| Source: 0.2.id.script.csv | Joe Sandbox AI: Detected suspicious JavaScript with source url: https://porposal-ach.pages.dev/#?service=YzNWellXN... The script demonstrates several high-risk behaviors, including data exfiltration, dynamic code execution, and interaction with suspicious domains. While some of the functionality may be legitimate, the overall implementation raises significant security concerns. |
| Source: 0.10.id.script.csv | Joe Sandbox AI: Detected suspicious JavaScript with source url: https://abb0tt.net/?cf-turnstile-response=0.SymkIi... The provided JavaScript snippet exhibits several high-risk behaviors, including dynamic code execution, data exfiltration, and redirection to a suspicious domain. The heavily obfuscated URL further indicates malicious intent, resulting in a high-risk score. |
| Source: 0.11.i.script.csv | Joe Sandbox AI: Detected suspicious JavaScript with source url: https://abb0tt.net/?cf-turnstile-response=0.SymkIi... This JavaScript snippet exhibits several high-risk behaviors, including dynamic code execution, data exfiltration, and obfuscated code/URLs. The use of `eval`, `Function` constructor, and heavily encoded strings indicates a high likelihood of malicious intent. Additionally, the script appears to be attempting to redirect the user to an unknown or suspicious domain, which further increases the risk. Overall, this script demonstrates a clear pattern of malicious activity and should be considered a high-risk threat. |
| Source: unknown | TCP traffic detected without corresponding DNS query: 204.79.197.203 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 204.79.197.203 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 204.79.197.203 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 204.79.197.203 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 192.229.211.108 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 204.79.197.203 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 20.189.173.10 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 20.189.173.10 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 20.189.173.10 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 204.79.197.203 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 20.189.173.10 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 192.229.211.108 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 20.189.173.10 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 192.229.211.108 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 192.229.211.108 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 192.229.211.108 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 192.229.211.108 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 20.189.173.10 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 204.79.197.203 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 192.229.211.108 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 20.189.173.10 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 192.229.211.108 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 40.126.31.73 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 192.229.221.95 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 40.126.31.73 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 192.229.221.95 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 40.126.31.73 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 40.126.31.73 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 40.126.31.73 |
| Source: unknown | TCP traffic detected without corresponding DNS query: 40.126.31.73 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: unknown | UDP traffic detected without corresponding DNS query: 1.1.1.1 |
| Source: global traffic | HTTP traffic detected: GET / HTTP/1.1Host: tiny-hat-eab8.pagenew.workers.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Origin: nullSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
| Source: global traffic | HTTP traffic detected: GET / HTTP/1.1Host: tiny-hat-eab8.pagenew.workers.devConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
| Source: global traffic | HTTP traffic detected: GET / HTTP/1.1Host: porposal-ach.pages.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
| Source: global traffic | HTTP traffic detected: GET /jquery-3.7.1.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://porposal-ach.pages.devsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://porposal-ach.pages.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
| Source: global traffic | HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: porposal-ach.pages.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://porposal-ach.pages.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
| Source: global traffic | HTTP traffic detected: GET /jquery-3.7.1.min.js HTTP/1.1Host: code.jquery.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
| Source: global traffic | HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: porposal-ach.pages.devConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
| Source: global traffic | HTTP traffic detected: GET /public/api/validate_key/tes2 HTTP/1.1Host: natrium100gram.siteConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: */*sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://porposal-ach.pages.devSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://porposal-ach.pages.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
| Source: global traffic | HTTP traffic detected: GET / HTTP/1.1Host: abb0tt.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://porposal-ach.pages.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
| Source: global traffic | HTTP traffic detected: GET / HTTP/1.1Host: abb0tt.netConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://abb0tt.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=aa7j8tvauvrfcetoopclfb3glv |
