Windows Analysis Report
https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/

Overview

General Information

Sample URL:	https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/
Analysis ID:	1579404
Infos:

Detection

HTMLPhisher

Score:	64
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

AI detected phishing page

Yara detected HtmlPhish34

AI detected landing page (webpage, office document or email)

AI detected suspicious URL

HTML page contains hidden javascript code

Stores files to the Windows start menu directory

Classification

Signatures

Phishing

AI detected phishing page

Source: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/	Joe Sandbox AI: Score: 8 Reasons: The brand 'DHL' is a well-known global logistics company., The URL 'cpanel05wh.bkk1.cloud.z.com' does not match the legitimate domain 'dhl.com'., The URL contains multiple subdomains and does not have any direct association with DHL., The domain 'cloud.z.com' is a generic cloud service provider, which could be used by various clients, increasing the risk of phishing., There is no direct indication that this URL is associated with DHL, making it suspicious. DOM: 1.2.pages.csv
Source: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/Fhome/dd.php?enc=e2abe2ef032bc709e717993c81e294e8&p=0&dispatch=01f7ed273f0b8344cda8f2f39d9786ae01f4d4ce	Joe Sandbox AI: Score: 9 Reasons: The brand 'DHL Express' is a well-known global logistics company., The legitimate domain for DHL Express is 'dhl.com'., The provided URL 'cpanel05wh.bkk1.cloud.z.com' does not match the legitimate domain for DHL Express., The URL contains multiple subdomains and is hosted on a cloud service provider, which is often used for phishing., The URL does not contain any direct reference to DHL, which is suspicious., The presence of input fields for personal information is common in phishing attempts. DOM: 2.10.pages.csv

Yara detected HtmlPhish34

Source: Yara match	File source: 1.0.pages.csv, type: HTML
Source: Yara match	File source: 1.8.pages.csv, type: HTML
Source: Yara match	File source: 1.3.pages.csv, type: HTML

AI detected landing page (webpage, office document or email)

Source: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/

Joe Sandbox AI: Page contains button: 'VERIFY' Source: '1.7.pages.csv'

AI detected suspicious URL

Source: Email

Joe Sandbox AI: AI detected Brand spoofing attempt in URL: https://cpanel05wh.bkk1.cloud.z.com

HTML page contains hidden javascript code

Source: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/

HTTP Parser: Base64 decoded: https://cpanel05wh.bkk1.cloud.z.com:443

Source: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/	HTTP Parser: No favicon
Source: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/	HTTP Parser: No favicon
Source: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/	HTTP Parser: No favicon
Source: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/	HTTP Parser: No favicon
Source: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/	HTTP Parser: No favicon
Source: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/	HTTP Parser: No favicon

