Windows Analysis Report
http://aselog24x7.cl/

Overview

General Information

Sample URL:	http://aselog24x7.cl/
Analysis ID:	1579124
Infos:

Detection

HTMLPhisher

Score:	56
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Suricata IDS alerts for network traffic

Yara detected HtmlPhish54

HTML body contains low number of good links

HTML page contains hidden javascript code

HTML title does not match URL

Stores files to the Windows start menu directory

Classification

Signatures

Phishing

Yara detected HtmlPhish54

Source: Yara match	File source: 0.19.id.script.csv, type: HTML
Source: Yara match	File source: 0.31.id.script.csv, type: HTML
Source: Yara match	File source: 2.3.pages.csv, type: HTML
Source: Yara match	File source: 3.7.pages.csv, type: HTML
Source: Yara match	File source: 3.6.pages.csv, type: HTML
Source: Yara match	File source: 3.9.pages.csv, type: HTML

HTML body contains low number of good links

Source: https://bia.twuseb.us/?N4JV=9Xdg&sso_reload=true

HTTP Parser: Number of links: 0

HTML page contains hidden javascript code

Source: https://bia.twuseb.us/?N4JV=9Xdg

HTTP Parser: Base64 decoded: a[href="http://www.salidzini.lv/"][style="display: block; width: 120px; height: 40px; overflow: hidden; position: relative;"]

HTML title does not match URL

Source: https://bia.twuseb.us/?N4JV=9Xdg&sso_reload=true

HTTP Parser: Title: Sign in to your account does not match URL

Source: https://bia.twuseb.us/?N4JV=9Xdg&sso_reload=true	HTTP Parser: Iframe src: https://65f66297-4db8a1b1.twuseb.us/Prefetch/Prefetch.aspx
Source: https://bia.twuseb.us/?N4JV=9Xdg&sso_reload=true	HTTP Parser: Iframe src: https://65f66297-4db8a1b1.twuseb.us/Prefetch/Prefetch.aspx

Source: https://bia.twuseb.us/?N4JV=9Xdg&sso_reload=true

HTTP Parser: <input type="password" .../> found

Source: https://bia.twuseb.us/?N4JV=9Xdg	HTTP Parser: No favicon
Source: https://bia.twuseb.us/?N4JV=9Xdg&sso_reload=true	HTTP Parser: No favicon
Source: https://bia.twuseb.us/?N4JV=9Xdg&sso_reload=true	HTTP Parser: No favicon
Source: https://bia.twuseb.us/?N4JV=9Xdg&sso_reload=true	HTTP Parser: No favicon
Source: https://bia.twuseb.us/?N4JV=9Xdg&sso_reload=true	HTTP Parser: No favicon
Source: https://bia.twuseb.us/?N4JV=9Xdg&sso_reload=true	HTTP Parser: No favicon

Source: https://bia.twuseb.us/?N4JV=9Xdg&sso_reload=true	HTTP Parser: No <meta name="author".. found
Source: https://bia.twuseb.us/?N4JV=9Xdg&sso_reload=true	HTTP Parser: No <meta name="author".. found
Source: https://bia.twuseb.us/?N4JV=9Xdg&sso_reload=true	HTTP Parser: No <meta name="author".. found

Source: https://bia.twuseb.us/?N4JV=9Xdg&sso_reload=true	HTTP Parser: No <meta name="copyright".. found
Source: https://bia.twuseb.us/?N4JV=9Xdg&sso_reload=true	HTTP Parser: No <meta name="copyright".. found
Source: https://bia.twuseb.us/?N4JV=9Xdg&sso_reload=true	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 13.107.4.254:443 -> 192.168.2.16:49844 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 204.79.197.200:443 -> 192.168.2.16:49845 version: TLS 1.2

Networking

Suricata IDS alerts for network traffic

Source: Network traffic

Suricata IDS: 2857090 - Severity 1 - ETPRO PHISHING JS/PsyduckPockeball Payload Inbound : 173.255.223.22:443 -> 192.168.2.16:49756

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 217.20.58.101
Source: unknown	TCP traffic detected without corresponding DNS query: 217.20.58.101
Source: unknown	TCP traffic detected without corresponding DNS query: 217.20.58.101
Source: unknown	TCP traffic detected without corresponding DNS query: 217.20.58.101
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.221.95
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.53.19
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.221.95
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.53.19
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.53.19
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.53.19
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.4.254
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.4.254
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.4.254
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.4.254
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200

Source: global traffic	HTTP traffic detected: GET /share/11450334/ots3f4w6xehf2feb09wy HTTP/1.1Host: premiumgain.nimbusweb.meConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /share/dist/index.css?v=9.26.11-73fecd7b HTTP/1.1Host: premiumgain.nimbusweb.meConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://premiumgain.nimbusweb.me/share/11450334/ots3f4w6xehf2feb09wyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg
Source: global traffic	HTTP traffic detected: GET /tasks-bundle.20241017.css HTTP/1.1Host: d3hogio4d1txum.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://premiumgain.nimbusweb.me/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tasks-bundle.20241017.js HTTP/1.1Host: d3hogio4d1txum.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://premiumgain.nimbusweb.me/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /share/dist/common.js?v=9.26.11 HTTP/1.1Host: nimbusweb.meConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://premiumgain.nimbusweb.me/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg
Source: global traffic	HTTP traffic detected: GET /share/dist/vendor/webcomponents-bundle.js?v=9.26.11 HTTP/1.1Host: nimbusweb.meConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://premiumgain.nimbusweb.me/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg
Source: global traffic	HTTP traffic detected: GET /share/dist/assets/loader-32.png HTTP/1.1Host: premiumgain.nimbusweb.meConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://premiumgain.nimbusweb.me/share/11450334/ots3f4w6xehf2feb09wyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg
Source: global traffic	HTTP traffic detected: GET /share/dist/hammer.min.js HTTP/1.1Host: premiumgain.nimbusweb.meConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://premiumgain.nimbusweb.me/share/11450334/ots3f4w6xehf2feb09wyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg
Source: global traffic	HTTP traffic detected: GET /share/dist/vendor/webcomponents-bundle.js?v=9.26.11 HTTP/1.1Host: nimbusweb.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg
Source: global traffic	HTTP traffic detected: GET /share/dist/common.js?v=9.26.11 HTTP/1.1Host: nimbusweb.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg
Source: global traffic	HTTP traffic detected: GET /share/dist/index.js?v=9.26.11-73fecd7b HTTP/1.1Host: premiumgain.nimbusweb.meConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://premiumgain.nimbusweb.me/share/11450334/ots3f4w6xehf2feb09wyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg
Source: global traffic	HTTP traffic detected: GET /share/dist/hammer.min.js HTTP/1.1Host: premiumgain.nimbusweb.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg
Source: global traffic	HTTP traffic detected: GET /share/dist/assets/loader-32.png HTTP/1.1Host: premiumgain.nimbusweb.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg
Source: global traffic	HTTP traffic detected: GET /tasks-bundle.20241017.js HTTP/1.1Host: d3hogio4d1txum.cloudfront.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api.js HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIk6HLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://premiumgain.nimbusweb.me/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /share/dist/f/6d82fd0d97bd44e9484816a35c937ef9.woff HTTP/1.1Host: premiumgain.nimbusweb.meConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://premiumgain.nimbusweb.mesec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://premiumgain.nimbusweb.me/share/dist/index.css?v=9.26.11-73fecd7bAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg
Source: global traffic	HTTP traffic detected: GET /share/dist/f/12365dee78645ac21eaec216a048746c.woff HTTP/1.1Host: premiumgain.nimbusweb.meConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://premiumgain.nimbusweb.mesec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://premiumgain.nimbusweb.me/share/dist/index.css?v=9.26.11-73fecd7bAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg
Source: global traffic	HTTP traffic detected: GET /share/dist/i/fb0c3c85d07caa53ebf54b3a58b8d30e.png HTTP/1.1Host: premiumgain.nimbusweb.meConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://premiumgain.nimbusweb.me/share/dist/index.css?v=9.26.11-73fecd7bAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg
Source: global traffic	HTTP traffic detected: GET /recaptcha/api.js HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIk6HLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /share/dist/i/fb0c3c85d07caa53ebf54b3a58b8d30e.png HTTP/1.1Host: premiumgain.nimbusweb.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg
Source: global traffic	HTTP traffic detected: GET /share/dist/index.js?v=9.26.11-73fecd7b HTTP/1.1Host: premiumgain.nimbusweb.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg
Source: global traffic	HTTP traffic detected: GET /gtag/js?id=G-7ZKFB3S0PN HTTP/1.1Host: stt.nimbusweb.meConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://premiumgain.nimbusweb.me/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg
Source: global traffic	HTTP traffic detected: GET /gtlytics.js?id=GTM-WHFRJTP HTTP/1.1Host: stt.nimbusweb.meConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://premiumgain.nimbusweb.me/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg
Source: global traffic	HTTP traffic detected: GET /share/dist/f/80df5da08b99c807a5c6f7ae308e1f89.woff HTTP/1.1Host: premiumgain.nimbusweb.meConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://premiumgain.nimbusweb.mesec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://premiumgain.nimbusweb.me/share/dist/index.css?v=9.26.11-73fecd7bAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg; nns-list-type=plates; nns-theme=day
Source: global traffic	HTTP traffic detected: GET /share/share-api/profile/me HTTP/1.1Host: premiumgain.nimbusweb.meConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://premiumgain.nimbusweb.me/share/11450334/ots3f4w6xehf2feb09wyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg; nns-list-type=plates; nns-theme=day
Source: global traffic	HTTP traffic detected: GET /share/share-api/org HTTP/1.1Host: premiumgain.nimbusweb.meConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://premiumgain.nimbusweb.me/share/11450334/ots3f4w6xehf2feb09wyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg; nns-list-type=plates; nns-theme=day
Source: global traffic	HTTP traffic detected: GET /gwapi2/ft%3Atasks/shares/11450334?securityKey=ots3f4w6xehf2feb09wy&nodeId=1Hy4Ofi612giTUWL HTTP/1.1Host: premiumgain.nimbusweb.meConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, /everhelper-session-id: 0aeluCRDhaSe3iOk6CLLWJc3QWTxiSegx-session-id: 0aeluCRDhaSe3iOk6CLLWJc3QWTxiSegsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://premiumgain.nimbusweb.me/share/11450334/ots3f4w6xehf2feb09wyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg; nns-list-type=plates; nns-theme=day
Source: global traffic	HTTP traffic detected: GET /share/share-api/profile/me HTTP/1.1Host: premiumgain.nimbusweb.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg; nns-list-type=plates; nns-theme=day
Source: global traffic	HTTP traffic detected: GET /gtag/js?id=G-7ZKFB3S0PN HTTP/1.1Host: stt.nimbusweb.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg
Source: global traffic	HTTP traffic detected: GET /gtlytics.js?id=GTM-WHFRJTP HTTP/1.1Host: stt.nimbusweb.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg
Source: global traffic	HTTP traffic detected: GET /?N4JV=9Xdg HTTP/1.1Host: bia.twuseb.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://premiumgain.nimbusweb.me/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /user-marketing-info/ HTTP/1.1Host: premiumgain.nimbusweb.meConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://premiumgain.nimbusweb.me/share/11450334/ots3f4w6xehf2feb09wyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg; nns-list-type=plates; nns-theme=day; _ga=GA1.1.668868513.1734727275; _ga_7ZKFB3S0PN=GS1.1.1734727275.1.0.1734727275.60.0.0
Source: global traffic	HTTP traffic detected: GET /share/share-api/org HTTP/1.1Host: premiumgain.nimbusweb.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg; nns-list-type=plates; nns-theme=day; _ga=GA1.1.668868513.1734727275; _ga_7ZKFB3S0PN=GS1.1.1734727275.1.0.1734727275.60.0.0
Source: global traffic	HTTP traffic detected: GET /share/share-api/mentionDiff HTTP/1.1Host: premiumgain.nimbusweb.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg; nns-list-type=plates; nns-theme=day; _ga=GA1.1.668868513.1734727275; _ga_7ZKFB3S0PN=GS1.1.1734727275.1.0.1734727275.60.0.0
Source: global traffic	HTTP traffic detected: GET /gwapi2/ft%3Atasks/shares/11450334?securityKey=ots3f4w6xehf2feb09wy&nodeId=1Hy4Ofi612giTUWL HTTP/1.1Host: premiumgain.nimbusweb.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg; nns-list-type=plates; nns-theme=day; _ga=GA1.1.668868513.1734727275; _ga_7ZKFB3S0PN=GS1.1.1734727275.1.0.1734727275.60.0.0
Source: global traffic	HTTP traffic detected: GET /timing/share_page_load HTTP/1.1Host: metric.nimbusweb.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg; _ga=GA1.1.668868513.1734727275; _ga_7ZKFB3S0PN=GS1.1.1734727275.1.0.1734727275.60.0.0
Source: global traffic	HTTP traffic detected: GET /timing/share_page_note_title HTTP/1.1Host: metric.nimbusweb.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg; _ga=GA1.1.668868513.1734727275; _ga_7ZKFB3S0PN=GS1.1.1734727275.1.0.1734727275.60.0.0
Source: global traffic	HTTP traffic detected: GET /timing/share_page_load_content HTTP/1.1Host: metric.nimbusweb.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg; _ga=GA1.1.668868513.1734727275; _ga_7ZKFB3S0PN=GS1.1.1734727275.1.0.1734727275.60.0.0
Source: global traffic	HTTP traffic detected: GET /static/assets/a6794726fa7eda006545.vendors.fs_web.js HTTP/1.1Host: premiumgain.nimbusweb.meConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://premiumgain.nimbusweb.me/share/11450334/ots3f4w6xehf2feb09wyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg; nns-list-type=plates; nns-theme=day; _ga=GA1.1.668868513.1734727275; _ga_7ZKFB3S0PN=GS1.1.1734727275.1.0.1734727275.60.0.0
Source: global traffic	HTTP traffic detected: GET /g/collect?v=2&tid=G-7ZKFB3S0PN&gtm=45he4cc1v888117676za204&_p=1734727272303&_gaz=1&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=668868513.1734727275&ul=en-us&sr=1280x1024&_fplc=0&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1734727275&sct=1&seg=0&dl=https%3A%2F%2Fpremiumgain.nimbusweb.me%2Fshare%2F11450334%2Fots3f4w6xehf2feb09wy&dt=BIA%20-%20FuseBase&en=page_view&_fv=2&_nsi=1&_ss=2&_ee=1&ep.link_attribution=true&tfd=35607 HTTP/1.1Host: stt.nimbusweb.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg; _ga=GA1.1.668868513.1734727275; _ga_7ZKFB3S0PN=GS1.1.1734727275.1.0.1734727275.60.0.0; FPID=FPID2.2.rwJJ8vrVSwvDRW%2BKKV8p0CB%2BmcP3red22wNUrE3foWk%3D.1734727275; FPLC=CzKSzqQy8hthiKGfX9kh3Qm5jvKQyLXPpwczJkBvHZL2IFiLPCE07SxKv0skLHRPm5xVIxl2NKa0EHNob3he14gREELtxCoW8qKtG26xpkrCkFsf%2F%2FrtHBtr0LAUmg%3D%3D
Source: global traffic	HTTP traffic detected: GET /timing/share_init_editor_dump HTTP/1.1Host: metric.nimbusweb.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg; _ga=GA1.1.668868513.1734727275; _ga_7ZKFB3S0PN=GS1.1.1734727275.1.0.1734727275.60.0.0
Source: global traffic	HTTP traffic detected: GET /m42xj3qw.js HTTP/1.1Host: l.getsitecontrol.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://premiumgain.nimbusweb.me/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /?N4JV=9Xdg HTTP/1.1Host: bia.twuseb.usConnection: keep-aliveCache-Control: max-age=0Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://bia.twuseb.us/?N4JV=9XdgAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="
Source: global traffic	HTTP traffic detected: GET /static/assets/a6794726fa7eda006545.vendors.fs_web.js HTTP/1.1Host: premiumgain.nimbusweb.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg; nns-list-type=plates; nns-theme=day; _ga=GA1.1.668868513.1734727275; _ga_7ZKFB3S0PN=GS1.1.1734727275.1.0.1734727275.60.0.0; FPID=FPID2.2.rwJJ8vrVSwvDRW%2BKKV8p0CB%2BmcP3red22wNUrE3foWk%3D.1734727275; FPLC=ofO4FpcDezG1dl58MDyuADvT%2FeF%2BxQJfTq%2FKO0asR468Pbu9M2rPdIFsxabs1HJqjbHu2g1tje7h%2BxZ3Iq6ZaCPqyytMxuMr7WfyOevZmYNWs34R4GipsUxwu9xXpg%3D%3D
Source: global traffic	HTTP traffic detected: GET /m42xj3qw.json HTTP/1.1Host: l.getsitecontrol.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://premiumgain.nimbusweb.meSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://premiumgain.nimbusweb.me/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /m42xj3qw.js HTTP/1.1Host: l.getsitecontrol.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /g/collect?v=2&tid=G-7ZKFB3S0PN&gtm=45he4cc1v888117676za204&_p=1734727272303&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=668868513.1734727275&ul=en-us&sr=1280x1024&_fplc=0&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EEA&_s=2&sid=1734727275&sct=1&seg=0&dl=https%3A%2F%2Fpremiumgain.nimbusweb.me%2Fshare%2F11450334%2Fots3f4w6xehf2feb09wy&dt=BIA%20-%20FuseBase&en=scroll&ep.link_attribution=true&epn.percent_scrolled=90&tfd=41138 HTTP/1.1Host: stt.nimbusweb.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg; _ga=GA1.1.668868513.1734727275; _ga_7ZKFB3S0PN=GS1.1.1734727275.1.0.1734727275.60.0.0; FPID=FPID2.2.rwJJ8vrVSwvDRW%2BKKV8p0CB%2BmcP3red22wNUrE3foWk%3D.1734727275; _ga_7G2K66TV09=GS1.1.1734727280.1.0.1734727280.0.0.0; FPLC=Llrk4KxLhgn6iMHXHj1jgO25v2PrgXpd%2BOKot1VpK5i61QzTXF1G%2FM6srP0tcqUBseu0Ux%2BlT3zQh5lyiXj%2Byz30td4%2BDvxGkWrauBmaxRnfb3pscOmm0c%2FqHxKWCQ%3D%3D
Source: global traffic	HTTP traffic detected: GET /m42xj3qw.json HTTP/1.1Host: l.getsitecontrol.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /widgets/es6/runtime.0e5d0b4.js HTTP/1.1Host: s2.getsitecontrol.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://premiumgain.nimbusweb.me/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/BssoInterrupt_Core_zKox_QMcTIVut7mG_Z9Eew2.js HTTP/1.1Host: 8adbfcfb-4db8a1b1.twuseb.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://bia.twuseb.ussec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://bia.twuseb.us/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /widgets/es6/runtime.0e5d0b4.js HTTP/1.1Host: s2.getsitecontrol.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /share/dist/i/ff6a823eabd85e67c626d007c2830bd5.png HTTP/1.1Host: premiumgain.nimbusweb.meConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://premiumgain.nimbusweb.me/share/11450334/ots3f4w6xehf2feb09wyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg; nns-list-type=plates; nns-theme=day; _ga_7ZKFB3S0PN=GS1.1.1734727275.1.0.1734727275.60.0.0; FPID=FPID2.2.rwJJ8vrVSwvDRW%2BKKV8p0CB%2BmcP3red22wNUrE3foWk%3D.1734727275; _ga_7G2K66TV09=GS1.1.1734727280.1.0.1734727280.0.0.0; _gid=GA1.2.1161705959.1734727283; _ga_L1W7VLTSPG=GS1.1.1734727283.1.0.1734727283.60.0.0; _ga=GA1.1.668868513.1734727275; FPLC=PjNtgvbTHK3i1VawWzxllJ%2BJvx8%2BcjF7eIPtAfv8tBBqvAhYnT1aq1CBvAgVFV01OqVJM4oa896p2EM3TF9O1MNE0h1WrmKcgi21Zi5M9fdRDyu8tx60BOy%2Friyb0A%3D%3D; _gat_gtag_UA_67774717_30=1
Source: global traffic	HTTP traffic detected: GET /api/v1/events HTTP/1.1Host: events.getsitectrl.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://premiumgain.nimbusweb.meSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://premiumgain.nimbusweb.me/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/v1/events HTTP/1.1Host: events.getsitectrl.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /share/dist/i/ff6a823eabd85e67c626d007c2830bd5.png HTTP/1.1Host: premiumgain.nimbusweb.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg; nns-list-type=plates; nns-theme=day; _ga_7ZKFB3S0PN=GS1.1.1734727275.1.0.1734727275.60.0.0; FPID=FPID2.2.rwJJ8vrVSwvDRW%2BKKV8p0CB%2BmcP3red22wNUrE3foWk%3D.1734727275; _ga_7G2K66TV09=GS1.1.1734727280.1.0.1734727280.0.0.0; _gid=GA1.2.1161705959.1734727283; _ga_L1W7VLTSPG=GS1.1.1734727283.1.0.1734727283.60.0.0; _ga=GA1.1.668868513.1734727275; FPLC=PjNtgvbTHK3i1VawWzxllJ%2BJvx8%2BcjF7eIPtAfv8tBBqvAhYnT1aq1CBvAgVFV01OqVJM4oa896p2EM3TF9O1MNE0h1WrmKcgi21Zi5M9fdRDyu8tx60BOy%2Friyb0A%3D%3D; _gat_gtag_UA_67774717_30=1
Source: global traffic	HTTP traffic detected: GET /4db8a1b1ae734ef1bd17ae68b3aa9590/ HTTP/1.1Host: bia.twuseb.usConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://bia.twuseb.usSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="Sec-WebSocket-Key: MZfvBxULkoIKaUhHu/fOsg==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /?N4JV=9Xdg&sso_reload=true HTTP/1.1Host: bia.twuseb.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://bia.twuseb.us/?N4JV=9XdgAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: bia.twuseb.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://bia.twuseb.us/?N4JV=9XdgAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/BssoInterrupt_Core_zKox_QMcTIVut7mG_Z9Eew2.js HTTP/1.1Host: 8adbfcfb-4db8a1b1.twuseb.usConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="
Source: global traffic	HTTP traffic detected: GET /ests/2.1/content/cdnbundles/converged.v2.login.min_81imvbluez-v5hbzpkxfcg2.css HTTP/1.1Host: 8adbfcfb-4db8a1b1.twuseb.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://bia.twuseb.ussec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://bia.twuseb.us/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/ConvergedLogin_PCore_kAx9qZOSH4g90FNHstHMCA2.js HTTP/1.1Host: 8adbfcfb-4db8a1b1.twuseb.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://bia.twuseb.ussec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://bia.twuseb.us/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_i8f-75gfk3tbsm8bmatnqa2.js HTTP/1.1Host: 8adbfcfb-4db8a1b1.twuseb.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://bia.twuseb.ussec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://bia.twuseb.us/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/oneDs_f2e0f4a029670f10d892.js HTTP/1.1Host: 8adbfcfb-4db8a1b1.twuseb.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bia.twuseb.us/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="
Source: global traffic	HTTP traffic detected: GET /ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_i8f-75gfk3tbsm8bmatnqa2.js HTTP/1.1Host: 8adbfcfb-4db8a1b1.twuseb.usConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="
Source: global traffic	HTTP traffic detected: GET /Me.htm?v=3 HTTP/1.1Host: l1ve.twuseb.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Purpose: prefetchSec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://bia.twuseb.us/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/ConvergedLogin_PCore_kAx9qZOSH4g90FNHstHMCA2.js HTTP/1.1Host: 8adbfcfb-4db8a1b1.twuseb.usConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="
Source: global traffic	HTTP traffic detected: GET /4db8a1b1ae734ef1bd17ae68b3aa9590/ HTTP/1.1Host: bia.twuseb.usConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://bia.twuseb.usSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1Sec-WebSocket-Key: r9J3E6jPAnb6jxF+CcxghA==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/oneDs_f2e0f4a029670f10d892.js HTTP/1.1Host: 8adbfcfb-4db8a1b1.twuseb.usConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_27cef08ca792f8e8b149.js HTTP/1.1Host: 8adbfcfb-4db8a1b1.twuseb.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bia.twuseb.us/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="
Source: global traffic	HTTP traffic detected: GET /Prefetch/Prefetch.aspx HTTP/1.1Host: 65f66297-4db8a1b1.twuseb.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://bia.twuseb.us/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="
Source: global traffic	HTTP traffic detected: GET /4db8a1b1ae734ef1bd17ae68b3aa9590/ HTTP/1.1Host: bia.twuseb.usConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://bia.twuseb.usSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1; MicrosoftApplicationsTelemetryDeviceId=4c52e5e4-3aec-4ec7-bb1d-f3dc78a5af30; brcap=0Sec-WebSocket-Key: cAZ/tOIcHUdSaCoYmQ6BVw==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_27cef08ca792f8e8b149.js HTTP/1.1Host: 8adbfcfb-4db8a1b1.twuseb.usConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1Host: 8adbfcfb-4db8a1b1.twuseb.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://bia.twuseb.us/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg HTTP/1.1Host: 8adbfcfb-4db8a1b1.twuseb.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://bia.twuseb.us/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg HTTP/1.1Host: 8adbfcfb-4db8a1b1.twuseb.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://bia.twuseb.us/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg HTTP/1.1Host: 8adbfcfb-4db8a1b1.twuseb.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://bia.twuseb.us/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_cc2c59f5ef2c09e14b08.js HTTP/1.1Host: 8adbfcfb-4db8a1b1.twuseb.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bia.twuseb.us/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1Host: 8adbfcfb-4db8a1b1.twuseb.usConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg HTTP/1.1Host: 8adbfcfb-4db8a1b1.twuseb.usConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg HTTP/1.1Host: 8adbfcfb-4db8a1b1.twuseb.usConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg HTTP/1.1Host: 8adbfcfb-4db8a1b1.twuseb.usConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_cc2c59f5ef2c09e14b08.js HTTP/1.1Host: 8adbfcfb-4db8a1b1.twuseb.usConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="
Source: global traffic	HTTP traffic detected: GET /4db8a1b1ae734ef1bd17ae68b3aa9590/ HTTP/1.1Host: bia.twuseb.usConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://bia.twuseb.usSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1; MicrosoftApplicationsTelemetryDeviceId=4c52e5e4-3aec-4ec7-bb1d-f3dc78a5af30; brcap=0Sec-WebSocket-Key: nnpRm2xDqj1058vXNIWiJQ==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /4db8a1b1ae734ef1bd17ae68b3aa9590/ HTTP/1.1Host: bia.twuseb.usConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://bia.twuseb.usSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1; MicrosoftApplicationsTelemetryDeviceId=4c52e5e4-3aec-4ec7-bb1d-f3dc78a5af30; brcap=0Sec-WebSocket-Key: c3bxaGAo3ZpwjgoxjuhwvA==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /4db8a1b1ae734ef1bd17ae68b3aa9590/ HTTP/1.1Host: bia.twuseb.usConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://bia.twuseb.usSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1; MicrosoftApplicationsTelemetryDeviceId=4c52e5e4-3aec-4ec7-bb1d-f3dc78a5af30; brcap=0; ai_session=EOjO69QqDUeV/NotU/27Xp\|1734727329215\|1734727329215Sec-WebSocket-Key: ottNOxXA4WjBOXYig0qkfQ==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /4db8a1b1ae734ef1bd17ae68b3aa9590/ HTTP/1.1Host: bia.twuseb.usConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://bia.twuseb.usSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1; MicrosoftApplicationsTelemetryDeviceId=4c52e5e4-3aec-4ec7-bb1d-f3dc78a5af30; brcap=0; ai_session=EOjO69QqDUeV/NotU/27Xp\|1734727329215\|1734727329215; MC1="GUID=9ae7e430ddba4fd2a76a154022601377&HASH=9ae7&LV=202412&V=4&LU=1734727334363"; MS0=e745c479dbd84b89bc76b764dc774762Sec-WebSocket-Key: WRZQRniN5aWTQvhQAU1MxQ==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /4db8a1b1ae734ef1bd17ae68b3aa9590/ HTTP/1.1Host: bia.twuseb.usConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://bia.twuseb.usSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="; AADSSO=NA\|NoExtension; MicrosoftApplicationsTelemetryDeviceId=4c52e5e4-3aec-4ec7-bb1d-f3dc78a5af30; brcap=0; ai_session=EOjO69QqDUeV/NotU/27Xp\|1734727329215\|1734727329215; MC1="GUID=9ae7e430ddba4fd2a76a154022601377&HASH=9ae7&LV=202412&V=4&LU=1734727334363"; MS0=e745c479dbd84b89bc76b764dc774762Sec-WebSocket-Key: LBvHrgrPMEDrsVViTyn18A==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /4db8a1b1ae734ef1bd17ae68b3aa9590/ HTTP/1.1Host: bia.twuseb.usConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://bia.twuseb.usSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="; AADSSO=NA\|NoExtension; MicrosoftApplicationsTelemetryDeviceId=4c52e5e4-3aec-4ec7-bb1d-f3dc78a5af30; brcap=0; ai_session=EOjO69QqDUeV/NotU/27Xp\|1734727329215\|1734727329215; MC1="GUID=9ae7e430ddba4fd2a76a154022601377&HASH=9ae7&LV=202412&V=4&LU=1734727334363"; MS0=e745c479dbd84b89bc76b764dc774762Sec-WebSocket-Key: xLtPEFBw0wYQKYml9azgig==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: aselog24x7.clConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9

