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report https://delivery.attempt.failure.ebbs.co.za/public/MY096OineFzTCVJ56qDw3aMDByE0CDQ1

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Boot Survival

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
https://delivery.attempt.failure.ebbs.co.za/public/MY096OineFzTCVJ56qDw3aMDByE0CDQ1