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.221.95
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.147.7
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.221.95
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.147.7
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.147.7
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.147.7
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /~cp197720/open/DD/ HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /~cp197720/open/DD/log.css HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=2j49k0ngher2g7g6k1nn5vb2be
Source: global traffic	HTTP traffic detected: GET /~cp197720/open/DD/dh.svg HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=2j49k0ngher2g7g6k1nn5vb2be
Source: global traffic	HTTP traffic detected: GET /recaptcha/api.js HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlaHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://cpanel05wh.bkk1.cloud.z.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /~cp197720/open/DD/dh.svg HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=2j49k0ngher2g7g6k1nn5vb2be
Source: global traffic	HTTP traffic detected: GET /recaptcha/api.js HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlaHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/anchor?ar=1&k=6Ld_o50qAAAAAAbkPYUM_PZ2jHZ_gM56pUjO_aaB&co=aHR0cHM6Ly9jcGFuZWwwNXdoLmJrazEuY2xvdWQuei5jb206NDQz&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=normal&cb=txndood6r10t HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlaHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://cpanel05wh.bkk1.cloud.z.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/webworker.js?hl=en&v=zIriijn3uj5Vpknvt_LnfNbF HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlaHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: workerReferer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld_o50qAAAAAAbkPYUM_PZ2jHZ_gM56pUjO_aaB&co=aHR0cHM6Ly9jcGFuZWwwNXdoLmJrazEuY2xvdWQuei5jb206NDQz&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=normal&cb=txndood6r10tAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/bg/FsaNIYyPN76i0sL7d3myIoFfjMDAw8eHc9AJuLUrm7A.js HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlaHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld_o50qAAAAAAbkPYUM_PZ2jHZ_gM56pUjO_aaB&co=aHR0cHM6Ly9jcGFuZWwwNXdoLmJrazEuY2xvdWQuei5jb206NDQz&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=normal&cb=txndood6r10tAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/webworker.js?hl=en&v=zIriijn3uj5Vpknvt_LnfNbF HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlaHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/bg/FsaNIYyPN76i0sL7d3myIoFfjMDAw8eHc9AJuLUrm7A.js HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlaHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /~cp197720/open/DD/h HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=2j49k0ngher2g7g6k1nn5vb2be
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/bframe?hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&k=6Ld_o50qAAAAAAbkPYUM_PZ2jHZ_gM56pUjO_aaB HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlaHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: iframeReferer: https://cpanel05wh.bkk1.cloud.z.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /~cp197720/open/DD/h HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=2j49k0ngher2g7g6k1nn5vb2be
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/reload?k=6Ld_o50qAAAAAAbkPYUM_PZ2jHZ_gM56pUjO_aaB HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlaHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09AJNbFnfGciwQi2fZtFAYvsNDsV9uVqys2saPmUCFzsf1ODB-HGGven55b9KoLYEFf8fyNvhrk9MCiMJIxDaYmtI
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA7FDZR4xzTkbDkeNb5BPyXx4LCV3Mu5ZS44ZBy88JAUDPUzSEoJ6IV5h3cMgj_wuT_oS0-d8q2NSES_BvkiXe8i-BFvKyEGjx9U08m9Szcucx6OUoSh4-nj0HkZS61IM1ovPXy9JtFRCGjKAhRbFjysogh-rPoS0j7XxU2SfXRWt0hlbdkgOYam4Hr5ONf_KxXEY50y&k=6Ld_o50qAAAAAAbkPYUM_PZ2jHZ_gM56pUjO_aaB HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlaHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&k=6Ld_o50qAAAAAAbkPYUM_PZ2jHZ_gM56pUjO_aaBAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09AJNbFnfGciwQi2fZtFAYvsNDsV9uVqys2saPmUCFzsf1ODB-HGGven55b9KoLYEFf8fyNvhrk9MCiMJIxDaYmtI
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA7FDZR4xzTkbDkeNb5BPyXx4LCV3Mu5ZS44ZBy88JAUDPUzSEoJ6IV5h3cMgj_wuT_oS0-d8q2NSES_BvkiXe8i-BFvKyEGjx9U08m9Szcucx6OUoSh4-nj0HkZS61IM1ovPXy9JtFRCGjKAhRbFjysogh-rPoS0j7XxU2SfXRWt0hlbdkgOYam4Hr5ONf_KxXEY50y&k=6Ld_o50qAAAAAAbkPYUM_PZ2jHZ_gM56pUjO_aaB HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlaHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09AJNbFnfGciwQi2fZtFAYvsNDsV9uVqys2saPmUCFzsf1ODB-HGGven55b9KoLYEFf8fyNvhrk9MCiMJIxDaYmtI
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/userverify?k=6Ld_o50qAAAAAAbkPYUM_PZ2jHZ_gM56pUjO_aaB HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlaHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09AJNbFnfGciwQi2fZtFAYvsNDsV9uVqys2saPmUCFzsf1ODB-HGGven55b9KoLYEFf8fyNvhrk9MCiMJIxDaYmtI
Source: global traffic	HTTP traffic detected: GET /~cp197720/open/DD/index.php?pp=2300 HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=2j49k0ngher2g7g6k1nn5vb2be
Source: global traffic	HTTP traffic detected: GET /~cp197720/open/DD/Fhome?enc=d8981dd0eb08f408e7902959c0841b91&p=0&dispatch=42a890954c3c2ff58a63b55623e7ea6ca0ad7903 HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=2j49k0ngher2g7g6k1nn5vb2be
Source: global traffic	HTTP traffic detected: GET /~cp197720/open/DD/Fhome/?enc=d8981dd0eb08f408e7902959c0841b91&p=0&dispatch=42a890954c3c2ff58a63b55623e7ea6ca0ad7903 HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=2j49k0ngher2g7g6k1nn5vb2be
Source: global traffic	HTTP traffic detected: GET /~cp197720/open/DD/Fhome/dd.php?enc=e2abe2ef032bc709e717993c81e294e8&p=0&dispatch=01f7ed273f0b8344cda8f2f39d9786ae01f4d4ce HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=2j49k0ngher2g7g6k1nn5vb2be
Source: global traffic	HTTP traffic detected: GET /~cp197720/open/DD/Fhome/assets/app.css HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/Fhome/dd.php?enc=e2abe2ef032bc709e717993c81e294e8&p=0&dispatch=01f7ed273f0b8344cda8f2f39d9786ae01f4d4ceAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=2j49k0ngher2g7g6k1nn5vb2be
Source: global traffic	HTTP traffic detected: GET /~cp197720/open/DD/Fhome/assets/logo.png HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/Fhome/dd.php?enc=e2abe2ef032bc709e717993c81e294e8&p=0&dispatch=01f7ed273f0b8344cda8f2f39d9786ae01f4d4ceAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=2j49k0ngher2g7g6k1nn5vb2be
Source: global traffic	HTTP traffic detected: GET /~cp197720/open/DD/Fhome/assets/col.png HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/Fhome/dd.php?enc=e2abe2ef032bc709e717993c81e294e8&p=0&dispatch=01f7ed273f0b8344cda8f2f39d9786ae01f4d4ceAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=2j49k0ngher2g7g6k1nn5vb2be
Source: global traffic	HTTP traffic detected: GET /~cp197720/open/DD/Fhome/assets/pak.png HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/Fhome/dd.php?enc=e2abe2ef032bc709e717993c81e294e8&p=0&dispatch=01f7ed273f0b8344cda8f2f39d9786ae01f4d4ceAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=2j49k0ngher2g7g6k1nn5vb2be
Source: global traffic	HTTP traffic detected: GET /~cp197720/open/DD/Fhome/assets/clan.png HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/Fhome/dd.php?enc=e2abe2ef032bc709e717993c81e294e8&p=0&dispatch=01f7ed273f0b8344cda8f2f39d9786ae01f4d4ceAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=2j49k0ngher2g7g6k1nn5vb2be
Source: global traffic	HTTP traffic detected: GET /logger-1.min.js HTTP/1.1Host: cdn.lr-in.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://cpanel05wh.bkk1.cloud.z.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/app.js HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/Fhome/dd.php?enc=e2abe2ef032bc709e717993c81e294e8&p=0&dispatch=01f7ed273f0b8344cda8f2f39d9786ae01f4d4ceAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=2j49k0ngher2g7g6k1nn5vb2be
Source: global traffic	HTTP traffic detected: GET /~cp197720/open/DD/Fhome/assets/logo.png HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=2j49k0ngher2g7g6k1nn5vb2be
Source: global traffic	HTTP traffic detected: GET /~cp197720/open/DD/Fhome/assets/pak.png HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=2j49k0ngher2g7g6k1nn5vb2be
Source: global traffic	HTTP traffic detected: GET /js/session-recorder.js HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/Fhome/dd.php?enc=e2abe2ef032bc709e717993c81e294e8&p=0&dispatch=01f7ed273f0b8344cda8f2f39d9786ae01f4d4ceAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=2j49k0ngher2g7g6k1nn5vb2be
Source: global traffic	HTTP traffic detected: GET /~cp197720/open/DD/Fhome/assets/clan.png HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=2j49k0ngher2g7g6k1nn5vb2be
Source: global traffic	HTTP traffic detected: GET /~cp197720/open/DD/Fhome/assets/col.png HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=2j49k0ngher2g7g6k1nn5vb2be
Source: global traffic	HTTP traffic detected: GET /js/card.js HTTP/1.1Host: dispatching-centre.lasamericascargo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://cpanel05wh.bkk1.cloud.z.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/intlTelInput.js HTTP/1.1Host: dispatching-centre.lasamericascargo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://cpanel05wh.bkk1.cloud.z.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fonts/vendor/@fontsource/roboto/files/roboto-latin-400-normal.woff2?4673b4537a84c7f7a130799aa6af329b HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://cpanel05wh.bkk1.cloud.z.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/Fhome/assets/app.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=2j49k0ngher2g7g6k1nn5vb2be
Source: global traffic	HTTP traffic detected: GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80 HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://cpanel05wh.bkk1.cloud.z.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/Fhome/assets/app.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=2j49k0ngher2g7g6k1nn5vb2be
Source: global traffic	HTTP traffic detected: GET /~cp197720/open/DD/Fhome/assets/alert.png HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/Fhome/dd.php?enc=e2abe2ef032bc709e717993c81e294e8&p=0&dispatch=01f7ed273f0b8344cda8f2f39d9786ae01f4d4ceAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=2j49k0ngher2g7g6k1nn5vb2be
Source: global traffic	HTTP traffic detected: GET /~cp197720/open/DD/Fhome/assets/foo.png HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/Fhome/dd.php?enc=e2abe2ef032bc709e717993c81e294e8&p=0&dispatch=01f7ed273f0b8344cda8f2f39d9786ae01f4d4ceAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=2j49k0ngher2g7g6k1nn5vb2be
Source: global traffic	HTTP traffic detected: GET /logger-1.min.js HTTP/1.1Host: cdn.lr-in.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/card.js HTTP/1.1Host: dispatching-centre.lasamericascargo.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/intlTelInput.js HTTP/1.1Host: dispatching-centre.lasamericascargo.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fonts/vendor/@fontsource/roboto/files/roboto-all-400-normal.woff?376ea5d93f71583052f65de4e0c6a92c HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://cpanel05wh.bkk1.cloud.z.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/Fhome/assets/app.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=2j49k0ngher2g7g6k1nn5vb2be
Source: global traffic	HTTP traffic detected: GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff?eeccf4f66002c6f2ba24d3d22f2434c2 HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://cpanel05wh.bkk1.cloud.z.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/Fhome/assets/app.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=2j49k0ngher2g7g6k1nn5vb2be
Source: global traffic	HTTP traffic detected: GET /~cp197720/open/DD/Fhome/assets/alert.png HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=2j49k0ngher2g7g6k1nn5vb2be
Source: global traffic	HTTP traffic detected: GET /assets/loading.gif HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/Fhome/assets/app.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=2j49k0ngher2g7g6k1nn5vb2be
Source: global traffic	HTTP traffic detected: GET /~cp197720/open/DD/Fhome/assets/foo.png HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=2j49k0ngher2g7g6k1nn5vb2be
Source: global traffic	HTTP traffic detected: GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.ttf?be9ee23c0c6390141475d519c2c5fb8f HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://cpanel05wh.bkk1.cloud.z.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/Fhome/assets/app.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=2j49k0ngher2g7g6k1nn5vb2be
Source: global traffic	HTTP traffic detected: GET /images/favicon.gif HTTP/1.1Host: dispatching-centre.lasamericascargo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cpanel05wh.bkk1.cloud.z.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/favicon.gif HTTP/1.1Host: dispatching-centre.lasamericascargo.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: cpanel05wh.bkk1.cloud.z.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: cdn.livechatinc.com
Source: global traffic	DNS traffic detected: DNS query: api.livechatinc.com
Source: global traffic	DNS traffic detected: DNS query: cdn.lr-in.com
Source: global traffic	DNS traffic detected: DNS query: dispatching-centre.lasamericascargo.com