Source: chromecache_185.1.dr	String found in binary or memory: M.getElementsByTagName("iframe"),oa=Q.length,na=0;na<oa;na++)if(!v&&c(Q[na],H.Xe)){UK("https://www.youtube.com/iframe_api");v=!0;break}})}}else G(t.vtp_gtmOnSuccess)}var q=["www.youtube.com","www.youtube-nocookie.com"],r={UNSTARTED:-1,ENDED:0,PLAYING:1,PAUSED:2,BUFFERING:3,CUED:5},u,v=!1;X.__ytl=n;X.__ytl.o="ytl";X.__ytl.isVendorTemplate=!0;X.__ytl.priorityOverride=0;X.__ytl.isInfrastructure=!1; equals www.youtube.com (Youtube)
Source: chromecache_135.1.dr, chromecache_141.1.dr, chromecache_170.1.dr, chromecache_140.1.dr, chromecache_200.1.dr, chromecache_185.1.dr	String found in binary or memory: Math.round(q);t["gtm.videoElapsedTime"]=Math.round(f);t["gtm.videoPercent"]=r;t["gtm.videoVisible"]=u;return t},Ik:function(){e=nb()},Gd:function(){d()}}};var Vb=wa(["data-gtm-yt-inspected-"]),XD=["www.youtube.com","www.youtube-nocookie.com"],YD,ZD=!1; equals www.youtube.com (Youtube)
Source: chromecache_161.1.dr, chromecache_190.1.dr	String found in binary or memory: did"](19,49152,null,0,u.ButtonComponent,[],{icon:[0,"icon"]},null)],(function(e,t){var n=t.component;e(t,5,0,n.shareUrl,n.share);e(t,10,0,"embed");e(t,13,0,"fb");e(t,16,0,"twitter");e(t,19,0,"reddit")}),(function(e,t){var n=t.component;e(t,11,0,"https://www.facebook.com/sharer/sharer.php?u="+n.shareUrl),e(t,14,0,"https://twitter.com/intent/tweet?&url="+n.shareUrl),e(t,17,0,"http://www.reddit.com/submit?url="+n.shareUrl)}))}function g(e){return r[" equals www.facebook.com (Facebook)
Source: chromecache_161.1.dr, chromecache_190.1.dr	String found in binary or memory: did"](19,49152,null,0,u.ButtonComponent,[],{icon:[0,"icon"]},null)],(function(e,t){var n=t.component;e(t,5,0,n.shareUrl,n.share);e(t,10,0,"embed");e(t,13,0,"fb");e(t,16,0,"twitter");e(t,19,0,"reddit")}),(function(e,t){var n=t.component;e(t,11,0,"https://www.facebook.com/sharer/sharer.php?u="+n.shareUrl),e(t,14,0,"https://twitter.com/intent/tweet?&url="+n.shareUrl),e(t,17,0,"http://www.reddit.com/submit?url="+n.shareUrl)}))}function g(e){return r[" equals www.twitter.com (Twitter)
Source: chromecache_135.1.dr, chromecache_141.1.dr, chromecache_140.1.dr, chromecache_200.1.dr	String found in binary or memory: if(!(e\|\|f\|\|g\|\|k.length\|\|m.length))return;var p={Hh:e,Fh:f,Gh:g,mi:k,ni:m,Xe:n,Jb:b},q=A.YT;if(q)return q.ready&&q.ready(d),b;var r=A.onYouTubeIframeAPIReady;A.onYouTubeIframeAPIReady=function(){r&&r();d()};G(function(){for(var u=E.getElementsByTagName("script"),v=u.length,t=0;t<v;t++){var w=u[t].getAttribute("src");if(hE(w,"iframe_api")\|\|hE(w,"player_api"))return b}for(var x=E.getElementsByTagName("iframe"),y=x.length,B=0;B<y;B++)if(!ZD&&fE(x[B],p.Xe))return lc("https://www.youtube.com/iframe_api"), equals www.youtube.com (Youtube)
Source: chromecache_191.1.dr, chromecache_174.1.dr, chromecache_183.1.dr, chromecache_148.1.dr	String found in binary or memory: return b}VD.F="internal.enableAutoEventOnTimer";var Vb=wa(["data-gtm-yt-inspected-"]),XD=["www.youtube.com","www.youtube-nocookie.com"],YD,ZD=!1; equals www.youtube.com (Youtube)
Source: chromecache_170.1.dr, chromecache_185.1.dr	String found in binary or memory: var jD=function(a,b,c,d,e){var f=aB("fsl",c?"nv.mwt":"mwt",0),g;g=c?aB("fsl","nv.ids",[]):aB("fsl","ids",[]);if(!g.length)return!0;var k=fB(a,"gtm.formSubmit",g),m=a.action;m&&m.tagName&&(m=a.cloneNode(!1).action);T(121);if(m==="https://www.facebook.com/tr/")return T(122),!0;k["gtm.elementUrl"]=m;k["gtm.formCanceled"]=c;a.getAttribute("name")!=null&&(k["gtm.interactedFormName"]=a.getAttribute("name"));e&&(k["gtm.formSubmitElement"]=e,k["gtm.formSubmitElementText"]=e.value);if(d&&f){if(!Mz(k,Oz(b, equals www.facebook.com (Facebook)

Source: global traffic	DNS traffic detected: DNS query: aselog24x7.cl
Source: global traffic	DNS traffic detected: DNS query: premiumgain.nimbusweb.me
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: d3hogio4d1txum.cloudfront.net
Source: global traffic	DNS traffic detected: DNS query: nimbusweb.me
Source: global traffic	DNS traffic detected: DNS query: metric.nimbusweb.me
Source: global traffic	DNS traffic detected: DNS query: stt.nimbusweb.me
Source: global traffic	DNS traffic detected: DNS query: bia.twuseb.us
Source: global traffic	DNS traffic detected: DNS query: stats.g.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: l.getsitecontrol.com
Source: global traffic	DNS traffic detected: DNS query: s2.getsitecontrol.com
Source: global traffic	DNS traffic detected: DNS query: analytics.google.com
Source: global traffic	DNS traffic detected: DNS query: 8adbfcfb-4db8a1b1.twuseb.us
Source: global traffic	DNS traffic detected: DNS query: events.getsitectrl.com
Source: global traffic	DNS traffic detected: DNS query: 8e1d6ffe-4db8a1b1.twuseb.us
Source: global traffic	DNS traffic detected: DNS query: 87e039e4-4db8a1b1.twuseb.us
Source: global traffic	DNS traffic detected: DNS query: l1ve.twuseb.us
Source: global traffic	DNS traffic detected: DNS query: 65f66297-4db8a1b1.twuseb.us
Source: global traffic	DNS traffic detected: DNS query: 1b9f8d12-4db8a1b1.twuseb.us