| Source: global traffic | HTTP traffic detected: GET /public/api/validate_key/tes2 HTTP/1.1Host: natrium100gram.siteConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
| Source: global traffic | HTTP traffic detected: GET /turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://abb0tt.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
| Source: global traffic | HTTP traffic detected: GET /turnstile/v0/g/849bfe45bf45/api.js HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://abb0tt.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
| Source: global traffic | HTTP traffic detected: GET /turnstile/v0/g/849bfe45bf45/api.js HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
| Source: global traffic | HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/8kp02/0x4AAAAAAA4x4r1MWw9jS7Mf/auto/fbE/normal/auto/ HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://abb0tt.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
| Source: global traffic | HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8fe5cd656b664309&lang=auto HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/8kp02/0x4AAAAAAA4x4r1MWw9jS7Mf/auto/fbE/normal/auto/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
| Source: global traffic | HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/cmg/1 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/8kp02/0x4AAAAAAA4x4r1MWw9jS7Mf/auto/fbE/normal/auto/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
| Source: global traffic | HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/cmg/1 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
| Source: global traffic | HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8fe5cd656b664309&lang=auto HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
| Source: global traffic | HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/flow/ov1/1983417942:1736270882:GHoc2fFjXXTeUPHab0fnxkH_ZMOKbETBkUUeI55wVUk/8fe5cd656b664309/vJO8rcAx8S2HNjCFwKcIV21R6.xqp0Bag5wcBIJxjdo-1736272354-1.1.1.1-BucLhSdazHW819pbiqA0cZD_qiNfENBnvO95ulqj53nbxoxfhOTryNuSf_oD4RGo HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
| Source: global traffic | HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/pat/8fe5cd656b664309/1736272355851/dedc7b011d73c1bf6e1bc0d43b269d006b7b0ba3cc013e3b5183795105288edc/6-1OoBsC45h5gCa HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/8kp02/0x4AAAAAAA4x4r1MWw9jS7Mf/auto/fbE/normal/auto/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
| Source: global traffic | HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/i/8fe5cd656b664309/1736272355861/hkBWC5gd4FFlI6b HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/8kp02/0x4AAAAAAA4x4r1MWw9jS7Mf/auto/fbE/normal/auto/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
| Source: global traffic | HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/i/8fe5cd656b664309/1736272355861/hkBWC5gd4FFlI6b HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
| Source: global traffic | HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/flow/ov1/1983417942:1736270882:GHoc2fFjXXTeUPHab0fnxkH_ZMOKbETBkUUeI55wVUk/8fe5cd656b664309/vJO8rcAx8S2HNjCFwKcIV21R6.xqp0Bag5wcBIJxjdo-1736272354-1.1.1.1-BucLhSdazHW819pbiqA0cZD_qiNfENBnvO95ulqj53nbxoxfhOTryNuSf_oD4RGo HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
| Source: global traffic | HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/flow/ov1/1983417942:1736270882:GHoc2fFjXXTeUPHab0fnxkH_ZMOKbETBkUUeI55wVUk/8fe5cd656b664309/vJO8rcAx8S2HNjCFwKcIV21R6.xqp0Bag5wcBIJxjdo-1736272354-1.1.1.1-BucLhSdazHW819pbiqA0cZD_qiNfENBnvO95ulqj53nbxoxfhOTryNuSf_oD4RGo HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
| Source: global traffic | HTTP traffic detected: GET /?cf-turnstile-response=0.SymkIi_BfYcYfqwEnZaHx7t49zevgXZekeN0KcT2VmX6ef7eIy8OTXXiyt37po9e6GWxxFIHCFfRFJU4wCqeiWnmId1E3CuoUcipU_8BbaxMzTbH-Vghdf8i56U1yZBCSwfyLoIgBDKY4WRaS_lPn5IEm33_z1op4HkkEBuRRQg6szScviPNLd_4ce2XHziixgy6SjvURhb9vPO7RpeB3N_PUvNZLLU8VEUynBLWBbi06h3keXMMqTuRgRUPkjoxhkSJ33j4qApIkmAfdaDVi7WaSBO_hiQ8o-urDZG8ck3Gg-AmuKZ0L9ff0lRh8ZTMUlFktSQogQ40yyb1mHrU3AP7GQh92FgqlsF5DoJeZO_gpqkS9MAM5EcneVVauofDDyXR5-OPbb0tm81IvaD5Ov9BM9xutW4J2ERXa0eFnAj-Kvw8RyvyiBOvtVcgQPT8vecg0iODY6Xc5RW0G_1U_8ni5lehlk39fS7HHOleLm3CSCPXtlkGcjKoGx8nWzFeYPmQ_pWuM_Xy7eQ3AB1PocwW9c5bHEXSl-2BqN_d7nC5p_BOoBjSkqnPimV5mOEG7aNGDQyddkv5QbATCVYrsb_TYhJ6CN4FeJpnY4t9SJtUz4gyX-ZRnNXe6ZO3DcmmMxgQHzQUxnjFttmEfaidYBN1A8kwyd6XIe60VCVTdTXBBIffeEmZQi3C_wZ5k5qElt05XgfvEJ8ttK_zXAth6pcu5FTiqbh9xoYE1O5ne5dHWDrGQ2qj5yzM34jJlPxb.NlHyrkBXsakvpHDE1QlTxQ.e18051cf1aaab27119e39aa8bed1a5d3144ccf7c212403d2850c191c1605bdf5&cf-turnstile-response=0.SymkIi_BfYcYfqwEnZaHx7t49zevgXZekeN0KcT2VmX6ef7eIy8OTXXiyt37po9e6GWxxFIHCFfRFJU4wCqeiWnmId1E3CuoUcipU_8BbaxMzTbH-Vghdf8i56U1yZBCSwfyLoIgBDKY4WRaS_lPn5IEm33_z1op4HkkEBuRRQg6szScviPNLd_4ce2XHziixgy6SjvURhb9vPO7RpeB3N_PUvNZLLU8VEUynBLWBbi06h3keXMMqTuRgRUPkjoxhkSJ33j4qApIkmAfdaDVi7WaSBO_hiQ8o-urDZG8ck3Gg-AmuKZ0L9ff0lRh8ZTMUlFktSQogQ40yyb1mHrU3AP7GQh92FgqlsF5DoJeZO_gpqkS9MAM5EcneVVauofDDyXR5-OPbb0tm81IvaD5Ov9BM9xutW4J2ERXa0eFnAj-Kvw8RyvyiBOvtVcgQPT8vecg0iODY6Xc5RW0G_1U_8ni5lehlk39fS7HHOleLm3CSCPXtlkGcjKoGx8nWzFeYPmQ_pWuM_Xy7eQ3AB1PocwW9c5bHEXSl-2BqN_d7nC5p_BOoBjSkqnPimV5mOEG7aNGDQyddkv5QbATCVYrsb_TYhJ6CN4FeJpnY4t9SJtUz4gyX-ZRnNXe6ZO3DcmmMxgQHzQUxnjFttmEfaidYBN1A8kwyd6XIe60VCVTdTXBBIffeEmZQi3C_wZ5k5qElt05XgfvEJ8ttK_zXAth6pcu5FTiqbh9xoYE1O5ne5dHWDrGQ2qj5yzM34jJlPxb.NlHyrkBXsakvpHDE1QlTxQ.e18051cf1aaab27119e39aa8bed1a5d3144ccf7c212403d2850c191c1605bdf5 HTTP/1.1Host: abb0tt.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://abb0tt.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=aa7j8tvauvrfcetoopclfb3g |
Edit tour
chrome.exe (PID: 6504 cmdline: 