Source: unknown

HTTP traffic detected: POST /recaptcha/api2/reload?k=6Ld_o50qAAAAAAbkPYUM_PZ2jHZ_gM56pUjO_aaB HTTP/1.1Host: www.google.comConnection: keep-aliveContent-Length: 7411sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/x-protobufferAccept: */*Origin: https://www.google.comX-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlaHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&k=6Ld_o50qAAAAAAbkPYUM_PZ2jHZ_gM56pUjO_aaBAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sun, 22 Dec 2024 05:37:36 GMTServer: ApacheAccept-Ranges: bytesCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Connection: closeTransfer-Encoding: chunkedContent-Type: text/html
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sun, 22 Dec 2024 05:37:37 GMTServer: ApacheAccept-Ranges: bytesCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Connection: closeTransfer-Encoding: chunkedContent-Type: text/html
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sun, 22 Dec 2024 05:37:38 GMTServer: ApacheAccept-Ranges: bytesCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Connection: closeTransfer-Encoding: chunkedContent-Type: text/html
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sun, 22 Dec 2024 05:37:38 GMTServer: ApacheAccept-Ranges: bytesCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Connection: closeTransfer-Encoding: chunkedContent-Type: text/html
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sun, 22 Dec 2024 05:37:41 GMTServer: ApacheAccept-Ranges: bytesCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Connection: closeTransfer-Encoding: chunkedContent-Type: text/html
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sun, 22 Dec 2024 05:37:41 GMTServer: ApacheAccept-Ranges: bytesCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Connection: closeTransfer-Encoding: chunkedContent-Type: text/html
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sun, 22 Dec 2024 05:37:42 GMTServer: ApacheAccept-Ranges: bytesCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Connection: closeTransfer-Encoding: chunkedContent-Type: text/html
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sun, 22 Dec 2024 05:37:43 GMTServer: ApacheAccept-Ranges: bytesCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Connection: closeTransfer-Encoding: chunkedContent-Type: text/html

Source: chromecache_134.1.dr, chromecache_89.1.dr	String found in binary or memory: http://jquery.org/license
Source: chromecache_101.1.dr, chromecache_99.1.dr, chromecache_120.1.dr	String found in binary or memory: https://cloud.google.com/contact
Source: chromecache_101.1.dr, chromecache_99.1.dr, chromecache_120.1.dr	String found in binary or memory: https://cloud.google.com/recaptcha-enterprise/billing-information
Source: chromecache_101.1.dr, chromecache_99.1.dr, chromecache_120.1.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca
Source: chromecache_101.1.dr, chromecache_99.1.dr, chromecache_120.1.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#localhost_support
Source: chromecache_101.1.dr, chromecache_99.1.dr, chromecache_120.1.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que
Source: chromecache_102.1.dr	String found in binary or memory: https://fontawesome.com
Source: chromecache_102.1.dr	String found in binary or memory: https://fontawesome.com/license/free
Source: chromecache_102.1.dr	String found in binary or memory: https://getbootstrap.com/)
Source: chromecache_109.1.dr, chromecache_88.1.dr	String found in binary or memory: https://github.com/behdad/region-flags/tree/gh-pages/png
Source: chromecache_109.1.dr, chromecache_88.1.dr	String found in binary or memory: https://github.com/googlei18n/libphonenumber/blob/master/resources/ShortNumberMetadata.xml
Source: chromecache_109.1.dr, chromecache_88.1.dr	String found in binary or memory: https://github.com/jackocnr/intl-tel-input.git
Source: chromecache_86.1.dr, chromecache_95.1.dr	String found in binary or memory: https://github.com/js-cookie/js-cookie
Source: chromecache_102.1.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/main/LICENSE)
Source: chromecache_120.1.dr	String found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: chromecache_88.1.dr	String found in binary or memory: https://stackoverflow.com/a/14384091/217866
Source: chromecache_109.1.dr, chromecache_88.1.dr	String found in binary or memory: https://stackoverflow.com/a/8935649/217866)
Source: chromecache_120.1.dr	String found in binary or memory: https://support.google.com/recaptcha
Source: chromecache_101.1.dr, chromecache_99.1.dr, chromecache_120.1.dr	String found in binary or memory: https://support.google.com/recaptcha#6262736
Source: chromecache_101.1.dr, chromecache_99.1.dr, chromecache_120.1.dr	String found in binary or memory: https://support.google.com/recaptcha/#6175971
Source: chromecache_101.1.dr, chromecache_99.1.dr, chromecache_120.1.dr	String found in binary or memory: https://support.google.com/recaptcha/?hl=en#6223828
Source: chromecache_131.1.dr, chromecache_113.1.dr, chromecache_101.1.dr, chromecache_99.1.dr, chromecache_120.1.dr	String found in binary or memory: https://www.google.com/recaptcha/api2/
Source: chromecache_101.1.dr, chromecache_99.1.dr, chromecache_120.1.dr	String found in binary or memory: https://www.gstatic.c..?/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__.
Source: chromecache_131.1.dr, chromecache_113.1.dr, chromecache_110.1.dr, chromecache_103.1.dr	String found in binary or memory: https://www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__en.js

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49697
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 49697 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49702
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49702 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746

Source: classification engine

Classification label: mal64.phis.win@18/90@30/7

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2192 --field-trial-handle=1960,i,14440319301728119548,863647687672028231,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2192 --field-trial-handle=1960,i,14440319301728119548,863647687672028231,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: Window Recorder

Window detected: More than 3 window changes detected

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
163.44.198.45	cpanel05wh.bkk1.cloud.z.com	Singapore	135161	GMO-Z-COM-THGMO-ZcomNetDesignHoldingsCoLtdSG	false
172.217.19.228	www.google.com	United States	15169	GOOGLEUS	false
104.21.234.144	cdn.lr-in.com	United States	13335	CLOUDFLARENETUS	false
142.250.181.132	unknown	United States	15169	GOOGLEUS	false
135.181.58.223	dispatching-centre.lasamericascargo.com	Germany	24940	HETZNER-ASDE	false
239.255.255.250	unknown	Reserved	unknown	unknown	false

Private

IP
192.168.2.16

Contacted Domains

Name	IP	Active
cpanel05wh.bkk1.cloud.z.com	163.44.198.45	true
www.google.com	172.217.19.228	true
cdn.lr-in.com	104.21.234.144	true
dispatching-centre.lasamericascargo.com	135.181.58.223	true
api.livechatinc.com	unknown	unknown
cdn.livechatinc.com	unknown	unknown

Contacted URLs

Name	Malicious	Reputation
https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/h	true	unknown
https://www.google.com/js/bg/FsaNIYyPN76i0sL7d3myIoFfjMDAw8eHc9AJuLUrm7A.js	false	high
https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/Fhome?enc=d8981dd0eb08f408e7902959c0841b91&p=0&dispatch=42a890954c3c2ff58a63b55623e7ea6ca0ad7903	true	unknown
https://www.google.com/recaptcha/api2/payload?p=06AFcWeA7FDZR4xzTkbDkeNb5BPyXx4LCV3Mu5ZS44ZBy88JAUDPUzSEoJ6IV5h3cMgj_wuT_oS0-d8q2NSES_BvkiXe8i-BFvKyEGjx9U08m9Szcucx6OUoSh4-nj0HkZS61IM1ovPXy9JtFRCGjKAhRbFjysogh-rPoS0j7XxU2SfXRWt0hlbdkgOYam4Hr5ONf_KxXEY50y&k=6Ld_o50qAAAAAAbkPYUM_PZ2jHZ_gM56pUjO_aaB	false	high
https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/Fhome/assets/clan.png	true	unknown
https://cpanel05wh.bkk1.cloud.z.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff?eeccf4f66002c6f2ba24d3d22f2434c2	false	unknown
https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/Fhome/?enc=d8981dd0eb08f408e7902959c0841b91&p=0&dispatch=42a890954c3c2ff58a63b55623e7ea6ca0ad7903	true	unknown
https://cdn.lr-in.com/logger-1.min.js	false	high
https://cpanel05wh.bkk1.cloud.z.com/assets/loading.gif	false	unknown
https://dispatching-centre.lasamericascargo.com/images/favicon.gif	false	unknown
https://cpanel05wh.bkk1.cloud.z.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.ttf?be9ee23c0c6390141475d519c2c5fb8f	false	unknown
https://cpanel05wh.bkk1.cloud.z.com/fonts/vendor/@fontsource/roboto/files/roboto-latin-400-normal.woff2?4673b4537a84c7f7a130799aa6af329b	false	unknown
https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/Fhome/assets/logo.png	true	unknown
https://www.google.com/recaptcha/api.js	false	high
https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/Fhome/assets/col.png	true	unknown
https://cpanel05wh.bkk1.cloud.z.com/js/app.js	false	unknown
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=zIriijn3uj5Vpknvt_LnfNbF	false	high
https://cpanel05wh.bkk1.cloud.z.com/fonts/vendor/@fontsource/roboto/files/roboto-all-400-normal.woff?376ea5d93f71583052f65de4e0c6a92c	false	unknown
https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/	true	unknown
https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/Fhome/assets/foo.png	true	unknown
https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/index.php?pp=2300	true	unknown
https://dispatching-centre.lasamericascargo.com/js/intlTelInput.js	false	unknown
https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/log.css	true	unknown
https://www.google.com/recaptcha/api2/bframe?hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&k=6Ld_o50qAAAAAAbkPYUM_PZ2jHZ_gM56pUjO_aaB	false	high
https://cpanel05wh.bkk1.cloud.z.com/js/session-recorder.js	false	unknown
https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/Fhome/assets/app.css	true	unknown
https://cpanel05wh.bkk1.cloud.z.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80	false	unknown
https://www.google.com/recaptcha/api2/reload?k=6Ld_o50qAAAAAAbkPYUM_PZ2jHZ_gM56pUjO_aaB	false	high
https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/Fhome/assets/pak.png	true	unknown
https://dispatching-centre.lasamericascargo.com/js/card.js	false	unknown
https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/Fhome/assets/alert.png	true	unknown
https://www.google.com/recaptcha/api2/userverify?k=6Ld_o50qAAAAAAbkPYUM_PZ2jHZ_gM56pUjO_aaB	false	high
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld_o50qAAAAAAbkPYUM_PZ2jHZ_gM56pUjO_aaB&co=aHR0cHM6Ly9jcGFuZWwwNXdoLmJrazEuY2xvdWQuei5jb206NDQz&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=normal&cb=txndood6r10t	false	high
https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/dh.svg	true	unknown
https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/Fhome/dd.php?enc=e2abe2ef032bc709e717993c81e294e8&p=0&dispatch=01f7ed273f0b8344cda8f2f39d9786ae01f4d4ce	true	unknown