Source: unknown

HTTP traffic detected: POST /timing/share_page_load HTTP/1.1Host: metric.nimbusweb.meConnection: keep-aliveContent-Length: 10sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36content-type: application/x-www-form-urlencodedAccept: */*Origin: https://premiumgain.nimbusweb.meSec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://premiumgain.nimbusweb.me/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 20 Dec 2024 20:41:34 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeVary: Accept-Encodingcache-control: privatep3p: CP="DSP CUR OTPi IND OTRi ONL FIN"x-ms-request-id: 899dbb4f-8b35-40a3-afc3-76a4431be800x-ms-ests-server: 2.1.19683.3 - FRC ProdSlicesreport-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://8e1d6ffe-4db8a1b1.twuseb.us/api/report?catId=GW+estsfd+frc"}]}nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}x-ms-srs: 1.Preferrer-policy: strict-origin-when-cross-originaccess-control-allow-origin: access-control-allow-headers:
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 20 Dec 2024 20:41:34 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeVary: Accept-Encodingcache-control: privatep3p: CP="DSP CUR OTPi IND OTRi ONL FIN"x-ms-request-id: 7e8beaf7-7dfc-49c7-aaf2-1f973a74eb01x-ms-ests-server: 2.1.19683.3 - SEC ProdSlicesreport-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://8e1d6ffe-4db8a1b1.twuseb.us/api/report?catId=GW+estsfd+frc"}]}nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}x-ms-srs: 1.Preferrer-policy: strict-origin-when-cross-originaccess-control-allow-origin: access-control-allow-headers:
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 20 Dec 2024 20:41:45 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeVary: Accept-Encodingcache-control: privatep3p: CP="DSP CUR OTPi IND OTRi ONL FIN"x-ms-request-id: be9d2c48-002e-4abd-9001-b58fcaa62d00x-ms-ests-server: 2.1.19683.6 - NEULR1 ProdSlicesreport-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://8e1d6ffe-4db8a1b1.twuseb.us/api/report?catId=GW+estsfd+frc"}]}nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}x-ms-srs: 1.Preferrer-policy: strict-origin-when-cross-originaccess-control-allow-origin: access-control-allow-headers:
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 20 Dec 2024 20:41:48 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: closeVary: Accept-Encodingcache-control: no-store, no-cachex-ms-correlation-id: b73b7cb2-ac9e-4b7b-a5e6-37fb55726b8dx-ua-compatible: IE=Edgex-cache: CONFIG_NOCACHEx-msedge-ref: Ref A: E93AACCA80E644FE92C2ED10E4E16139 Ref B: BY3EDGE0120 Ref C: 2024-12-20T20:41:48Zaccess-control-allow-origin: access-control-allow-headers:
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 20 Dec 2024 20:41:51 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeVary: Accept-Encodingcache-control: privatep3p: CP="DSP CUR OTPi IND OTRi ONL FIN"x-ms-request-id: ba64c6b0-3f19-4e2e-ac50-dc5c25cf3c00x-ms-ests-server: 2.1.19683.6 - SEC ProdSlicesreport-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://8e1d6ffe-4db8a1b1.twuseb.us/api/report?catId=GW+estsfd+frc"}]}nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}x-ms-srs: 1.Preferrer-policy: strict-origin-when-cross-originaccess-control-allow-origin: access-control-allow-headers:
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 20 Dec 2024 20:42:00 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeVary: Accept-Encodingcache-control: privatep3p: CP="DSP CUR OTPi IND OTRi ONL FIN"x-ms-request-id: 85fb312d-720b-4835-b5dd-fabaa9f12e00x-ms-ests-server: 2.1.19683.6 - FRC ProdSlicesreport-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://8e1d6ffe-4db8a1b1.twuseb.us/api/report?catId=GW+estsfd+frc"}]}nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}x-ms-srs: 1.Preferrer-policy: strict-origin-when-cross-originaccess-control-allow-origin: access-control-allow-headers:
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 20 Dec 2024 20:42:10 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeVary: Accept-Encodingcache-control: privatep3p: CP="DSP CUR OTPi IND OTRi ONL FIN"x-ms-request-id: b824d423-6a79-442f-bb10-f153e79a3d00x-ms-ests-server: 2.1.19683.6 - WEULR1 ProdSlicesreport-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://8e1d6ffe-4db8a1b1.twuseb.us/api/report?catId=GW+estsfd+frc"}]}nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}x-ms-srs: 1.Preferrer-policy: strict-origin-when-cross-originaccess-control-allow-origin: access-control-allow-headers:
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 20 Dec 2024 20:42:23 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeVary: Accept-Encodingcache-control: privatep3p: CP="DSP CUR OTPi IND OTRi ONL FIN"x-ms-request-id: 2b4afc0a-24c3-425c-b33a-95d264133400x-ms-ests-server: 2.1.19683.6 - NEULR1 ProdSlicesreport-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://8e1d6ffe-4db8a1b1.twuseb.us/api/report?catId=GW+estsfd+frc"}]}nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}x-ms-srs: 1.Preferrer-policy: strict-origin-when-cross-originaccess-control-allow-origin: access-control-allow-headers:
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 20 Dec 2024 20:42:38 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeVary: Accept-Encodingcache-control: privatep3p: CP="DSP CUR OTPi IND OTRi ONL FIN"x-ms-request-id: e4290cf3-b6c0-4ef0-addd-0139f3ce2700x-ms-ests-server: 2.1.19683.6 - NEULR1 ProdSlicesreport-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://8e1d6ffe-4db8a1b1.twuseb.us/api/report?catId=GW+estsfd+frc"}]}nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}x-ms-srs: 1.Preferrer-policy: strict-origin-when-cross-originaccess-control-allow-origin: access-control-allow-headers:

Source: chromecache_125.1.dr, chromecache_132.1.dr	String found in binary or memory: http://bit.ly/2sd4HMP
Source: chromecache_190.1.dr	String found in binary or memory: http://g.co/ng/security#xss)
Source: chromecache_138.1.dr, chromecache_163.1.dr	String found in binary or memory: http://hammerjs.github.io/
Source: chromecache_190.1.dr	String found in binary or memory: http://nimb.ws/EkX87M
Source: chromecache_122.1.dr	String found in binary or memory: http://polymer.github.io/AUTHORS.txt
Source: chromecache_122.1.dr	String found in binary or memory: http://polymer.github.io/CONTRIBUTORS.txt
Source: chromecache_122.1.dr	String found in binary or memory: http://polymer.github.io/LICENSE.txt
Source: chromecache_122.1.dr	String found in binary or memory: http://polymer.github.io/PATENTS.txt
Source: chromecache_190.1.dr	String found in binary or memory: https://...
Source: chromecache_185.1.dr	String found in binary or memory: https://adservice.google.com/pagead/regclk?
Source: chromecache_184.1.dr, chromecache_156.1.dr	String found in binary or memory: https://ampcid.google.com/v1/publisher:getClientId
Source: chromecache_125.1.dr, chromecache_132.1.dr	String found in binary or memory: https://angular.io/api/common/NgForOf#change-propagation
Source: chromecache_125.1.dr, chromecache_132.1.dr	String found in binary or memory: https://angular.io/api/core/Component#animations).
Source: chromecache_125.1.dr, chromecache_132.1.dr	String found in binary or memory: https://angular.io/errors/NG0$
Source: chromecache_191.1.dr, chromecache_174.1.dr, chromecache_135.1.dr, chromecache_141.1.dr, chromecache_170.1.dr, chromecache_140.1.dr, chromecache_200.1.dr, chromecache_183.1.dr, chromecache_148.1.dr, chromecache_185.1.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: chromecache_175.1.dr, chromecache_124.1.dr	String found in binary or memory: https://cloud.google.com/contact
Source: chromecache_175.1.dr, chromecache_124.1.dr	String found in binary or memory: https://cloud.google.com/recaptcha-enterprise/billing-information
Source: chromecache_172.1.dr, chromecache_167.1.dr	String found in binary or memory: https://d3hogio4d1txum.cloudfront.net/tasks-bundle.20241017.css
Source: chromecache_172.1.dr, chromecache_167.1.dr	String found in binary or memory: https://d3hogio4d1txum.cloudfront.net/tasks-bundle.20241017.js
Source: chromecache_125.1.dr, chromecache_132.1.dr	String found in binary or memory: https://d3jlxgnskmmqem.cloudfront.net/diamond-animation/animation-blue.json
Source: chromecache_125.1.dr, chromecache_132.1.dr	String found in binary or memory: https://d3jlxgnskmmqem.cloudfront.net/diamond-animation/animation-yellow.json
Source: chromecache_175.1.dr, chromecache_124.1.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca
Source: chromecache_175.1.dr, chromecache_124.1.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#localhost_support
Source: chromecache_175.1.dr, chromecache_124.1.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que
Source: chromecache_179.1.dr, chromecache_155.1.dr	String found in binary or memory: https://events.getsitectrl.com/api/v1/events
Source: chromecache_157.1.dr	String found in binary or memory: https://fengyuanchen.github.io/viewerjs
Source: chromecache_132.1.dr	String found in binary or memory: https://g.co/ng/security#xss)
Source: chromecache_125.1.dr, chromecache_132.1.dr	String found in binary or memory: https://goo.gl/X2J8zc.
Source: chromecache_125.1.dr, chromecache_132.1.dr	String found in binary or memory: https://goo.gl/wIDDiL
Source: chromecache_185.1.dr	String found in binary or memory: https://google.com
Source: chromecache_185.1.dr	String found in binary or memory: https://googleads.g.doubleclick.net
Source: chromecache_153.1.dr, chromecache_188.1.dr	String found in binary or memory: https://l.getsitecontrol.com/m42xj3qw.json
Source: chromecache_179.1.dr, chromecache_155.1.dr	String found in binary or memory: https://m2.getsitecontrol.com/images/45937/16a24fa610de8063461479d5c7326693_235751283.png
Source: chromecache_179.1.dr, chromecache_155.1.dr	String found in binary or memory: https://m2.getsitecontrol.com/images/45937/92b6dc2dfd1666d858aca7e557de7c36_234815107.png
Source: chromecache_125.1.dr, chromecache_132.1.dr	String found in binary or memory: https://material.angular.io/guide/theming
Source: chromecache_161.1.dr, chromecache_190.1.dr	String found in binary or memory: https://media.springernature.com/full/springer-cms/rest/v1/img/18893370/v1/height/700
Source: chromecache_172.1.dr	String found in binary or memory: https://metric.nimbusweb.me
Source: chromecache_161.1.dr, chromecache_190.1.dr	String found in binary or memory: https://mths.be/he
Source: chromecache_125.1.dr, chromecache_132.1.dr	String found in binary or memory: https://ngrx.io/guide/store/configuration/runtime-checks
Source: chromecache_172.1.dr	String found in binary or memory: https://nimbusweb.co/contact.php
Source: chromecache_172.1.dr	String found in binary or memory: https://nimbusweb.me
Source: chromecache_161.1.dr, chromecache_190.1.dr	String found in binary or memory: https://nimbusweb.me/auth/openidconnect.php?provider=
Source: chromecache_172.1.dr	String found in binary or memory: https://nimbusweb.me/client/
Source: chromecache_190.1.dr	String found in binary or memory: https://nimbusweb.me/contact-us.php
Source: chromecache_172.1.dr	String found in binary or memory: https://nimbusweb.me/pricing.php
Source: chromecache_179.1.dr, chromecache_155.1.dr	String found in binary or memory: https://nimbusweb.me/pricing.php?ws_banner=dunningType_past_due_invoice_day14B2B
Source: chromecache_179.1.dr, chromecache_155.1.dr	String found in binary or memory: https://nimbusweb.me/pricing.php?ws_banner=dunningType_past_due_invoice_day14B2C
Source: chromecache_161.1.dr, chromecache_190.1.dr	String found in binary or memory: https://nimbusweb.me/s/share/4246032/x9umr2emrgvf4xxa45vy
Source: chromecache_190.1.dr	String found in binary or memory: https://nimbusweb.me/s/share/5441210/4qccr41slk6wsw61h5fb
Source: chromecache_161.1.dr, chromecache_190.1.dr	String found in binary or memory: https://nimbusweb.me/s/share/5441213/cwwryo2477pssn2sgkww
Source: chromecache_190.1.dr	String found in binary or memory: https://nimbusweb.me/s/share/5607239/l55bgak2ivs9bfptruka#b1995924032_670
Source: chromecache_161.1.dr, chromecache_190.1.dr	String found in binary or memory: https://nimbusweb.me/screenshot/
Source: chromecache_172.1.dr	String found in binary or memory: https://nimbusweb.me/share/
Source: chromecache_172.1.dr	String found in binary or memory: https://nimbusweb.me/share/dist/common.js?v=9.26.11
Source: chromecache_172.1.dr	String found in binary or memory: https://nimbusweb.me/share/dist/vendor/webcomponents-bundle.js?v=9.26.11
Source: chromecache_172.1.dr, chromecache_199.1.dr, chromecache_161.1.dr, chromecache_119.1.dr, chromecache_190.1.dr	String found in binary or memory: https://nimbusweb.me/terms-and-conditions.php
Source: chromecache_179.1.dr, chromecache_155.1.dr	String found in binary or memory: https://nimbusweb.me/user-billing/edit-billinginfo?ws_banner=dunningType_past_due_invoice
Source: chromecache_179.1.dr, chromecache_155.1.dr	String found in binary or memory: https://nimbusweb.me/user-billing/edit-billinginfo?ws_banner=dunningType_past_due_invoice_day0
Source: chromecache_179.1.dr, chromecache_155.1.dr	String found in binary or memory: https://nimbusweb.me/user-billing/edit-billinginfo?ws_banner=dunningType_past_due_invoice_day3
Source: chromecache_179.1.dr, chromecache_155.1.dr	String found in binary or memory: https://nimbusweb.me/user-billing/edit-billinginfo?ws_banner=dunningType_past_due_invoice_day5
Source: chromecache_179.1.dr, chromecache_155.1.dr	String found in binary or memory: https://nimbusweb.me/user-billing/edit-billinginfo?ws_banner=dunningType_past_due_invoice_day7
Source: chromecache_185.1.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: chromecache_191.1.dr, chromecache_174.1.dr, chromecache_135.1.dr, chromecache_141.1.dr, chromecache_170.1.dr, chromecache_140.1.dr, chromecache_200.1.dr, chromecache_183.1.dr, chromecache_148.1.dr, chromecache_185.1.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: chromecache_124.1.dr	String found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: chromecache_167.1.dr	String found in binary or memory: https://premiumgain.nimbusweb.me
Source: chromecache_167.1.dr	String found in binary or memory: https://premiumgain.nimbusweb.me/share/dist/i/b8f7709850a83dcde71fd51d51ef3f59.png
Source: chromecache_167.1.dr	String found in binary or memory: https://premiumgain.nimbusweb.me/share/dist/i/ff6a823eabd85e67c626d007c2830bd5.png
Source: chromecache_155.1.dr	String found in binary or memory: https://s2.getsitecontrol.com/widgets/es6/runtime.0e5d0b4.js
Source: chromecache_174.1.dr, chromecache_135.1.dr, chromecache_141.1.dr, chromecache_140.1.dr, chromecache_200.1.dr, chromecache_148.1.dr	String found in binary or memory: https://stats.g.doubleclick.net/g/collect
Source: chromecache_156.1.dr	String found in binary or memory: https://stats.g.doubleclick.net/j/collect
Source: chromecache_124.1.dr	String found in binary or memory: https://support.google.com/recaptcha
Source: chromecache_175.1.dr, chromecache_124.1.dr	String found in binary or memory: https://support.google.com/recaptcha#6262736
Source: chromecache_175.1.dr, chromecache_124.1.dr	String found in binary or memory: https://support.google.com/recaptcha/#6175971
Source: chromecache_175.1.dr, chromecache_124.1.dr	String found in binary or memory: https://support.google.com/recaptcha/?hl=en#6223828
Source: chromecache_179.1.dr, chromecache_155.1.dr	String found in binary or memory: https://support.nimbusweb.co/portal/en/newticket
Source: chromecache_184.1.dr, chromecache_156.1.dr	String found in binary or memory: https://tagassistant.google.com/
Source: chromecache_191.1.dr, chromecache_174.1.dr, chromecache_135.1.dr, chromecache_141.1.dr, chromecache_170.1.dr, chromecache_140.1.dr, chromecache_200.1.dr, chromecache_183.1.dr, chromecache_148.1.dr, chromecache_185.1.dr	String found in binary or memory: https://td.doubleclick.net
Source: chromecache_172.1.dr	String found in binary or memory: https://teams.nimbusweb.me
Source: chromecache_172.1.dr	String found in binary or memory: https://text.nimbusweb.me
Source: chromecache_191.1.dr, chromecache_170.1.dr, chromecache_183.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.google-analytics.com/analytics.js
Source: chromecache_184.1.dr, chromecache_156.1.dr	String found in binary or memory: https://www.google-analytics.com/debug/bootstrap?id=
Source: chromecache_184.1.dr, chromecache_156.1.dr	String found in binary or memory: https://www.google-analytics.com/gtm/js?id=
Source: chromecache_184.1.dr, chromecache_156.1.dr	String found in binary or memory: https://www.google.%/ads/ga-audiences
Source: chromecache_185.1.dr	String found in binary or memory: https://www.google.com
Source: chromecache_184.1.dr, chromecache_156.1.dr	String found in binary or memory: https://www.google.com/ads/ga-audiences
Source: chromecache_172.1.dr, chromecache_167.1.dr	String found in binary or memory: https://www.google.com/recaptcha/api.js
Source: chromecache_171.1.dr, chromecache_175.1.dr, chromecache_166.1.dr, chromecache_124.1.dr	String found in binary or memory: https://www.google.com/recaptcha/api2/
Source: chromecache_185.1.dr	String found in binary or memory: https://www.googleadservices.com
Source: chromecache_185.1.dr	String found in binary or memory: https://www.googletagmanager.com
Source: chromecache_135.1.dr, chromecache_170.1.dr, chromecache_140.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.googletagmanager.com/a?
Source: chromecache_184.1.dr, chromecache_156.1.dr	String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=
Source: chromecache_135.1.dr, chromecache_170.1.dr, chromecache_140.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.googletagmanager.com/static/service_worker/
Source: chromecache_175.1.dr, chromecache_124.1.dr	String found in binary or memory: https://www.gstatic.c..?/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__.
Source: chromecache_171.1.dr, chromecache_166.1.dr	String found in binary or memory: https://www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__en.js
Source: chromecache_174.1.dr, chromecache_135.1.dr, chromecache_141.1.dr, chromecache_140.1.dr, chromecache_200.1.dr, chromecache_148.1.dr	String found in binary or memory: https://www.merchant-center-analytics.goog
Source: chromecache_135.1.dr, chromecache_141.1.dr, chromecache_170.1.dr, chromecache_140.1.dr, chromecache_200.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.youtube.com/iframe_api