Name	Type	MD5	SHA1	SHA256
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Dec 22 04:36:44 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	8B3CDF0CD8A7DEDA329B3FB15E4B4196	40892087988B205097010D013732E62A0B3A79F5	758118D44E9129AF8511412A7BCF5B417482BB2B7CACF7C0C99A3ADF0CA37CC0
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Dec 22 04:36:43 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	F1A348B0C84078BE3469B94598A2407B	93A06A23899B0756D4D515F4CB77C830FA20CC48	F0DAF19698D9E66D137F4D2E2B790FAA40E31995868E8799EC3825ABBBB7F2BA
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	500543C12D79C5437F1B1775FC9E48B7	A12209BAFAACAFE1BE22F3FE2616513994C7AB54	2054C8C464FF46906249696B073C0AA6CA800865A562D56DD367A95E1971764E
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Dec 22 04:36:43 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	DB7026FBF535CCC3BC781ADEF4292D56	222A0F369F070393AB0A096B5777255502864788	7250B16915B1089FEAC0DC7DB03E1F82461DE1BAE608BEE9F870F337B559A353
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Dec 22 04:36:43 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	EF0DED91B26FE83CB327574DD9B7F9F9	91C47E566F474D84688DA74F17BB74D538BB85A0	AAF6D45380199D57647DE745515C8910E3E690FFA8691A07EF6D688C4D24BEAE
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Dec 22 04:36:43 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	213E0BA1B3AF00EDF82A65A10AD2ED51	F1CE91D531D7C5482002F4EDE7B04330624A732B	FF11CF7DC72156DE42167865FC5E26D72915E2EB375B1CCC1E3C9F812AC60E00
Chrome Cache Entry: 100	PNG image data, 214 x 20, 8-bit/color RGBA, non-interlaced	5D14AB93691604E826E1319D53599EB9	78724360E9D25DA584445B851E37BCA05ABE6B85	3F0C62B5CCDCDBF3B3AE3885F1E6959E2D937EBA9B29DEA9A6BDB98788041756
Chrome Cache Entry: 101	HTML document, ASCII text, with very long lines (654)	19DDAC3BE88EDA2C8263C5D52FA7F6BD	C81720778F57C56244C72CE6EF402BB4DE5F9619	B261530F05E272E18B5B5C86D860C4979C82B5B6C538E1643B3C94FC9BA76DD6
Chrome Cache Entry: 102	ASCII text	B33E59C592EB453D12F6A53179D8EF19	5D1863F728B58D4456E1B1D824D98FE56810E69E	A0B9419777F544B665051CAE80F11BF8FF9F925072A9F062A3D82C383E6CDFDE
Chrome Cache Entry: 103	ASCII text, with no line terminators	C206147C7CAE99642A4F8A2C640A0019	8C32B7B7E0807BBE85E5C8C94F87AFEA31EEDC40	6F55ADBECCE78B9C566F8DC830177DC91782702FF35F213F009FC2B902E25603
Chrome Cache Entry: 104	data	5EA2A28E2BAAD696A203D70D29925000	6B47D30C211F630C21A95483123FA793EE8820DC	5425605463D89FE30EB08C7B77FC73A86F5ECDBACF6BE9C3FB96443BE339D049
Chrome Cache Entry: 105	PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced	07BF314AAB04047B9E9A959EE6F63DA3	17BEF6602672E2FD9956381E01356245144003E5	55EAF62CB05DA20088DC12B39D7D254D046CB1FD61DDF3AE641F1439EFD0A5EE
Chrome Cache Entry: 106	ASCII text, with very long lines (18299)	A0E7A179BFB0BF42B3D42A6D0E244277	D74A213F6229A985B68971695323A18C8D704C6D	16C68D218C8F37BEA2D2C2FB7779B222815F8CC0C0C3C78773D009B8B52B9BB0
Chrome Cache Entry: 107	PNG image data, 32 x 27, 8-bit/color RGBA, non-interlaced	5C71F27C78F2FA4C03011A7C22B82496	686900B9EAD294FF018699E3FA65C023E5B41DE0	EB6CA62C1E5D64C52BE3FFA63C298DCDA2483C04C4B17D1BFE605D134E52F91B
Chrome Cache Entry: 108	ASCII text, with very long lines (65536), with no line terminators	BCBBAE1082B38962E877FD490C47173A	323A7B29AB4B755D6204208C534804EED6497231	182717D4E386CC3DA173CAD4562B61BD2CD9EF8BDCC19D7C7CA4C89254C1C340
Chrome Cache Entry: 109	Unicode text, UTF-8 text, with very long lines (9887)	BE78A3E1D45F0451D605431C05961C22	13F65075B0AD9774F95406A2529423A631032A31	691FF3918FB72CDDC3ABF2B84AF0D66E0D2875B18B032EF6864923789C7E4077
Chrome Cache Entry: 110	ASCII text, with no line terminators	C206147C7CAE99642A4F8A2C640A0019	8C32B7B7E0807BBE85E5C8C94F87AFEA31EEDC40	6F55ADBECCE78B9C566F8DC830177DC91782702FF35F213F009FC2B902E25603
Chrome Cache Entry: 111	ASCII text, with very long lines (65536), with no line terminators	6AEC8CFD5D3A790339DC627F9F1229B5	B6C8CFFE38E1015DD8595F2DD1A92435E2795874	80583FA3C83831A9E036EBA0500D1B9C0D30892D0701F1617E0FAFAF5AEAA2CA
Chrome Cache Entry: 112	data	5EA2A28E2BAAD696A203D70D29925000	6B47D30C211F630C21A95483123FA793EE8820DC	5425605463D89FE30EB08C7B77FC73A86F5ECDBACF6BE9C3FB96443BE339D049
Chrome Cache Entry: 113	ASCII text, with very long lines (1434), with no line terminators	764EE6309BF4800054E4A2A67DEB3575	2FFD2FDA8E49AD861B75DE1E5ED583D8CE1D5B0A	652E8677AEC33767D2A5F229384F79B4F526104BF7E94D7D258070F94743C3CC
Chrome Cache Entry: 114	PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced	EF9941290C50CD3866E2BA6B793F010D	4736508C795667DCEA21F8D864233031223B7832	1B9EFB22C938500971AAC2B2130A475FA23684DD69E43103894968DF83145B8A
Chrome Cache Entry: 115	PNG image data, 39 x 28, 8-bit/color RGBA, non-interlaced	F9F5C8CCD73ADC2DF4D9E3ACB9E24F85	AE26C7C6A83B6446179383C3B109FBAD8B92C034	381941FC8B5DF86879D6E2FCF3392D281B796C33F430F045405A0E6AF0E474B9
Chrome Cache Entry: 116	SVG Scalable Vector Graphics image	FC4D11AE088EA7CCE9416CBB4A83BAB0	4B8919F589AC9E848640CD1863CB4E018E1DDE1F	EF1C4B96FAA10240BFD3E9FFC991947A9D32237ECF61A1399B2C2C2FCF55C47B
Chrome Cache Entry: 117	Web Open Font Format (Version 2), TrueType, length 15552, version 1.0	285467176F7FE6BB6A9C6873B3DAD2CC	EA04E4FF5142DDD69307C183DEF721A160E0A64E	5A8C1E7681318CAA29E9F44E8A6E271F6A4067A2703E9916DFD4FE9099241DB7
Chrome Cache Entry: 118	PNG image data, 27 x 29, 8-bit/color RGBA, non-interlaced	E00004714CE72691E26F9B61C9810780	51385AF6CB9A9D372C3151E67D331DDC1B92B3C4	B8B7E6C193F0B11BECE8C12B305CBF15130BC99B32AE92426EB747A3DA3264D6
Chrome Cache Entry: 119	ASCII text, with no line terminators	FBAA27D57B6EC65302F04C4441C47F23	ACB160FC38845E28E65CFB9FEC77DA6554255004	CF93E9FE4FAEF11496246764936B2383F39635C5E8D283E74A7D926D5ABEBAAF
Chrome Cache Entry: 120	HTML document, ASCII text, with very long lines (654)	19DDAC3BE88EDA2C8263C5D52FA7F6BD	C81720778F57C56244C72CE6EF402BB4DE5F9619	B261530F05E272E18B5B5C86D860C4979C82B5B6C538E1643B3C94FC9BA76DD6
Chrome Cache Entry: 121	ASCII text, with very long lines (18299)	A0E7A179BFB0BF42B3D42A6D0E244277	D74A213F6229A985B68971695323A18C8D704C6D	16C68D218C8F37BEA2D2C2FB7779B222815F8CC0C0C3C78773D009B8B52B9BB0
Chrome Cache Entry: 122	ASCII text, with no line terminators	FBAA27D57B6EC65302F04C4441C47F23	ACB160FC38845E28E65CFB9FEC77DA6554255004	CF93E9FE4FAEF11496246764936B2383F39635C5E8D283E74A7D926D5ABEBAAF
Chrome Cache Entry: 123	PNG image data, 187 x 18, 8-bit/color RGBA, non-interlaced	F748283F1BDEF35CBE2D225ECCBE3895	C03C1864CA13CC124D7FAF7D4BB11515FD40D814	CAE9D5ADF2B0220C74A93B644C26D53E27C3A87F9B5D3FE57D06442E808074A2
Chrome Cache Entry: 124	PNG image data, 32 x 27, 8-bit/color RGBA, non-interlaced	5C71F27C78F2FA4C03011A7C22B82496	686900B9EAD294FF018699E3FA65C023E5B41DE0	EB6CA62C1E5D64C52BE3FFA63C298DCDA2483C04C4B17D1BFE605D134E52F91B
Chrome Cache Entry: 125	Web Open Font Format (Version 2), TrueType, length 15340, version 1.0	19B7A0ADFDD4F808B53AF7E2CE2AD4E5	81D5D4C7B5035AD10CCE63CF7100295E0C51FDDA	C912A9CE0C3122D4B2B29AD26BFE06B0390D1A5BDAA5D6128692C0BEFD1DFBBD
Chrome Cache Entry: 126	JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 450x450, components 3	A70AA2B8C5F010D71D66BCD84406D826	9D69C26AA8253625AD1FBF0FF7EB903922B9E922	CBB53AAB593338A1E31DDB06BA6CD06D7D659BCE827F96E61C7FCB54D32772CD
Chrome Cache Entry: 127	MS Windows icon resource - 1 icon, 32x32, 8 bits/pixel	A6F1AF8E79A11829BA9A66474B06BB97	D99E3EC7747C865033A8DFAD43C9F49634404BC1	B0DBD00F3650FA6B931E678A9D8F79A405D23C7ADF111AB91B1A01A0E7109807
Chrome Cache Entry: 128	PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced	0F2A4639B8A4CB30C76E8333C00D30A6	57E273A270BB864970D747C74B3F0A7C8E515B13	44B988703019CD6BFA86C91840FECF2A42B611B364E3EEA2F4EB63BF62714E98
Chrome Cache Entry: 129	PNG image data, 27 x 29, 8-bit/color RGBA, non-interlaced	E00004714CE72691E26F9B61C9810780	51385AF6CB9A9D372C3151E67D331DDC1B92B3C4	B8B7E6C193F0B11BECE8C12B305CBF15130BC99B32AE92426EB747A3DA3264D6
Chrome Cache Entry: 130	PNG image data, 214 x 20, 8-bit/color RGBA, non-interlaced	5D14AB93691604E826E1319D53599EB9	78724360E9D25DA584445B851E37BCA05ABE6B85	3F0C62B5CCDCDBF3B3AE3885F1E6959E2D937EBA9B29DEA9A6BDB98788041756
Chrome Cache Entry: 131	ASCII text, with very long lines (1434), with no line terminators	764EE6309BF4800054E4A2A67DEB3575	2FFD2FDA8E49AD861B75DE1E5ED583D8CE1D5B0A	652E8677AEC33767D2A5F229384F79B4F526104BF7E94D7D258070F94743C3CC
Chrome Cache Entry: 132	PNG image data, 20 x 18, 8-bit/color RGBA, non-interlaced	16291265180A2DBCD246ADA0B44EA35A	63EB909A37D9730A40955BEBF35542CFC1A5EDE9	B36E63B78F7AB077C9F74269DEEC4010AE803B687B27CA13E6AA58712520BB84
Chrome Cache Entry: 133	PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced	EF9941290C50CD3866E2BA6B793F010D	4736508C795667DCEA21F8D864233031223B7832	1B9EFB22C938500971AAC2B2130A475FA23684DD69E43103894968DF83145B8A
Chrome Cache Entry: 134	Unicode text, UTF-8 text, with very long lines (51786)	30E93A747BA8285615CFBC3643DC1A62	3A55F9D6AC708F519D351EA0B69083457778EC9D	18C4B9B4C27233B541A47300A4EE98239E1F8DEC4BBCD9FABB6BDAD12CA82025
Chrome Cache Entry: 135	ASCII text, with no line terminators	AFB69DF47958EB78B4E941270772BD6A	D9FE9A625E906FF25C1F165E7872B1D9C731E78E	874809FB1235F80831B706B9E9B903D80BD5662D036B7712CC76F8C684118878
Chrome Cache Entry: 136	PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced	88E0F42C9FA4F94AA8BCD54D1685C180	5AD9D47A49B82718BAA3BE88550A0B3350270C42	89C62095126FCA89EA1511CF35B49B8306162946B0C26D6F60C5506C51D85992
Chrome Cache Entry: 137	JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 450x450, components 3	A70AA2B8C5F010D71D66BCD84406D826	9D69C26AA8253625AD1FBF0FF7EB903922B9E922	CBB53AAB593338A1E31DDB06BA6CD06D7D659BCE827F96E61C7FCB54D32772CD
Chrome Cache Entry: 138	PNG image data, 20 x 18, 8-bit/color RGBA, non-interlaced	16291265180A2DBCD246ADA0B44EA35A	63EB909A37D9730A40955BEBF35542CFC1A5EDE9	B36E63B78F7AB077C9F74269DEEC4010AE803B687B27CA13E6AA58712520BB84
Chrome Cache Entry: 86	ASCII text, with very long lines (65536), with no line terminators	62AE4E1423A7A3A78784CC5F3596A6E4	3B57D0E0BE090209BF60A8870387CA8F34B3ED33	2529CDC5BBD63070EE82051E7C72DAD79730B648EEF361AB7AE5C1593E61EE6C
Chrome Cache Entry: 87	ASCII text, with no line terminators	1B7A4BE227AE89DF2C8B95A42669EEB6	B192BFDA569A035ABBDB6E771A19F1BEB7FFC44D	D4E2F32330C83E5D6593BE61DB02E16C6296BD8C25E9FD2D8E197A5F66C3218C
Chrome Cache Entry: 88	Unicode text, UTF-8 text, with very long lines (9887)	BE78A3E1D45F0451D605431C05961C22	13F65075B0AD9774F95406A2529423A631032A31	691FF3918FB72CDDC3ABF2B84AF0D66E0D2875B18B032EF6864923789C7E4077
Chrome Cache Entry: 89	Unicode text, UTF-8 text, with very long lines (51786)	30E93A747BA8285615CFBC3643DC1A62	3A55F9D6AC708F519D351EA0B69083457778EC9D	18C4B9B4C27233B541A47300A4EE98239E1F8DEC4BBCD9FABB6BDAD12CA82025
Chrome Cache Entry: 90	PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced	88E0F42C9FA4F94AA8BCD54D1685C180	5AD9D47A49B82718BAA3BE88550A0B3350270C42	89C62095126FCA89EA1511CF35B49B8306162946B0C26D6F60C5506C51D85992
Chrome Cache Entry: 91	PNG image data, 187 x 18, 8-bit/color RGBA, non-interlaced	F748283F1BDEF35CBE2D225ECCBE3895	C03C1864CA13CC124D7FAF7D4BB11515FD40D814	CAE9D5ADF2B0220C74A93B644C26D53E27C3A87F9B5D3FE57D06442E808074A2
Chrome Cache Entry: 92	PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced	07BF314AAB04047B9E9A959EE6F63DA3	17BEF6602672E2FD9956381E01356245144003E5	55EAF62CB05DA20088DC12B39D7D254D046CB1FD61DDF3AE641F1439EFD0A5EE
Chrome Cache Entry: 93	MS Windows icon resource - 1 icon, 32x32, 8 bits/pixel	A6F1AF8E79A11829BA9A66474B06BB97	D99E3EC7747C865033A8DFAD43C9F49634404BC1	B0DBD00F3650FA6B931E678A9D8F79A405D23C7ADF111AB91B1A01A0E7109807
Chrome Cache Entry: 94	PNG image data, 39 x 28, 8-bit/color RGBA, non-interlaced	F9F5C8CCD73ADC2DF4D9E3ACB9E24F85	AE26C7C6A83B6446179383C3B109FBAD8B92C034	381941FC8B5DF86879D6E2FCF3392D281B796C33F430F045405A0E6AF0E474B9
Chrome Cache Entry: 95	ASCII text, with very long lines (65536), with no line terminators	62AE4E1423A7A3A78784CC5F3596A6E4	3B57D0E0BE090209BF60A8870387CA8F34B3ED33	2529CDC5BBD63070EE82051E7C72DAD79730B648EEF361AB7AE5C1593E61EE6C
Chrome Cache Entry: 96	Web Open Font Format (Version 2), TrueType, length 15344, version 1.0	5D4AEB4E5F5EF754E307D7FFAEF688BD	06DB651CDF354C64A7383EA9C77024EF4FB4CEF8	3E253B66056519AA065B00A453BAC37AC5ED8F3E6FE7B542E93A9DCDCC11D0BC
Chrome Cache Entry: 97	SVG Scalable Vector Graphics image	FC4D11AE088EA7CCE9416CBB4A83BAB0	4B8919F589AC9E848640CD1863CB4E018E1DDE1F	EF1C4B96FAA10240BFD3E9FFC991947A9D32237ECF61A1399B2C2C2FCF55C47B
Chrome Cache Entry: 98	PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced	0F2A4639B8A4CB30C76E8333C00D30A6	57E273A270BB864970D747C74B3F0A7C8E515B13	44B988703019CD6BFA86C91840FECF2A42B611B364E3EEA2F4EB63BF62714E98
Chrome Cache Entry: 99	HTML document, ASCII text, with very long lines (654)	19DDAC3BE88EDA2C8263C5D52FA7F6BD	C81720778F57C56244C72CE6EF402BB4DE5F9619	B261530F05E272E18B5B5C86D860C4979C82B5B6C538E1643B3C94FC9BA76DD6