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 49841 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49847
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49846
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49844
Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49841
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49840
Source: unknown	Network traffic detected: HTTP traffic on port 49834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49839
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49837
Source: unknown	Network traffic detected: HTTP traffic on port 49847 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49834
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49833
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49832
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 49846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49837 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49696
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49700 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49844 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 49677 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49700
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 49842 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49833 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49696 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49832 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443

Source: unknown	HTTPS traffic detected: 13.107.4.254:443 -> 192.168.2.16:49844 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 204.79.197.200:443 -> 192.168.2.16:49845 version: TLS 1.2

Source: classification engine

Classification label: mal56.phis.win@19/134@60/19

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 --field-trial-handle=1964,i,5279644903293289592,10840831433166987168,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://aselog24x7.cl/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 --field-trial-handle=1964,i,5279644903293289592,10840831433166987168,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: Window Recorder

Window detected: More than 3 window changes detected

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
3.160.185.95	d3hogio4d1txum.cloudfront.net	United States	16509	AMAZON-02US	false
200.63.97.50	aselog24x7.cl	Chile	265831	SOCCOMERCIALWIRENETCHILELTDACL	false
172.217.19.164	unknown	United States	15169	GOOGLEUS	false
142.250.181.132	www.google.com	United States	15169	GOOGLEUS	false
142.250.181.110	analytics.google.com	United States	15169	GOOGLEUS	false
216.239.34.21	unknown	United States	15169	GOOGLEUS	false
66.102.1.156	stats.g.doubleclick.net	United States	15169	GOOGLEUS	false
216.239.36.21	stt.nimbusweb.me	United States	15169	GOOGLEUS	false
143.244.56.58	gscstatic2.b-cdn.net	United States	174	COGENT-174US	false
108.158.75.7	metric.nimbusweb.me	United States	16509	AMAZON-02US	false
216.137.52.31	premiumgain.nimbusweb.me	United States	8014	BATELNETBS	false
108.158.75.61	unknown	United States	16509	AMAZON-02US	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
18.66.161.15	nimbusweb.me	United States	3	MIT-GATEWAYSUS	false
216.137.52.105	unknown	United States	8014	BATELNETBS	false
173.255.223.22	l1ve.twuseb.us	United States	63949	LINODE-APLinodeLLCUS	false
138.199.15.193	gscwidgets2.b-cdn.net	European Union	51964	ORANGE-BUSINESS-SERVICES-IPSN-ASNFR	false
44.209.154.24	events.getsitectrl.com	United States	14618	AMAZON-AESUS	false

Private

IP
192.168.2.16

Contacted Domains

Name	IP	Active
stt.nimbusweb.me	216.239.36.21	true
l1ve.twuseb.us	173.255.223.22	true
1b9f8d12-4db8a1b1.twuseb.us	173.255.223.22	true
premiumgain.nimbusweb.me	216.137.52.31	true
metric.nimbusweb.me	108.158.75.7	true
stats.g.doubleclick.net	66.102.1.156	true
gscstatic2.b-cdn.net	143.244.56.58	true
aselog24x7.cl	200.63.97.50	true
events.getsitectrl.com	44.209.154.24	true
87e039e4-4db8a1b1.twuseb.us	173.255.223.22	true
65f66297-4db8a1b1.twuseb.us	173.255.223.22	true
www.google.com	142.250.181.132	true
gscwidgets2.b-cdn.net	138.199.15.193	true
analytics.google.com	142.250.181.110	true
d3hogio4d1txum.cloudfront.net	3.160.185.95	true
bia.twuseb.us	173.255.223.22	true
8adbfcfb-4db8a1b1.twuseb.us	173.255.223.22	true
nimbusweb.me	18.66.161.15	true
8e1d6ffe-4db8a1b1.twuseb.us	173.255.223.22	true
s2.getsitecontrol.com	unknown	unknown
l.getsitecontrol.com	unknown	unknown

Contacted URLs

Name	Malicious	Reputation
https://8adbfcfb-4db8a1b1.twuseb.us/shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg	true	unknown
https://events.getsitectrl.com/api/v1/events	false	high
https://metric.nimbusweb.me/timing/share_init_editor_dump	false	unknown
https://8adbfcfb-4db8a1b1.twuseb.us/shared/1.0/content/js/ConvergedLogin_PCore_kAx9qZOSH4g90FNHstHMCA2.js	true	unknown
https://bia.twuseb.us/favicon.ico	true	unknown
https://l1ve.twuseb.us/Me.htm?v=3	true	unknown
https://premiumgain.nimbusweb.me/share/dist/f/12365dee78645ac21eaec216a048746c.woff	false	unknown
https://premiumgain.nimbusweb.me/share/dist/hammer.min.js	false	unknown
https://8e1d6ffe-4db8a1b1.twuseb.us/api/report?catId=GW+estsfd+frc	true	unknown
https://8adbfcfb-4db8a1b1.twuseb.us/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico	true	unknown
https://stt.nimbusweb.me/gtlytics.js?id=GTM-WHFRJTP	false	unknown
https://1b9f8d12-4db8a1b1.twuseb.us/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.6&apikey=b0c252808e614e949086e019ae1cb300-e0c02060-e3b3-4965-bd7c-415e1a7a9fde-6951&upload-time=1734727329219&time-delta-to-apply-millis=use-collector-delta&w=0&NoResponseBody=true	true	unknown
https://bia.twuseb.us/?N4JV=9Xdg	false	unknown
https://premiumgain.nimbusweb.me/share/dist/index.js?v=9.26.11-73fecd7b	false	unknown
https://8adbfcfb-4db8a1b1.twuseb.us/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_i8f-75gfk3tbsm8bmatnqa2.js	true	unknown
https://premiumgain.nimbusweb.me/share/dist/assets/loader-32.png	false	unknown
https://premiumgain.nimbusweb.me/share/11450334/ots3f4w6xehf2feb09wy	false	unknown
https://nimbusweb.me/share/dist/common.js?v=9.26.11	false	high
https://metric.nimbusweb.me/timing/share_page_load	false	unknown
https://s2.getsitecontrol.com/widgets/es6/runtime.0e5d0b4.js	false	high
https://premiumgain.nimbusweb.me/share/dist/i/fb0c3c85d07caa53ebf54b3a58b8d30e.png	false	unknown
https://nimbusweb.me/share/dist/vendor/webcomponents-bundle.js?v=9.26.11	false	high
https://8adbfcfb-4db8a1b1.twuseb.us/ests/2.1/content/cdnbundles/converged.v2.login.min_81imvbluez-v5hbzpkxfcg2.css	true	unknown
https://8adbfcfb-4db8a1b1.twuseb.us/shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg	true	unknown
https://premiumgain.nimbusweb.me/share/dist/i/ff6a823eabd85e67c626d007c2830bd5.png	false	unknown
https://metric.nimbusweb.me/timing/share_page_note_title	false	unknown
https://8adbfcfb-4db8a1b1.twuseb.us/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_cc2c59f5ef2c09e14b08.js	true	unknown
https://d3hogio4d1txum.cloudfront.net/tasks-bundle.20241017.js	false	unknown
https://l.getsitecontrol.com/m42xj3qw.json	false	high
https://www.google.com/recaptcha/api.js	false	high
https://8adbfcfb-4db8a1b1.twuseb.us/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_27cef08ca792f8e8b149.js	true	unknown
https://premiumgain.nimbusweb.me/gwapi2/ft%3Atasks/shares/11450334?securityKey=ots3f4w6xehf2feb09wy&nodeId=1Hy4Ofi612giTUWL	false	unknown
https://65f66297-4db8a1b1.twuseb.us/Prefetch/Prefetch.aspx	true	unknown
https://premiumgain.nimbusweb.me/share/dist/f/80df5da08b99c807a5c6f7ae308e1f89.woff	false	unknown
https://d3hogio4d1txum.cloudfront.net/tasks-bundle.20241017.css	false	unknown
https://premiumgain.nimbusweb.me/user-marketing-info/	false	unknown
https://premiumgain.nimbusweb.me/share/share-api/mentionDiff	false	unknown
https://8adbfcfb-4db8a1b1.twuseb.us/shared/1.0/content/js/BssoInterrupt_Core_zKox_QMcTIVut7mG_Z9Eew2.js	true	unknown
https://8adbfcfb-4db8a1b1.twuseb.us/shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg	true	unknown