Phishing

AI detected phishing page

Source: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/	Joe Sandbox AI: Score: 8 Reasons: The brand 'DHL' is a well-known global logistics company., The URL 'cpanel05wh.bkk1.cloud.z.com' does not match the legitimate domain 'dhl.com'., The URL contains multiple subdomains and does not have any direct association with DHL., The domain 'cloud.z.com' is a generic cloud service provider, which could be used by various clients, increasing the risk of phishing., There is no direct indication that this URL is associated with DHL, making it suspicious. DOM: 1.2.pages.csv
Source: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/Fhome/dd.php?enc=e2abe2ef032bc709e717993c81e294e8&p=0&dispatch=01f7ed273f0b8344cda8f2f39d9786ae01f4d4ce	Joe Sandbox AI: Score: 9 Reasons: The brand 'DHL Express' is a well-known global logistics company., The legitimate domain for DHL Express is 'dhl.com'., The provided URL 'cpanel05wh.bkk1.cloud.z.com' does not match the legitimate domain for DHL Express., The URL contains multiple subdomains and is hosted on a cloud service provider, which is often used for phishing., The URL does not contain any direct reference to DHL, which is suspicious., The presence of input fields for personal information is common in phishing attempts. DOM: 2.10.pages.csv

Yara detected HtmlPhish34

Source: Yara match	File source: 1.0.pages.csv, type: HTML
Source: Yara match	File source: 1.8.pages.csv, type: HTML
Source: Yara match	File source: 1.3.pages.csv, type: HTML

AI detected landing page (webpage, office document or email)

Source: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/

Joe Sandbox AI: Page contains button: 'VERIFY' Source: '1.7.pages.csv'

AI detected suspicious URL

Source: Email

Joe Sandbox AI: AI detected Brand spoofing attempt in URL: https://cpanel05wh.bkk1.cloud.z.com

HTML page contains hidden javascript code

Source: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/

HTTP Parser: Base64 decoded: https://cpanel05wh.bkk1.cloud.z.com:443

Source: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/	HTTP Parser: No favicon
Source: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/	HTTP Parser: No favicon
Source: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/	HTTP Parser: No favicon
Source: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/	HTTP Parser: No favicon
Source: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/	HTTP Parser: No favicon
Source: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/	HTTP Parser: No favicon