Name	Type	MD5	SHA1	SHA256
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Dec 20 19:40:41 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	14C97AD7C83E1A27E15C99B72012462F	F0FD7E7D3C599095D077220E87255D112BFC385D	90A0A66CB76ACCED793A21F88EDB3F86499481F79F56D9F159C29932A33DA2FC
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Dec 20 19:40:41 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	E7154D207831B856C665F82E45D7CDA1	FBF828E84289802D7612B97BB0229F711E6865C5	6CF9954BB755DFCF43086CBB982800F4C8064692C176156D6ABCB4FB299E867C
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	E4F3DE76CB0422788A1DFAD69C92C388	50D736016986D827B430211D165A8D418DF3D518	0C8846DC66115EA52D8BCD698BF91232AE2F6BABFA3ABEDA394A718E12208D9B
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Dec 20 19:40:41 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	668E22D9FF7325CC1614A15A306B16F3	8D5D1E541BD1FE636469E89F9369E78B51A8A3A2	D65F1EBDF96A8D3E3DFCA392525B26E4A83C4E19678B4E86BF2A6C7E188C5016
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Dec 20 19:40:41 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	90E3A1264DDCD62F2C67DD2078FAA5DF	AFA4DBB68B39DE75EA617C7F5C2846F07E5B25A8	B7FD7E8746B5FB52CE8AB58C098C5D42C623A8948A65410A712B36BD741CB2EE
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Dec 20 19:40:41 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	2F7C41670C28A276F29B3114ACC1C617	4A3464F07582874FD4D27E40D48DCD673429D4E9	DC4C4900F4CE880E43351619295CE61E294000B1E3D14101C79E6620C2139F95
Chrome Cache Entry: 117	gzip compressed data, from Unix, original size modulo 2^32 407050	D184AD57332C1C182841018768FDC616	04BB1C465637C19EABB4FB7AE520A0907C3CD236	B3CB249B77911E1389E48388CA8345E232BB691E6C8986723D5D2D446BFAF7AC
Chrome Cache Entry: 118	ASCII text, with very long lines (5844)	40E18F7BB11B8DB06FC0638314B08E93	4F20AAF99447628CC4681932ECFBB8A25023CBFB	884D03FED760723D780AD868D3344B83528415E6F4AF3ABC5DD18A3FDA6D4FF9
Chrome Cache Entry: 119	JSON data	F1AAD3854C9944CE1FE05CF112A5FF1E	4A91A78E279AEBBFAE8E20C4AE0EEB05FB1BCB42	4C14D6054E122286D8F34AA993AB43591046600472CB5E48A13166FFF3D37418
Chrome Cache Entry: 120	gzip compressed data, original size modulo 2^32 1592	ECC8894D3791BEDDB4E0226F8DAB065A	6510EB51E76A49746C526E432455549B50DE5AF1	64C8C0A9EFBC27AD86EAEC90465B75C52AE8CD68F7E76FC9431DC6AE66072AC3
Chrome Cache Entry: 121	gzip compressed data, original size modulo 2^32 3651	DF6A7721C242813411CC6950DF40F9B3	B2068C4A65C183AAD6FC22A44CC1FA449CD355B4	AA53B6DC744357B392FC57C34E516BAE465D4A6837775C137A176D599C8EA948
Chrome Cache Entry: 122	ASCII text, with very long lines (999)	893102E1869ADC5BCE0A94FEB6F74249	AA12E4ED5006F270AB072E00D749A2D0CC392198	E233A0FFB3016B204EDB0BBB841952FEB31A194AD53CD473C76003391F24BFD3
Chrome Cache Entry: 123	gzip compressed data, from Unix, original size modulo 2^32 113424	69F909D3BA8C6B993DD001B8B9F54F55	F9EAAAA6BC33CE60A2DA8E9FF0F3408CC21CC9EA	5DEB7C0DFBFFCA6439CADD009CD4F57AF7C3E8B6AD9B1467DB95A1B0DC262B0C
Chrome Cache Entry: 124	HTML document, ASCII text, with very long lines (654)	19DDAC3BE88EDA2C8263C5D52FA7F6BD	C81720778F57C56244C72CE6EF402BB4DE5F9619	B261530F05E272E18B5B5C86D860C4979C82B5B6C538E1643B3C94FC9BA76DD6
Chrome Cache Entry: 125	Unicode text, UTF-8 text, with very long lines (64960)	6E7A6D936DE4FE50CF1C96953682CD89	928D4727003B9876437D793A1F6855AF34ED5B1B	6DE51819A411C1B183FBC5A867B1BEDD32E9B1814D8ECD0E7AAFD414474F014B
Chrome Cache Entry: 126	gzip compressed data, from Unix, original size modulo 2^32 57510	1BB2645B377E0429225D33E4E2CC6E3F	A40797795C77CDFF574080B506BAB17DB38494B5	B3B869875C7655F97500FBA0BCE74BCE7CC1DEE31D7CE5B93EA5D6457E07F08E
Chrome Cache Entry: 127	gzip compressed data, from Unix, original size modulo 2^32 113795	FB49A5261BE1810A52DED01D981579C5	EF85933B6BA90810173F6445C6B791E70AAF475F	6F390B9E714F9CC08E126EB82116A2EC6F503901C4ACBB56E42464878441A5CC
Chrome Cache Entry: 128	gzip compressed data, from Unix, original size modulo 2^32 407050	D184AD57332C1C182841018768FDC616	04BB1C465637C19EABB4FB7AE520A0907C3CD236	B3CB249B77911E1389E48388CA8345E232BB691E6C8986723D5D2D446BFAF7AC
Chrome Cache Entry: 129	gzip compressed data, original size modulo 2^32 3651	DF6A7721C242813411CC6950DF40F9B3	B2068C4A65C183AAD6FC22A44CC1FA449CD355B4	AA53B6DC744357B392FC57C34E516BAE465D4A6837775C137A176D599C8EA948
Chrome Cache Entry: 130	Web Open Font Format, TrueType, length 246368, version 1.4	12365DEE78645AC21EAEC216A048746C	FCA809D23C8BA60E80F3ED1F7CE6A243897B494A	F08E51B27293D93D7770FA7AA4DF43908782AE51334C64649D2C8B72C35E8FC2
Chrome Cache Entry: 131	ASCII text, with very long lines (65536), with no line terminators	3AF14409140A188D90E8ABFE3FA2A40A	5C4A242BE0777A189A49F57554C97257B8941E84	295F29439726C35DF996F7FDFB173F1F979E39005B46D8A6CB091B98BAFA231C
Chrome Cache Entry: 132	Unicode text, UTF-8 text, with very long lines (64960)	6E7A6D936DE4FE50CF1C96953682CD89	928D4727003B9876437D793A1F6855AF34ED5B1B	6DE51819A411C1B183FBC5A867B1BEDD32E9B1814D8ECD0E7AAFD414474F014B
Chrome Cache Entry: 133	PNG image data, 358 x 346, 8-bit/color RGBA, non-interlaced	FB0C3C85D07CAA53EBF54B3A58B8D30E	4506D2FF8FA8550D18C8D9E431E86E0D5C6D4925	69FE14A5FA6BBD240513D7B9B432240782A3B51776C0047B892735C20EA1EAD6
Chrome Cache Entry: 134	Unicode text, UTF-8 text, with very long lines (48945), with LF, NEL line terminators	358D1530FDF2E2787AD45E3A84F90C83	E6CC352CE14EE42835D5B4F796DB97C8FD57A25C	923CEED409970B037BD94B3FBDD9B62AFD5905F1D4BFAE8DCF3A293195C8D0EE
Chrome Cache Entry: 135	ASCII text, with very long lines (22434)	865E2F42F44C8C9538682E1C9BE52BBC	37CFDA89DBE82A1895FFB8B08AC2ABD945EBE474	8852B895475DA75D6A34C71E080FD15279E8E86DE2AF35C8DE074E93282F8395
Chrome Cache Entry: 136	PNG image data, 358 x 346, 8-bit/color RGBA, non-interlaced	FB0C3C85D07CAA53EBF54B3A58B8D30E	4506D2FF8FA8550D18C8D9E431E86E0D5C6D4925	69FE14A5FA6BBD240513D7B9B432240782A3B51776C0047B892735C20EA1EAD6
Chrome Cache Entry: 137	gzip compressed data, from Unix, original size modulo 2^32 113795	FB49A5261BE1810A52DED01D981579C5	EF85933B6BA90810173F6445C6B791E70AAF475F	6F390B9E714F9CC08E126EB82116A2EC6F503901C4ACBB56E42464878441A5CC
Chrome Cache Entry: 138	ASCII text, with very long lines (20581)	084AA824C6E6F64CF28551D070ABE00C	DABFADE6656A1018D065B5F3673F4154AAF7A8BA	7953631F0E54794D2352A3CFA591C0914D73E14F90141058E3CF16BEE7939BCF
Chrome Cache Entry: 139	ASCII text, with very long lines (65536), with no line terminators	3AF14409140A188D90E8ABFE3FA2A40A	5C4A242BE0777A189A49F57554C97257B8941E84	295F29439726C35DF996F7FDFB173F1F979E39005B46D8A6CB091B98BAFA231C
Chrome Cache Entry: 140	ASCII text, with very long lines (22434)	B1457BB09F1709EC1BE6B04056C3A270	736590459B36228F548B1ED8115DAAE3DC751FB4	CB9835637E0EF9D0A6582E761D99B68F16B2D8648B57FFCB498984270AE43DF5
Chrome Cache Entry: 141	ASCII text, with very long lines (3835)	4428A272403D45CC64A13513F8F3B634	A6B770EEC22066DB193B19FBBDD3F2136332DEEA	84C8FDB901156AEE4C0707F60FA765F691E4986EE890E5ABB6B9DE8AB283B0AD
Chrome Cache Entry: 142	Unicode text, UTF-8 text, with very long lines (48945), with LF, NEL line terminators	358D1530FDF2E2787AD45E3A84F90C83	E6CC352CE14EE42835D5B4F796DB97C8FD57A25C	923CEED409970B037BD94B3FBDD9B62AFD5905F1D4BFAE8DCF3A293195C8D0EE
Chrome Cache Entry: 143	ASCII text, with very long lines (65536), with no line terminators	9E19B6354DFF8D3DA3D88D0D265E7F5C	D145EDC8AA7F058FE852B95576ACB0C8E3E318B4	C7414C792B8C81E73B4281D4001E3123BE930980614857D15ECEBE7DA7F42D98
Chrome Cache Entry: 144	gzip compressed data, from Unix, original size modulo 2^32 142291	650FDA997A3BF52D41CEF41BE0555A8A	AC727252ED485CDBF4FC8DCE959CAFDB1F7ECC8D	2532ED2CA349CE224F0D801E07661D587FFD916EA049F65440057E4A813069B7
Chrome Cache Entry: 145	ASCII text, with no line terminators	9F9FA94F28FE0DE82BC8FD039A7BDB24	6FE91F82974BD5B101782941064BCB2AFDEB17D8	9A37FDC0DBA8B23EB7D3AA9473D59A45B3547CF060D68B4D52253EE0DA1AF92E
Chrome Cache Entry: 146	ASCII text	34C520D87664032692C4315FFF455D18	978C8B03E97680EB62057A7000F6E7FD97FB9658	C40AA69F0B306CEA296DD1193C334BC0781587ED51AAB579C0433698BA9E0C4B
Chrome Cache Entry: 147	gzip compressed data, from Unix, original size modulo 2^32 450682	EAD3B805D68B7D15C244AC76CB073533	4CE2AE5F85BCD91425C971353622D698CDC6B73D	AC37743CC83AE01D732A169E0155DB4FC1D756D38ACF1FEBF71445505595F436
Chrome Cache Entry: 148	ASCII text, with very long lines (5945)	C200723EB038E811B6DE3F42BAA8A28A	D241B69A78362F6F8251F5EC45196002A8AC58F1	BD0447279D3A36B232E2008275B616FD3D03B2BC217879C4449EA27723475441
Chrome Cache Entry: 149	gzip compressed data, original size modulo 2^32 1864	2D2CBA7D7DC75F3BA9DC756738D41A6E	F87FD26066ED5E52A65DEE0ED2D581D3C3EA15AC	00E21864CF1BC70302EBB5B496C6C471A7DA8CBF600630B478A3E2376ED20EA2
Chrome Cache Entry: 150	MS Windows icon resource - 6 icons, 16x16 with PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, 24x24 with PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced, 32 bits/pixel	7E0D59593F3377B72C29435C4B43954A	B4C5C39A6DFB460BBD2EACCEB09EC8079FB6A8E2	62D706019A0D80173113EF70FBBEE12F286E8E221534BE788448AADA4B14C8E8
Chrome Cache Entry: 151	ASCII text, with very long lines (1335)	0CC3A63FE10060AF4A349E5DF666EEFE	3E8D3925B550345123F2CAB26568221FD4154F9C	92FCA55833F48B4289AC8F1CEDD48752B580FCE4EC4B5D81670B8193D6E51B54
Chrome Cache Entry: 152	gzip compressed data, original size modulo 2^32 1592	ECC8894D3791BEDDB4E0226F8DAB065A	6510EB51E76A49746C526E432455549B50DE5AF1	64C8C0A9EFBC27AD86EAEC90465B75C52AE8CD68F7E76FC9431DC6AE66072AC3
Chrome Cache Entry: 153	ASCII text, with very long lines (433), with no line terminators	607497A71B3F58C69F285D965DFBC6AA	76C5A0E7C41B2E0E84C1C83D7D17E064ABBD8385	69D8D1F0F122FE1954B10C80F12D43FB5C56F2524460D04CEAE12E4719B4692E
Chrome Cache Entry: 154	ASCII text, with no line terminators	37A6259CC0C1DAE299A7866489DFF0BD	2BE88CA4242C76E8253AC62474851065032D6833	74234E98AFE7498FB5DAF1F36AC2D78ACC339464F950703B8C019892F982B90B
Chrome Cache Entry: 155	ASCII text, with very long lines (9222)	4DE08422C32F184C4C53312679EAF155	BDC503CD996C21D1F4FEF8AA88A576C25005ACE0	D8F59368057A15E101CF020875EBB8CF4788D741E60EB2609CA0007D1244A16E
Chrome Cache Entry: 156	ASCII text, with very long lines (2343)	575B5480531DA4D14E7453E2016FE0BC	E5C5F3134FE29E60B591C87EA85951F0AEA36EE1	DE36E50194320A7D3EF1ACE9BD34A875A8BD458B253C061979DD628E9BF49AFD
Chrome Cache Entry: 157	ASCII text, with very long lines (6035)	412AFAE036368B3CF898465C15044DE4	F016F4E194B3600DCBF85B4DC4C404721D72C571	CC8469C7439711DA9657EF5AFD686228FFD87761279DF81F37E4D15FF0E50FCE
Chrome Cache Entry: 158	gzip compressed data, from Unix, original size modulo 2^32 3470	B2F7EB647947F473DC02D0570435037D	B47CAA5C1473E9A4934BECF5978C9936B0EA57EF	91F62E70161CD873A31602C5CAE1051F277EB6163C0E40267B270FF5180B3293
Chrome Cache Entry: 159	JSON data	97A5D3FF11B2221E81659ACD8EA2B213	3AFD5DEE030F0D728C7A3DB2E6C716BDADFAB018	7FDD313D50B182F09BA51C9355FB9C90E88E929E404CCD1D03816A83DA9B34D6
Chrome Cache Entry: 160	ASCII text	34C520D87664032692C4315FFF455D18	978C8B03E97680EB62057A7000F6E7FD97FB9658	C40AA69F0B306CEA296DD1193C334BC0781587ED51AAB579C0433698BA9E0C4B
Chrome Cache Entry: 161	Unicode text, UTF-8 text, with very long lines (65449)	224C3BBB8D8BBDA5D0FD2056321121DE	14325B59BB88FCA3C22242C0F02FFC1E151BC5AE	893DA41E10323C6FB5F7E2C01A55A4D7A3D00D8F8CCE01E59F5193C516B8DA90
Chrome Cache Entry: 162	ASCII text, with very long lines (999)	893102E1869ADC5BCE0A94FEB6F74249	AA12E4ED5006F270AB072E00D749A2D0CC392198	E233A0FFB3016B204EDB0BBB841952FEB31A194AD53CD473C76003391F24BFD3
Chrome Cache Entry: 163	ASCII text, with very long lines (20581)	084AA824C6E6F64CF28551D070ABE00C	DABFADE6656A1018D065B5F3673F4154AAF7A8BA	7953631F0E54794D2352A3CFA591C0914D73E14F90141058E3CF16BEE7939BCF
Chrome Cache Entry: 164	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced	FF6A823EABD85E67C626D007C2830BD5	FE6A997A92D1C85055F29BF95D746061BD9BAC5D	9FAC2F294DE40D7C9D11E392E5DF670BF14D3C536E5B41001FE672BF3F00A828
Chrome Cache Entry: 165	gzip compressed data, from Unix, original size modulo 2^32 190229	8B337F7DF8862124EA871A51E5EA5A90	91ECBCE42A9F012C61A35C412EEFC4AA4FB2EC1C	E1844834079C4501EFE8200BB14C67BB4CF02FED9947B056859F487A3225BA4B
Chrome Cache Entry: 166	ASCII text, with very long lines (1434), with no line terminators	764EE6309BF4800054E4A2A67DEB3575	2FFD2FDA8E49AD861B75DE1E5ED583D8CE1D5B0A	652E8677AEC33767D2A5F229384F79B4F526104BF7E94D7D258070F94743C3CC
Chrome Cache Entry: 167	HTML document, Unicode text, UTF-8 text, with very long lines (10508)	4087FB487A5DF11006B148E55F174736	0CAA8D40986AFBD2CB1A5C934147072E30205DE7	B7C68ED784A94A8BB55D459202FEC2D7A9E86AA40568DD3CD572634EC92FECBE
Chrome Cache Entry: 168	gzip compressed data, from Unix, original size modulo 2^32 450682	EAD3B805D68B7D15C244AC76CB073533	4CE2AE5F85BCD91425C971353622D698CDC6B73D	AC37743CC83AE01D732A169E0155DB4FC1D756D38ACF1FEBF71445505595F436
Chrome Cache Entry: 169	JSON data	39ADD032FEC88F1D2F2A027EEDC60F0D	A4405ACBC014BB793C0D828F36F586A77889729F	E981DBC606AE1D423752B90EC793537982B5E0795B87FF38039AEB4E245AAD1E
Chrome Cache Entry: 170	Unicode text, UTF-8 text, with very long lines (51633)	05356B7D8FAE40A228FB26329776A0D4	698ADC4B426BA3F4BE0E21DCD2B4329D906D40D2	716A693BC584C599DAEB5B06176052D633786EC4BE7615270E8AD466B118E0F6
Chrome Cache Entry: 171	ASCII text, with very long lines (1434), with no line terminators	764EE6309BF4800054E4A2A67DEB3575	2FFD2FDA8E49AD861B75DE1E5ED583D8CE1D5B0A	652E8677AEC33767D2A5F229384F79B4F526104BF7E94D7D258070F94743C3CC
Chrome Cache Entry: 172	HTML document, Unicode text, UTF-8 text, with very long lines (4326)	03AB8EE8732B55C40E80548AB21E8113	D288587A4BECDDBF44B2D4B821F19C7DDF6FF75E	602D3FA58CCED4FA7FFBA9A2FE2734EE201CE9D2BC953019E1E7E4AB86EC970F
Chrome Cache Entry: 173	gzip compressed data, from Unix, original size modulo 2^32 190229	61CEFBB5CEC4402A47901A35BA0787FF	40138D18FC1A97E52039D2309EDA9CE3BC547BCC	A29E390F98B0B77F1460B6FA9B6FD02BA0B6901B9A74569C9CB4358E1CD0C6F8
Chrome Cache Entry: 174	ASCII text, with very long lines (5945)	C200723EB038E811B6DE3F42BAA8A28A	D241B69A78362F6F8251F5EC45196002A8AC58F1	BD0447279D3A36B232E2008275B616FD3D03B2BC217879C4449EA27723475441
Chrome Cache Entry: 175	HTML document, ASCII text, with very long lines (654)	19DDAC3BE88EDA2C8263C5D52FA7F6BD	C81720778F57C56244C72CE6EF402BB4DE5F9619	B261530F05E272E18B5B5C86D860C4979C82B5B6C538E1643B3C94FC9BA76DD6
Chrome Cache Entry: 176	gzip compressed data, from Unix, original size modulo 2^32 142291	650FDA997A3BF52D41CEF41BE0555A8A	AC727252ED485CDBF4FC8DCE959CAFDB1F7ECC8D	2532ED2CA349CE224F0D801E07661D587FFD916EA049F65440057E4A813069B7
Chrome Cache Entry: 177	Web Open Font Format, TrueType, length 245192, version 1.4	6D82FD0D97BD44E9484816A35C937EF9	22FCDBC5DDEC03622F99267218D96E74F83C07BC	15FE86A41798EBB7F44A0762303B596188AFD537FAD2E9D707125DF61A76EB59
Chrome Cache Entry: 178	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced	FF6A823EABD85E67C626D007C2830BD5	FE6A997A92D1C85055F29BF95D746061BD9BAC5D	9FAC2F294DE40D7C9D11E392E5DF670BF14D3C536E5B41001FE672BF3F00A828
Chrome Cache Entry: 179	ASCII text, with very long lines (9222)	4DE08422C32F184C4C53312679EAF155	BDC503CD996C21D1F4FEF8AA88A576C25005ACE0	D8F59368057A15E101CF020875EBB8CF4788D741E60EB2609CA0007D1244A16E
Chrome Cache Entry: 180	gzip compressed data, from Unix, original size modulo 2^32 57510	1BB2645B377E0429225D33E4E2CC6E3F	A40797795C77CDFF574080B506BAB17DB38494B5	B3B869875C7655F97500FBA0BCE74BCE7CC1DEE31D7CE5B93EA5D6457E07F08E
Chrome Cache Entry: 181	gzip compressed data, original size modulo 2^32 1864	2D2CBA7D7DC75F3BA9DC756738D41A6E	F87FD26066ED5E52A65DEE0ED2D581D3C3EA15AC	00E21864CF1BC70302EBB5B496C6C471A7DA8CBF600630B478A3E2376ED20EA2
Chrome Cache Entry: 182	Web Open Font Format, TrueType, length 94040, version 2.137	80DF5DA08B99C807A5C6F7AE308E1F89	9F6FD6C54E5D6D36BF805CB756F48F96086F3BAD	9CB8BD1F1BC33E81434304DA0CB480009C00B4383453DC8B9AADA8FBA623226D
Chrome Cache Entry: 183	ASCII text, with very long lines (3835)	3D95B8ACE8A92103D1C2EAABC9E16E2C	507095B17B74CADB1141B867315A146AE0A3638C	C0077D9965B89FFA4314CFE0CE556E3DF764C358C614B847FDE04363277A5CC9
Chrome Cache Entry: 184	ASCII text, with very long lines (2343)	575B5480531DA4D14E7453E2016FE0BC	E5C5F3134FE29E60B591C87EA85951F0AEA36EE1	DE36E50194320A7D3EF1ACE9BD34A875A8BD458B253C061979DD628E9BF49AFD
Chrome Cache Entry: 185	Unicode text, UTF-8 text, with very long lines (51633)	05356B7D8FAE40A228FB26329776A0D4	698ADC4B426BA3F4BE0E21DCD2B4329D906D40D2	716A693BC584C599DAEB5B06176052D633786EC4BE7615270E8AD466B118E0F6
Chrome Cache Entry: 186	JSON data	590DB2267453CC28453D99DD6C877FCE	EBDEF69966C6777773875E0F52E8951F1092FDC2	6842A8FB5F71FDD9A37DB4BDD80D4299B137C6952A9C1AFB76CCF0AB35657D4C
Chrome Cache Entry: 187	ASCII text	34C520D87664032692C4315FFF455D18	978C8B03E97680EB62057A7000F6E7FD97FB9658	C40AA69F0B306CEA296DD1193C334BC0781587ED51AAB579C0433698BA9E0C4B
Chrome Cache Entry: 188	ASCII text, with very long lines (433), with no line terminators	607497A71B3F58C69F285D965DFBC6AA	76C5A0E7C41B2E0E84C1C83D7D17E064ABBD8385	69D8D1F0F122FE1954B10C80F12D43FB5C56F2524460D04CEAE12E4719B4692E
Chrome Cache Entry: 189	ASCII text, with no line terminators	37A6259CC0C1DAE299A7866489DFF0BD	2BE88CA4242C76E8253AC62474851065032D6833	74234E98AFE7498FB5DAF1F36AC2D78ACC339464F950703B8C019892F982B90B
Chrome Cache Entry: 190	Unicode text, UTF-8 text, with very long lines (65449)	224C3BBB8D8BBDA5D0FD2056321121DE	14325B59BB88FCA3C22242C0F02FFC1E151BC5AE	893DA41E10323C6FB5F7E2C01A55A4D7A3D00D8F8CCE01E59F5193C516B8DA90
Chrome Cache Entry: 191	ASCII text, with very long lines (3835)	3D95B8ACE8A92103D1C2EAABC9E16E2C	507095B17B74CADB1141B867315A146AE0A3638C	C0077D9965B89FFA4314CFE0CE556E3DF764C358C614B847FDE04363277A5CC9
Chrome Cache Entry: 192	ASCII text, with very long lines (1335)	0CC3A63FE10060AF4A349E5DF666EEFE	3E8D3925B550345123F2CAB26568221FD4154F9C	92FCA55833F48B4289AC8F1CEDD48752B580FCE4EC4B5D81670B8193D6E51B54
Chrome Cache Entry: 193	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced	9F91F79F48D929848F219A5898A72D91	CCE8D8689B5BFC502EAD7F746C9352FB9A37BA63	D332A6D776816EC90D902D9F7A0CFDD817A7BF740B326F4593B70BD7300793BC
Chrome Cache Entry: 194	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced	9F91F79F48D929848F219A5898A72D91	CCE8D8689B5BFC502EAD7F746C9352FB9A37BA63	D332A6D776816EC90D902D9F7A0CFDD817A7BF740B326F4593B70BD7300793BC
Chrome Cache Entry: 195	MS Windows icon resource - 6 icons, 16x16 with PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, 24x24 with PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced, 32 bits/pixel	7E0D59593F3377B72C29435C4B43954A	B4C5C39A6DFB460BBD2EACCEB09EC8079FB6A8E2	62D706019A0D80173113EF70FBBEE12F286E8E221534BE788448AADA4B14C8E8
Chrome Cache Entry: 196	ASCII text, with very long lines (65536), with no line terminators	9E19B6354DFF8D3DA3D88D0D265E7F5C	D145EDC8AA7F058FE852B95576ACB0C8E3E318B4	C7414C792B8C81E73B4281D4001E3123BE930980614857D15ECEBE7DA7F42D98
Chrome Cache Entry: 197	ASCII text	34C520D87664032692C4315FFF455D18	978C8B03E97680EB62057A7000F6E7FD97FB9658	C40AA69F0B306CEA296DD1193C334BC0781587ED51AAB579C0433698BA9E0C4B
Chrome Cache Entry: 198	JSON data	39ADD032FEC88F1D2F2A027EEDC60F0D	A4405ACBC014BB793C0D828F36F586A77889729F	E981DBC606AE1D423752B90EC793537982B5E0795B87FF38039AEB4E245AAD1E
Chrome Cache Entry: 199	JSON data	F1AAD3854C9944CE1FE05CF112A5FF1E	4A91A78E279AEBBFAE8E20C4AE0EEB05FB1BCB42	4C14D6054E122286D8F34AA993AB43591046600472CB5E48A13166FFF3D37418
Chrome Cache Entry: 200	ASCII text, with very long lines (3835)	87126E546A1FCFE13B70CE098D84E201	3654351D336B2B803A9550CF8E95AEBE204D28C4	F67C5DC5B0CAE2DF53A2F94A4C0E1FC2B453B9A0B6304A63C3C426CF225AED2D

Phishing

Yara detected HtmlPhish54

Source: Yara match	File source: 0.19.id.script.csv, type: HTML
Source: Yara match	File source: 0.31.id.script.csv, type: HTML
Source: Yara match	File source: 2.3.pages.csv, type: HTML
Source: Yara match	File source: 3.7.pages.csv, type: HTML
Source: Yara match	File source: 3.6.pages.csv, type: HTML
Source: Yara match	File source: 3.9.pages.csv, type: HTML

HTML body contains low number of good links

Source: https://bia.twuseb.us/?N4JV=9Xdg&sso_reload=true

HTTP Parser: Number of links: 0

HTML page contains hidden javascript code

Source: https://bia.twuseb.us/?N4JV=9Xdg

HTTP Parser: Base64 decoded: a[href="http://www.salidzini.lv/"][style="display: block; width: 120px; height: 40px; overflow: hidden; position: relative;"]

HTML title does not match URL

Source: https://bia.twuseb.us/?N4JV=9Xdg&sso_reload=true

HTTP Parser: Title: Sign in to your account does not match URL

Source: https://bia.twuseb.us/?N4JV=9Xdg&sso_reload=true	HTTP Parser: Iframe src: https://65f66297-4db8a1b1.twuseb.us/Prefetch/Prefetch.aspx
Source: https://bia.twuseb.us/?N4JV=9Xdg&sso_reload=true	HTTP Parser: Iframe src: https://65f66297-4db8a1b1.twuseb.us/Prefetch/Prefetch.aspx

Source: https://bia.twuseb.us/?N4JV=9Xdg&sso_reload=true

HTTP Parser: <input type="password" .../> found

Source: https://bia.twuseb.us/?N4JV=9Xdg	HTTP Parser: No favicon
Source: https://bia.twuseb.us/?N4JV=9Xdg&sso_reload=true	HTTP Parser: No favicon
Source: https://bia.twuseb.us/?N4JV=9Xdg&sso_reload=true	HTTP Parser: No favicon
Source: https://bia.twuseb.us/?N4JV=9Xdg&sso_reload=true	HTTP Parser: No favicon
Source: https://bia.twuseb.us/?N4JV=9Xdg&sso_reload=true	HTTP Parser: No favicon
Source: https://bia.twuseb.us/?N4JV=9Xdg&sso_reload=true	HTTP Parser: No favicon

Source: https://bia.twuseb.us/?N4JV=9Xdg&sso_reload=true	HTTP Parser: No <meta name="author".. found
Source: https://bia.twuseb.us/?N4JV=9Xdg&sso_reload=true	HTTP Parser: No <meta name="author".. found
Source: https://bia.twuseb.us/?N4JV=9Xdg&sso_reload=true	HTTP Parser: No <meta name="author".. found

Source: https://bia.twuseb.us/?N4JV=9Xdg&sso_reload=true	HTTP Parser: No <meta name="copyright".. found
Source: https://bia.twuseb.us/?N4JV=9Xdg&sso_reload=true	HTTP Parser: No <meta name="copyright".. found
Source: https://bia.twuseb.us/?N4JV=9Xdg&sso_reload=true	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 13.107.4.254:443 -> 192.168.2.16:49844 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 204.79.197.200:443 -> 192.168.2.16:49845 version: TLS 1.2

Networking

Suricata IDS alerts for network traffic

Source: Network traffic

Suricata IDS: 2857090 - Severity 1 - ETPRO PHISHING JS/PsyduckPockeball Payload Inbound : 173.255.223.22:443 -> 192.168.2.16:49756

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 217.20.58.101
Source: unknown	TCP traffic detected without corresponding DNS query: 217.20.58.101
Source: unknown	TCP traffic detected without corresponding DNS query: 217.20.58.101
Source: unknown	TCP traffic detected without corresponding DNS query: 217.20.58.101
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.221.95
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.53.19
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.221.95
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.53.19
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.53.19
Source: unknown	TCP traffic detected without corresponding DNS query: 40.126.53.19
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.4.254
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.4.254
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.4.254
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.4.254
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.200

Source: global traffic	HTTP traffic detected: GET /share/11450334/ots3f4w6xehf2feb09wy HTTP/1.1Host: premiumgain.nimbusweb.meConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /share/dist/index.css?v=9.26.11-73fecd7b HTTP/1.1Host: premiumgain.nimbusweb.meConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://premiumgain.nimbusweb.me/share/11450334/ots3f4w6xehf2feb09wyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg
Source: global traffic	HTTP traffic detected: GET /tasks-bundle.20241017.css HTTP/1.1Host: d3hogio4d1txum.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://premiumgain.nimbusweb.me/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tasks-bundle.20241017.js HTTP/1.1Host: d3hogio4d1txum.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://premiumgain.nimbusweb.me/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /share/dist/common.js?v=9.26.11 HTTP/1.1Host: nimbusweb.meConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://premiumgain.nimbusweb.me/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg
Source: global traffic	HTTP traffic detected: GET /share/dist/vendor/webcomponents-bundle.js?v=9.26.11 HTTP/1.1Host: nimbusweb.meConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://premiumgain.nimbusweb.me/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg
Source: global traffic	HTTP traffic detected: GET /share/dist/assets/loader-32.png HTTP/1.1Host: premiumgain.nimbusweb.meConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://premiumgain.nimbusweb.me/share/11450334/ots3f4w6xehf2feb09wyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg
Source: global traffic	HTTP traffic detected: GET /share/dist/hammer.min.js HTTP/1.1Host: premiumgain.nimbusweb.meConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://premiumgain.nimbusweb.me/share/11450334/ots3f4w6xehf2feb09wyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg
Source: global traffic	HTTP traffic detected: GET /share/dist/vendor/webcomponents-bundle.js?v=9.26.11 HTTP/1.1Host: nimbusweb.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg
Source: global traffic	HTTP traffic detected: GET /share/dist/common.js?v=9.26.11 HTTP/1.1Host: nimbusweb.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg
Source: global traffic	HTTP traffic detected: GET /share/dist/index.js?v=9.26.11-73fecd7b HTTP/1.1Host: premiumgain.nimbusweb.meConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://premiumgain.nimbusweb.me/share/11450334/ots3f4w6xehf2feb09wyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg
Source: global traffic	HTTP traffic detected: GET /share/dist/hammer.min.js HTTP/1.1Host: premiumgain.nimbusweb.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg
Source: global traffic	HTTP traffic detected: GET /share/dist/assets/loader-32.png HTTP/1.1Host: premiumgain.nimbusweb.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg
Source: global traffic	HTTP traffic detected: GET /tasks-bundle.20241017.js HTTP/1.1Host: d3hogio4d1txum.cloudfront.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api.js HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIk6HLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://premiumgain.nimbusweb.me/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /share/dist/f/6d82fd0d97bd44e9484816a35c937ef9.woff HTTP/1.1Host: premiumgain.nimbusweb.meConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://premiumgain.nimbusweb.mesec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://premiumgain.nimbusweb.me/share/dist/index.css?v=9.26.11-73fecd7bAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg
Source: global traffic	HTTP traffic detected: GET /share/dist/f/12365dee78645ac21eaec216a048746c.woff HTTP/1.1Host: premiumgain.nimbusweb.meConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://premiumgain.nimbusweb.mesec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://premiumgain.nimbusweb.me/share/dist/index.css?v=9.26.11-73fecd7bAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg
Source: global traffic	HTTP traffic detected: GET /share/dist/i/fb0c3c85d07caa53ebf54b3a58b8d30e.png HTTP/1.1Host: premiumgain.nimbusweb.meConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://premiumgain.nimbusweb.me/share/dist/index.css?v=9.26.11-73fecd7bAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg
Source: global traffic	HTTP traffic detected: GET /recaptcha/api.js HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIk6HLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /share/dist/i/fb0c3c85d07caa53ebf54b3a58b8d30e.png HTTP/1.1Host: premiumgain.nimbusweb.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg
Source: global traffic	HTTP traffic detected: GET /share/dist/index.js?v=9.26.11-73fecd7b HTTP/1.1Host: premiumgain.nimbusweb.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg
Source: global traffic	HTTP traffic detected: GET /gtag/js?id=G-7ZKFB3S0PN HTTP/1.1Host: stt.nimbusweb.meConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://premiumgain.nimbusweb.me/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg
Source: global traffic	HTTP traffic detected: GET /gtlytics.js?id=GTM-WHFRJTP HTTP/1.1Host: stt.nimbusweb.meConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://premiumgain.nimbusweb.me/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg
Source: global traffic	HTTP traffic detected: GET /share/dist/f/80df5da08b99c807a5c6f7ae308e1f89.woff HTTP/1.1Host: premiumgain.nimbusweb.meConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://premiumgain.nimbusweb.mesec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://premiumgain.nimbusweb.me/share/dist/index.css?v=9.26.11-73fecd7bAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg; nns-list-type=plates; nns-theme=day
Source: global traffic	HTTP traffic detected: GET /share/share-api/profile/me HTTP/1.1Host: premiumgain.nimbusweb.meConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://premiumgain.nimbusweb.me/share/11450334/ots3f4w6xehf2feb09wyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg; nns-list-type=plates; nns-theme=day
Source: global traffic	HTTP traffic detected: GET /share/share-api/org HTTP/1.1Host: premiumgain.nimbusweb.meConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://premiumgain.nimbusweb.me/share/11450334/ots3f4w6xehf2feb09wyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg; nns-list-type=plates; nns-theme=day
Source: global traffic	HTTP traffic detected: GET /gwapi2/ft%3Atasks/shares/11450334?securityKey=ots3f4w6xehf2feb09wy&nodeId=1Hy4Ofi612giTUWL HTTP/1.1Host: premiumgain.nimbusweb.meConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, /everhelper-session-id: 0aeluCRDhaSe3iOk6CLLWJc3QWTxiSegx-session-id: 0aeluCRDhaSe3iOk6CLLWJc3QWTxiSegsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://premiumgain.nimbusweb.me/share/11450334/ots3f4w6xehf2feb09wyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg; nns-list-type=plates; nns-theme=day
Source: global traffic	HTTP traffic detected: GET /share/share-api/profile/me HTTP/1.1Host: premiumgain.nimbusweb.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg; nns-list-type=plates; nns-theme=day
Source: global traffic	HTTP traffic detected: GET /gtag/js?id=G-7ZKFB3S0PN HTTP/1.1Host: stt.nimbusweb.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg
Source: global traffic	HTTP traffic detected: GET /gtlytics.js?id=GTM-WHFRJTP HTTP/1.1Host: stt.nimbusweb.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg
Source: global traffic	HTTP traffic detected: GET /?N4JV=9Xdg HTTP/1.1Host: bia.twuseb.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://premiumgain.nimbusweb.me/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /user-marketing-info/ HTTP/1.1Host: premiumgain.nimbusweb.meConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://premiumgain.nimbusweb.me/share/11450334/ots3f4w6xehf2feb09wyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg; nns-list-type=plates; nns-theme=day; _ga=GA1.1.668868513.1734727275; _ga_7ZKFB3S0PN=GS1.1.1734727275.1.0.1734727275.60.0.0
Source: global traffic	HTTP traffic detected: GET /share/share-api/org HTTP/1.1Host: premiumgain.nimbusweb.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg; nns-list-type=plates; nns-theme=day; _ga=GA1.1.668868513.1734727275; _ga_7ZKFB3S0PN=GS1.1.1734727275.1.0.1734727275.60.0.0
Source: global traffic	HTTP traffic detected: GET /share/share-api/mentionDiff HTTP/1.1Host: premiumgain.nimbusweb.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg; nns-list-type=plates; nns-theme=day; _ga=GA1.1.668868513.1734727275; _ga_7ZKFB3S0PN=GS1.1.1734727275.1.0.1734727275.60.0.0
Source: global traffic	HTTP traffic detected: GET /gwapi2/ft%3Atasks/shares/11450334?securityKey=ots3f4w6xehf2feb09wy&nodeId=1Hy4Ofi612giTUWL HTTP/1.1Host: premiumgain.nimbusweb.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg; nns-list-type=plates; nns-theme=day; _ga=GA1.1.668868513.1734727275; _ga_7ZKFB3S0PN=GS1.1.1734727275.1.0.1734727275.60.0.0
Source: global traffic	HTTP traffic detected: GET /timing/share_page_load HTTP/1.1Host: metric.nimbusweb.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg; _ga=GA1.1.668868513.1734727275; _ga_7ZKFB3S0PN=GS1.1.1734727275.1.0.1734727275.60.0.0
Source: global traffic	HTTP traffic detected: GET /timing/share_page_note_title HTTP/1.1Host: metric.nimbusweb.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg; _ga=GA1.1.668868513.1734727275; _ga_7ZKFB3S0PN=GS1.1.1734727275.1.0.1734727275.60.0.0
Source: global traffic	HTTP traffic detected: GET /timing/share_page_load_content HTTP/1.1Host: metric.nimbusweb.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg; _ga=GA1.1.668868513.1734727275; _ga_7ZKFB3S0PN=GS1.1.1734727275.1.0.1734727275.60.0.0
Source: global traffic	HTTP traffic detected: GET /static/assets/a6794726fa7eda006545.vendors.fs_web.js HTTP/1.1Host: premiumgain.nimbusweb.meConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://premiumgain.nimbusweb.me/share/11450334/ots3f4w6xehf2feb09wyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg; nns-list-type=plates; nns-theme=day; _ga=GA1.1.668868513.1734727275; _ga_7ZKFB3S0PN=GS1.1.1734727275.1.0.1734727275.60.0.0
Source: global traffic	HTTP traffic detected: GET /g/collect?v=2&tid=G-7ZKFB3S0PN&gtm=45he4cc1v888117676za204&_p=1734727272303&_gaz=1&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=668868513.1734727275&ul=en-us&sr=1280x1024&_fplc=0&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1734727275&sct=1&seg=0&dl=https%3A%2F%2Fpremiumgain.nimbusweb.me%2Fshare%2F11450334%2Fots3f4w6xehf2feb09wy&dt=BIA%20-%20FuseBase&en=page_view&_fv=2&_nsi=1&_ss=2&_ee=1&ep.link_attribution=true&tfd=35607 HTTP/1.1Host: stt.nimbusweb.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg; _ga=GA1.1.668868513.1734727275; _ga_7ZKFB3S0PN=GS1.1.1734727275.1.0.1734727275.60.0.0; FPID=FPID2.2.rwJJ8vrVSwvDRW%2BKKV8p0CB%2BmcP3red22wNUrE3foWk%3D.1734727275; FPLC=CzKSzqQy8hthiKGfX9kh3Qm5jvKQyLXPpwczJkBvHZL2IFiLPCE07SxKv0skLHRPm5xVIxl2NKa0EHNob3he14gREELtxCoW8qKtG26xpkrCkFsf%2F%2FrtHBtr0LAUmg%3D%3D
Source: global traffic	HTTP traffic detected: GET /timing/share_init_editor_dump HTTP/1.1Host: metric.nimbusweb.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg; _ga=GA1.1.668868513.1734727275; _ga_7ZKFB3S0PN=GS1.1.1734727275.1.0.1734727275.60.0.0
Source: global traffic	HTTP traffic detected: GET /m42xj3qw.js HTTP/1.1Host: l.getsitecontrol.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://premiumgain.nimbusweb.me/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /?N4JV=9Xdg HTTP/1.1Host: bia.twuseb.usConnection: keep-aliveCache-Control: max-age=0Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://bia.twuseb.us/?N4JV=9XdgAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="
Source: global traffic	HTTP traffic detected: GET /static/assets/a6794726fa7eda006545.vendors.fs_web.js HTTP/1.1Host: premiumgain.nimbusweb.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg; nns-list-type=plates; nns-theme=day; _ga=GA1.1.668868513.1734727275; _ga_7ZKFB3S0PN=GS1.1.1734727275.1.0.1734727275.60.0.0; FPID=FPID2.2.rwJJ8vrVSwvDRW%2BKKV8p0CB%2BmcP3red22wNUrE3foWk%3D.1734727275; FPLC=ofO4FpcDezG1dl58MDyuADvT%2FeF%2BxQJfTq%2FKO0asR468Pbu9M2rPdIFsxabs1HJqjbHu2g1tje7h%2BxZ3Iq6ZaCPqyytMxuMr7WfyOevZmYNWs34R4GipsUxwu9xXpg%3D%3D
Source: global traffic	HTTP traffic detected: GET /m42xj3qw.json HTTP/1.1Host: l.getsitecontrol.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://premiumgain.nimbusweb.meSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://premiumgain.nimbusweb.me/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /m42xj3qw.js HTTP/1.1Host: l.getsitecontrol.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /g/collect?v=2&tid=G-7ZKFB3S0PN&gtm=45he4cc1v888117676za204&_p=1734727272303&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=668868513.1734727275&ul=en-us&sr=1280x1024&_fplc=0&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EEA&_s=2&sid=1734727275&sct=1&seg=0&dl=https%3A%2F%2Fpremiumgain.nimbusweb.me%2Fshare%2F11450334%2Fots3f4w6xehf2feb09wy&dt=BIA%20-%20FuseBase&en=scroll&ep.link_attribution=true&epn.percent_scrolled=90&tfd=41138 HTTP/1.1Host: stt.nimbusweb.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg; _ga=GA1.1.668868513.1734727275; _ga_7ZKFB3S0PN=GS1.1.1734727275.1.0.1734727275.60.0.0; FPID=FPID2.2.rwJJ8vrVSwvDRW%2BKKV8p0CB%2BmcP3red22wNUrE3foWk%3D.1734727275; _ga_7G2K66TV09=GS1.1.1734727280.1.0.1734727280.0.0.0; FPLC=Llrk4KxLhgn6iMHXHj1jgO25v2PrgXpd%2BOKot1VpK5i61QzTXF1G%2FM6srP0tcqUBseu0Ux%2BlT3zQh5lyiXj%2Byz30td4%2BDvxGkWrauBmaxRnfb3pscOmm0c%2FqHxKWCQ%3D%3D
Source: global traffic	HTTP traffic detected: GET /m42xj3qw.json HTTP/1.1Host: l.getsitecontrol.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /widgets/es6/runtime.0e5d0b4.js HTTP/1.1Host: s2.getsitecontrol.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://premiumgain.nimbusweb.me/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/BssoInterrupt_Core_zKox_QMcTIVut7mG_Z9Eew2.js HTTP/1.1Host: 8adbfcfb-4db8a1b1.twuseb.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://bia.twuseb.ussec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://bia.twuseb.us/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /widgets/es6/runtime.0e5d0b4.js HTTP/1.1Host: s2.getsitecontrol.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /share/dist/i/ff6a823eabd85e67c626d007c2830bd5.png HTTP/1.1Host: premiumgain.nimbusweb.meConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://premiumgain.nimbusweb.me/share/11450334/ots3f4w6xehf2feb09wyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg; nns-list-type=plates; nns-theme=day; _ga_7ZKFB3S0PN=GS1.1.1734727275.1.0.1734727275.60.0.0; FPID=FPID2.2.rwJJ8vrVSwvDRW%2BKKV8p0CB%2BmcP3red22wNUrE3foWk%3D.1734727275; _ga_7G2K66TV09=GS1.1.1734727280.1.0.1734727280.0.0.0; _gid=GA1.2.1161705959.1734727283; _ga_L1W7VLTSPG=GS1.1.1734727283.1.0.1734727283.60.0.0; _ga=GA1.1.668868513.1734727275; FPLC=PjNtgvbTHK3i1VawWzxllJ%2BJvx8%2BcjF7eIPtAfv8tBBqvAhYnT1aq1CBvAgVFV01OqVJM4oa896p2EM3TF9O1MNE0h1WrmKcgi21Zi5M9fdRDyu8tx60BOy%2Friyb0A%3D%3D; _gat_gtag_UA_67774717_30=1
Source: global traffic	HTTP traffic detected: GET /api/v1/events HTTP/1.1Host: events.getsitectrl.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://premiumgain.nimbusweb.meSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://premiumgain.nimbusweb.me/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/v1/events HTTP/1.1Host: events.getsitectrl.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /share/dist/i/ff6a823eabd85e67c626d007c2830bd5.png HTTP/1.1Host: premiumgain.nimbusweb.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: eversessionid=0aeluCRDhaSe3iOk6CLLWJc3QWTxiSeg; nns-list-type=plates; nns-theme=day; _ga_7ZKFB3S0PN=GS1.1.1734727275.1.0.1734727275.60.0.0; FPID=FPID2.2.rwJJ8vrVSwvDRW%2BKKV8p0CB%2BmcP3red22wNUrE3foWk%3D.1734727275; _ga_7G2K66TV09=GS1.1.1734727280.1.0.1734727280.0.0.0; _gid=GA1.2.1161705959.1734727283; _ga_L1W7VLTSPG=GS1.1.1734727283.1.0.1734727283.60.0.0; _ga=GA1.1.668868513.1734727275; FPLC=PjNtgvbTHK3i1VawWzxllJ%2BJvx8%2BcjF7eIPtAfv8tBBqvAhYnT1aq1CBvAgVFV01OqVJM4oa896p2EM3TF9O1MNE0h1WrmKcgi21Zi5M9fdRDyu8tx60BOy%2Friyb0A%3D%3D; _gat_gtag_UA_67774717_30=1
Source: global traffic	HTTP traffic detected: GET /4db8a1b1ae734ef1bd17ae68b3aa9590/ HTTP/1.1Host: bia.twuseb.usConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://bia.twuseb.usSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="Sec-WebSocket-Key: MZfvBxULkoIKaUhHu/fOsg==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /?N4JV=9Xdg&sso_reload=true HTTP/1.1Host: bia.twuseb.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://bia.twuseb.us/?N4JV=9XdgAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: bia.twuseb.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://bia.twuseb.us/?N4JV=9XdgAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/BssoInterrupt_Core_zKox_QMcTIVut7mG_Z9Eew2.js HTTP/1.1Host: 8adbfcfb-4db8a1b1.twuseb.usConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="
Source: global traffic	HTTP traffic detected: GET /ests/2.1/content/cdnbundles/converged.v2.login.min_81imvbluez-v5hbzpkxfcg2.css HTTP/1.1Host: 8adbfcfb-4db8a1b1.twuseb.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://bia.twuseb.ussec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://bia.twuseb.us/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/ConvergedLogin_PCore_kAx9qZOSH4g90FNHstHMCA2.js HTTP/1.1Host: 8adbfcfb-4db8a1b1.twuseb.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://bia.twuseb.ussec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://bia.twuseb.us/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_i8f-75gfk3tbsm8bmatnqa2.js HTTP/1.1Host: 8adbfcfb-4db8a1b1.twuseb.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://bia.twuseb.ussec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://bia.twuseb.us/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/oneDs_f2e0f4a029670f10d892.js HTTP/1.1Host: 8adbfcfb-4db8a1b1.twuseb.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bia.twuseb.us/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="
Source: global traffic	HTTP traffic detected: GET /ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_i8f-75gfk3tbsm8bmatnqa2.js HTTP/1.1Host: 8adbfcfb-4db8a1b1.twuseb.usConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="
Source: global traffic	HTTP traffic detected: GET /Me.htm?v=3 HTTP/1.1Host: l1ve.twuseb.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Purpose: prefetchSec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://bia.twuseb.us/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/ConvergedLogin_PCore_kAx9qZOSH4g90FNHstHMCA2.js HTTP/1.1Host: 8adbfcfb-4db8a1b1.twuseb.usConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="
Source: global traffic	HTTP traffic detected: GET /4db8a1b1ae734ef1bd17ae68b3aa9590/ HTTP/1.1Host: bia.twuseb.usConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://bia.twuseb.usSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1Sec-WebSocket-Key: r9J3E6jPAnb6jxF+CcxghA==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/oneDs_f2e0f4a029670f10d892.js HTTP/1.1Host: 8adbfcfb-4db8a1b1.twuseb.usConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_27cef08ca792f8e8b149.js HTTP/1.1Host: 8adbfcfb-4db8a1b1.twuseb.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bia.twuseb.us/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="
Source: global traffic	HTTP traffic detected: GET /Prefetch/Prefetch.aspx HTTP/1.1Host: 65f66297-4db8a1b1.twuseb.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://bia.twuseb.us/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="
Source: global traffic	HTTP traffic detected: GET /4db8a1b1ae734ef1bd17ae68b3aa9590/ HTTP/1.1Host: bia.twuseb.usConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://bia.twuseb.usSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1; MicrosoftApplicationsTelemetryDeviceId=4c52e5e4-3aec-4ec7-bb1d-f3dc78a5af30; brcap=0Sec-WebSocket-Key: cAZ/tOIcHUdSaCoYmQ6BVw==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_27cef08ca792f8e8b149.js HTTP/1.1Host: 8adbfcfb-4db8a1b1.twuseb.usConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1Host: 8adbfcfb-4db8a1b1.twuseb.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://bia.twuseb.us/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg HTTP/1.1Host: 8adbfcfb-4db8a1b1.twuseb.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://bia.twuseb.us/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg HTTP/1.1Host: 8adbfcfb-4db8a1b1.twuseb.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://bia.twuseb.us/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg HTTP/1.1Host: 8adbfcfb-4db8a1b1.twuseb.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://bia.twuseb.us/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_cc2c59f5ef2c09e14b08.js HTTP/1.1Host: 8adbfcfb-4db8a1b1.twuseb.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://bia.twuseb.us/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1Host: 8adbfcfb-4db8a1b1.twuseb.usConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg HTTP/1.1Host: 8adbfcfb-4db8a1b1.twuseb.usConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg HTTP/1.1Host: 8adbfcfb-4db8a1b1.twuseb.usConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg HTTP/1.1Host: 8adbfcfb-4db8a1b1.twuseb.usConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_cc2c59f5ef2c09e14b08.js HTTP/1.1Host: 8adbfcfb-4db8a1b1.twuseb.usConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="
Source: global traffic	HTTP traffic detected: GET /4db8a1b1ae734ef1bd17ae68b3aa9590/ HTTP/1.1Host: bia.twuseb.usConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://bia.twuseb.usSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1; MicrosoftApplicationsTelemetryDeviceId=4c52e5e4-3aec-4ec7-bb1d-f3dc78a5af30; brcap=0Sec-WebSocket-Key: nnpRm2xDqj1058vXNIWiJQ==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /4db8a1b1ae734ef1bd17ae68b3aa9590/ HTTP/1.1Host: bia.twuseb.usConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://bia.twuseb.usSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1; MicrosoftApplicationsTelemetryDeviceId=4c52e5e4-3aec-4ec7-bb1d-f3dc78a5af30; brcap=0Sec-WebSocket-Key: c3bxaGAo3ZpwjgoxjuhwvA==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /4db8a1b1ae734ef1bd17ae68b3aa9590/ HTTP/1.1Host: bia.twuseb.usConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://bia.twuseb.usSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1; MicrosoftApplicationsTelemetryDeviceId=4c52e5e4-3aec-4ec7-bb1d-f3dc78a5af30; brcap=0; ai_session=EOjO69QqDUeV/NotU/27Xp\|1734727329215\|1734727329215Sec-WebSocket-Key: ottNOxXA4WjBOXYig0qkfQ==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /4db8a1b1ae734ef1bd17ae68b3aa9590/ HTTP/1.1Host: bia.twuseb.usConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://bia.twuseb.usSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1; MicrosoftApplicationsTelemetryDeviceId=4c52e5e4-3aec-4ec7-bb1d-f3dc78a5af30; brcap=0; ai_session=EOjO69QqDUeV/NotU/27Xp\|1734727329215\|1734727329215; MC1="GUID=9ae7e430ddba4fd2a76a154022601377&HASH=9ae7&LV=202412&V=4&LU=1734727334363"; MS0=e745c479dbd84b89bc76b764dc774762Sec-WebSocket-Key: WRZQRniN5aWTQvhQAU1MxQ==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /4db8a1b1ae734ef1bd17ae68b3aa9590/ HTTP/1.1Host: bia.twuseb.usConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://bia.twuseb.usSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="; AADSSO=NA\|NoExtension; MicrosoftApplicationsTelemetryDeviceId=4c52e5e4-3aec-4ec7-bb1d-f3dc78a5af30; brcap=0; ai_session=EOjO69QqDUeV/NotU/27Xp\|1734727329215\|1734727329215; MC1="GUID=9ae7e430ddba4fd2a76a154022601377&HASH=9ae7&LV=202412&V=4&LU=1734727334363"; MS0=e745c479dbd84b89bc76b764dc774762Sec-WebSocket-Key: LBvHrgrPMEDrsVViTyn18A==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /4db8a1b1ae734ef1bd17ae68b3aa9590/ HTTP/1.1Host: bia.twuseb.usConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://bia.twuseb.usSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3IonYL="NGRiOGExYjEtYWU3My00ZWYxLWJkMTctYWU2OGIzYWE5NTkwOjc2ZTJmNTg3LTE5YzUtNGZiYS1iYjEyLWQwY2U0ZWZlODM5Nw=="; AADSSO=NA\|NoExtension; MicrosoftApplicationsTelemetryDeviceId=4c52e5e4-3aec-4ec7-bb1d-f3dc78a5af30; brcap=0; ai_session=EOjO69QqDUeV/NotU/27Xp\|1734727329215\|1734727329215; MC1="GUID=9ae7e430ddba4fd2a76a154022601377&HASH=9ae7&LV=202412&V=4&LU=1734727334363"; MS0=e745c479dbd84b89bc76b764dc774762Sec-WebSocket-Key: xLtPEFBw0wYQKYml9azgig==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: aselog24x7.clConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9