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.221.95
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.147.7
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.221.95
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.147.7
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.147.7
Source: unknown	TCP traffic detected without corresponding DNS query: 20.190.147.7
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /~cp197720/open/DD/ HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /~cp197720/open/DD/log.css HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=2j49k0ngher2g7g6k1nn5vb2be
Source: global traffic	HTTP traffic detected: GET /~cp197720/open/DD/dh.svg HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=2j49k0ngher2g7g6k1nn5vb2be
Source: global traffic	HTTP traffic detected: GET /recaptcha/api.js HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlaHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://cpanel05wh.bkk1.cloud.z.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /~cp197720/open/DD/dh.svg HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=2j49k0ngher2g7g6k1nn5vb2be
Source: global traffic	HTTP traffic detected: GET /recaptcha/api.js HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlaHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/anchor?ar=1&k=6Ld_o50qAAAAAAbkPYUM_PZ2jHZ_gM56pUjO_aaB&co=aHR0cHM6Ly9jcGFuZWwwNXdoLmJrazEuY2xvdWQuei5jb206NDQz&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=normal&cb=txndood6r10t HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlaHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://cpanel05wh.bkk1.cloud.z.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/webworker.js?hl=en&v=zIriijn3uj5Vpknvt_LnfNbF HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlaHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: workerReferer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld_o50qAAAAAAbkPYUM_PZ2jHZ_gM56pUjO_aaB&co=aHR0cHM6Ly9jcGFuZWwwNXdoLmJrazEuY2xvdWQuei5jb206NDQz&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=normal&cb=txndood6r10tAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/bg/FsaNIYyPN76i0sL7d3myIoFfjMDAw8eHc9AJuLUrm7A.js HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlaHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld_o50qAAAAAAbkPYUM_PZ2jHZ_gM56pUjO_aaB&co=aHR0cHM6Ly9jcGFuZWwwNXdoLmJrazEuY2xvdWQuei5jb206NDQz&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=normal&cb=txndood6r10tAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/webworker.js?hl=en&v=zIriijn3uj5Vpknvt_LnfNbF HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlaHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/bg/FsaNIYyPN76i0sL7d3myIoFfjMDAw8eHc9AJuLUrm7A.js HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlaHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /~cp197720/open/DD/h HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=2j49k0ngher2g7g6k1nn5vb2be
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/bframe?hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&k=6Ld_o50qAAAAAAbkPYUM_PZ2jHZ_gM56pUjO_aaB HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlaHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: iframeReferer: https://cpanel05wh.bkk1.cloud.z.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /~cp197720/open/DD/h HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=2j49k0ngher2g7g6k1nn5vb2be
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/reload?k=6Ld_o50qAAAAAAbkPYUM_PZ2jHZ_gM56pUjO_aaB HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlaHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09AJNbFnfGciwQi2fZtFAYvsNDsV9uVqys2saPmUCFzsf1ODB-HGGven55b9KoLYEFf8fyNvhrk9MCiMJIxDaYmtI
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA7FDZR4xzTkbDkeNb5BPyXx4LCV3Mu5ZS44ZBy88JAUDPUzSEoJ6IV5h3cMgj_wuT_oS0-d8q2NSES_BvkiXe8i-BFvKyEGjx9U08m9Szcucx6OUoSh4-nj0HkZS61IM1ovPXy9JtFRCGjKAhRbFjysogh-rPoS0j7XxU2SfXRWt0hlbdkgOYam4Hr5ONf_KxXEY50y&k=6Ld_o50qAAAAAAbkPYUM_PZ2jHZ_gM56pUjO_aaB HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlaHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&k=6Ld_o50qAAAAAAbkPYUM_PZ2jHZ_gM56pUjO_aaBAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09AJNbFnfGciwQi2fZtFAYvsNDsV9uVqys2saPmUCFzsf1ODB-HGGven55b9KoLYEFf8fyNvhrk9MCiMJIxDaYmtI
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/payload?p=06AFcWeA7FDZR4xzTkbDkeNb5BPyXx4LCV3Mu5ZS44ZBy88JAUDPUzSEoJ6IV5h3cMgj_wuT_oS0-d8q2NSES_BvkiXe8i-BFvKyEGjx9U08m9Szcucx6OUoSh4-nj0HkZS61IM1ovPXy9JtFRCGjKAhRbFjysogh-rPoS0j7XxU2SfXRWt0hlbdkgOYam4Hr5ONf_KxXEY50y&k=6Ld_o50qAAAAAAbkPYUM_PZ2jHZ_gM56pUjO_aaB HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlaHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09AJNbFnfGciwQi2fZtFAYvsNDsV9uVqys2saPmUCFzsf1ODB-HGGven55b9KoLYEFf8fyNvhrk9MCiMJIxDaYmtI
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/userverify?k=6Ld_o50qAAAAAAbkPYUM_PZ2jHZ_gM56pUjO_aaB HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCLbgygEIlaHLAQj2mM0BCIWgzQEIucrNAQiJ080BGMvYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _GRECAPTCHA=09AJNbFnfGciwQi2fZtFAYvsNDsV9uVqys2saPmUCFzsf1ODB-HGGven55b9KoLYEFf8fyNvhrk9MCiMJIxDaYmtI
Source: global traffic	HTTP traffic detected: GET /~cp197720/open/DD/index.php?pp=2300 HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=2j49k0ngher2g7g6k1nn5vb2be
Source: global traffic	HTTP traffic detected: GET /~cp197720/open/DD/Fhome?enc=d8981dd0eb08f408e7902959c0841b91&p=0&dispatch=42a890954c3c2ff58a63b55623e7ea6ca0ad7903 HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=2j49k0ngher2g7g6k1nn5vb2be
Source: global traffic	HTTP traffic detected: GET /~cp197720/open/DD/Fhome/?enc=d8981dd0eb08f408e7902959c0841b91&p=0&dispatch=42a890954c3c2ff58a63b55623e7ea6ca0ad7903 HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=2j49k0ngher2g7g6k1nn5vb2be
Source: global traffic	HTTP traffic detected: GET /~cp197720/open/DD/Fhome/dd.php?enc=e2abe2ef032bc709e717993c81e294e8&p=0&dispatch=01f7ed273f0b8344cda8f2f39d9786ae01f4d4ce HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=2j49k0ngher2g7g6k1nn5vb2be
Source: global traffic	HTTP traffic detected: GET /~cp197720/open/DD/Fhome/assets/app.css HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/Fhome/dd.php?enc=e2abe2ef032bc709e717993c81e294e8&p=0&dispatch=01f7ed273f0b8344cda8f2f39d9786ae01f4d4ceAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=2j49k0ngher2g7g6k1nn5vb2be
Source: global traffic	HTTP traffic detected: GET /~cp197720/open/DD/Fhome/assets/logo.png HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/Fhome/dd.php?enc=e2abe2ef032bc709e717993c81e294e8&p=0&dispatch=01f7ed273f0b8344cda8f2f39d9786ae01f4d4ceAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=2j49k0ngher2g7g6k1nn5vb2be
Source: global traffic	HTTP traffic detected: GET /~cp197720/open/DD/Fhome/assets/col.png HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/Fhome/dd.php?enc=e2abe2ef032bc709e717993c81e294e8&p=0&dispatch=01f7ed273f0b8344cda8f2f39d9786ae01f4d4ceAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=2j49k0ngher2g7g6k1nn5vb2be
Source: global traffic	HTTP traffic detected: GET /~cp197720/open/DD/Fhome/assets/pak.png HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/Fhome/dd.php?enc=e2abe2ef032bc709e717993c81e294e8&p=0&dispatch=01f7ed273f0b8344cda8f2f39d9786ae01f4d4ceAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=2j49k0ngher2g7g6k1nn5vb2be
Source: global traffic	HTTP traffic detected: GET /~cp197720/open/DD/Fhome/assets/clan.png HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/Fhome/dd.php?enc=e2abe2ef032bc709e717993c81e294e8&p=0&dispatch=01f7ed273f0b8344cda8f2f39d9786ae01f4d4ceAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=2j49k0ngher2g7g6k1nn5vb2be
Source: global traffic	HTTP traffic detected: GET /logger-1.min.js HTTP/1.1Host: cdn.lr-in.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://cpanel05wh.bkk1.cloud.z.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/app.js HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/Fhome/dd.php?enc=e2abe2ef032bc709e717993c81e294e8&p=0&dispatch=01f7ed273f0b8344cda8f2f39d9786ae01f4d4ceAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=2j49k0ngher2g7g6k1nn5vb2be
Source: global traffic	HTTP traffic detected: GET /~cp197720/open/DD/Fhome/assets/logo.png HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=2j49k0ngher2g7g6k1nn5vb2be
Source: global traffic	HTTP traffic detected: GET /~cp197720/open/DD/Fhome/assets/pak.png HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=2j49k0ngher2g7g6k1nn5vb2be
Source: global traffic	HTTP traffic detected: GET /js/session-recorder.js HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/Fhome/dd.php?enc=e2abe2ef032bc709e717993c81e294e8&p=0&dispatch=01f7ed273f0b8344cda8f2f39d9786ae01f4d4ceAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=2j49k0ngher2g7g6k1nn5vb2be
Source: global traffic	HTTP traffic detected: GET /~cp197720/open/DD/Fhome/assets/clan.png HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=2j49k0ngher2g7g6k1nn5vb2be
Source: global traffic	HTTP traffic detected: GET /~cp197720/open/DD/Fhome/assets/col.png HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=2j49k0ngher2g7g6k1nn5vb2be
Source: global traffic	HTTP traffic detected: GET /js/card.js HTTP/1.1Host: dispatching-centre.lasamericascargo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://cpanel05wh.bkk1.cloud.z.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/intlTelInput.js HTTP/1.1Host: dispatching-centre.lasamericascargo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://cpanel05wh.bkk1.cloud.z.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fonts/vendor/@fontsource/roboto/files/roboto-latin-400-normal.woff2?4673b4537a84c7f7a130799aa6af329b HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://cpanel05wh.bkk1.cloud.z.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/Fhome/assets/app.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=2j49k0ngher2g7g6k1nn5vb2be
Source: global traffic	HTTP traffic detected: GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80 HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://cpanel05wh.bkk1.cloud.z.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/Fhome/assets/app.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=2j49k0ngher2g7g6k1nn5vb2be
Source: global traffic	HTTP traffic detected: GET /~cp197720/open/DD/Fhome/assets/alert.png HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/Fhome/dd.php?enc=e2abe2ef032bc709e717993c81e294e8&p=0&dispatch=01f7ed273f0b8344cda8f2f39d9786ae01f4d4ceAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=2j49k0ngher2g7g6k1nn5vb2be
Source: global traffic	HTTP traffic detected: GET /~cp197720/open/DD/Fhome/assets/foo.png HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/Fhome/dd.php?enc=e2abe2ef032bc709e717993c81e294e8&p=0&dispatch=01f7ed273f0b8344cda8f2f39d9786ae01f4d4ceAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=2j49k0ngher2g7g6k1nn5vb2be
Source: global traffic	HTTP traffic detected: GET /logger-1.min.js HTTP/1.1Host: cdn.lr-in.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/card.js HTTP/1.1Host: dispatching-centre.lasamericascargo.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/intlTelInput.js HTTP/1.1Host: dispatching-centre.lasamericascargo.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fonts/vendor/@fontsource/roboto/files/roboto-all-400-normal.woff?376ea5d93f71583052f65de4e0c6a92c HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://cpanel05wh.bkk1.cloud.z.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/Fhome/assets/app.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=2j49k0ngher2g7g6k1nn5vb2be
Source: global traffic	HTTP traffic detected: GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff?eeccf4f66002c6f2ba24d3d22f2434c2 HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://cpanel05wh.bkk1.cloud.z.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/Fhome/assets/app.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=2j49k0ngher2g7g6k1nn5vb2be
Source: global traffic	HTTP traffic detected: GET /~cp197720/open/DD/Fhome/assets/alert.png HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=2j49k0ngher2g7g6k1nn5vb2be
Source: global traffic	HTTP traffic detected: GET /assets/loading.gif HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/Fhome/assets/app.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=2j49k0ngher2g7g6k1nn5vb2be
Source: global traffic	HTTP traffic detected: GET /~cp197720/open/DD/Fhome/assets/foo.png HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=2j49k0ngher2g7g6k1nn5vb2be
Source: global traffic	HTTP traffic detected: GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.ttf?be9ee23c0c6390141475d519c2c5fb8f HTTP/1.1Host: cpanel05wh.bkk1.cloud.z.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://cpanel05wh.bkk1.cloud.z.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/Fhome/assets/app.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=2j49k0ngher2g7g6k1nn5vb2be
Source: global traffic	HTTP traffic detected: GET /images/favicon.gif HTTP/1.1Host: dispatching-centre.lasamericascargo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cpanel05wh.bkk1.cloud.z.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/favicon.gif HTTP/1.1Host: dispatching-centre.lasamericascargo.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: cpanel05wh.bkk1.cloud.z.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: cdn.livechatinc.com
Source: global traffic	DNS traffic detected: DNS query: api.livechatinc.com
Source: global traffic	DNS traffic detected: DNS query: cdn.lr-in.com
Source: global traffic	DNS traffic detected: DNS query: dispatching-centre.lasamericascargo.com