Source: chromecache_185.1.dr	String found in binary or memory: M.getElementsByTagName("iframe"),oa=Q.length,na=0;na<oa;na++)if(!v&&c(Q[na],H.Xe)){UK("https://www.youtube.com/iframe_api");v=!0;break}})}}else G(t.vtp_gtmOnSuccess)}var q=["www.youtube.com","www.youtube-nocookie.com"],r={UNSTARTED:-1,ENDED:0,PLAYING:1,PAUSED:2,BUFFERING:3,CUED:5},u,v=!1;X.__ytl=n;X.__ytl.o="ytl";X.__ytl.isVendorTemplate=!0;X.__ytl.priorityOverride=0;X.__ytl.isInfrastructure=!1; equals www.youtube.com (Youtube)
Source: chromecache_135.1.dr, chromecache_141.1.dr, chromecache_170.1.dr, chromecache_140.1.dr, chromecache_200.1.dr, chromecache_185.1.dr	String found in binary or memory: Math.round(q);t["gtm.videoElapsedTime"]=Math.round(f);t["gtm.videoPercent"]=r;t["gtm.videoVisible"]=u;return t},Ik:function(){e=nb()},Gd:function(){d()}}};var Vb=wa(["data-gtm-yt-inspected-"]),XD=["www.youtube.com","www.youtube-nocookie.com"],YD,ZD=!1; equals www.youtube.com (Youtube)
Source: chromecache_161.1.dr, chromecache_190.1.dr	String found in binary or memory: did"](19,49152,null,0,u.ButtonComponent,[],{icon:[0,"icon"]},null)],(function(e,t){var n=t.component;e(t,5,0,n.shareUrl,n.share);e(t,10,0,"embed");e(t,13,0,"fb");e(t,16,0,"twitter");e(t,19,0,"reddit")}),(function(e,t){var n=t.component;e(t,11,0,"https://www.facebook.com/sharer/sharer.php?u="+n.shareUrl),e(t,14,0,"https://twitter.com/intent/tweet?&url="+n.shareUrl),e(t,17,0,"http://www.reddit.com/submit?url="+n.shareUrl)}))}function g(e){return r[" equals www.facebook.com (Facebook)
Source: chromecache_161.1.dr, chromecache_190.1.dr	String found in binary or memory: did"](19,49152,null,0,u.ButtonComponent,[],{icon:[0,"icon"]},null)],(function(e,t){var n=t.component;e(t,5,0,n.shareUrl,n.share);e(t,10,0,"embed");e(t,13,0,"fb");e(t,16,0,"twitter");e(t,19,0,"reddit")}),(function(e,t){var n=t.component;e(t,11,0,"https://www.facebook.com/sharer/sharer.php?u="+n.shareUrl),e(t,14,0,"https://twitter.com/intent/tweet?&url="+n.shareUrl),e(t,17,0,"http://www.reddit.com/submit?url="+n.shareUrl)}))}function g(e){return r[" equals www.twitter.com (Twitter)
Source: chromecache_135.1.dr, chromecache_141.1.dr, chromecache_140.1.dr, chromecache_200.1.dr	String found in binary or memory: if(!(e\|\|f\|\|g\|\|k.length\|\|m.length))return;var p={Hh:e,Fh:f,Gh:g,mi:k,ni:m,Xe:n,Jb:b},q=A.YT;if(q)return q.ready&&q.ready(d),b;var r=A.onYouTubeIframeAPIReady;A.onYouTubeIframeAPIReady=function(){r&&r();d()};G(function(){for(var u=E.getElementsByTagName("script"),v=u.length,t=0;t<v;t++){var w=u[t].getAttribute("src");if(hE(w,"iframe_api")\|\|hE(w,"player_api"))return b}for(var x=E.getElementsByTagName("iframe"),y=x.length,B=0;B<y;B++)if(!ZD&&fE(x[B],p.Xe))return lc("https://www.youtube.com/iframe_api"), equals www.youtube.com (Youtube)
Source: chromecache_191.1.dr, chromecache_174.1.dr, chromecache_183.1.dr, chromecache_148.1.dr	String found in binary or memory: return b}VD.F="internal.enableAutoEventOnTimer";var Vb=wa(["data-gtm-yt-inspected-"]),XD=["www.youtube.com","www.youtube-nocookie.com"],YD,ZD=!1; equals www.youtube.com (Youtube)
Source: chromecache_170.1.dr, chromecache_185.1.dr	String found in binary or memory: var jD=function(a,b,c,d,e){var f=aB("fsl",c?"nv.mwt":"mwt",0),g;g=c?aB("fsl","nv.ids",[]):aB("fsl","ids",[]);if(!g.length)return!0;var k=fB(a,"gtm.formSubmit",g),m=a.action;m&&m.tagName&&(m=a.cloneNode(!1).action);T(121);if(m==="https://www.facebook.com/tr/")return T(122),!0;k["gtm.elementUrl"]=m;k["gtm.formCanceled"]=c;a.getAttribute("name")!=null&&(k["gtm.interactedFormName"]=a.getAttribute("name"));e&&(k["gtm.formSubmitElement"]=e,k["gtm.formSubmitElementText"]=e.value);if(d&&f){if(!Mz(k,Oz(b, equals www.facebook.com (Facebook)

Source: global traffic	DNS traffic detected: DNS query: aselog24x7.cl
Source: global traffic	DNS traffic detected: DNS query: premiumgain.nimbusweb.me
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: d3hogio4d1txum.cloudfront.net
Source: global traffic	DNS traffic detected: DNS query: nimbusweb.me
Source: global traffic	DNS traffic detected: DNS query: metric.nimbusweb.me
Source: global traffic	DNS traffic detected: DNS query: stt.nimbusweb.me
Source: global traffic	DNS traffic detected: DNS query: bia.twuseb.us
Source: global traffic	DNS traffic detected: DNS query: stats.g.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: l.getsitecontrol.com
Source: global traffic	DNS traffic detected: DNS query: s2.getsitecontrol.com
Source: global traffic	DNS traffic detected: DNS query: analytics.google.com
Source: global traffic	DNS traffic detected: DNS query: 8adbfcfb-4db8a1b1.twuseb.us
Source: global traffic	DNS traffic detected: DNS query: events.getsitectrl.com
Source: global traffic	DNS traffic detected: DNS query: 8e1d6ffe-4db8a1b1.twuseb.us
Source: global traffic	DNS traffic detected: DNS query: 87e039e4-4db8a1b1.twuseb.us
Source: global traffic	DNS traffic detected: DNS query: l1ve.twuseb.us
Source: global traffic	DNS traffic detected: DNS query: 65f66297-4db8a1b1.twuseb.us
Source: global traffic	DNS traffic detected: DNS query: 1b9f8d12-4db8a1b1.twuseb.us

Source: unknown

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 20 Dec 2024 20:41:34 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeVary: Accept-Encodingcache-control: privatep3p: CP="DSP CUR OTPi IND OTRi ONL FIN"x-ms-request-id: 899dbb4f-8b35-40a3-afc3-76a4431be800x-ms-ests-server: 2.1.19683.3 - FRC ProdSlicesreport-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://8e1d6ffe-4db8a1b1.twuseb.us/api/report?catId=GW+estsfd+frc"}]}nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}x-ms-srs: 1.Preferrer-policy: strict-origin-when-cross-originaccess-control-allow-origin: access-control-allow-headers:
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 20 Dec 2024 20:41:34 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeVary: Accept-Encodingcache-control: privatep3p: CP="DSP CUR OTPi IND OTRi ONL FIN"x-ms-request-id: 7e8beaf7-7dfc-49c7-aaf2-1f973a74eb01x-ms-ests-server: 2.1.19683.3 - SEC ProdSlicesreport-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://8e1d6ffe-4db8a1b1.twuseb.us/api/report?catId=GW+estsfd+frc"}]}nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}x-ms-srs: 1.Preferrer-policy: strict-origin-when-cross-originaccess-control-allow-origin: access-control-allow-headers:
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 20 Dec 2024 20:41:45 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeVary: Accept-Encodingcache-control: privatep3p: CP="DSP CUR OTPi IND OTRi ONL FIN"x-ms-request-id: be9d2c48-002e-4abd-9001-b58fcaa62d00x-ms-ests-server: 2.1.19683.6 - NEULR1 ProdSlicesreport-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://8e1d6ffe-4db8a1b1.twuseb.us/api/report?catId=GW+estsfd+frc"}]}nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}x-ms-srs: 1.Preferrer-policy: strict-origin-when-cross-originaccess-control-allow-origin: access-control-allow-headers:
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 20 Dec 2024 20:41:48 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: closeVary: Accept-Encodingcache-control: no-store, no-cachex-ms-correlation-id: b73b7cb2-ac9e-4b7b-a5e6-37fb55726b8dx-ua-compatible: IE=Edgex-cache: CONFIG_NOCACHEx-msedge-ref: Ref A: E93AACCA80E644FE92C2ED10E4E16139 Ref B: BY3EDGE0120 Ref C: 2024-12-20T20:41:48Zaccess-control-allow-origin: access-control-allow-headers:
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 20 Dec 2024 20:41:51 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeVary: Accept-Encodingcache-control: privatep3p: CP="DSP CUR OTPi IND OTRi ONL FIN"x-ms-request-id: ba64c6b0-3f19-4e2e-ac50-dc5c25cf3c00x-ms-ests-server: 2.1.19683.6 - SEC ProdSlicesreport-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://8e1d6ffe-4db8a1b1.twuseb.us/api/report?catId=GW+estsfd+frc"}]}nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}x-ms-srs: 1.Preferrer-policy: strict-origin-when-cross-originaccess-control-allow-origin: access-control-allow-headers:
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 20 Dec 2024 20:42:00 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeVary: Accept-Encodingcache-control: privatep3p: CP="DSP CUR OTPi IND OTRi ONL FIN"x-ms-request-id: 85fb312d-720b-4835-b5dd-fabaa9f12e00x-ms-ests-server: 2.1.19683.6 - FRC ProdSlicesreport-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://8e1d6ffe-4db8a1b1.twuseb.us/api/report?catId=GW+estsfd+frc"}]}nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}x-ms-srs: 1.Preferrer-policy: strict-origin-when-cross-originaccess-control-allow-origin: access-control-allow-headers:
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 20 Dec 2024 20:42:10 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeVary: Accept-Encodingcache-control: privatep3p: CP="DSP CUR OTPi IND OTRi ONL FIN"x-ms-request-id: b824d423-6a79-442f-bb10-f153e79a3d00x-ms-ests-server: 2.1.19683.6 - WEULR1 ProdSlicesreport-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://8e1d6ffe-4db8a1b1.twuseb.us/api/report?catId=GW+estsfd+frc"}]}nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}x-ms-srs: 1.Preferrer-policy: strict-origin-when-cross-originaccess-control-allow-origin: access-control-allow-headers:
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 20 Dec 2024 20:42:23 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeVary: Accept-Encodingcache-control: privatep3p: CP="DSP CUR OTPi IND OTRi ONL FIN"x-ms-request-id: 2b4afc0a-24c3-425c-b33a-95d264133400x-ms-ests-server: 2.1.19683.6 - NEULR1 ProdSlicesreport-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://8e1d6ffe-4db8a1b1.twuseb.us/api/report?catId=GW+estsfd+frc"}]}nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}x-ms-srs: 1.Preferrer-policy: strict-origin-when-cross-originaccess-control-allow-origin: access-control-allow-headers:
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 20 Dec 2024 20:42:38 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeVary: Accept-Encodingcache-control: privatep3p: CP="DSP CUR OTPi IND OTRi ONL FIN"x-ms-request-id: e4290cf3-b6c0-4ef0-addd-0139f3ce2700x-ms-ests-server: 2.1.19683.6 - NEULR1 ProdSlicesreport-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://8e1d6ffe-4db8a1b1.twuseb.us/api/report?catId=GW+estsfd+frc"}]}nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}x-ms-srs: 1.Preferrer-policy: strict-origin-when-cross-originaccess-control-allow-origin: access-control-allow-headers:

Source: chromecache_125.1.dr, chromecache_132.1.dr	String found in binary or memory: http://bit.ly/2sd4HMP
Source: chromecache_190.1.dr	String found in binary or memory: http://g.co/ng/security#xss)
Source: chromecache_138.1.dr, chromecache_163.1.dr	String found in binary or memory: http://hammerjs.github.io/
Source: chromecache_190.1.dr	String found in binary or memory: http://nimb.ws/EkX87M
Source: chromecache_122.1.dr	String found in binary or memory: http://polymer.github.io/AUTHORS.txt
Source: chromecache_122.1.dr	String found in binary or memory: http://polymer.github.io/CONTRIBUTORS.txt
Source: chromecache_122.1.dr	String found in binary or memory: http://polymer.github.io/LICENSE.txt
Source: chromecache_122.1.dr	String found in binary or memory: http://polymer.github.io/PATENTS.txt
Source: chromecache_190.1.dr	String found in binary or memory: https://...
Source: chromecache_185.1.dr	String found in binary or memory: https://adservice.google.com/pagead/regclk?
Source: chromecache_184.1.dr, chromecache_156.1.dr	String found in binary or memory: https://ampcid.google.com/v1/publisher:getClientId
Source: chromecache_125.1.dr, chromecache_132.1.dr	String found in binary or memory: https://angular.io/api/common/NgForOf#change-propagation
Source: chromecache_125.1.dr, chromecache_132.1.dr	String found in binary or memory: https://angular.io/api/core/Component#animations).
Source: chromecache_125.1.dr, chromecache_132.1.dr	String found in binary or memory: https://angular.io/errors/NG0$
Source: chromecache_191.1.dr, chromecache_174.1.dr, chromecache_135.1.dr, chromecache_141.1.dr, chromecache_170.1.dr, chromecache_140.1.dr, chromecache_200.1.dr, chromecache_183.1.dr, chromecache_148.1.dr, chromecache_185.1.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: chromecache_175.1.dr, chromecache_124.1.dr	String found in binary or memory: https://cloud.google.com/contact
Source: chromecache_175.1.dr, chromecache_124.1.dr	String found in binary or memory: https://cloud.google.com/recaptcha-enterprise/billing-information
Source: chromecache_172.1.dr, chromecache_167.1.dr	String found in binary or memory: https://d3hogio4d1txum.cloudfront.net/tasks-bundle.20241017.css
Source: chromecache_172.1.dr, chromecache_167.1.dr	String found in binary or memory: https://d3hogio4d1txum.cloudfront.net/tasks-bundle.20241017.js
Source: chromecache_125.1.dr, chromecache_132.1.dr	String found in binary or memory: https://d3jlxgnskmmqem.cloudfront.net/diamond-animation/animation-blue.json
Source: chromecache_125.1.dr, chromecache_132.1.dr	String found in binary or memory: https://d3jlxgnskmmqem.cloudfront.net/diamond-animation/animation-yellow.json
Source: chromecache_175.1.dr, chromecache_124.1.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca
Source: chromecache_175.1.dr, chromecache_124.1.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#localhost_support
Source: chromecache_175.1.dr, chromecache_124.1.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que
Source: chromecache_179.1.dr, chromecache_155.1.dr	String found in binary or memory: https://events.getsitectrl.com/api/v1/events
Source: chromecache_157.1.dr	String found in binary or memory: https://fengyuanchen.github.io/viewerjs
Source: chromecache_132.1.dr	String found in binary or memory: https://g.co/ng/security#xss)
Source: chromecache_125.1.dr, chromecache_132.1.dr	String found in binary or memory: https://goo.gl/X2J8zc.
Source: chromecache_125.1.dr, chromecache_132.1.dr	String found in binary or memory: https://goo.gl/wIDDiL
Source: chromecache_185.1.dr	String found in binary or memory: https://google.com
Source: chromecache_185.1.dr	String found in binary or memory: https://googleads.g.doubleclick.net
Source: chromecache_153.1.dr, chromecache_188.1.dr	String found in binary or memory: https://l.getsitecontrol.com/m42xj3qw.json
Source: chromecache_179.1.dr, chromecache_155.1.dr	String found in binary or memory: https://m2.getsitecontrol.com/images/45937/16a24fa610de8063461479d5c7326693_235751283.png
Source: chromecache_179.1.dr, chromecache_155.1.dr	String found in binary or memory: https://m2.getsitecontrol.com/images/45937/92b6dc2dfd1666d858aca7e557de7c36_234815107.png
Source: chromecache_125.1.dr, chromecache_132.1.dr	String found in binary or memory: https://material.angular.io/guide/theming
Source: chromecache_161.1.dr, chromecache_190.1.dr	String found in binary or memory: https://media.springernature.com/full/springer-cms/rest/v1/img/18893370/v1/height/700
Source: chromecache_172.1.dr	String found in binary or memory: https://metric.nimbusweb.me
Source: chromecache_161.1.dr, chromecache_190.1.dr	String found in binary or memory: https://mths.be/he
Source: chromecache_125.1.dr, chromecache_132.1.dr	String found in binary or memory: https://ngrx.io/guide/store/configuration/runtime-checks
Source: chromecache_172.1.dr	String found in binary or memory: https://nimbusweb.co/contact.php
Source: chromecache_172.1.dr	String found in binary or memory: https://nimbusweb.me
Source: chromecache_161.1.dr, chromecache_190.1.dr	String found in binary or memory: https://nimbusweb.me/auth/openidconnect.php?provider=
Source: chromecache_172.1.dr	String found in binary or memory: https://nimbusweb.me/client/
Source: chromecache_190.1.dr	String found in binary or memory: https://nimbusweb.me/contact-us.php
Source: chromecache_172.1.dr	String found in binary or memory: https://nimbusweb.me/pricing.php
Source: chromecache_179.1.dr, chromecache_155.1.dr	String found in binary or memory: https://nimbusweb.me/pricing.php?ws_banner=dunningType_past_due_invoice_day14B2B
Source: chromecache_179.1.dr, chromecache_155.1.dr	String found in binary or memory: https://nimbusweb.me/pricing.php?ws_banner=dunningType_past_due_invoice_day14B2C
Source: chromecache_161.1.dr, chromecache_190.1.dr	String found in binary or memory: https://nimbusweb.me/s/share/4246032/x9umr2emrgvf4xxa45vy
Source: chromecache_190.1.dr	String found in binary or memory: https://nimbusweb.me/s/share/5441210/4qccr41slk6wsw61h5fb
Source: chromecache_161.1.dr, chromecache_190.1.dr	String found in binary or memory: https://nimbusweb.me/s/share/5441213/cwwryo2477pssn2sgkww
Source: chromecache_190.1.dr	String found in binary or memory: https://nimbusweb.me/s/share/5607239/l55bgak2ivs9bfptruka#b1995924032_670
Source: chromecache_161.1.dr, chromecache_190.1.dr	String found in binary or memory: https://nimbusweb.me/screenshot/
Source: chromecache_172.1.dr	String found in binary or memory: https://nimbusweb.me/share/
Source: chromecache_172.1.dr	String found in binary or memory: https://nimbusweb.me/share/dist/common.js?v=9.26.11
Source: chromecache_172.1.dr	String found in binary or memory: https://nimbusweb.me/share/dist/vendor/webcomponents-bundle.js?v=9.26.11
Source: chromecache_172.1.dr, chromecache_199.1.dr, chromecache_161.1.dr, chromecache_119.1.dr, chromecache_190.1.dr	String found in binary or memory: https://nimbusweb.me/terms-and-conditions.php
Source: chromecache_179.1.dr, chromecache_155.1.dr	String found in binary or memory: https://nimbusweb.me/user-billing/edit-billinginfo?ws_banner=dunningType_past_due_invoice
Source: chromecache_179.1.dr, chromecache_155.1.dr	String found in binary or memory: https://nimbusweb.me/user-billing/edit-billinginfo?ws_banner=dunningType_past_due_invoice_day0
Source: chromecache_179.1.dr, chromecache_155.1.dr	String found in binary or memory: https://nimbusweb.me/user-billing/edit-billinginfo?ws_banner=dunningType_past_due_invoice_day3
Source: chromecache_179.1.dr, chromecache_155.1.dr	String found in binary or memory: https://nimbusweb.me/user-billing/edit-billinginfo?ws_banner=dunningType_past_due_invoice_day5
Source: chromecache_179.1.dr, chromecache_155.1.dr	String found in binary or memory: https://nimbusweb.me/user-billing/edit-billinginfo?ws_banner=dunningType_past_due_invoice_day7
Source: chromecache_185.1.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: chromecache_191.1.dr, chromecache_174.1.dr, chromecache_135.1.dr, chromecache_141.1.dr, chromecache_170.1.dr, chromecache_140.1.dr, chromecache_200.1.dr, chromecache_183.1.dr, chromecache_148.1.dr, chromecache_185.1.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: chromecache_124.1.dr	String found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: chromecache_167.1.dr	String found in binary or memory: https://premiumgain.nimbusweb.me
Source: chromecache_167.1.dr	String found in binary or memory: https://premiumgain.nimbusweb.me/share/dist/i/b8f7709850a83dcde71fd51d51ef3f59.png
Source: chromecache_167.1.dr	String found in binary or memory: https://premiumgain.nimbusweb.me/share/dist/i/ff6a823eabd85e67c626d007c2830bd5.png
Source: chromecache_155.1.dr	String found in binary or memory: https://s2.getsitecontrol.com/widgets/es6/runtime.0e5d0b4.js
Source: chromecache_174.1.dr, chromecache_135.1.dr, chromecache_141.1.dr, chromecache_140.1.dr, chromecache_200.1.dr, chromecache_148.1.dr	String found in binary or memory: https://stats.g.doubleclick.net/g/collect
Source: chromecache_156.1.dr	String found in binary or memory: https://stats.g.doubleclick.net/j/collect
Source: chromecache_124.1.dr	String found in binary or memory: https://support.google.com/recaptcha
Source: chromecache_175.1.dr, chromecache_124.1.dr	String found in binary or memory: https://support.google.com/recaptcha#6262736
Source: chromecache_175.1.dr, chromecache_124.1.dr	String found in binary or memory: https://support.google.com/recaptcha/#6175971
Source: chromecache_175.1.dr, chromecache_124.1.dr	String found in binary or memory: https://support.google.com/recaptcha/?hl=en#6223828
Source: chromecache_179.1.dr, chromecache_155.1.dr	String found in binary or memory: https://support.nimbusweb.co/portal/en/newticket
Source: chromecache_184.1.dr, chromecache_156.1.dr	String found in binary or memory: https://tagassistant.google.com/
Source: chromecache_191.1.dr, chromecache_174.1.dr, chromecache_135.1.dr, chromecache_141.1.dr, chromecache_170.1.dr, chromecache_140.1.dr, chromecache_200.1.dr, chromecache_183.1.dr, chromecache_148.1.dr, chromecache_185.1.dr	String found in binary or memory: https://td.doubleclick.net
Source: chromecache_172.1.dr	String found in binary or memory: https://teams.nimbusweb.me
Source: chromecache_172.1.dr	String found in binary or memory: https://text.nimbusweb.me
Source: chromecache_191.1.dr, chromecache_170.1.dr, chromecache_183.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.google-analytics.com/analytics.js
Source: chromecache_184.1.dr, chromecache_156.1.dr	String found in binary or memory: https://www.google-analytics.com/debug/bootstrap?id=
Source: chromecache_184.1.dr, chromecache_156.1.dr	String found in binary or memory: https://www.google-analytics.com/gtm/js?id=
Source: chromecache_184.1.dr, chromecache_156.1.dr	String found in binary or memory: https://www.google.%/ads/ga-audiences
Source: chromecache_185.1.dr	String found in binary or memory: https://www.google.com
Source: chromecache_184.1.dr, chromecache_156.1.dr	String found in binary or memory: https://www.google.com/ads/ga-audiences
Source: chromecache_172.1.dr, chromecache_167.1.dr	String found in binary or memory: https://www.google.com/recaptcha/api.js
Source: chromecache_171.1.dr, chromecache_175.1.dr, chromecache_166.1.dr, chromecache_124.1.dr	String found in binary or memory: https://www.google.com/recaptcha/api2/
Source: chromecache_185.1.dr	String found in binary or memory: https://www.googleadservices.com
Source: chromecache_185.1.dr	String found in binary or memory: https://www.googletagmanager.com
Source: chromecache_135.1.dr, chromecache_170.1.dr, chromecache_140.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.googletagmanager.com/a?
Source: chromecache_184.1.dr, chromecache_156.1.dr	String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=
Source: chromecache_135.1.dr, chromecache_170.1.dr, chromecache_140.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.googletagmanager.com/static/service_worker/
Source: chromecache_175.1.dr, chromecache_124.1.dr	String found in binary or memory: https://www.gstatic.c..?/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__.
Source: chromecache_171.1.dr, chromecache_166.1.dr	String found in binary or memory: https://www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__en.js
Source: chromecache_174.1.dr, chromecache_135.1.dr, chromecache_141.1.dr, chromecache_140.1.dr, chromecache_200.1.dr, chromecache_148.1.dr	String found in binary or memory: https://www.merchant-center-analytics.goog
Source: chromecache_135.1.dr, chromecache_141.1.dr, chromecache_170.1.dr, chromecache_140.1.dr, chromecache_200.1.dr, chromecache_185.1.dr	String found in binary or memory: https://www.youtube.com/iframe_api

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 49841 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49847
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49846
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49844
Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49841
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49840
Source: unknown	Network traffic detected: HTTP traffic on port 49834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49839
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49837
Source: unknown	Network traffic detected: HTTP traffic on port 49847 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49834
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49833
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49832
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 49846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49837 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49696
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49700 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49844 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 49677 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49700
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 49842 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49833 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49696 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49832 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443

Source: unknown	HTTPS traffic detected: 13.107.4.254:443 -> 192.168.2.16:49844 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 204.79.197.200:443 -> 192.168.2.16:49845 version: TLS 1.2

Source: classification engine

Classification label: mal56.phis.win@19/134@60/19

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 --field-trial-handle=1964,i,5279644903293289592,10840831433166987168,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://aselog24x7.cl/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 --field-trial-handle=1964,i,5279644903293289592,10840831433166987168,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: Window Recorder

Window detected: More than 3 window changes detected

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

ID:	1579124
Product:	CloudBasic
Start time:	21:40:07
Start date:	20.12.2024
Cookbook:	defaultwindowsinteractivecookbook.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Windows Analysis Report
http://aselog24x7.cl/

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Boot Survival

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report http://aselog24x7.cl/

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Boot Survival

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
http://aselog24x7.cl/