Source: unknown

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sun, 22 Dec 2024 05:37:36 GMTServer: ApacheAccept-Ranges: bytesCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Connection: closeTransfer-Encoding: chunkedContent-Type: text/html
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sun, 22 Dec 2024 05:37:37 GMTServer: ApacheAccept-Ranges: bytesCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Connection: closeTransfer-Encoding: chunkedContent-Type: text/html
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sun, 22 Dec 2024 05:37:38 GMTServer: ApacheAccept-Ranges: bytesCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Connection: closeTransfer-Encoding: chunkedContent-Type: text/html
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sun, 22 Dec 2024 05:37:38 GMTServer: ApacheAccept-Ranges: bytesCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Connection: closeTransfer-Encoding: chunkedContent-Type: text/html
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sun, 22 Dec 2024 05:37:41 GMTServer: ApacheAccept-Ranges: bytesCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Connection: closeTransfer-Encoding: chunkedContent-Type: text/html
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sun, 22 Dec 2024 05:37:41 GMTServer: ApacheAccept-Ranges: bytesCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Connection: closeTransfer-Encoding: chunkedContent-Type: text/html
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sun, 22 Dec 2024 05:37:42 GMTServer: ApacheAccept-Ranges: bytesCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Connection: closeTransfer-Encoding: chunkedContent-Type: text/html
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sun, 22 Dec 2024 05:37:43 GMTServer: ApacheAccept-Ranges: bytesCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Connection: closeTransfer-Encoding: chunkedContent-Type: text/html

Source: chromecache_134.1.dr, chromecache_89.1.dr	String found in binary or memory: http://jquery.org/license
Source: chromecache_101.1.dr, chromecache_99.1.dr, chromecache_120.1.dr	String found in binary or memory: https://cloud.google.com/contact
Source: chromecache_101.1.dr, chromecache_99.1.dr, chromecache_120.1.dr	String found in binary or memory: https://cloud.google.com/recaptcha-enterprise/billing-information
Source: chromecache_101.1.dr, chromecache_99.1.dr, chromecache_120.1.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca
Source: chromecache_101.1.dr, chromecache_99.1.dr, chromecache_120.1.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#localhost_support
Source: chromecache_101.1.dr, chromecache_99.1.dr, chromecache_120.1.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que
Source: chromecache_102.1.dr	String found in binary or memory: https://fontawesome.com
Source: chromecache_102.1.dr	String found in binary or memory: https://fontawesome.com/license/free
Source: chromecache_102.1.dr	String found in binary or memory: https://getbootstrap.com/)
Source: chromecache_109.1.dr, chromecache_88.1.dr	String found in binary or memory: https://github.com/behdad/region-flags/tree/gh-pages/png
Source: chromecache_109.1.dr, chromecache_88.1.dr	String found in binary or memory: https://github.com/googlei18n/libphonenumber/blob/master/resources/ShortNumberMetadata.xml
Source: chromecache_109.1.dr, chromecache_88.1.dr	String found in binary or memory: https://github.com/jackocnr/intl-tel-input.git
Source: chromecache_86.1.dr, chromecache_95.1.dr	String found in binary or memory: https://github.com/js-cookie/js-cookie
Source: chromecache_102.1.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/main/LICENSE)
Source: chromecache_120.1.dr	String found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: chromecache_88.1.dr	String found in binary or memory: https://stackoverflow.com/a/14384091/217866
Source: chromecache_109.1.dr, chromecache_88.1.dr	String found in binary or memory: https://stackoverflow.com/a/8935649/217866)
Source: chromecache_120.1.dr	String found in binary or memory: https://support.google.com/recaptcha
Source: chromecache_101.1.dr, chromecache_99.1.dr, chromecache_120.1.dr	String found in binary or memory: https://support.google.com/recaptcha#6262736
Source: chromecache_101.1.dr, chromecache_99.1.dr, chromecache_120.1.dr	String found in binary or memory: https://support.google.com/recaptcha/#6175971
Source: chromecache_101.1.dr, chromecache_99.1.dr, chromecache_120.1.dr	String found in binary or memory: https://support.google.com/recaptcha/?hl=en#6223828
Source: chromecache_131.1.dr, chromecache_113.1.dr, chromecache_101.1.dr, chromecache_99.1.dr, chromecache_120.1.dr	String found in binary or memory: https://www.google.com/recaptcha/api2/
Source: chromecache_101.1.dr, chromecache_99.1.dr, chromecache_120.1.dr	String found in binary or memory: https://www.gstatic.c..?/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__.
Source: chromecache_131.1.dr, chromecache_113.1.dr, chromecache_110.1.dr, chromecache_103.1.dr	String found in binary or memory: https://www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__en.js

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49697
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 49697 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49702
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49702 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746

Source: classification engine

Classification label: mal64.phis.win@18/90@30/7

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2192 --field-trial-handle=1960,i,14440319301728119548,863647687672028231,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2192 --field-trial-handle=1960,i,14440319301728119548,863647687672028231,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: Window Recorder

Window detected: More than 3 window changes detected

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

ID:	1579404
Product:	CloudBasic
Start time:	06:36:08
Start date:	22.12.2024
Cookbook:	defaultwindowsinteractivecookbook.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Windows Analysis Report
https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Networking

System Summary

Boot Survival

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Networking

System Summary

Boot Survival

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
https://cpanel05wh.bkk1.cloud.z.com/~cp197720/open/DD/